JP2887299B2 - Intelligent information processing method and apparatus - Google Patents

Description

DETAILED DESCRIPTION OF THE INVENTION

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to an intelligent information processing method for applying an encryption technique and an error correction code technique to each part of information in information transmission and processing of documents, graphics, images, databases and the like. Related to the device.

[0002]

2. Description of the Related Art In the transmission and processing of information such as documents, graphics, images, and databases, it is necessary that information be transmitted without error and that a third party should not eavesdrop on it. An error correction code technique is used for the former, and an encryption technique is used for the latter. As one type of error correction code, there is a block code. This corrects transmitted code errors by adding redundant check bits to information bits of a certain length. A code having a high error correction capability adds a longer check bit. Therefore, the information part requiring high reliability uses a code with high error correction capability, and thus adds a longer check bit. Such a code is, for example, a Reed-Solomon code. These techniques are described in detail in "Miyagawa, Iwadare, Imai" Coding Theory ", Shokodo, 1973." As computer systems have evolved, complex systems such as distributed processing and networks have evolved to share data, files, programs, and hardware. The information to be transmitted and processed is also various, such as text, characters, numerical values, graphics, images, video, audio, and computer programs. A system for processing such information is called multimedia. As the system becomes more complicated, eavesdropping becomes easier, and cryptography is used to prevent it. Cryptographic technology converts or restores plaintext into unencryptable ciphertext. The encryption / plaintext conversion is performed by a cryptographic algorithm controlled by a cryptographic key. The encryption technology is described in detail in Tsujii and Kasahara, "Cryptography and Information Security", Shokodo, March 1990.

A typical cipher is “US Pat. No.
3,958,081 issuedMay 18,19
76 ". This is the DES ("Data
Encryption Standard ", FIPS
PUB, NBS Jan. 1977). The DES encryption encrypts data in 64-bit units. FEAL-8 is a similar encryption. This algorithm is described in “Miyaguchi, Shiraishi, Shimizu“ FEAL-8 Cryptographic Algorithm ”Research and Application Report Vol. 37 No. 4/5, 198
8, (NTT) ". However, the encryption unit referred to here is an encryption unit viewed from an encryption device or an encryption program, and an encryption unit viewed from a user or a cryptographic operator is conventionally a file or a field, or information similar thereto. Block. The above cipher is called a symmetric block cipher, whereas there is an asymmetric public key cipher. Public key cryptography
This is a method in which each person (or each terminal) creates a pair of an encryption key and a plaintext key, publishes the encryption key, and keeps the plaintext key secret. Anyone who wants to send a ciphertext to A converts the plaintext into a ciphertext using the encryption key published by A. Only the recipient A having the secret plaintext key can plaintext the ciphertext. Therefore, there is no need for key distribution. However, it cannot be authenticated that the sender is himself. In an encryption system that can exchange an encryption key and a plaintext key, a sentence is encrypted with a secret plaintext key, and the recipient verifies the identity by plaintexting it with the sender's public key. Is also used. However, information cannot be concealed.
However, information concealment and authentication can be performed simultaneously.
In other words, the sender encrypts with his or her secret plaintext key, further encrypts with the recipient's public key, and sends it.
The recipient plaintexts with his own private key, and then plaintexts with the sender's public key. In digital signatures, plaintext shortened information is created by a hash function, encrypted with its own private key, and attached to the plaintext (usually encrypted with a symmetric key). As a public key encryption, a typical RSA encryption is “A
Method for Obtaining Dig
ital Signatures and Public
c-Key Cryptosystems ", Comm
communications of the ACM, Vo
l. 21, No. 2, pp. 120-126, (197
8) ". These techniques are excellent,
Practical for electronic documents, databases, etc. The present invention is also based on these technologies. However, the present invention is not limited only to the use of these techniques, and various types of error correction coding techniques and encryption techniques, including these techniques, can be applied to the present invention. Now, detection and correction of an error that occurs during transmission of information is performed using an error correction code technique. Usually, one type of error correction code is used for the entire record.

[0004] The main techniques of error correction codes are described below.
"Sasaki, Kono, Imai" Error Control by Adding Redundancy According to Word Importance ", 12th Information Theory and Its Application Symbols, December 1989" There has been proposed a method of using an error correction code for each word in accordance with the degree of importance. Also,
"Japanese Patent Application Laid-Open No. 60-69918" Data transmission method ""
There has been proposed a method of changing the error correction capability for each information data group divided according to the type of information such as a computer program, character information data, and voice data.

[0005] Information security measures are important. In the transmission and processing of information such as confidential documents, graphics, images, databases, etc., mainly a line encryption and a method of transmitting a file after encrypting a file in full text are used. Have been The data record is encrypted on a field-by-field basis, but cannot be freely changed and designated. Of course, partial encryption within that unit is not possible. In facsimile, confidential text is written on a separate sheet and encrypted by line encryption. In this case, continuous processing is not performed, and encryption is considered as file unit. In addition, "Japanese Unexamined Patent Publication No.
No. 212276 "Facsimile apparatus" describes a facsimile apparatus that encrypts an important part of a transmission image on a document sheet and transmits the remaining part as it is. Part of the image data on the manuscript paper is designated by a marker, and is encrypted when the data is transmitted. Then, the partially encrypted dot (point) is output to the original plaintext position on the output paper on the receiving side.
There is no detailed description and disclosure of the encryption process on the transmission side.
Therefore, in this example, the partially encrypted data does not remain on the transmission side. In addition, the specification of the encrypted portion cannot be performed during data input, and it is necessary to use a new sheet for redoing. Also,
Normally 8 dots (points) / mm, and the encryption start part is 1d
If it is shifted even by ot (point), the output will be like noise. Therefore, considering reading data while scanning paper in the horizontal direction using paper as an input / output medium, it is very difficult to read the designated area and the encrypted portion of handwriting. Difficult and normal F
AX is difficult to realize and can be said to be an unfinished invention. Of course, such an information transmission technique using paper as an information medium is a technical field different from the information transmission technique for transmitting electronic documents and electronic data which is the object of the present invention. In the case of encrypting and transmitting an electronic document, the secretary usually encrypts the document after completing it. Similarly, the operator can see the plain text even when transmitting the data after encrypting the line. Furthermore, these ciphers are managed by a security guard, who has all the encryption keys, and thus has access to all ciphertexts.

[0006] Japanese Unexamined Patent Publication No. 59-172854 "Information transfer method" describes a method in which information is transmitted in a broadcast state, and only information addressed to the terminal itself is taken out and displayed. I have. Then, "JP-A-63-3095
0 “Management method of multiple terminal devices” describes that a plurality of secrecy level attributes are set for each job and an access authority level corresponding to the attribute is set. As shown in these figures, access management using a password is performed mainly by the center for managing files and databases, and access rights are given to files, records, and fields. That is, when performing an operation such as reading and writing a file, the user first inputs a password, checks whether the password has been registered, and has been given the operation right for the target information, and passed the inspection. Operation is permitted only when However, passwords are apt to be eavesdropped on the network. In addition, if the master password is eavesdropped,
All data is read. It should be noted that in a database, for a specific user, only items that permit access to the database are collected and edited, and a smaller database, which is a subset of the original database, is opened to the user. A method is used.

In Japanese Unexamined Patent Application Publication No. 63-293580 "Table format data encryption method" and in Japanese Patent Application Laid-Open No. 63-31454 "Secret protection method", information for encrypting and holding a data file composed of a plurality of data items In the processing system, each data item has usage qualification information and a key,
A system is described that protects data items by encrypting using the key information and suppresses access by a person who does not have necessary usage qualifications. The file referred to here is a data file which is a collection of records, and is a database. The purpose of this system is to protect the data at the center, and the center performs encryption processing only, and the terminal (business processing unit) accesses only plaintext.

As a service used for OSI (Open System Interconnection), e-mail (MOTIS / MHS), open service, published by "Akio Munegami" Application of OSI ", Japanese Standards Association, Third Edition, September 1989" Type Document System (ODA)
Is described in detail. In these systems, encryption of a body part or a block constituting a mail or a document is performed. However, in OSI, since encryption is basically performed in the presentation layer below the application layer, fine encryption processing cannot be performed. Therefore, this body part or block becomes a considerably large information portion, and one image is one item. Therefore, it is not possible to perform detailed processing such as encrypting a part of the information. Also, as in the application layer, it is not possible to freely select and encrypt an arbitrary part. In ODA, encryption by the application layer is performed. In this case, it is necessary to block an encrypted part and add a descriptor of at least several tens of characters to each block.
And, as in the prior art, it does not allow a hollow data structure. In addition, “Japanese Unexamined Patent Application Publication No. 2-153645”
The secure communication method "" includes a system for transmitting and processing text consisting of a plurality of information blocks,
It describes a system that does not display a secret part unless a password is entered. This is block-based encryption and is included in the ODA technology. No encrypted data is stored on the sending side. Further, "Japanese Patent Laid-Open No. 1-240
972 "Electronic Calendar Security Control Method"
A method is used in which a security level is set for each item in the calendar, and items that are higher than the security level of the calendar user are not displayed. However, in this method, the center manages the information, and furthermore, no encryption is used.

"Digital Communication Lab,
PDS Usage Guide "(1989-10-21), ASCII Publishing Bureau, P.S. 70-72, 104, "DW Davi.
s, W.S. L. Price, translated by Kamizono, Network
Security "(Showa 60-12-5) Nikkei McGraw-Hill, P.S. 96-98 and 102-108 describe that binary mode information is converted to text mode information and processed. The purpose is to send in text mode. On the other hand, the present invention makes it possible to mix plaintext and ciphertext in the same mode,
The purpose and effect are different because the operability is improved.

[0010] Japanese Unexamined Patent Publication No. 01-98032 "Shared information encryption and protection method" describes a shared information encryption and protection method in which only terminals perform encryption processing and the center only posts and distributes information. Cryptography is used. However, a specific method of partial encryption is not shown. This technology is "O
DA "is considered to be a partial cipher by blocking. The embodiment is only an electronic bulletin board and has no description of a database or the like. The center is only for posting, delivery, and relaying, and does not perform any special processing such as calculation. It is the same technology as ODA.In the case of information that needs to be transmitted between the sender and the receiver, such as e-mail, the center only relays and gives the encryption function only to the terminal. And
In the UNIX system, a password is encrypted, converted into a character code, and displayed on a screen.
However, this transformation is one-way and cannot be plain. As described above, in the related art, information processing corresponding to the reliability and confidentiality attributes of an arbitrary information portion, particularly, a detailed information portion such as an arbitrary character, numerical value, or image is not performed. An even more important problem is that error correction codes and encryption techniques are less familiar and difficult for end users to use. Therefore, a flexible system excellent in the man-machine interface using the error correction code and the encryption cannot be configured.

The features of the prior art are summarized as follows. (1) The minimum unit of encryption processing from the point of view of the encryption operator is:
A field, item, or block that is determined and fixed in advance. (2) Blocks store the same type of data. (3) Data of hollow type is not used. (4) There are a plurality of encryption keys used for one mail, and the receiving side exclusively selects and receives the keys, but the original author on the transmitting side is one. (5) The encryption part is usually left blank. (6) The encryption key, password and password are encrypted, and these are managed by the center. Here, the information item is an information block such as a record field of a database, a tabular data item, a record / screen type data item, an electronic document, an electronic mail, and the like. Note that, for an electronic document (including an image and a graphic), a data record, a file, and the like that are not divided into blocks, the entire data is a single item. Further, "A and / or B" described below means only A, only B, and A and B,
Shall represent the three. Note that the encryption processing here is used not only for concealment of information but also for authentication. Further, the present invention can be applied to all ciphers, symmetric and asymmetric ciphers. Also, both the encryption key and the plaintext key are expressed as encryption keys, but in symmetric encryption they are the same and in asymmetric encryption they are different. Although the access level of the present invention is not described in detail, it is needless to say that an individual or a group and read, write, a
It includes level division such as a combination of rights such as liter and delete.

[0012]

Generally, documents, figures,
Information such as images, databases, computer programs, and audio can be considered to have attributes of reliability and confidentiality for each unit. For example, the amount of money requires high reliability, and a sentence such as a greeting may have low reliability, that is, some errors are allowed. In addition, the release price, release time, bid price, personnel information, and the like of a new product need to be kept secret except for those involved. That is, it is considered that confidentiality is high. In conventional information transmission and processing, batch encoding and encryption have been performed ignoring the reliability and confidentiality attributes of these information portions. This makes it impossible to perform intelligent and efficient information transmission and processing utilizing the information property (attribute) of the information portion. The operability is poor and the processing speed is slow.

If the secretary completes the document and then encrypts the entire text, the secretary will know the confidential information. Similarly, in line encryption, the operator can see the plaintext.
Further, in the method of checking the access right with a password and the full-text encryption method, an information manager such as a so-called center has the highest access right. Therefore, confidential information such as personnel information is often not input to a computer on the network. In a network, there is a risk that a hacker or the like may eavesdrop on the password. Therefore, the information stored not only on the line but also on the storage medium,
Efficient encoding and encryption that take advantage of information attributes are required, and the president and business managers / persons in charge of information transmission and It is desirable to be able to process.

Now, the problems of the main techniques described in the prior art will be mentioned. In e-mail and ODA, encryption is performed in units of blocks. This block is a large unit such as a chapter, a section, an image, or a voice of a text, and is used to encrypt a small part such as a character, a numerical value, or a part of an image. Can not be done, but the efficiency becomes poor. In order to encrypt even a small part, it is necessary to convert the encrypted part into a displayable mode (character mode), make it the same type as plain text, and store it in the same item. Then, it is desired that a plurality of persons on a transmitting side and a receiving side process different portions in one document file using different encryption keys without knowing each other's confidential information. In the security control method of the electronic calendar, the security level is used, but is controlled by a password, and therefore, the center manages all information. No encryption is used. In a database, it is necessary to select and encrypt items based on the will of the terminal when inputting data from the terminal. Even in a center that performs data management, calculation, and the like, a system that does not own all encryption keys is required.

The present invention has been made in order to solve such a problem, and it is intended to divide an arbitrary part of information,
By setting the attributes of reliability and confidentiality for each, performing processing using the corresponding error correction code, encryption technique and encryption key, and at the same time using the access right corresponding to the confidentiality, Without having the highest access rights, it is possible to give access rights to terminal users who are business managers / persons in charge, and it is also possible to send and receive one file and database separately from each other without knowing the confidential information of separate parts The ciphertext is converted into a text mode so that the ciphertext has the same data type as the plaintext, coexists in the same item, and is displayed on the screen. Therefore, encryption processing can be performed by a normal word processor or the like. That is, an object of the present invention is to provide an intelligent information processing method and apparatus excellent in operability and confidentiality.

[0016]

According to a first aspect of the present invention, there is provided an intelligent information processing apparatus for processing data of an item including a character and encrypting the data in accordance with a plurality of confidentiality levels set in each section in the item. An intelligent information processing apparatus of an information processing system to be used, which includes the following means (a) to (i). (A) Memory means connected to the display and peripheral devices. (B) performing at least one of processing, generating, receiving / transmitting, and reading / saving the data;
And information processing means connected to the memory means for displaying the data on a screen of the display. (C) in the memory means for selecting an arbitrary part of the data consisting of the characters in the item of the displayed data on the display and storing the position of the selected part; Connected partial data selection means. (D) confidential level setting means connected to the memory means for setting one of the plurality of confidential levels in the selected portion. (E) the part having the lowest confidentiality level is not encrypted, and the selected part is encrypted using an encryption key determined according to the confidentiality level of the selected part. Encrypt,
At this time, an encryption means connected to the memory means for erasing the plaintext of this portion. (F) conversion means connected to the memory means for converting the encrypted portion from a binary mode to a displayable mode displayed on the display. (G) data type holding means connected to the memory means for inserting the encrypted and converted part into the same item. (H) reverse conversion means connected to the memory means for reversely converting the encrypted and converted part from the displayable mode to the binary mode. (I) using the plaintext key determined according to the confidentiality level of the inversely transformed encrypted portion to plaintext the inversely transformed encrypted portion, and Plain text means connected to said memory means for returning to its original position in the item.

According to a fourth aspect of the present invention, there is provided an information processing system which processes data of an item including a character and uses an encryption according to a plurality of confidentiality levels set in each section of the item. (A)-the following information processing method, in the case of a creator or data storage:
(F), characterized by including steps (a) and (b) in the case of reading data from the receiving side or stored data. (A)
(A) performing at least one of creation, processing, and editing of the data on a screen of a display; (B) selecting any portion of the data consisting of the characters in the item of the displayed data on the display, and storing the location of the selected portion.
(C) setting one of the plurality of confidentiality levels to the selected portion. (D) the selected part having the lowest confidentiality level is not encrypted, and the selected part is selected using an encryption key determined according to the confidentiality level of the selected part. Encrypting the portion, and erasing the plaintext of the portion.
(E) converting the encrypted portion from a binary mode to a displayable mode displayed on the display. (F) inserting the encrypted and converted part into the same item. (B) In the case of receiving or reading stored data; (a) reversely converting the encrypted and converted part of the received data or read stored data from the displayable mode to the binary mode. (B) using the plaintext key determined according to the confidentiality level of the inversely transformed encrypted portion to decrypt the inversely transformed encrypted portion,
Returning the plain text portion to its original position in the item.

According to a thirteenth aspect of the present invention, the intelligent information processing apparatus processes data of an item including at least one of a character, an image, and a graphic, and according to a plurality of confidentiality levels set in each section in the item. An intelligent information processing apparatus of an information processing system using encryption, characterized by including the following means (a) to (g). (A) Memory means connected to the display and peripheral devices. (B) process, generate, receive / transmit the data, and
An information processing means connected to the memory means for performing at least one of reading / saving and displaying the data on a screen of the display; (C) selecting any portion of the data in the item of the displayed data on the display; and
Partial data selection means connected to the memory means for storing the position of the selected part. (D) confidential level setting means connected to the memory means for setting one of the plurality of confidential levels in the selected portion. (E) the selected portion having the lowest confidentiality level is not encrypted, and the selected portion is selected using an encryption key determined according to the confidentiality level of the selected portion. Encrypting means connected to the memory means for encrypting the encrypted portion. (F) replacing the selected part with a blank or special displayable symbol, and furthermore, the encrypted part and the position of the selected part correspond to the item linked to the same item. Data type holding means connected to the memory means for storing the data type in the storage area. (G) using the plaintext key determined according to the confidentiality level of the encrypted portion to decrypt the encrypted portion and restore the plaintext portion to the original state; ,
Plain culture means connected to the memory means.

According to a fourteenth aspect of the present invention, there is provided an intelligent information processing method for processing data of an item including at least one of a character, an image, and a graphic, and according to a plurality of confidentiality levels set for each part in the item. An intelligent information processing method for an information processing system using encryption, comprising the following steps (a) to (e) for creating or storing data and step (a) for receiving or reading stored data. It is characterized by including. (A) In the case of a creation side or data storage; (a) a step of performing at least one of creation, processing, and editing of the data displayed on a screen of a display. (B) selecting any portion of the data within the item of the displayed data on the display; and
Storing the position of the selected portion. (C) setting a plurality of the confidentiality levels in the selected portion. (D) the selected part having the lowest confidentiality level is not encrypted, and the selected part is selected using an encryption key determined according to the confidentiality level of the selected part. Encrypting the part. (E) replacing the selected portion with a blank or special displayable symbol, and furthermore, the encrypted portion and the position of the selected portion correspond to the items linked to the same item. Storing the data in the specified storage area. (B) In the case of receiving or reading stored data; (a) of received data or read stored data,
Decrypting the encrypted portion using a decryption key determined according to the secrecy level of the encrypted portion, and restoring the decrypted portion.

The intelligent information processing apparatus according to claim 16 processes data displayed in a table format in which a row direction is a record and a column direction is an item, and a plurality of confidentiality levels are set in the item, An intelligent information processing device of an information processing system having a database function using encryption, characterized by including the following means (a) to (i). (A) Memory means connected to the display and peripheral devices. (B) the memory means for executing an application of the database system, displaying the data of the item on a screen of the display, and performing at least one of receive / transmit and read / store; Information processing means connected to. (C) item selection means for selecting any of the items displayed on the display. (D) confidentiality level setting means connected to the memory means for setting one of the plurality of confidentiality levels to the selected item. (E) the selected item having the lowest confidentiality level is not encrypted, and the selected item is selected using an encryption key determined according to the confidentiality level of the selected item. Encryption means connected to the memory means for encrypting the item and deleting the plaintext of the item. (F) conversion means connected to the memory means for converting the encrypted item from a binary mode to a displayable mode displayed on the display. (G) data storage connected to the memory means for storing the encrypted and converted item in a storage area corresponding to the selected item or an item related to the selected item; means. (H) reverse conversion means connected to the memory means for reversely converting the encrypted and converted item from the displayable mode to the binary mode. (I) using the plaintext key determined according to the confidentiality level of the inversely transformed encrypted item to decrypt the inversely transformed encrypted item, A plain culture means connected to the memory means for making the data of the item set.

The intelligent information processing method according to claim 17 processes data displayed in a table format in which a row direction is a record and a column direction is an item, and a plurality of confidentiality levels are set in the item, An intelligent information processing method for an information processing system having a database function using encryption, comprising the following steps (a) to (f) for creating or storing data:
It is characterized by including steps (a) and (b) in the case of reading on the receiving side or stored data. (A) In the case of a creator or data storage; (a) A step of executing at least one of creation, processing, and editing of the data on a screen of a display. (B) selecting the item of the displayed data on the display. (C) setting one of the plurality of confidentiality levels to the selected item. (D) the selected item having the lowest confidentiality level is not encrypted, and the selected item is selected using an encryption key determined according to the confidentiality level of the selected item. Encrypting the item and deleting the plaintext of the item. (E) converting the encrypted item from a binary mode to a displayable mode displayed on the display. (F) storing the encrypted and converted item in a storage area corresponding to the selected item or an item related to the selected item; (B) In the case of receiving or reading stored data; (a) reversely converting the encrypted and converted item of received data or read stored data from the displayable mode to the binary mode. (B) using the plaintext key determined according to the confidentiality level of the inversely transformed encrypted item to decrypt the inversely transformed encrypted item, As data for the item.

[0022] The intelligent information processing apparatus according to claim 18 is characterized in that:
A record processes data in a format displayed on a screen, and a plurality of secrecy levels are set for items in the record,
An intelligent information processing device of an information processing system having a database function using encryption, characterized by including the following means (a) to (i). (A) Memory means connected to the display and peripheral devices. (B) the memory means for executing an application of the database system, displaying the data of the item on a screen of the display, and performing at least one of receive / transmit and read / store; Information processing means connected to. (C) item selection means for selecting any of the items displayed on the display. (D) confidentiality level setting means connected to the memory means for setting one of the plurality of confidentiality levels to the selected item. (E) the selected item having the lowest confidentiality level is not encrypted, and the selected item is selected using an encryption key determined according to the confidentiality level of the selected item. Encryption means connected to the memory means for encrypting the item and deleting the plaintext of the item. (F) conversion means connected to the memory, for converting the encrypted item from a binary mode to a displayable mode displayed on the display. (G) data storage connected to the memory means for storing the encrypted and converted item in a storage area corresponding to the selected item or an item related to the selected item; means. (H) reverse conversion means connected to the memory means for reversely converting the encrypted and converted item from the displayable mode to the binary mode. (I) using the plaintext key determined according to the confidentiality level of the inversely transformed encryption item to decrypt the inversely transformed encryption item, Plain text means connected to the memory means for making data.

[0023] The intelligent information processing method according to the nineteenth aspect is characterized in that:
A record processes data in a format displayed on a screen, and a plurality of secrecy levels are set for items in the record,
An intelligent information processing method for an information processing system having a database function using encryption, comprising the following steps (a) to (f) for creating or storing data, and steps for reading or storing data ( a)-(b)
It is characterized by including. (A) In the case of a creator or data storage; (a) A step of executing at least one of creation, processing, and editing of the data on a screen of a display. (B) selecting the item of the displayed data on the display. (C) setting one of the plurality of confidentiality levels to the selected item. (D) the selected item having the lowest confidentiality level is not encrypted, and the selected item is selected using an encryption key determined according to the confidentiality level of the selected item. Encrypting the item and deleting the plaintext of the item. (E) converting the encrypted item from a binary mode to a displayable mode displayed on the display. (F) storing the encrypted and converted item in a storage area corresponding to the selected item or an item related to the selected item; (B) In the case of receiving or reading stored data; (a) reversely converting the encrypted and converted item of received data or read stored data from the displayable mode to the binary mode. (B) using the plaintext key determined according to the confidentiality level of the inversely transformed encrypted item to decrypt the inversely transformed encrypted item, As data for the item.

[0024]

When a block of an electronic document, a field of a record in a database, or an electronic document having no block is defined as an item, data of the character in the item is defined as an item.
An arbitrary part is selected and encrypted, and further converted from the binary mode to the character mode, and the ciphertext is stored together with the plaintext in the same original item. In addition, a part of an image or a figure is cut out with a rectangle, the part is filled with uniform data or special symbols, and the cut out part is encrypted and stored in an item linked to the original item. The database selects and encrypts record items when inputting data from the terminal. The encrypted data is returned to the original plaintext on the receiving side. In this way, a partial encryption system having excellent operability and confidentiality is constructed.

[0025]

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS The present invention will be described below in detail with reference to the drawings showing the embodiments. There are various application fields such as word processors, various databases, and electronic bulletin boards. The information to be processed is all digital information, that is, information such as characters, images, and figures. In addition, all encryption techniques and error correction codes can be applied. The following embodiments are merely specific examples of the present invention and do not limit the technical scope of the present invention. First, a general example will be given, followed by an outline of each claim in the claims.

FIG. 1 is a flowchart of the processing of a basic intelligent information processing apparatus, and FIG. 2 is a block diagram of an apparatus used for implementing the processing. Data such as documents, graphics, images, and the like are input to the control unit 10 by a keyboard, a mouse, a camera, and the like (not shown) in FIG. The control unit 10 includes a microprocessor, and performs data processing according to a control program written in the memory 7. Hereinafter, description will be made assuming a virtual block having this processing function.
The numbers in parentheses are the numbers of the procedure in FIG. Data is created and processed by the data creation / information processing means 1 (1). The information setting unit 2 classifies each part of the information, its reliability, and confidentiality. The arbitrary part of the information is classified on the display unit 8 such as a CRT, and the reliability level (0 to m) is assigned to each part. The attribute of the secrecy level (0 to n) is set (2). Then, the data creation / information processing means 1 registers the password and the encryption key and checks the validity (3). Next, first, each unit is encrypted by the encryption means 3 using an encryption technique and an encryption key corresponding to the confidentiality level (4). Next, the encoding unit 3 encodes each unit using an error correction code corresponding to the reliability level (5). Then, transmission and storage are performed by the data creation / information processing means 1 (6). On the receiving side or the like, the data creation / information processing means 1 receives information such as data and files or calls it from the auxiliary memory (external memory) 9 (7), and then checks the validity of the password and the encryption key. Perform (8). If the inspection passes, the decoding means 5 decodes the data with an error correction code corresponding to the reliability level (9). Then, the plain culture is performed by the plain culture means 6 using the encryption technique and the encryption key corresponding to the confidential level (10). Furthermore, if necessary, create data
Information processing is performed by the information processing means 1 (11). Although a method in which the validity of the password and the encryption key is not checked is also possible, usually, the validity of the password and the encryption key is checked. The password, the encrypted encryption key, or the encrypted test data is stored in the encrypted file, and the validity of the password or the encryption key is checked. In the above description, the encryption process is performed using an encryption technique and an encryption key according to the confidentiality level. However, the encryption key is often changed according to the confidentiality level using one encryption technique.

FIG. 3 shows an example of setting information attributes on the screen. Although {[,]} and the like are used as delimiters to divide each part of the information, the part sandwiched between them is confidentiality level 1 and reliability level 0. This symbol indicates the sensitivity of each part with a label.
The label can indicate the state of the ciphertext / plaintext in that part. It is necessary to use a special symbol string as a delimiter to distinguish it from text information. FIG. 4 is a set information attribute table. Since it is not preferable to use a delimiter for figures, images, and the like, the coordinates of two points are specified by a mouse or the like, and a rectangular diagonal information attribute is set. This information attribute table is used for encoding, encryption, and the like. When the reliability level is 0, the information remains unchanged. Since errors are not tolerated as the level number is higher, a longer check bit is added when encoding.
When the secrecy level is 0, the information remains in plain text. The higher the number of the level, the more complicated encryption is used because eavesdropping and leakage of information is not allowed. However, it is also effective to use one type of secure encryption and use an encryption key that differs only in the encryption key.

It should be noted that the procedure of the flowchart of FIG. 1 does not always have to be in this order. There are various variations, but they are omitted. In the intelligent information processing apparatus shown in FIGS. 3 and 4, both attributes of reliability and confidentiality are used. This means that a one-bit error in a ciphertext is a few-bit error when plaintexted. In other words, since there is a tendency to be vulnerable to errors, there is an advantage of using both the encryption and the error correction code. Of course, a system using only one of them is also possible. In the case where only confidentiality is used, in the block diagram of FIG. I will Also, if you only use confidence,
In the block diagram of FIG. 2, the setting means 2 for setting the division of each part of information, its reliability and confidentiality sets only the reliability, and the encryption means 3 and the plaintext means 6 are omitted. The setting of the confidentiality attribute is performed for an arbitrary part in the item. That is, confidentiality can be set and encryption processing can be performed for each character by the delimiter or label.

FIG. 5 is an example of a file used for an intelligent information processing apparatus using partial encryption. When a file that requires confidentiality is stored and managed on a disk or the like, the heading and the information portion 1 necessary for file management are written in plain text. At this time, it is also effective to partially encrypt a part of the password, the encryption key, the keyword, and the like and store it in the header part.
Then, the main body 2 that requires confidentiality is encrypted (or may be partially encrypted). Then, the file management is performed by directly operating or searching for information necessary for file management, such as a heading of a plaintext portion and a keyword, while including the ciphertext. This facilitates file management and improves efficiency, and also prevents the information manager from knowing the contents of the ciphertext. Further, it is possible to make the encrypted part of the heading part accessible to a specific person, so that the specific person can perform more complicated file management and processing. In addition, heading part,
The main unit may be the same file, and can be processed by a partial encryption tool and a normal word processor. In the related art, the heading portion and the text body have a block configuration, and only the body is full-text encrypted.

FIG. 6 is a flowchart of the operation of the database intelligent information processing apparatus. As an example, an arbitrary item is encrypted and encoded and registered. Generally, attributes of the reliability level and / or confidentiality level are set for any data item, record (row information), and entire data item (column information) of the database system, and an error correction code corresponding to each is set. And / or performing encryption and / or encryption, decryption and / or plaintext using encryption techniques and encryption keys.

FIG. 7 shows an example of setting information attributes of a database for processing tabular data. (A) shows the case where the information attribute is set for each data item, (b) shows the case where the information attribute is set for the whole record (row), and (c) shows the case where the information attribute is set for the whole data item (column).
FIG. 8 is an example of attribute setting of a database for processing data of one record / screen format. At the same time as setting the attribute for an arbitrary item, the attribute of the entire record can be collectively set using the reliability / encryption attribute setting column at the upper right of the screen. In the related art, a special item such as a recite number or an encryption key is fixed so as to be encrypted, but in the present invention, the information attribute can be freely set and changed during the processing.

Further, an item of the database is regarded as one file, an arbitrary part of the information in the item is divided, and an attribute of a reliability level and / or a secrecy level is set to each part. Then, using the corresponding error correction code and / or encryption technique and encryption key, encoding and / or encryption, decryption and / or
Or do plain culture. Since the present invention is easily constituted from the above-mentioned invention, the details are omitted.

FIG. 9 shows the correspondence between the access authority level and the confidentiality level in the file and the database.
According to the present invention, in information transmission and processing of documents, graphics, images, databases, and the like, any level of information can be used by using levels from 0 to n (including a method using only levels 0 and 1) as confidentiality levels. A secrecy level attribute is set for each part, and encryption and plaintext are performed using an encryption technique and an encryption key corresponding to each. And set the access authority level corresponding to the confidentiality level,
Using an encryption key (a password may be used in combination), access to the information portion is limited to a plurality of specific persons according to the level. In other words, a new concept is used in which the access authority previously assigned to a file or item is brought into a file or item and the access authority within the file or item is set.

For example, when the confidential level 0, 1, 2, 3 is used, the right to access the corresponding part is the access right 0, 1, 2, 3. Therefore, the president has access rights 0, 1, 2, and 3 and possesses encryption keys of levels 1, 2, and 3. The executive has access rights 0, 1, and 2 and possesses encryption keys of levels 1 and 2. Level 0 is plain text and can be read by anyone. Further, a password may be used together. And since it is partial encryption, file management can be performed as it is with the ciphertext. Therefore, without giving the information manager all access rights, the access of each information part can be
Limited to the person in charge, the file management of the information manager,
Database management and the like become possible. Therefore, the document creator or the chief executive or president of the business can have the highest access authority. Even if there is an information manager, and especially a security guard who manages the encryption keys, it is possible that all the encryption keys are not notified. Therefore, it is possible to use a method in which the cryptographic processing is not performed at the center and is performed only by the terminal, and the key management can be performed only by the terminal (user). Therefore, if this method is applied to a database, a plurality of sections can use one database without encrypting each other's confidential information by encrypting items specific to the section. A so-called processing alternative to the logical view of the relational database is possible. Moreover, in this method, the center does not know confidential information.

In a system in which a center and a plurality of terminals transmit and receive information using encryption, information of the terminal is created by the plurality of terminals, and an arbitrary portion of the information is assigned to a device assigned to the terminal. Depending on the density level, enter the data, encrypt it with the encryption key that you own and allow writing, check the encrypted data on the screen, save it if necessary,
Send to the center. Next, the center receives the mixed information of the plaintext and the ciphertext transmitted from the plurality of terminals, manages, calculates, and edits the ciphertext as information common to the plurality of terminals without plaintexting the ciphertext. Send information to multiple terminals. Then, each terminal receives the same information including the ciphertext created by the plurality of encryption keys of each terminal, saves it, checks it on the screen, and then, according to the confidentiality level assigned to the terminal. Only the portion that can be decrypted with the encryption key that is owned and read is permitted and selectively received as information addressed to the terminal.

Next, FIG. 10 shows a flowchart of the transmitting section of the document processing system based on partial encryption, and FIG. 11 shows a flowchart of the receiving section. FIG. 12 shows an operation example on the screen. Here, it is assumed that no error correction code is used. Therefore, the reliability level is only 0. Also,
The confidentiality levels are 0 and 1, so the access authority levels are also 0 and 1. For the sake of simplicity, the document processing system operators will be the president and secretary. The secretary is assigned an access authority level 0, and is allowed to process only ordinary sentences. The access right level 1 is assigned to the president, and the processing of the normal text and the cipher text is permitted. Here, the encryption / plaintext tool is a software program having encryption and plaintext functions, and it is assumed that this program is added to a normal document processing system. An operation example will be described below.

First, the secretary prepares a plain text using a word processor or the like on the screen 1 of FIG. 12 (1). The information may be stored once in the auxiliary storage device or may be displayed on the screen, but next, the operation is exchanged with the president. The president enters a confidential sentence in a normal sentence.
As shown in Screen 1, this sentence is sandwiched between special symbols {[,]}. Then, once save (2). Next, start the encryption software and enter the password and the encryption key that only the president knows (3). Then, the document file saved earlier is called (4). Although the encryption may be performed as it is, here, first, the confidential text sandwiched between {[,]} is converted to a blank text or converted to a special symbol ◇ as shown in screen 2 in FIG. (5). A cipher text in binary mode is obtained, which is converted into a text mode in hexadecimal ASCII code and added sequentially after the # * symbol at the end of the sentence as shown in screen 2 in FIG. 12 (6). This conversion is performed so that the cipher text can be transmitted even in communication software that can use only the text mode, and that the cipher text is displayed on the screen to improve operability. After the ** symbol is added to the end of the cipher text and the file is stored in the auxiliary storage device, the normal text file is deleted (7). When transmitting the document file, the secretary activates the communication software and transmits the ciphertext file (8).

Next, the plain culture processing will be described. When the information is received by an auxiliary storage device such as a diskette or a hard disk, or when the information is received, the secretary checks the plaintext portion with a word processor or the like. If the message is received directly on-line and displayed on the screen, the plain text portion is checked and then temporarily stored in the auxiliary storage device (9). Next, the president activates the encryption software, inputs a password, selects plaintext processing, and inputs an encryption key (10). Then, the ciphertext file is called and (11) plaintext is executed. The ciphertext of the hexadecimal ASCII code after # * is converted to the binary mode (1
2) Further, the plain text is further inserted, and the plain text is inserted into the position of the special symbol {} sandwiched between {[,]} (13). When the plain culture processing is completed, the screen returns to the state of screen 1 in FIG. Once the data is saved, a word processor or the like is activated to perform processing such as editing and printing, and then, if necessary, delete the ordinary text file (14). It is also effective to delete the special symbol that separates the confidential sentence at the time of fair copy. With the above operation, the president can perform document processing and communication without confidential data being known to the secretary.

If the encryption / plaintext processing is incorporated in a word processor or the like, the processing can be continued while the document file is displayed on the screen without being saved, but the principle is the same as that described above. Also, this method can be directly applied to systems such as e-mail, electronic cabinet, and database or personal file management. Also, a mail containing the ciphertext can be displayed on an electronic bulletin board, and only the group that has the encryption key can restore the plaintext to obtain the plaintext. Also, since the above method can be encrypted in character units and numerical values, it is also an effective usage method to encrypt only the bid price.

The above system can be applied to electronic mail. That is, in a system for transmitting and processing a text composed of a plurality of information blocks, a secrecy level n (n ≧ 0, nmax ≧
It is possible to construct a system that sets the attribute of 2), performs encryption using an encryption technique or encryption key corresponding to each attribute, and transmits or saves information. Note that conventional mail is encrypted at secrecy levels 0 and 1 for blocks. In addition, this block is larger than normal records and other items, and images and sounds are one block,
No partial encryption of the image is performed.

FIG. 13 is a diagram showing the principle of a facsimile partial encryption device. First, the transmission side creates the transmission sheet 1. Then, a message sticker such as a bar code is attached to the seal attachment area. In FIG. 13, $ S is the beginning of the document,
¥ E means the end of the sentence. Then, $ B means the beginning of the confidential sentence block and $ T means the end of the confidential sentence block. Here, a confidential sentence area is set for each line. Then, for example, the fact that a confidential sentence is included is input by using the number buttons of the facsimile, then the document number is input, and the transmission button is pressed to transmit. The plaintext is transmitted as it is while the confidential text is encrypted.

When the receiving side receives the document containing the cipher text, it prints only the normal text on the receiving paper 2 and prints a mark せ る indicating the location of the cipher text at the location of the cipher text. At the same time, the entire text including the cipher text is stored in the auxiliary memory 3.
The secretary usually checks the sentence and contacts the president. The president inputs a password, an encryption key, and a document number to the facsimile, performs plaintext processing using the encryption function of the facsimile, and prints the plaintext. In the above operation, the information is known to the secretary on the transmitting side, but only the president can know the confidential text on the receiving side.

As described above, reliability and / or secrecy attributes are set for all digital information, ie, arbitrary portions of information such as characters, images, and figures, and error correction codes and encryption are used. , An information system with excellent operability and confidentiality can be constructed. In particular, the operability is improved if the setting of the information attribute and the encryption processing are performed on the screen as in the above embodiment. The above is a general example.

The following is a brief description of the invention claimed in the present application. The display mode and the character mode described below are the same, and are used to convert a binary into ASCII code or the like and display it on a screen. The part at secrecy level 0 (lowest) is not subject to encryption / decryption. Also, exclusive use of different encryption / decryption keys at the same secrecy level is permitted. In the present invention, the information processing system includes a single device. Also, encryption / decryption is usually performed on a memory buffer. When the plaintext data is moved to the buffer, the plaintext data is deleted, but in the case of copying, there is a process for deleting the plaintext data. It is understood that when the plaintext data is deleted, it becomes empty or blank. Furthermore, a blank is also understood as one of special displayable symbols (special symbols).

(1) Claims 1 and 4 FIG. 12 shows an example of a partially encrypted document according to claims 1 and 4. This example has no items, so the entire document is considered a single item. Basically, any part consisting of characters in the item is encrypted. The item is a database item (feel or the like), a document block, or the like. Now,
The part selected for encryption in the item is sandwiched between special symbols indicating the classification and the secrecy level, and the selected part is filled with another special symbol. The plaintext data of the selected portion is in the binary mode when it is encrypted, but cannot be returned in the item as it is. Returns at the end. It is also effective to directly replace the portion selected for encryption with the cipher text in the displayable mode. The basis of the present invention is to convert a ciphertext from a binary mode to a displayable mode and insert it into the original item. At this time, it is not necessary to newly add items (blocks) for binary encrypted data as in the related art. FIG. 12 is an example of the present invention, and various applications can be considered.

The encryption / decryption processing can be automated. It is effective for a database processing a table format and data of one record / screen, a word processor, an electronic document system, an electronic mail, an electronic bulletin board, and the like. An IC card or the like can be used as auxiliary storage. The range selection may be processed using a mouse. In a state in which an arbitrary part is selected for encryption, the part can be stored in the auxiliary storage as a file to perform encryption processing. Alternatively, the partially encrypted file may be decrypted while being stored in the auxiliary storage. A feature of the present invention is to convert partially encrypted binary data to a displayable mode and insert it into an item. Since character data and binary data cannot be stored in the same item, in the related art, it is necessary to divide the encryption unit and its peripheral part into blocks. Further, text data divided into blocks cannot be processed by ordinary warp or word processing software or becomes complicated. In the present invention, the character data portion is encrypted, and the encrypted binary data is converted into the displayable mode and inserted into the original item, and is not blocked, so that ordinary word processing software or Can be processed by an application that processes the item (document). Therefore, even when encryption (including conversion from binary data to displayable mode) / plaintext (including reverse conversion from displayable mode to binary data) is automated during transmission / reception, the encryption key / plaintext key is also used. The terminal that does not have the device can display the partially encrypted data as it is, and the screen is not disturbed. Further, correction, addition, and deletion of the encrypted portion are easily performed. In addition, various methods of designating a range have been conventionally used, and those techniques are used in the present invention. In addition, it is possible to set the confidentiality level for the center and the entire terminal user. In this case, unlike the conventional case, the center only has a partial key, or
It is possible to prevent the center from having the highest level of security by using this method of partial encryption. That is, since the data is partially encrypted, data processing at the center can be performed as before. Also, a plurality of authors / receivers can exclusively input / output different parts.

(2) Inventions of Claims 13 and 14 The inventions of Claims 13 and 14 will be described. Text, images,
Performs partial encryption of figures. However, images and graphics usually form items (blocks). In the case of characters, select any part of the character data of the data in the item for encryption, insert a special symbol such as the "@" symbol in that part, and "encrypt" the linked item The part ″ is stored. "Encryption part" is binary or ASCI
It is converted into an I code or the like. In the case of partial image encryption, select a part of the image with a rectangular frame of any size,
Fill that part with uniform data such as blanks. Then, the two diagonal coordinates and the encrypted data are stored in the linked item. In the related art, an image is divided into a plurality of tiles and encrypted in tile units. Therefore, the size is constant and all of the image must be divided into tiled blocks. In the case of partial encryption of a figure, for encryption, a part of the figure is selected by a rectangular frame of an arbitrary size, and the part is filled with blanks or special displayable symbols. Then, the two diagonal coordinates and the encrypted data are stored in the linked item. The present invention includes FIG.
Is effective, but various variations are possible.

(3) Inventions of Claims 16 and 17 FIG. 7 shows an operation screen according to an embodiment of the inventions of claims 16 and 17. This is an information processing system having a database function for processing data displayed in a table format in which a row direction is a record and a column direction is an item. Select the tabular data item and set one of a plurality of secrecy levels. Next, the selected item is encrypted, converted into binary mode data, and converted into a displayable mode displayed on a display. Then, the data is stored in the storage area corresponding to the selected item or the item related to the selected item.

(4) Inventions of Claims 18 and 19 FIG. 8 shows an operation screen of the embodiment of the inventions of claims 18 and 19. This is the case of an information processing system that processes data in a format in which one record is displayed on the screen, sets a plurality of secrecy levels for items in the record, and has a database function using encryption. An item of the displayed data on the display is selected, and one of a plurality of confidentiality levels is set to the selected item. Next, using the encryption key determined according to the confidentiality level of the selected item, the encrypted data is converted into binary mode encrypted data. Further, the mode is converted from the binary mode to a displayable mode displayed on the display. The data is stored in the storage area corresponding to the selected item or the item related to the selected item. According to the present invention, a certain field of the database can be encrypted or not when data is input.
In the prior art, the fields to be encrypted are fixed. In addition, the confidentiality level can be set collectively for both the center and the terminal user, and the terminal user can have the highest confidentiality level. Further, the secrecy level can be set so that a plurality of operators can exclusively perform encryption processing on a field. Therefore, it is possible for a plurality of operators to exclusively access the field. Note that this is partial encryption, and the encrypted data is
Since the data is converted into the I code, data management at the center is possible.

[0050]

According to the present invention, the following effects can be obtained. (1) A reliability level and / or a confidentiality level are set according to the reliability and / or confidentiality of each part of the information in a file or transmitted, and an error correction code and / or an encryption method corresponding to each level are set. , Efficient encoding and / or encryption is enabled. (2) Partial encryption and encoding enable more efficient information processing than full-text encryption and encoding. (3) By setting a confidentiality level for an arbitrary part of the information, setting an access authority level corresponding to the confidentiality level, and allowing only a specific person to use the encryption key, the access of the confidential information is performed not by the center but by the business responsibility It is possible to limit to specific persons such as persons. (4) Plain text and cipher text can be mixed in the file and block, file management information can be mixed with plain text and cipher text in the headline, and only the confidential part of the text and the head part can be file-managed as cipher text. It became feasible. Furthermore, the owner of the encryption key in the heading performs more complicated file processing and management. (5) The access authority for confidential information can be limited to the document creator (possibly the president) or a person in charge of business, and it is possible not to give the information administrator the highest access authority. For example, a secretary can write plain text, and the president can insert confidential text into the document without the secretary's knowledge. (6) If this method is applied to a database, a plurality of sections can use one database without encrypting each other's confidential information by encrypting items specific to the section. A so-called processing alternative to the logical view of the relational database is possible. Moreover, in this method, the center does not know confidential information. (7) Since the data can be encrypted at the time of data input and plaintext can be written at the time of file reception and data reading, the confidentiality is high. (8) Since the cipher text is converted to the text mode and displayed on the screen together with the plain text, the operation becomes easy. Encryption (including conversion from binary data to displayable mode)
/ When plain text (including reverse conversion from displayable mode to binary data) is automated at the time of transmission / reception, terminals without encryption key / plain text key can display partially encrypted data as it is, and the screen is disturbed. Absent. (9) An encryption system with excellent operability and confidentiality can be realized. (10) A flexible security management system can be constructed.

[Brief description of the drawings]

FIG. 1 is a flowchart of an operation of a basic intelligent information processing apparatus.

FIG. 2 is a block diagram of a basic intelligent information processing apparatus.

FIG. 3 is an example of setting information attributes on a screen.

FIG. 4 is a set information attribute table.

FIG. 5 is an example of a file using partial encryption.

FIG. 6 is a flowchart of an operation of a relational database.

FIG. 7 is a setting example of an information attribute of a relational database.

FIG. 8 is an example of attribute setting for one record / screen.

FIG. 9 shows access authority levels in a file and in a database.

FIG. 10 is a flowchart of a transmission unit of the document processing system based on partial encryption.

FIG. 11 is a flowchart of a receiving unit of the document processing system based on partial encryption.

FIG. 12 is an operation example on a screen of the document processing system by partial encryption.

FIG. 13 is a principle diagram of a facsimile partial encryption device.

[Explanation of symbols]

[Fig. 2] 1 data creation / information processing means 2 information setting / reliability / confidentiality setting means 3 encryption means 4 encoding means 5 decoding means 6 plain culture means 7 memory 8 CRT display section 9 auxiliary Memory 10 Microprocessor

FIG. 5: 1 heading section and file management section 2 data body

[Figure 12] 1 plaintext screen 2 ciphertext screen

FIG. 13: 1 transmission paper 2 reception paper 3 auxiliary memory

 ──────────────────────────────────────────────────続 き Continuing from the front page The patentee is ready to transfer or license. (56) References JP-A-63-212276 (JP, A) JP-A-63-293580 (JP, A) JP-A-63-311454 (JP, A) JP-A-59-172854 (JP, A) JP-A-2-153645 (JP, A) JP-A-1-98032 (JP, A) Digital Communication Laboratory "PDS utilization guide" (1988-3-30) Shoyosha p. 141-149 DW Davis, W.M. L. Price, Translated by Kamizono, “Network Security” (Showa 60-12-5), Nikkei Maguro Hill, p. 96-98, 102-108

Claims (20)

(57) [Claims] 1. An intelligent information processing apparatus of an information processing system that processes data of an item including a character and uses an encryption according to a plurality of confidentiality levels set in each section of the item. (A) An intelligent information processing apparatus including means (i). (A) Memory means connected to the display and peripheral devices. (B) process, generate, receive / transmit the data, and
An information processing means connected to the memory means for performing at least one of reading / saving and displaying the data on a screen of the display; (C) in the memory means for selecting an arbitrary part of the data consisting of the characters in the item of the displayed data on the display and storing the position of the selected part; Connected partial data selection means. (D) confidential level setting means connected to the memory means for setting one of the plurality of confidential levels in the selected portion. (E) the part having the lowest confidentiality level is not encrypted, and the selected part is encrypted using an encryption key determined according to the confidentiality level of the selected part. Encrypting means connected to the memory means for encrypting and, at this time, erasing the plaintext of this portion; (F) conversion means connected to the memory means for converting the encrypted portion from a binary mode to a displayable mode displayed on the display. (G) data type holding means connected to the memory means for inserting the encrypted and converted part into the same item. (H) reverse conversion means connected to the memory means for reversely converting the encrypted and converted part from the displayable mode to the binary mode. (I) using the plaintext key determined according to the confidentiality level of the inversely transformed encrypted portion to plaintext the inversely transformed encrypted portion, and Plain text means connected to said memory means for returning to its original position in the item. 2. The data type holding means inserts a blank or a predetermined displayable symbol into the selected part, and further inserts the encrypted and converted part into the same item. 2. The intellectual information of claim 1, further comprising: means for performing at least one of the following: and inserting the encrypted transformed part into the selected part. Processing equipment. 3. The automatic execution of the encryption means, the conversion means, and the data type holding means at the time of data transmission, and the execution of the inverse conversion means and the plaintext means by data reception. 2. The method of claim 1, further comprising the step of performing at least one of the following steps: automatically, and, in the case of a receiving device having no plaintext key, means for simply displaying the partially encrypted data. The intelligent information processing device according to the above. 4. An intelligent information processing method for an information processing system that processes data of an item including a character and uses an encryption according to a plurality of confidentiality levels set in each part of the item. An intelligent information processing method, comprising: steps (a) to (f) for a creator or data storage; and steps (a) to (b) for a receiver or storage data reading. (A) In the case of a creator or data storage; (a) A step of executing at least one of creation, processing, and editing of the data on a screen of a display. (B) selecting any portion of the data consisting of the characters in the item of the displayed data on the display, and storing the location of the selected portion. (C) setting one of the plurality of confidentiality levels to the selected portion. (D) the selected part having the lowest confidentiality level is not encrypted, and the selected part is selected using an encryption key determined according to the confidentiality level of the selected part. Encrypting the portion, and erasing the plaintext of the portion. (E) converting the encrypted portion from a binary mode to a displayable mode displayed on the display. (F) inserting the encrypted and converted part into the same item. (B) In the case of receiving or reading stored data; (a) reversely converting the encrypted and converted part of the received data or read stored data from the displayable mode to the binary mode. (B) using the plaintext key determined according to the confidentiality level of the inversely transformed encrypted portion, to plaintext the inversely transformed encrypted portion, Returning the part to its original position in the item. 5. In the step (f), a blank or a predetermined displayable symbol is inserted into the selected portion, and the encrypted and converted portion is inserted into the same item. 5. The method according to claim 4, further comprising: performing at least one of the following steps: and inserting the encrypted and converted part into the selected part. . 6. The intelligent information processing method according to claim 4, wherein the information processing system includes a system having a database function. 7. The information processing system according to claim 4, wherein the information processing system includes the information processing system having at least one of an IC card and a magnetic card as auxiliary storage of a peripheral device. Information processing method. 8. The intelligent information processing method according to claim 4, further comprising, when the information processing system does not have the item, consider all data as a single item. 9. The method according to claim 8, further comprising the step of storing at least one of the position and range of any part of said data and setting one of said confidentiality levels by one or more special displays. 5. The intelligent information processing method according to claim 4, further comprising performing by indicating by a possible symbol. 10. The intelligent information processing method according to claim 4, wherein the step of selecting an arbitrary part of the data includes executing a range designation using a mouse. 11. The step (a) on the creating side,
(B) and after (c), executing a step of saving the data as a file on an auxiliary storage device of a peripheral device,
Performing the steps (d), (e), and (f) on the data of the stored file, and further, in the case of the receiving side or reading stored data, the data of the received and stored file; 5. The intelligent information processing method according to claim 4, further comprising: executing the steps (a) and (b) on the receiving side. 12. The step (a) on the creating side,
After steps (b) and (c), steps (d), (e),
(F) automatically performing at the time of data transmission, and performing at least one of the steps (a) and (b) of the receiving side automatically at the time of data reception. 5. The intelligent information processing method according to claim 4, further comprising the step of: simply displaying the partially encrypted data in a receiving device having no information processing device. 13. Intelligent information of an information processing system that processes data of an item including at least one of a character, an image, and a graphic, and uses encryption according to a plurality of confidentiality levels set in each part of the item. What is claimed is: 1. An intelligent information processing apparatus, comprising: (a) to (g): (A) Memory means connected to the display and peripheral devices. (B) process, generate, receive / transmit the data, and
An information processing means connected to the memory means for performing at least one of reading / saving and displaying the data on a screen of the display; (C) selecting any portion of the data in the item of the displayed data on the display; and
Partial data selection means connected to the memory means for storing the position of the selected part. (D) confidential level setting means connected to the memory means for setting one of the plurality of confidential levels in the selected portion. (E) the selected portion having the lowest confidentiality level is not encrypted, and the selected portion is selected using an encryption key determined according to the confidentiality level of the selected portion. Encrypting means connected to the memory means for encrypting the encrypted portion. (F) replacing the selected part with a blank or special displayable symbol, and furthermore, the encrypted part and the position of the selected part correspond to the item linked to the same item. Data type holding means connected to the memory means for storing the data type in the storage area. (G) using the plaintext key determined according to the confidentiality level of the encrypted portion to decrypt the encrypted portion and restore the plaintext portion to the original state; ,
Plain culture means connected to the memory means. 14. Intelligent information of an information processing system that processes data of an item including at least one of a character, an image, and a graphic, and uses encryption according to a plurality of confidentiality levels set in each part of the item. Step (a) of the processing method, which is described below, in the case of a creator or data storage
(E) an intelligent information processing method including step (a) in the case of receiving data or reading stored data. (A) In the case of a creation side or data storage; (a) a step of performing at least one of creation, processing, and editing of the data displayed on a screen of a display. (B) selecting any portion of the data within the item of the displayed data on the display; and
Storing the position of the selected portion. (C) setting a plurality of the confidentiality levels in the selected portion. (D) the selected part having the lowest confidentiality level is not encrypted, and the selected part is selected using an encryption key determined according to the confidentiality level of the selected part. Encrypting the part. (E) replacing the selected portion with a blank or special displayable symbol, and furthermore, the encrypted portion and the position of the selected portion correspond to the items linked to the same item. Storing the data in the specified storage area. (B) In the case of receiving or reading stored data; (a) of received data or read stored data,
Decrypting the encrypted portion using a decryption key determined according to the secrecy level of the encrypted portion, and restoring the decrypted portion. 15. Performing the step (b),
Using a method of specifying a range using a mouse, selecting any part of the data as a rectangle of any size, and storing two diagonal coordinates of the rectangle as the position. The intelligent information processing method according to claim 14, wherein: 16. An information processing system which processes data displayed in a table format in which a row direction is a record and a column direction is an item, a plurality of secrecy levels are set for the item, and a database function using encryption. An intelligent information processing apparatus according to claim 1, further comprising the following means (a) to (i). (A) Memory means connected to the display and peripheral devices. (B) the memory means for executing an application of the database system, displaying the data of the item on a screen of the display, and performing at least one of receive / transmit and read / store; Information processing means connected to. (C) item selection means for selecting any of the items displayed on the display. (D) confidentiality level setting means connected to the memory means for setting one of the plurality of confidentiality levels to the selected item. (E) the selected item having the lowest confidentiality level is not encrypted, and the selected item is selected using an encryption key determined according to the confidentiality level of the selected item. Encryption means connected to the memory means for encrypting the item and deleting the plaintext of the item. (F) conversion means connected to the memory means for converting the encrypted item from a binary mode to a displayable mode displayed on the display. (G) data storage connected to the memory means for storing the encrypted and converted item in a storage area corresponding to the selected item or an item related to the selected item; means. (H) reverse conversion means connected to the memory means for reversely converting the encrypted and converted item from the displayable mode to the binary mode. (I) using the plaintext key determined according to the confidentiality level of the inversely transformed encrypted item to decrypt the inversely transformed encrypted item, A plain culture means connected to the memory means for making the data of the item set. 17. An information processing system which processes data displayed in a table format in which a row direction is a record and a column direction is an item, wherein a plurality of confidentiality levels are set in the item, and a database function using encryption is provided. Which includes the following steps (a)-(f) for the creator or data storage, and steps (a)-(b) for the receiver or stored data readout. A featured intelligent information processing method. (A) In the case of a creator or data storage; (a) A step of executing at least one of creation, processing, and editing of the data on a screen of a display. (B) selecting the item of the displayed data on the display. (C) setting one of the plurality of confidentiality levels to the selected item. (D) the selected item having the lowest confidentiality level is not encrypted, and the selected item is selected using an encryption key determined according to the confidentiality level of the selected item. Encrypting the item and deleting the plaintext of the item. (E) converting the encrypted item from a binary mode to a displayable mode displayed on the display. (F) storing the encrypted and converted item in a storage area corresponding to the selected item or an item related to the selected item; (B) In the case of receiving or reading stored data; (a) reversely converting the encrypted and converted item of received data or read stored data from the displayable mode to the binary mode. (B) using the plaintext key determined according to the confidentiality level of the inversely transformed encrypted item to decrypt the inversely transformed encrypted item, As data for the item. 18. An intelligent information processing system for processing data in a format in which one record is displayed on a screen, wherein a plurality of confidentiality levels are set for items in the record, and an information processing system having a database function using encryption. An intelligent information processing apparatus, comprising the following means (a) to (i). (A) Memory means connected to the display and peripheral devices. (B) the memory means for executing an application of the database system, displaying the data of the item on a screen of the display, and performing at least one of receive / transmit and read / store; Information processing means connected to. (C) item selection means for selecting any of the items displayed on the display. (D) confidentiality level setting means connected to the memory means for setting one of the plurality of confidentiality levels to the selected item. (E) the selected item having the lowest confidentiality level is not encrypted, and the selected item is selected using an encryption key determined according to the confidentiality level of the selected item. Encryption means connected to the memory means for encrypting the item and deleting the plaintext of the item. (F) conversion means connected to the memory, for converting the encrypted item from a binary mode to a displayable mode displayed on the display. (G) data storage connected to the memory means for storing the encrypted and converted item in a storage area corresponding to the selected item or an item related to the selected item; means. (H) reverse conversion means connected to the memory means for reversely converting the encrypted and converted item from the displayable mode to the binary mode. (I) using the plaintext key determined according to the confidentiality level of the inversely transformed encryption item to decrypt the inversely transformed encryption item, Plain text means connected to the memory means for making data. 19. An intelligent information processing system for an information processing system which processes data in a format in which one record is displayed on a screen, sets a plurality of secrecy levels for items in the record, and has a database function using encryption. Step (a) for the following creator or data storage method:
(F) An intelligent information processing method comprising steps (a) and (b) in the case of receiving data or reading stored data. (A) In the case of a creator or data storage; (a) A step of executing at least one of creation, processing, and editing of the data on a screen of a display. (B) selecting the item of the displayed data on the display. (C) setting one of the plurality of confidentiality levels to the selected item. (D) the selected item having the lowest confidentiality level is not encrypted, and the selected item is selected using an encryption key determined according to the confidentiality level of the selected item. Encrypting the item and deleting the plaintext of the item. (E) converting the encrypted item from a binary mode to a displayable mode displayed on the display. (F) storing the encrypted and converted item in a storage area corresponding to the selected item or an item related to the selected item; (B) In the case of receiving or reading stored data; (a) reversely converting the encrypted and converted item of received data or read stored data from the displayable mode to the binary mode. (B) using the plaintext key determined according to the confidentiality level of the inversely transformed encrypted item to decrypt the inversely transformed encrypted item, As data for the item. 20. In the step (f), the selected item is replaced with a predetermined displayable symbol, and the encrypted and converted item is replaced with an item related to the selected item. 20. The method according to claim 19, further comprising the step of:
The described intelligent information processing method.