JP4187285B2 - Authenticator grant method and authenticator grant device - Google Patents

Description

[0001]
BACKGROUND OF THE INVENTION
The present invention relates to an authenticator granting method and an authenticator granting device for granting an authenticator to data consisting of a plurality of processing unit data as used in CALS, for example.
[0002]
[Prior art]
In recent years, various types of information have been exchanged via a network such as the Internet. Such information exchange is generally performed via a large number of computers, so that information transmitted by a transmission source can be falsified by a computer that relays information. It is also possible to supply information that pretends the sender to the receiver via the network.
[0003]
For this reason, a technique called digital authentication or the like is used in order to enable transmission / reception of information in a form in which the sender can be confirmed. Hereinafter, an example of a digital signature technique currently used will be described with reference to FIGS. Of these diagrams, FIGS. 25 and 26 are flowcharts showing processing procedures performed on the data transmitting side and the receiving side, respectively. FIG. 27 is a diagram schematically showing processing performed on the transmission side and the reception side.
[0004]
As shown in FIGS. 25 and 27, on the information transmission side, a hash value of a predetermined length is first obtained by performing hash function processing (compression) on body data that is information to be transmitted (step S401). . Next, the hash value is encrypted using a secret key given to the sender, and an authenticator (digital authenticator) is generated (step S402). Then, the text data and the authenticator are transmitted to the communication partner (step S403).
[0005]
On the other hand, on the receiving side, as shown in FIGS. 26 and 27, first, the hash value of the text data included in the received data (text data + authenticator) is obtained (step S501). Next, the authenticator included in the received data is decrypted using the sender's public key (the sender makes it public by some means) (step S502). Then, the hash value of the body data and the decryption result of the authenticator are compared (step S503), and if both match (step S504; Y), the body data included in the received information is If it is determined that the data is from the sender (step S505) and they do not match (step S504; N), the text data is not information from the sender (if any alteration has been made) (Step S505).
[0006]
That is, in this technique, the sender (the data responsible source, the creator) is sent by sending the body data together with an authenticator that can be generated only by the sender himself (it can be generated only by using a secret key known only to the sender). Data transfer in a form that can be verified is realized.
[0007]
[Problems to be solved by the invention]
If the technique as described above is used, data can be transferred via the network in a form that guarantees the validity of the data. However, in recent years, in CALS, EDI, and the like that have come to be actively used, one piece of information is represented by a plurality of structural elements and their structural information (component elements and link information). Are distributed and stored in various places. If the above prior art is simply applied to such structured information, the location of the information and the person in charge will be unclear.
[0008]
Therefore, an object of the present invention is to provide an authenticator granting method and apparatus that can easily manage data consisting of a plurality of processing unit data, such as those used in CALS.
[0009]
[Means for Solving the Problems]
In order to solve the above-described problem, in the authenticator granting method according to the present invention, a security level setting step for setting a security level corresponding to the content of each of a plurality of processing unit data constituting the processing target data, and this security Group authenticator grant step for recognizing several sets each including some of a plurality of processing unit data based on the security level set in the level setting step and assigning a digital authenticator to each recognized set And adopt.
[0010]
When performing the authenticator assigning method according to the present invention, an authenticator assigning step of assigning an authenticator to each processing unit data of the processing target data may also be executed.
Further, the authenticator granting method according to the present invention uses, as processing unit data, structured information having structural information including structural element identification information and link information and structural elements identified by the structural element identification information as processing unit data. The authenticator assigning step can be a step of assigning an authenticator to information consisting of several components and structural information included in the structured information.
[0011]
Further, as processing unit data, structured information including structural information composed of structural element identification information and link information, structural elements identified by the structural element identification information, and version management information is processed data, and group authentication is performed. The child granting step may be a step of granting an authenticator to a set including the changed component and version number management information included in the structured information.
[0012]
Furthermore, as processing unit data, a structured information including structural information including structural element identification information and link information, structural elements identified by the structural element identification information, change history management information, and difference information of the modified structural elements The information may be processing target data, and the group authenticator grant step may be a step of assigning an authenticator to a set of some difference information and change history management information included in the structured information. .
[0013]
And, as processing unit data, structured information including structural element identification information and link information, structural element identified by the structural element identification information, and location management information indicating the location of the structural element on the network Can be set as processing target data, and the group authenticator granting step can be a step of assigning an authenticator to the set including the location management information of the structured information.
[0014]
In order to solve the above problems, in the present invention, security level setting means for setting a security level corresponding to the content of each of a plurality of processing unit data constituting processing target data, and the security level setting means And a group authenticator providing means for recognizing several sets each including some of a plurality of processing unit data and assigning a digital authenticator to each recognized set based on the security level set by Configure the authenticator assigning device.
[0015]
When configuring the authenticator assigning apparatus of the present invention, authenticator assigning means for assigning an authenticator to each processing unit data of the processing target data can be added.
[0016]
DETAILED DESCRIPTION OF THE INVENTION
Hereinafter, an embodiment of the present invention will be specifically described with reference to the drawings.
FIG. 1 shows a schematic configuration of an authenticator providing apparatus according to an embodiment of the present invention. As shown in the figure, the authenticator assigning device connects an authentication PC card 15 to a computer having a CPU 25, a ROM 26, a RAM 27, an interface circuit 28, a magneto-optical disk device 12, and a communication control unit 13. The configuration is as follows.
[0017]
The authentication PC card 15 includes a tamper-free clock 21 and an authenticator generation unit 22. The authenticator generation unit 22 includes a hash function processing unit 23 and an encryption unit 24. The hash function processing unit 23 outputs a result of performing hash function processing on the input data. That is, data of a predetermined size (hereinafter referred to as a hash value) obtained by compressing the input data by a predetermined procedure is output. Prior to the operation, the encryption unit 24 encrypts the hash value output from the hash function processing unit 23 using the secret key given from the control unit 11, and outputs the result as an authenticator. The authenticator generation unit 22 (hash function processing unit 23 and encryption unit 24) is realized by a CPU and its peripheral circuits. The CPU determines whether the data in the magneto-optical disk medium (hereinafter referred to as MO) set in the magneto-optical disk device 12 or the data received by the communication control unit 13 is valid. It is programmed to have a function of making a determination (details will be described later).
[0018]
Hereinafter, the operation of the authenticator assigning device will be specifically described. In addition, since the authenticator granting apparatus of the embodiment is provided with an operation mode used when structured information is targeted and an operation mode targeted for other general information, here, First, the latter operation mode will be described.
[0019]
First, the outline of the data storage operation of the authenticator assigning apparatus in the latter operation mode will be described with reference to FIG. When instructed to store data, the authenticator assigning apparatus automatically generates history information indicating what kind of processing the data is generated. Further, an authenticator is generated from the data and the history information. Then, as shown in the figure, the data instructed to be stored is stored in the magneto-optical disk device 12 (inside MO) together with history information and an authenticator. In principle, an MO in which a medium ID is written in a predetermined area is set in the magneto-optical disk device 11 provided in the authenticator providing device.
[0020]
Hereinafter, the data storage operation by the authenticator assigning device will be described in more detail by dividing it into a storage operation for newly created data and a re-storage operation for existing data.
[0021]
FIG. 3 shows the flow of operation when the authenticator assigning apparatus stores new data. As shown in the figure, when instructed to save newly created data, the control unit 11 identifies the creator (user ID) of the creator of the data instructed to save (hereinafter referred to as data to be saved). The medium ID of the MO set in the magneto-optical disk device 12 and the identification information of the MO are acquired, and information for history information including each acquired data and information indicating that the storage target data is new data is obtained. Create (step S101). Then, the control unit 11 supplies the storage target data and history information information to the authentication PC card 15 (step S102).
[0022]
The authentication PC card 15 supplies the storage target data and history information information supplied from the control unit 11 to the authenticator generation unit 22, and further outputs the output (time information) of the tamper-free clock 21 at that time point. This is supplied to the authenticator generation unit 22 (step S103). Then, the authenticator generating unit 22 generates an authenticator based on the input information, and supplies the time information supplied to the authenticator generating unit 22 and the authenticator generated by the authenticator generating unit 22 to the control unit 11. (Step S104).
[0023]
More specifically, the CPU in the authentication PC card 15 sequentially supplies the information given from the control unit 11 to the hash function processing unit 23 in the authenticator generation unit 22 in step S103. Then, after supplying all the information, the CPU causes the hash function processing unit 23 to output the hash value and causes the encryption unit 24 to encrypt the hash value in step S104. Next, the time information supplied to the hash function processing unit 23 and the authenticator that is the result of encryption by the encryption unit 24 of the hash value are supplied to the control unit 11.
[0024]
Upon receiving the supply of the time information and the authenticator, the control unit 11 converts the storage target data into the history information including the history information information and the time information (with the time information added to the history information information) and the authenticator together with the optical information. The data is stored in the magnetic disk device 12 (step S105).
[0025]
Next, as an example of the saving operation for the existing data, the operation when re-saving the existing data after updating the existing data will be described with reference to FIGS.
As described above, in this authenticator assigning device, newly created data is stored in the MO in the form as shown in FIG. When the storage is instructed after the contents are updated for this data, it is schematically shown in FIG. 3B in the step corresponding to step S101 in FIG. In addition, the updated data and the history information attached to the original data are treated as storage target data. Further, as the history information information, information including information indicating update data is created, not information indicating that the data to be stored is new data. After that, processing corresponding to steps S102 to S105 is performed, and as shown in FIG. 3C, it is composed of updated data, newly created history information, and updated history information. History information and an authenticator obtained from the history information are stored in the MO.
[0026]
In addition, there are other operations for storing existing data in response to copying and moving instructions. In the former case, the data to be stored is copied as history information information in a step corresponding to step S101. The information including the information indicating that the data is stored is created. In the latter case, information including information indicating that the data to be saved is data that has been moved is created as history information information. After storing the data in the MO, the original data is stored in the MO. Is erased from
[0027]
Next, the operation at the time of data transmission of the authenticator providing apparatus will be described with reference to FIG. The flow shown in this figure is started when the user inputs information specifying the transmission destination, identification information of some data to be transmitted to the transmission destination, and the like to the apparatus.
[0028]
Upon receiving such an input, as shown in the figure, the control unit 11 first reads one or more stored data (data consisting of data, history information, and an authenticator) instructed to be transmitted from the MO (Step S1). S201). Next, the control unit 11 recognizes the user ID and the like of the person who instructed the transmission, and transmits the combination of the user ID and the identification information of the stored data instructed to transmit, the transmission source identification information, the transmission destination identification information, and the like. History information information is created (step S202). Next, the authenticator of each read stored data and the created transmission information information are supplied to the authentication PC card 15 (step S203).
[0029]
The authentication PC card 15 supplies the authenticator, the transmission history information information, and the output (time information) of the tamper-free clock 21 at that time (time information) supplied from the controller 11 to the authenticator generator 22 (step S204). . Then, the authenticator generating unit 22 generates an authenticator based on the input information, and supplies the time information supplied to the authenticator generating unit 22 and the authenticator generated by the authenticator generating unit 22 to the control unit 11. (Step S205).
[0030]
Upon receiving the supply of the time information and the authenticator, the control unit 11 sends the stored data instructed to be transmitted to the transmission destination together with the transmission history information in which the time information is added to the transmission history information information and the authenticator. Next, the communication control unit 13 is controlled (step S206). Then, after confirming that the transmission has been completed normally, the transmission history information and the authenticator are stored in the magneto-optical disk device (step S207), and the process is terminated.
[0031]
On the other hand, in the authenticator granting apparatus existing at the transmission destination that receives the data transmitted in step S206, the data is processed in the procedure shown in FIG.
First, the control unit 11 supplies the authenticator except the last authenticator and the transmission history information included in the received data to the authentication PC card 15 (step S301). The authentication PC card 15 obtains a hash value of the supplied information (step S302). Thereafter, the control unit 11 supplies the authenticator included at the end of the received data to the authentication PC card 15 (step S303). The authentication PC card 15 decrypts the authenticator with the sender's public key (step S304), compares the decryption result with the hash value, and sends information indicating whether or not they match to the control unit 11. In response, the data is output (step S305).
[0032]
When information indicating that the two do not match is input (step S306; N), the control unit 11 processes the received data as falsified data (step S307). Specifically, the user is notified that the falsification data has been received, and then operates according to the user's instruction content. On the other hand, when information indicating that they do not match is input (step S306; N), the control unit 11 stores the received data in the magneto-optical disk device 12 (step S308), and ends the processing. To do.
[0033]
The authenticator assigning apparatus is also configured so that the processing described with reference to FIG. 4 can be executed without accompanying data transmission. Specifically, when the execution of the processing is instructed, the control unit 11 determines the source and destination identification information based on the identification information of the plurality of stored data input by the user in the step corresponding to step S202. Information equivalent to information for transmission history information not included (hereinafter referred to as grouping history information information) is created. In steps corresponding to steps S203 to S205, the control unit 11 or the authentication PC card 15 performs processing using the grouping history information information instead of the transmission history information information. Thereafter, in step S206, the control unit 11 stores the grouping history information, which is information obtained by adding time information to the grouping history information information, and the authenticator in the magneto-optical disk device.
[0034]
As described above, in this authenticator granting device, when some processing is performed and data is stored in the MO, information indicating the content of the processing, information indicating the person in charge of the processing, history information including processing time, and the like The authenticator obtained from the data and history information is also stored in the MO. For this reason, it is possible to realize data transfer in such a manner that the source of information and the like can be specified.
[0035]
Next, the operation of the authenticator providing apparatus when structured information is targeted will be described. That is, information distributed on the network for the structured document (SGML document), the design information management system and the contractor integrated technical information service system as illustrated in FIGS. The operation of the authenticator assigning device in the case of targeting information including components that are hierarchized such as a database will be described. When the structured information is targeted, normally, a large number of devices having functions equivalent to those of the authenticator assigning device of the embodiment are connected via a communication line such as a LAN, as shown in FIG. A system of this form is constructed. In the figure, the CALS / EDI server, “Materials / Purchase”, “Design / Technology”, etc. blocks correspond to the authenticator assigning apparatus of the embodiment, and each apparatus is schematically shown in the figure. Functions (workflow management function, quotation ordering function, etc.) as shown in FIG.
[0036]
When structured information is targeted, as shown in FIG. 8, first, each object constituting structured information (technical information such as CAD / CAM, resource information about people and organizations, slips, etc.) In the business information), security levels Lo0 to Lon corresponding to the function / confidential level of the object are set. At this time, security levels La0 to Lan relating to access authority are also set. Thereafter, a process of updating the contents of the management information table (see FIG. 9), which is a table for storing configuration information, change information, security level, and the like, for the target figure number / code, in accordance with the contents of the processing performed. Done.
[0037]
When any update is performed, objects (including change information and management information (configuration / version number / change)) are grouped based on the contents (security level, version number level) of the management information table, and each group An authenticator for is generated, and further, an authenticator for all groups is also generated. The grouping is performed by sequentially searching for an object whose security level is equal to or lower than the target security level and whose version number level is the target version number level, by sequentially changing the target security level and the target version number level. That is, grouping is performed in a form in which objects belonging to a plurality of groups exist (if version number management is not performed, grouping is performed using only the security level). Then, authenticators (hereinafter referred to as “stereoscopic digital authenticators”) generated for a plurality of objects belonging to each group are stored in the stereoscopic digital authenticator table in the form schematically shown in FIG.
[0038]
That is, in the system using this apparatus, as schematically shown in FIG. 11, the information generated or updated by the workflow management function, the estimated ordering function, etc. Held in.
[0039]
As described above, according to the authenticator assigning device of the embodiment, for example, as schematically shown in FIG. 12, three-dimensional digital authentication for a group in which structural elements constituting structured information are combined in various forms. A child and a three-dimensional digital authenticator for all groups are generated and stored. The three-dimensional digital authenticator is generated according to the version number according to the security level as schematically shown in FIGS. 13 and 14 or FIGS. 15 and 16.
[0040]
More specifically, for the structured information shown in FIG. 17, with respect to the security level L1 and the version number V01, a group consisting of constituent elements and configuration management information shown in bold lines in FIG. A three-dimensional digital authenticator for the group shown in FIG. Then, with respect to the version numbers V02 and V03, a three-dimensional digital authenticator is generated for the groups as illustrated in FIGS. 21B and 21C, respectively.
[0041]
As for the security level L2 and the version number V01, as schematically shown in FIG. 19 and FIG. 22, a three-dimensional digital authenticator is generated for information consisting of components having a security level of L2 or lower and configuration management information. As for the security level L3 and the version number V01, as schematically shown in FIGS. 20 and 23, a three-dimensional digital authenticator is generated for information consisting of components having a security level of L3 or lower and configuration management information.
[0042]
As described above, according to the authenticator assigning apparatus of the embodiment, since the authenticator is assigned for each security level, the contents of the medium storing the object (drawing / slip, part of document, etc.) and the contents of the database are appropriate. When it has been tampered with by someone who does not have the necessary access authority, or when a virus has entered it, this can be easily detected.
[0043]
In addition, the authenticity of time-series change history / object data / security level (access authority / access target) can be easily guaranteed. In addition, since master management can be easily performed, it is possible to guarantee the guarantee / uniqueness of time-series information when managed in a distributed manner on a network or when managed by different portable media. . In addition, when authenticating an object, if the authentication is performed with the three-dimensional digital authenticator related to the object, the validity of other objects can be confirmed at the same time. Can process structured information. Also, if the management information is falsified for some reason, it can be easily found.
[0044]
Note that the authenticator assigning apparatus of the embodiment is an apparatus that assigns an authenticator to all data, but the apparatus may be configured to assign an authenticator only to data specified by the user. Is natural. Furthermore, using a secure PC card having a function of encrypting data in the authentication PC card 15, as schematically shown in FIG. 24, the text whose contents are not desired to be read is converted into cipher text, The summary and fee that may be transferred to the network and the contents may be read are kept in plain text, but for areas where it is desirable to be able to verify the presence or absence of tampering, an authenticator should be added to the network. Of course, it is okay.
[0045]
In addition, the authenticator providing device of the embodiment is a device including a magneto-optical disk device, but other devices such as a hard disk device and a floppy disk device are employed as devices for storing information. Of course, it is okay.
[0046]
【The invention's effect】
According to the authenticator assigning method and apparatus of the present invention, so-called structured information can be easily managed.
[Brief description of the drawings]
FIG. 1 is a schematic configuration diagram of an authenticator providing apparatus according to an embodiment of the present invention.
FIG. 2 is a flowchart showing an operation procedure when storing new data in the authenticator providing apparatus of the embodiment.
FIG. 3 is an explanatory diagram of a procedure for re-storing updated data by the authenticator providing apparatus of the embodiment.
FIG. 4 is a flowchart showing an operation procedure at the time of data transmission of the authenticator providing apparatus of the embodiment.
FIG. 5 is a flowchart showing an operation procedure when data is received by the authenticator providing apparatus of the embodiment.
FIG. 6 is an explanatory diagram of information (distributed DB) distributed on a network.
FIG. 7 is a diagram illustrating an example of a system configured based on the authenticator providing device of the embodiment.
FIG. 8 is an explanatory diagram of an operation of the authenticator providing apparatus of the embodiment.
FIG. 9 is an explanatory diagram of a management information table.
FIG. 10 is an explanatory diagram of a stereoscopic digital authenticator management table.
FIG. 11 is an explanatory diagram of a usage form of a three-dimensional digital authenticator in a system for structured information formed based on the authenticator providing apparatus of the embodiment.
FIG. 12 is an explanatory diagram of an authenticator assignment form that can be realized by the authenticator assignment device of the embodiment.
FIG. 13 is an explanatory diagram of an example of assigning an authenticator for change management;
FIG. 14 is an explanatory diagram of an example of assigning an authenticator for change management;
FIG. 15 is an explanatory diagram of an authenticator assignment form that can be realized by the authenticator assignment device of the embodiment;
FIG. 16 is an explanatory diagram of an authenticator assignment form that can be realized by the authenticator assignment device of the embodiment;
FIG. 17 is an explanatory diagram of an authenticator assignment form that can be realized by the authenticator assignment device of the embodiment;
FIG. 18 is an explanatory diagram of an authenticator assignment form that can be realized by the authenticator assignment device of the embodiment.
FIG. 19 is an explanatory diagram of an authenticator assignment form that can be realized by the authenticator assignment device of the embodiment;
FIG. 20 is an explanatory diagram of an authentication code granting mode that can be realized by the authentication code granting apparatus according to the embodiment.
FIG. 21 is an explanatory diagram of an authentication code grant form that can be realized by the authenticator grant apparatus of the embodiment.
FIG. 22 is an explanatory diagram of an authenticator assignment form that can be realized by the authenticator assignment device of the embodiment;
FIG. 23 is an explanatory diagram of an authenticator assignment form that can be realized by the authenticator assignment device of the embodiment.
FIG. 24 is an explanatory diagram of a document concealment / signature processing concept in an upper layer.
FIG. 25 is a flowchart showing a processing procedure on the transmission side during data communication using the digital signature technique.
FIG. 26 is a flowchart showing a processing procedure on the receiving side during data communication using the digital signature technique.
FIG. 27 is an explanatory diagram showing a data communication procedure using a digital signature technique.
[Explanation of symbols]
11 Control unit
12 Magneto-optical disk unit
13 Communication control unit
15 PC card for authentication
21 tamper-free watch
22 Authentication code generator
23 Hash function processor
24 Encryption section

Claims (8)

Security level setting means for setting a security level corresponding to the content of each of the plurality of processing unit data constituting the processing target data;
Based on the security level set by the security level setting means, for each security level, a set of processing unit data that is lower than the security level is recognized, and each recognized set relates to a plurality of processing unit data belonging to the set. An authenticator assigning device comprising: a group authenticator assigning means for assigning a digital authenticator.   The authenticator granting device according to claim 1, further comprising authenticator granting means for granting an authenticator to each processing unit data of the processing target data. The processing target data is structured information having, as processing unit data, structural information including structural element identification information and link information, and structural elements identified by the structural element identification information,
3. The authenticator according to claim 1 or 2, wherein the authenticator assigning unit assigns an authenticator to information including several components included in the structured information and the structural information. Granting device. The processing target data is structured information having, as processing unit data, structural information including structural element identification information and link information, a structural element identified by the structural element identification information, and version number management information,
3. The group authenticator assigning unit assigns an authenticator to a set including the changed component and the version number management information included in the structured information. The authenticator assigning device described. The processing target data includes, as processing unit data, structural information including component identification information and link information, a component identified by the component identification information, change history management information, and a difference between the changed components Structured information with information,
2. The group authenticator assigning unit assigns an authenticator to a set of some difference information and the change history management information included in the structured information. 2. The authenticator assigning device according to 2. The processing target data includes, as processing unit data, structural information including component identification information and link information, a component identified by the component identification information, and location management information indicating the location of the component on the network Structured information having
3. The authenticator assigning apparatus according to claim 1, wherein the group authenticator assigning unit assigns an authenticator to a set including the location management information of the structured information. An authenticator grant method used for a computer having a security level setting means and a group authenticator grant means,
A security level setting step in which the security level setting means sets a security level corresponding to the content of each of the plurality of processing unit data constituting the processing target data;
The group authenticator granting unit recognizes a set of processing unit data that is equal to or lower than the security level for each security level based on the security level set by the security level setting unit, and sets the set for each recognized set. A group authenticator granting step for granting a digital authenticator for a plurality of processing unit data belonging to
An authenticator assigning method comprising: providing an authenticator.   8. The authenticator granting method according to claim 7, further comprising an authenticator granting step in which the group authenticator granting unit grants an authenticator to each processing unit data of the processing target data. .

Images