JP4049498B2 - Originality assurance electronic storage method, apparatus, and computer-readable recording medium - Google Patents

Originality assurance electronic storage method, apparatus, and computer-readable recording medium Download PDF

Info

Publication number
JP4049498B2
JP4049498B2 JP32880299A JP32880299A JP4049498B2 JP 4049498 B2 JP4049498 B2 JP 4049498B2 JP 32880299 A JP32880299 A JP 32880299A JP 32880299 A JP32880299 A JP 32880299A JP 4049498 B2 JP4049498 B2 JP 4049498B2
Authority
JP
Japan
Prior art keywords
device
storage medium
medium
electronic
storage
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
JP32880299A
Other languages
Japanese (ja)
Other versions
JP2001147898A (en
Inventor
益義 谷内田
洋一 金井
Original Assignee
株式会社リコー
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 株式会社リコー filed Critical 株式会社リコー
Priority to JP32880299A priority Critical patent/JP4049498B2/en
Priority claimed from DE2000124753 external-priority patent/DE10024753B4/en
Publication of JP2001147898A publication Critical patent/JP2001147898A/en
Application granted granted Critical
Publication of JP4049498B2 publication Critical patent/JP4049498B2/en
Anticipated expiration legal-status Critical
Expired - Fee Related legal-status Critical Current

Links

Images

Description

[0001]
BACKGROUND OF THE INVENTION
The present invention relates to an originality-guaranteed electronic storage method, apparatus, and recording medium that guarantee the originality of electronic data stored in a predetermined storage unit, and more particularly, to the originality of a compound document formed from a plurality of files. The present invention relates to an originality-guaranteed electronic storage method, apparatus, and recording medium that can efficiently guarantee.
[0002]
[Prior art]
With the advancement of sophistication in society, it is required to make it possible to electronically store documents that were previously required to be stored in paper. However, compared to paper documents, electronic documents can be falsified without leaving traces, are invisible, and have poor long-term storage properties. If these problems are not resolved, the electronic document remains as the original document. It is in a situation where it is not legally allowed to preserve.
[0003]
There are three approaches to solving this problem: technical solutions (solutions that make full use of information system technology), organizational solutions (establishing operating rules, solutions based on organized operations), and institutional solutions (unauthorized acts are prohibited by law. And so on). Combining these three approaches will solve the problem. However, it takes time to make an institutional solution, and there is a problem that it is difficult to find out that the information system has violated the law. In addition, in the case of organizational solutions, there is a problem that it is difficult to prove that there is no fraud in the operation within the organization.
[0004]
In response to such a situation, the (Special) Information Technology Promotion Business Association conducted the “Development of an Originality Assured Electronic Storage System” project in fiscal 1997 as part of the creative software training business, using electronic documents as originals. A technical solution for preservation was developed. The preservation system developed in the project makes it possible to ensure the authenticity, readability, and preservation of electronic documents at the same level as paper documents.
[0005]
In order to ensure authenticity, it is possible to detect when electronic data has been tampered with, and to keep a history of access. In addition, it is possible to distinguish an original and a copy of electronic data so that a paper document can distinguish an original and a copy. This makes it clear which electronic data is being treated as obligatory. It should be noted that the technology for distinguishing the original from the copy is different from the copy protection technology and the copyright protection technology. Although there is no problem in copying the content of the electronic data that is the original, the copy is treated as a copy to the last, and it is a technique that prevents the original from being unclear.
[0006]
In order to ensure readability, the protocol between the storage device and the outside is standardized so that electronic data stored reliably can be read through the protocol.
[0007]
In order to ensure storability, it is possible to use an optical disc that can be stored for a long time compared to a hard disk or the like as a storage medium. When it is applied, it is processed so that it can be detected.
[0008]
With this storage system, it is possible to store electronic data as an original, and it is possible to enhance the evidence ability (proof power) of the electronic data.
[0009]
Japanese Patent Application No. 11-090212 “Method and apparatus for guaranteeing originality of electronic document” and Japanese Patent Application No. 11-145340 “Method and apparatus for guaranteeing originality of electronic document” Computer-readable recording medium recording a program to be executed by a computer ", Japanese Patent Application Laid-Open No. 10-283262," File system and program storage medium ", Oo et al .: Development of originality assurance electronic storage system-Realization of basic functions-, Medical Imaging Technology, Vol.16, No.4, Proceedings of JAMIT Annual Meeting '98 (1998), Kanai et al .: Development of originality assurance electronic storage system-System construction-, Medical Imaging Technology, Vol.16, No. 4. Proceedings of JAMIT Annual Meeting '98 (1998), Kokubun et al .: Development of originality assurance electronic storage system, (Special) Information processing promotion business association publication Software Development Business and Electronic Commerce Promotion Business Final Results Presentation Proceedings Creative Software Development Business (1998), Kanai: About the Originality Assured Electronic Storage System, Vol.34, No.8, Government & ADP (1998) is there.
[0010]
By using these technologies, it is possible to guarantee the originality of electronic data. As a result, original documents that were legally required to be stored in paper can be stored as originals as electronic data, and this contributes to the advancement of a highly information-oriented society. I can expect.
[0011]
[Problems to be solved by the invention]
Each of these conventional techniques disclosed so far assumes that the original electronic document is a single file. However, with the recent spread of the WWW technology, an electronic document is composed of a plurality of files as seen in HTML, XML, and SGML (hereinafter, an electronic document composed of a plurality of files is referred to as a “compound document”. ")" Is increasing. In order to save such a compound document in a form that guarantees the originality, when using a conventionally disclosed technique, the plurality of files are combined into one file and then the originality-guaranteed electronic storage is performed. It has been necessary to take a method of saving in an apparatus or saving each file as a separate original in an originality assurance electronic storage apparatus.
[0012]
However, in the former case, the external application program that uses the originality assurance electronic storage device manages that from where to where corresponds to the data that becomes the first file, and from where to where corresponds to the data that becomes the next file. I had the trouble of having to record. Furthermore, when the original data is recorded on a removable medium such as a CD-R by the originality assurance electronic storage device, the contents are read even when the removable medium is mounted on a drive device such as another general CD-R drive. Those who can put out can improve the readability of the original data. However, there is a problem that data collected in one lump for handling as one original becomes a special format and is difficult to handle as an external application.
[0013]
In the latter case, each saved original is an element that originally constituted one document, but the relationship between the originals becomes unclear, and each original is managed and edited separately. There was a problem that.
[0014]
In order to solve the above problem, Japanese Patent Application No. 11-173371 “Originality Assured Electronic Storage Device, Originality Assurance Electronic Storage Method and Computer-Readable Recording Medium Recording a Program for Executing the Method on a Computer” There is provided an originality assurance electronic storage method and apparatus having a function of managing a compound document composed of a plurality of files as one original data, and guaranteeing the originality of the original data.
[0015]
However, in the invention of Japanese Patent Application No. 11-173371, since the management of hash values for each content and version is complicated, there is a tendency that the document update / reference procedure becomes complicated.
[0016]
The present invention has been made in view of the above circumstances, has a function of managing a compound document composed of a plurality of files as one original data, and can guarantee the originality of the original data. The purpose of the present invention is to simplify the management of the hash value of a document in an originality assurance electronic storage method, apparatus, and recording medium. In addition, the present invention provides a processing method, apparatus, and recording medium that eliminates the complexity of document update and reference procedures, and that enhances the safety of program activation and termination processing of a storage device. For that purpose.
[0017]
[Means for Solving the Problems]
The invention of claim 1 In an originality-guaranteed electronic storage method in which the originality of electronic data stored in a storage medium is guaranteed by a storage device, the storage device has tamper resistance and includes an internal storage medium, and the internal storage medium includes electronic data A message authenticator or a device encryption key of the storage device for calculating an electronic signature, a device decryption key corresponding to the device encryption key, a medium identification number for authenticating the storage medium, and a message authenticator for the list Alternatively, a medium authentication code list including a medium authentication code entry including an electronic signature for each target recording medium is recorded, and the storage medium is stored with a medium identification number for identifying the storage medium. A stored data list file indicating a list of electronic data to be stored, and a message authenticator or electronic signature for the list attached to the stored data list file. When the storage medium is recorded on the storage device and the storage medium is mounted on the storage device, the storage device reads the medium identification number from the storage medium, and the message attached to the storage data list file from the storage medium Read the authenticator or electronic signature, read the medium authentication code list from the internal storage medium, take out the medium authentication code entry corresponding to the read medium identification number from the medium authentication code list, and mount the mounted storage medium Whether or not the message authentication code or electronic signature recorded together with the stored data list file from the stored data list file matches the message authentication code or electronic signature stored in the storage medium. Verify and if not, mount If the stored data list file matches, the stored data list file is read out from the storage medium, and the tampering of the stored data list file is detected using the message authenticator or electronic signature read from the storage medium and the device decryption key. Including a storage medium mounting method for releasing the mount when tampering is detected and acquiring the original electronic data stored in the storage medium when tampering is not detected. It is a feature.
[0018]
The invention of claim 2 2. The originality assurance electronic storage method according to claim 1, wherein the storage device includes a communication port, and the storage device newly creates a plurality of content files and these as one original from the outside via the communication port. When a request to save is received, if the storage medium is not mounted, an error is returned and the process ends. If the storage medium is mounted, attribute information corresponding to a new original is created, and A hash value is calculated for each of the attribute information and the plurality of received content files, a hash list in which the calculated hash values are collected is created, and the hash is stored using a device encryption key stored in the storage device A message authenticator or electronic signature is calculated for the list, and the attribute information, the plurality of content files, and the hash list are calculated. And the message authenticator or electronic signature are stored in the mounted storage medium, a stored data entry including the message authenticator or electronic signature is created, and the stored data entry is stored in a stored data list of the storage medium. And adding a list message authenticator or electronic signature to the stored data list using the device encryption key, and storing the list message authenticator or electronic signature together with the stored data list in the storage medium. Recording, creating a medium authentication code entry including the second message authenticator or electronic signature, adding the created medium authentication code entry to the medium authentication code list in the internal storage medium of the storage device, and A message authenticator or electronic signature for the list is calculated for the medium authentication code list using the device encryption key. To include a method for storing records in the internal storage medium in the medium both authentication code list message authentication or digital signature for the list, the original new It is a feature.
[0019]
The invention of claim 3 The originality assurance electronic storage method according to claim 1 or 2, wherein the storage device includes a communication port, and the storage device receives a program end request of the storage device from the outside via the communication port. Reading the device encryption key and the device decryption key from the internal storage medium, encrypting the read device encryption key and the device decryption key with a master encryption key in the storage device, and encrypting the device encryption key Including a program termination method of recording a key and the device decryption key in the internal storage medium and terminating the program. It is a feature.
[0020]
The invention of claim 4 The originality assurance electronic storage method according to claim 1 or 2, wherein the storage device includes a communication port, and the storage device receives a program end request of the storage device from the outside via the communication port. The device encryption key and the device decryption key are read from the internal storage medium, the device encryption key and the device decryption key are encrypted with the master encryption key in the storage device, and the encrypted device encryption key and the device decryption key are stored. Including a program termination method of recording in the internal storage medium and terminating the program. It is a feature.
[0021]
The invention of claim 5 5. The originality assurance electronic storage method according to claim 3 or 4, wherein the master encryption key is held in the program. It is a feature.
[0022]
The invention of claim 6 5. The originality assurance electronic storage method according to claim 3, wherein the master encryption key is stored in hardware in the storage device. It is a feature.
[0023]
The invention of claim 7 3. The originality assurance electronic storage method according to claim 1 or 2, wherein when the program of the storage device is activated, the device encryption key and the device decryption encrypted from the internal storage medium with a master encryption key. A key is read, the encrypted device encryption key and the device decryption key are decrypted with a master decryption key corresponding to the master encryption key, and the decrypted device encryption key and the device decryption key are stored in the internal decryption key. Including a program start method for recording in a storage medium It is a feature.
[0024]
The invention of claim 8 3. The originality assurance electronic storage method according to claim 1 or 2, wherein when the program of the storage device is activated, the device encryption key and the device decryption encrypted from the internal storage medium with a master encryption key. A key is read, the encrypted device encryption key is decrypted with a master decryption key corresponding to the master encryption key, is used as a device encryption key, and the encrypted device decryption key is decrypted with the master decryption key. A decryption key, the decrypted device encryption key and the device decryption key are recorded in the internal storage medium, and a medium authentication code list for authenticating the storage medium recorded in the internal storage medium is read, and the medium A message authenticator or electronic signature recorded together with the authentication code list is read, and the medium authentication is read using the message authenticator or electronic signature and the device decryption key. Detecting the tampering of Listing, to include program activation method It is a feature.
[0025]
The invention of claim 9 9. The originality assurance electronic storage method according to claim 7, wherein the master encryption key and master decryption key are held in the program. It is a feature.
[0026]
The invention of claim 10 9. The originality assurance electronic storage method according to claim 7 or 8, wherein the master encryption key and master decryption key are stored in hardware in the storage device. It is a feature.
[0027]
The invention of claim 11 In an originality assurance electronic storage device that guarantees the originality of electronic data stored in a storage medium, a storage medium that stores electronic data, a communication port that is an interface for performing external communication via a network, and various types An internal storage medium that stores parameters necessary for executing the program, a program storage medium that stores various programs, and a processor that reads and executes the various programs stored in the program storage medium, A program storage medium storing a program for causing the processor to execute the originality assurance electronic storage method according to any one of claims 1 to 10. It is a feature.
[0028]
The invention of claim 12 A computer-readable recording medium storing a program for executing the originality assurance electronic storage method according to any one of claims 1 to 10 or functioning as the originality assurance electronic storage device according to claim 11. Recording medium It is.
[0030]
DETAILED DESCRIPTION OF THE INVENTION
FIG. 1 is a diagram showing the configuration of an originality assurance electronic storage device (hereinafter abbreviated as “original storage device”) according to the present invention. This original storage device 100 stores electronic data as an original, The apparatus is accessed from the host computer 110 via a network, and includes a mass storage medium 101, a communication port 102, a program storage medium 103, an internal storage medium 104, a timer 105, and a processor 106. The external system stores / reads electronic data from / to the original storage device 100 via the network (which may be a general communication path) from the host computer 110 side. The communication port 102 is an interface unit for performing communication with the host computer 110 via a network, and includes, for example, a communication modem such as a LAN card.
[0031]
The mass storage medium 101 may be removable from the original storage device 100, such as a magneto-optical disk or CD-R, but the other blocks are physically integrated as the original storage device 100. There is no access from outside except through the communication port 102. It is a tamper-resistant device that does not have a direct access method to each block. The level of securing tamper resistance can be considered from the level of sticking a seal so that the case can not be opened, to the level where the device will not work if the case is opened more highly, Use such existing technology. Since the processor processes only prescribed commands, it is impossible to illegally access the inside via the communication port 102.
[0032]
The program storage medium 103 is a memory that stores various programs such as a main control program, a hash program, a key generation program, an encryption program, and a decryption program, and includes, for example, a rewritable EEPROM and a read-only ROM.
[0033]
The internal storage medium 104 is a memory such as an EEPROM that stores parameters necessary for executing various programs. Specifically, the device encryption key, device decryption key, medium authentication code list, latest data identification number, timer Stores setting history files and account management lists. The timer 105 is a timer that measures the time at which the processor 106 earns when the program is executed.
[0034]
The processor 106 is a control device that reads and executes various programs such as a main control program, a hash program, a key generation program, an encryption program, and a decryption program stored in the program storage medium 103.
[0035]
In this example of the original storage device 100, a key generation program, an encryption program, a decryption program, and the like are stored in a program storage medium, and these programs are executed by a processor. A hardware module such as a cryptographic LSI board may be incorporated in the original storage device 100, and key generation, encryption, and decryption processing may be performed by the hardware module. As an example of such hardware, for example, CSA7000 of ERACOM (Australia) is known. When hardware such as the one shown here is used, the key can be safely stored inside the hardware. Therefore, the master encryption key and master decryption key used in the explanation below are stored inside this hardware. You may make it memorize.
[0036]
The original storage device 100 records data requested to be stored from an external system in the large-capacity storage medium 101. At this time, in order to detect data falsification later, the original storage device 100 for the data to be stored is recorded. A message authenticator (an electronic signature when adopting a public key cryptosystem) is added with its own private key. Also, a message authentication code (MAC) is added to the list of data recorded in the mass storage medium 101 in order to detect unauthorized deletion of the data itself. In addition, in order to detect unauthorized replacement of the large-capacity storage medium 101 (such as returning to a past state), a pair of a medium identification number of the large-capacity storage medium 101 and a message authenticator for the data list of the medium is stored as an original. It is recorded and managed inside the apparatus 100. In addition, the current time is acquired from the timer 105 built in the original storage device 100 so as to prevent fraud on the date of data creation, and is given as an attribute of the data.
[0037]
Further, in the original storage device 100, the data is managed by giving attributes such as “temporary original”, “original”, and “copy” to distinguish the original from the copy. When the data with the “original” attribute is requested to be duplicated from the outside, the duplicated data is given the attribute “Tsumoto”. This attribute is managed by the original storage device 100 itself and cannot be changed from the outside. Even if the mass storage medium 101 is removed and its attributes are tampered with externally, tampering is detected when the mass storage medium 101 is attached to the original storage device 100 later.
[0038]
FIG. 2 and FIG. 3 are diagrams showing the concept of an example of data stored by guaranteeing the original in the originality assurance electronic storage device according to the present invention. A plurality of content files constitute one version, a plurality of versions, a data attribute information file in which attribute information of the document is recorded, an access log file in which access history is recorded, and a hash of each file constituting the document One stored data is configured and managed by a hash file for managing values.
[0039]
In FIG. 2, there are two contents at the version 1 stage, and the third and fourth contents increase when the version 2 is reached. In the version 3, the first contents are edited and the fourth contents. Is a conceptual representation of the deleted state. The content shown in light color has only content attribute information, and the content data file itself refers to a previous version of the content data file.
[0040]
A processing sequence for guaranteeing originality will be described below.
(Outline of processing)
The validity of the internal management information is verified when the internal program of the original storage device 100 is started, and it is confirmed that the authentication code for each large-capacity storage medium 101 is correct. Then, when mounting the large-capacity storage medium 101, the validity of the stored data list recorded on the large-capacity storage medium 101 is verified to confirm that the hash file MAC for each stored data is correct. When the original recorded on the mass storage medium 101 is actually accessed, the validity of the content, attribute information, and access log is verified using the hash file managed together with the original content and attribute information. Do.
[0041]
Conversely, when an original is created or updated, a hash file MAC for verifying the authenticity of the original is calculated and recorded together with the original, but also stored in the stored data list of the mass storage medium 101. Record the hash file MAC. When unmounting, the list MAC for verifying the validity of the stored data list is calculated to protect the stored data list, and not only is recorded together with the stored data list, but also the medium inside the original storage device 100 The list MAC is also recorded in the authentication code list. When the internal program of the original storage device 100 is terminated, a medium authentication code list MAC for verifying the medium authentication code list is calculated and recorded together with the medium authentication code list in order to protect the medium authentication code list. At the same time, the device encryption key used for the calculation of the medium authentication code list MAC is encrypted by the master encryption key incorporated in the program and recorded in the internal storage medium 104.
[0042]
(Program startup process)
When the internal program of the storage device is started, the consistency of internal management information is verified. There is a possibility that the service person of the storage device stops the program and maintains the inside. The medium authentication code list is read from 104, and the medium authentication code list MAC attached thereto is verified. Before the verification, since the device encryption key and the device decryption key are encrypted by the master encryption key, they are decrypted by the master decryption key embedded in the program. If the verification fails, the program ends without starting because there is a possibility that unauthorized tampering has occurred. If the verification is successful, the medium authentication code list can be trusted, and the program is normally started.
[0043]
(Program end processing)
At the end of the program, an unmount process is executed for the mounted mass storage medium 101. Then, the medium authentication code list of the internal storage medium 104 is read, the hash value is calculated and encrypted with the device encryption key, and the medium authentication code list MAC is obtained. The medium authentication code list MAC is assigned to the medium authentication code list and recorded in the internal storage medium 104. Further, the apparatus encryption key and the apparatus decryption key recorded in the internal storage medium 104 are encrypted with the master encryption key embedded in the internal program, and then the process ends.
[0044]
(Mass storage media format processing)
In order to make the large-capacity storage medium 101 available, a format process is required. A medium identification number is assigned to the new mass storage medium 101, and the medium identification number is recorded in the mass storage medium 101 as a medium identification number file. An empty saved data list is created, a list MAC for the saved data list is calculated, assigned to the saved data list, and recorded as a saved data list file in the mass storage medium 101. Then, the set of the list MAC and the medium identification number is added to the medium authentication code list of the internal storage medium 104 as a new entry of the medium authentication code list. A medium authentication code list MAC is calculated for the medium authentication code list, added to the medium authentication code list, and recorded in the internal storage medium 104. The process of assigning the MAC to the medium authentication code list may be executed only in the program end process. The table below shows the configuration of the media authentication code list.
[0045]
[Table 1]
[0046]
(Mounting process)
When the mass storage medium 101 storing the original is loaded, the medium identification number file is read from the mass storage medium 101 and the medium identification number is acquired. In the medium authentication code list recorded in the internal storage medium 104 of the storage device 100, the entry corresponding to the loaded mass storage medium 101 is referred to, and the list MAC is acquired. The list MAC is compared with the list MAC assigned to the saved data list file recorded in the large-capacity storage medium 101 to verify whether the values are the same. If the values are not the same, the mount processing fails because the saved data list file is invalid. If the values are the same, the stored data list file is read from the large-capacity storage medium 101, and it is verified whether the list MAC of the stored data list file is correct. If it is not correct, the mount process will fail. If it is correct, the stored data list is reliable and the mount process is successful.
[0047]
(Unmount processing)
When unmounting the large-capacity storage medium 101, a hash value is calculated based on the stored data list file, and the hash value is encrypted with the device encryption key to form the list MAC. The list MAC is assigned to the saved data list file and recorded in the mass storage medium 101. Then, the medium authentication code list is read from the internal storage medium 104, the list MAC is updated for the medium authentication code entry corresponding to the medium identification number of the mass storage medium 101 to be unmounted, and the internal storage medium 104 is updated. Record.
[0048]
(See original)
When a reference to the original recorded on the mass storage medium 101 is requested after the mounting process is successful (specifically, the storage device receives a reference request specifying the original identification number), the stored data list The hash file MAC is obtained by referring to the entry of the corresponding original. It is verified whether the hash file MAC and the hash file MAC assigned to the hash file of the corresponding document recorded in the large-capacity storage medium 101 have the same value. Since the validity of the stored data list is confirmed during the mounting process, if the values are not the same, the hash file is invalid, and the original reference process fails. If the values are the same, the hash file of the corresponding document is read from the large-capacity storage medium 101, and it is verified whether the hash file MAC of the hash file is correct. If it is not correct, the original reference process fails. If correct, the hash file is reliable. For example, if reference to the first content file is requested among the specified originals, the hash value corresponding to the first content file is extracted from the hash file, and the hash value is calculated from the content file. Verify whether it matches the hash value. Since the validity of the hash file has already been verified, the content file is invalid if it does not match, and the original reference process fails. If they match, the read content file is passed to the request source, and the original reference process is successful.
[0049]
(Original original creation process)
FIG. 4 is a flowchart for explaining a new original creation method according to the embodiment of the present invention. When a new original is to be created (saved) from outside the original storage device 100, the following processing is performed.
[0050]
First, a plurality of original content files newly created from outside are received (step S1). It is determined whether the mounting process of the large-capacity storage medium 101 is completed (step S2). If it is not completed, an error process is performed and the process ends. If the processing is completed, the latest original identification number of the internal storage medium 104 is read. 1 is added to the read number to obtain a new latest original identification number, which is recorded in the internal storage medium 104 (step S3). Thereafter, the new latest original identification number is used as the original identification number of the original, the directory name is determined based on the original identification number, and a directory is created in the mass storage medium 101 (step S4). A hash value is calculated for each received content file to obtain a content file hash value, and the received content file is recorded under the created directory (step S5).
[0051]
Next, the current time is acquired from the internal timer 105, the latest timer ID is acquired from the internal storage medium 104, and date / time information is created from the current time and the latest timer ID (step S6). Data attribute information is created based on the previous new original identification number, date and time information, and content file information (step S7). A hash value is calculated on the basis of this data attribute information to obtain a data attribute information hash value. Data attribute information is recorded on the large-capacity storage medium 101 as a data attribute information file (step S8).
[0052]
An access log of this original including the name of the user who requested the creation of the original is created (step S9). A hash value is calculated based on this access log to obtain an access log hash value. The access log is recorded on the mass storage medium 101 as an access log file (step S10). The content file hash value, the data attribute information hash value, and the access log hash value are combined into a hash collection, the hash value is calculated based on the hash collection, the hash value is encrypted with the device internal encryption key, and the hash file MAC and (Step S11). Here, the hash collection and the hash file MAC are combined and recorded in the large-capacity storage medium 101 as a hash file (step S12). The structure of the hash file is shown in the table below.
[0053]
[Table 2]
[0054]
Here, when the version number is 0 and the content number is 1, it means a data attribute information file. When the version number is 0 and the content number is 2, it means an access log file.
[0055]
Finally, a saved data list entry is created by combining the original identification number, original attribute, creation date information, and hash file MAC, and the previous saved data list entry is added to the saved data list file of the mass storage medium 101 ( Step S13) and the process is terminated.
[0056]
(Original content update process)
When updating the original content, the validity of the original is basically verified by the procedure described in the original reference process, and then the content is processed in the same procedure as the new original creation process. The falsification detection code for verifying the authenticity of the original is calculated, recorded and managed.
[0057]
【The invention's effect】
According to the originality assurance electronic storage method and apparatus of the present invention, the management of the hash value of a document can be simplified, and the complexity of document update and reference procedures can be eliminated. In addition, it is possible to improve the safety of the program start and end processing of the storage device.
[Brief description of the drawings]
FIG. 1 is a diagram showing a configuration of an original storage device according to the present invention.
FIG. 2 is a diagram showing a concept of an example of data stored in an original storage device according to the present invention with the original guaranteed.
FIG. 3 is a diagram showing a concept of an example of data stored in an original storage device according to the present invention with the original being guaranteed.
FIG. 4 is a flowchart for explaining a new original creation method according to an embodiment of the present invention.
[Explanation of symbols]
DESCRIPTION OF SYMBOLS 100 ... Original storage apparatus, 101 ... Mass storage medium, 102 ... Communication port, 103 ... Program storage medium, 104 ... Internal storage medium, 105 ... Timer, 106 ... Processor, 110 ... Host computer.

Claims (12)

  1. In an originality-guaranteed electronic storage method for assuring the originality of electronic data stored in a storage medium with a storage device ,
    The storage device has tamper resistance and includes an internal storage medium,
    The internal storage medium includes a device encryption key of the storage device for calculating a message authenticator or electronic signature of electronic data, a device decryption key corresponding to the device encryption key, and a medium identification for authenticating the storage medium A medium authentication code list including a medium authentication code entry including a number and a message authenticator for the list or an electronic signature for each target recording medium; and
    The storage medium includes a medium identification number for identifying the storage medium, a stored data list file indicating a list of electronic data to be stored, and a message authenticator or electronic for list attached to the stored data list file A signature is recorded by the storage device;
    When the storage medium is mounted on the storage device, the storage device is
    Reading the medium identification number from the storage medium;
    Read the message authenticator or electronic signature attached to the saved data list file from the storage medium,
    Reading the medium authentication code list from the internal storage medium,
    A medium authentication code entry corresponding to the read medium identification number is extracted from the medium authentication code list;
    Read the message authenticator or electronic signature recorded with the saved data list file from the mounted storage medium,
    Verifying that the message authenticator or electronic signature in the media authentication code entry matches the message authenticator or electronic signature in the storage medium;
    If it does n’t match,
    Unmount,
    If it matches,
    Reading the saved data list file from the storage medium,
    Using a message authenticator or electronic signature read from the storage medium and a device decryption key to detect falsification of the stored data list file;
    If tampering is detected, unmount it,
    If no alteration is detected, an original electronic data stored in the storage medium is obtained;
    An originality assurance electronic storage method comprising a storage medium mounting method.
  2. The originality assurance electronic storage method according to claim 1,
    The storage device includes a communication port, and the storage device
    When receiving a plurality of content files and a request for newly saving them as one original from the outside via the communication port,
    If the storage medium is not mounted,
    Exit with an error,
    If the storage medium is mounted,
    Create attribute information corresponding to the new original,
    Calculate a hash value for each of the attribute information and the received content files,
    Create a hash list that summarizes the calculated hash values,
    Calculating a message authenticator or electronic signature for the hash list using a device encryption key stored in the storage device;
    Storing the attribute information, the plurality of content files, the hash list, and the message authenticator or electronic signature in the mounted storage medium;
    Creating a stored data entry containing the message authenticator or electronic signature;
    Adding the stored data entry to the stored data list of the storage medium;
    Calculating a list message authenticator or electronic signature for the stored data list using the device encryption key ;
    A message authenticator or electronic signature for the list is recorded in the storage medium together with the stored data list;
    Creating a media authentication code entry including the second message authenticator or electronic signature;
    Adding the created medium authentication code entry to the medium authentication code list in the internal storage medium of the storage device;
    Using the device encryption key to calculate a message authenticator or electronic signature for the list against the media authentication code list;
    A message authenticator or electronic signature for the list is recorded together with the medium authentication code list on the internal storage medium;
    1. An originality-guaranteed electronic storage method comprising a method for newly storing an original.
  3. In the originality assurance electronic storage method according to claim 1 or 2,
    The storage device includes a communication port, and the storage device
    When receiving a program end request of the storage device from the outside via the communication port,
    Read the device encryption key and the device decryption key from the internal storage medium,
    The read device encryption key and device decryption key are encrypted with a master encryption key in the storage device,
    Recording the encrypted device encryption key and the device decryption key on the internal storage medium;
    Exit the program,
    An originality assurance electronic storage method comprising a program termination method.
  4. In the originality assurance electronic storage method according to claim 1 or 2,
    The storage device includes a communication port, and the storage device
    When receiving a program end request of the storage device from the outside via the communication port,
    Read the device encryption key and the device decryption key from the internal storage medium,
    Encrypting the device encryption key and the device decryption key with a master encryption key in the storage device,
    Recording the encrypted device encryption key and device decryption key in the internal storage medium;
    Exit the program,
    An originality assurance electronic storage method comprising a program termination method.
  5. In originality assurance electronic storage method according to claim 3 or 4, wherein the master encryption key, the authenticity assurance electronic storage method characterized by being retained in said program.
  6. 5. The originality assurance electronic storage method according to claim 3 or 4 , wherein the master encryption key is stored in hardware in the storage device.
  7. In the originality assurance electronic storage method according to claim 1 or 2,
    When the storage device program is started,
    Reading out the device encryption key and the device decryption key encrypted from the internal storage medium with a master encryption key;
    Decrypting the encrypted device encryption key and the device decryption key with a master decryption key corresponding to the master encryption key;
    Recording the decrypted device encryption key and the device decryption key in the internal storage medium;
    An originality-guaranteed electronic storage method comprising a program starting method.
  8. In the originality assurance electronic storage method according to claim 1 or 2,
    When the storage device program is started,
    Reading out the device encryption key and the device decryption key encrypted from the internal storage medium with a master encryption key;
    Decrypting the encrypted device encryption key with a master decryption key corresponding to the master encryption key as a device encryption key, decrypting the encrypted device decryption key with the master decryption key, and as a device decryption key,
    Recording the decrypted device encryption key and device decryption key in the internal storage medium;
    Reading a medium authentication code list for authenticating the storage medium recorded in the internal storage medium,
    Read the message authenticator or electronic signature recorded with the medium authentication code list,
    Detecting tampering of the medium authentication code list using the message authenticator or electronic signature and the device decryption key;
    An originality-guaranteed electronic storage method comprising a program starting method.
  9. 9. The originality-guaranteed electronic storage method according to claim 7 or 8 , wherein the master encryption key and the master decryption key are held in the program.
  10. 9. The originality assurance electronic storage method according to claim 7 or 8 , wherein the master encryption key and master decryption key are stored in the storage device by hardware.
  11. In an originality assurance electronic storage device that guarantees the originality of electronic data stored in a storage medium,
    A storage medium for storing electronic data;
    A communication port that is an interface for communicating with the outside via a network;
    An internal storage medium for storing parameters necessary for executing various programs;
    A program storage medium for storing various programs;
    A processor that reads and executes various programs stored in the program storage medium,
    11. An originality assurance electronic storage device, characterized in that a program for causing the processor to execute the originality assurance electronic storage method according to any one of claims 1 to 10 is stored in the program storage medium. .
  12. A computer-readable recording medium storing a program for executing the originality assurance electronic storage method according to any one of claims 1 to 10 or functioning as the originality assurance electronic storage device according to claim 11. Recording medium.
JP32880299A 1999-11-18 1999-11-18 Originality assurance electronic storage method, apparatus, and computer-readable recording medium Expired - Fee Related JP4049498B2 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
JP32880299A JP4049498B2 (en) 1999-11-18 1999-11-18 Originality assurance electronic storage method, apparatus, and computer-readable recording medium

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
JP32880299A JP4049498B2 (en) 1999-11-18 1999-11-18 Originality assurance electronic storage method, apparatus, and computer-readable recording medium
DE2000124753 DE10024753B4 (en) 1999-05-25 2000-05-19 Originality-guaranteeing, electronic storage device, authorization verification system, originality-guaranteeing, electronic storage method, authorization verification method, damage restoration method and storage medium

Publications (2)

Publication Number Publication Date
JP2001147898A JP2001147898A (en) 2001-05-29
JP4049498B2 true JP4049498B2 (en) 2008-02-20

Family

ID=18214274

Family Applications (1)

Application Number Title Priority Date Filing Date
JP32880299A Expired - Fee Related JP4049498B2 (en) 1999-11-18 1999-11-18 Originality assurance electronic storage method, apparatus, and computer-readable recording medium

Country Status (1)

Country Link
JP (1) JP4049498B2 (en)

Families Citing this family (17)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP4909474B2 (en) * 2001-09-13 2012-04-04 株式会社リコー Secure electronic media management system, method, program, and recording medium
GB0212318D0 (en) * 2002-05-28 2002-07-10 Symbian Ltd Tamper evident removable media storing executable code
JP4576100B2 (en) * 2002-07-30 2010-11-04 富士通株式会社 Information reproducing apparatus, secure module, and information reproducing method
EP1387238B1 (en) 2002-07-30 2011-06-15 Fujitsu Limited Method and apparatus for reproducing information using a security module
JP2004180278A (en) * 2002-11-15 2004-06-24 Canon Inc Information processing apparatus, server device, electronic data management system, information processing system, information processing method, computer program, and computer-readable storage medium
WO2004072845A1 (en) 2003-02-14 2004-08-26 Canon Kabushiki Kaisha System for certifying whether printed material corresponds to original
US7103779B2 (en) 2003-09-18 2006-09-05 Apple Computer, Inc. Method and apparatus for incremental code signing
JPWO2005111809A1 (en) * 2004-05-13 2008-03-27 松下電器産業株式会社 File management apparatus, file management method, file management program, and computer-readable recording medium recording the file management program
WO2006051522A2 (en) * 2004-11-12 2006-05-18 Discretix Technologies Ltd. Method, device, and system of securely storing data
KR100599159B1 (en) 2005-03-03 2006-07-12 삼성전자주식회사 Method and apparatus for digital signature generation and validation
JP2007102661A (en) * 2005-10-07 2007-04-19 Sourcenext Corp Encryption management method and encryption management program for data and file
US8364965B2 (en) 2006-03-15 2013-01-29 Apple Inc. Optimized integrity verification procedures
JP4671913B2 (en) * 2006-06-05 2011-04-20 株式会社リコー Originality assurance electronic storage device, originality assurance electronic storage method and program
KR100901169B1 (en) 2007-04-13 2009-06-04 한국전자통신연구원 System and method for filtering media file
CN102016867B (en) 2008-03-04 2015-02-25 苹果公司 System and method of authorizing execution of software code based on at least one installed profile
KR101310253B1 (en) * 2011-10-28 2013-09-24 (주)네오위즈게임즈 Hash data creation method and hash data comparison system and method
JP5970193B2 (en) * 2012-02-02 2016-08-17 国立大学法人茨城大学 Search system, search method, and search program

Also Published As

Publication number Publication date
JP2001147898A (en) 2001-05-29

Similar Documents

Publication Publication Date Title
US9235403B2 (en) System and method for updating firmware
US8549313B2 (en) Method and system for integrated securing and managing of virtual machines and virtual appliances
US8856521B2 (en) Methods and systems for performing secure operations on an encrypted file
US8122256B2 (en) Secure bytecode instrumentation facility
US7506365B2 (en) Document distribution method and document management method
US6711594B2 (en) Distributed data archive device and system
US7757077B2 (en) Specifying security for an element by assigning a scaled value representative of the relative security thereof
US7412061B2 (en) Encrypting a digital object on a key ID selected therefor
US7319759B1 (en) Producing a new black box for a digital rights management (DRM) system
US6978365B2 (en) Client-side boot domains and boot rules
JP3763393B2 (en) Communication system, terminal device, recording medium recording reproduction program, server device, and recording medium recording server program
US9246916B2 (en) Specifying rights in a digital rights license according to events
EP1204910B1 (en) Computer platforms and their methods of operation
US7529927B2 (en) Specifying security for an element by assigning a scaled value representative of the relative security thereof
JP5046165B2 (en) How to create a secure counter on an embedded system with a chip card
US7353209B1 (en) Releasing decrypted digital content to an authenticated path
US6854061B2 (en) Installing and controlling trial software
US6401206B1 (en) Method and apparatus for binding electronic impressions made by digital identities to documents
US5694569A (en) Method for protecting a volatile file using a single hash
US6263431B1 (en) Operating system bootstrap security mechanism
US7900050B2 (en) Digital document management system, digital document management method, and digital document management program
US5375240A (en) Information distribution system
US7134144B2 (en) Detecting and responding to a clock rollback in a digital rights management system on a computing device
JP3688356B2 (en) Licensee notification system
EP1236305B1 (en) Method for electronic storage and retrieval of authenticated original documents

Legal Events

Date Code Title Description
A621 Written request for application examination

Free format text: JAPANESE INTERMEDIATE CODE: A621

Effective date: 20040517

A977 Report on retrieval

Free format text: JAPANESE INTERMEDIATE CODE: A971007

Effective date: 20070222

A131 Notification of reasons for refusal

Free format text: JAPANESE INTERMEDIATE CODE: A131

Effective date: 20070327

A521 Written amendment

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20070528

TRDD Decision of grant or rejection written
A01 Written decision to grant a patent or to grant a registration (utility model)

Free format text: JAPANESE INTERMEDIATE CODE: A01

Effective date: 20071127

A61 First payment of annual fees (during grant procedure)

Free format text: JAPANESE INTERMEDIATE CODE: A61

Effective date: 20071127

R150 Certificate of patent (=grant) or registration of utility model

Free format text: JAPANESE INTERMEDIATE CODE: R150

FPAY Renewal fee payment (prs date is renewal date of database)

Free format text: PAYMENT UNTIL: 20101207

Year of fee payment: 3

FPAY Renewal fee payment (prs date is renewal date of database)

Free format text: PAYMENT UNTIL: 20101207

Year of fee payment: 3

FPAY Renewal fee payment (prs date is renewal date of database)

Free format text: PAYMENT UNTIL: 20111207

Year of fee payment: 4

FPAY Renewal fee payment (prs date is renewal date of database)

Free format text: PAYMENT UNTIL: 20111207

Year of fee payment: 4

FPAY Renewal fee payment (prs date is renewal date of database)

Free format text: PAYMENT UNTIL: 20121207

Year of fee payment: 5

FPAY Renewal fee payment (prs date is renewal date of database)

Free format text: PAYMENT UNTIL: 20131207

Year of fee payment: 6

LAPS Cancellation because of no payment of annual fees