JP4746993B2 - Information processing apparatus, security system, writing destination switching method, program - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide an information processor capable of ensuring security even when taken outside. <P>SOLUTION: The information processor includes an arithmetic unit, a volatile main storage device, and a nonvolatile auxiliary storage device. The arithmetic unit includes a switch command accepting means for accepting the input of a switch command for switching a write destination for information, and a write switching means for switching between the main storage device and the auxiliary storage device the write destination of the information processed in the arithmetic unit according to the switch command accepted. <P>COPYRIGHT: (C)2007,JPO&amp;INPIT

Description

  The present invention relates to an information processing apparatus, and more particularly, to an information processing apparatus capable of switching whether to write to a built-in storage device.

  In recent years, there are increasing opportunities to use information processing terminals such as personal computers in field work outside the company. For example, communication devices and various control devices are equipped with functions for checking operations and changing settings using information devices such as personal computers. Workers connect personal computers that they carry to user devices and networks. Proceed with tasks such as setting up. In such setting work, there are increasing situations where information is acquired from websites on the Internet and used for the work.

  Moreover, in the external business, there are many cases where business is performed using predetermined software due to the sophistication of services, and the opportunity to carry a personal computer outside the office has increased remarkably.

JP-A-6-12245

  However, as information processing terminals such as personal computers described above are increasingly carried outside, security problems are also becoming apparent. For example, if a computer taken outside the company is misplaced or stolen, there may be a problem that the stored information assets are leaked to the outside due to the operation of the computer by a third party. . There may also be a problem that a personal computer carried by a worker working outside the company becomes a medium and spreads an electronic virus. Specifically, a computer taken outside the company was infected with an electronic virus from an external computer, etc., and later used inside the company to spread the electronic virus inside the company. There may be a problem of infecting external devices and computers with electronic viruses.

  In this way, information processing terminals used inside the company are taken out of the company, and information leakage occurs due to loss of a personal computer that stores user device information, personal information, company confidential information, etc. Or a virus-infected computer may adversely affect various devices or other computers, resulting in a decline in the social credibility of the company to which the worker belongs. .

  In addition, the said patent document 1 exists as a technique relevant to the said problem. Patent Document 1 discloses a technique in which an operating system and software are stored in a ROM of an information processing terminal, and each program is read from the information processing terminal to use the information processing terminal. However, such a technique is intended to enable high-speed activation without installing an operating system or software from an external storage device, and the above-described problems may still occur. That is, since a hard disk drive or floppy disk drive is installed to perform other operations on such terminals, information from electronic virus infection from such storage devices or misplacement on the go Problems such as leakage can occur.

  Therefore, an object of the present invention is to provide an information processing apparatus that can ensure security even when taken outside.

Therefore, an information processing apparatus according to an aspect of the present invention is
An information processing apparatus comprising an arithmetic device, a volatile main storage device, and a nonvolatile auxiliary storage device,
The computing device includes a switching command accepting unit that accepts an input of a switching command for switching an information writing destination, and a writing destination of information processed in the computing device in accordance with the accepted switching command. Write switching means for switching between,
It is characterized by having.

  The write switching means is characterized in that when the main storage device is set as a write destination, the information write destination is switched to the auxiliary storage device when a switching command is input. In addition, the information processing apparatus is provided with initial setting starting means for setting the information writing destination in the main storage device and starting the information processing apparatus when the information processing apparatus is not started when the switching command is not received.

  According to the above-described invention, when the information processing apparatus is used, since the main storage apparatus is normally started in a state where the write destination is set, data is written to the main storage apparatus, and the auxiliary storage apparatus It is in a state where writing to is restricted. On the other hand, by inputting a switching command, the data write destination is switched to the auxiliary storage device. Therefore, unless a switching command is input, the data write destination of the data processed by the information processing apparatus is set in the volatile main storage device, so that data is prevented from being stored in the information processing apparatus. . As a result, even when the information processing apparatus is taken outside, personal information, confidential information, and the like are not stored. Therefore, leakage of such important information can be suppressed, and an information processing apparatus with high security can be realized. Further, during normal use, the processing data is stored in the volatile main storage device, so there is no inconvenience in using the information processing device. Furthermore, by changing the setting of the information processing apparatus or adding an application only by switching the writing destination to the auxiliary storage device, such a change can be easily performed, and the convenience of the user is improved. be able to.

  The information processing apparatus is detachable and includes an interface unit such as a USB port to which a storage medium storing a switching command can be mounted. The switching command receiving means receives a switching command from the storage medium mounted on the interface unit. It is characterized by receiving the input of the switching command by reading.

  As a result, data can be written to the auxiliary storage device only when a removable storage medium for inputting a switching command is attached, so that only those who have such a storage medium can transfer data to the auxiliary storage device. Writing becomes possible, and further security can be improved. Further, the use of a removable storage medium facilitates the switching operation of the writing destination.

In addition, the arithmetic device reads the medium-side user authentication data stored in advance in the storage medium from the storage medium attached to the interface unit, receives user authentication data input by the user, and based on these Authentication means for performing authentication,
The write switching means operates when authentication is successful.
It is characterized by that.

  As a result, it is possible to authenticate whether or not the storage medium storing the switching command for switching the data writing destination is used by a person having a legitimate title, and the writing destination can be switched only when the authentication is successful. Therefore, the security can be further improved.

In addition, a storage medium according to another embodiment of the present invention is
A storage medium that is detachable from an information processing device including an arithmetic device, a volatile main storage device, and a nonvolatile auxiliary storage device,
Stored a switching instruction to switch between a main storage device and an auxiliary storage device to which information is read when attached to the information processing device and processed in the arithmetic device in the information processing device,
It is characterized by that.

  The switching command instructs the information processing device to switch the information writing destination to the auxiliary storage device when the switching command is input when the main storage device is set as the writing destination in the information processing device. It is characterized by being information. The storage medium is, for example, a USB memory.

  The present invention also provides a security system including the above-described information processing apparatus and a storage medium.

Furthermore, the write destination switching method according to another aspect of the present invention is:
A write destination switching method by an information processing device including an arithmetic device, a volatile main storage device, and a nonvolatile auxiliary storage device,
A switching command receiving step in which the arithmetic device accepts an input of a switching command for switching the write destination, and a write destination of information processed in the arithmetic device in accordance with the received switching command between the main storage device and the auxiliary storage device A write switching process to be switched with,
It is characterized by having.

And the arithmetic unit has a write destination initial setting step of setting the main storage device as the write destination before the switching command receiving step,
The writing switching step switches the auxiliary storage device to the writing destination when receiving the switching command in the switching command receiving step.
It is characterized by that.

  In addition, the arithmetic device includes a write destination resetting step of setting the information write destination in the information processing device to the main storage device and restarting after the write switching step.

  The switching command receiving step is characterized in that an input of the switching command is received by reading the switching command stored in the storage medium from a storage medium detachably attached to the information processing apparatus.

Further, the arithmetic device reads the medium-side user authentication data stored in advance in the storage medium at least before the write switching step, and accepts the user authentication data input to the information processing device by the user. An authentication process for performing user authentication based on
The write switching process is activated when authentication is successful.
It is characterized by that.

Moreover, the program which is the other form of this invention is:
In an information processing apparatus comprising an arithmetic device, a volatile main storage device, and a nonvolatile auxiliary storage device,
A switching command receiving step for receiving an input of a switching command for switching the writing destination, and a write switching for switching a writing destination of information processed in the arithmetic device according to the received switching command between the main storage device and the auxiliary storage device. Process,
Is a program for executing

  Furthermore, the program according to the present invention is a program for realizing each unit in the information processing apparatus described above, and is a program for causing the arithmetic apparatus to execute each process.

  Even the storage medium, the security system, the method, and the program configured as described above operate in the same manner as the information processing apparatus, so that the object of the present invention described above can be achieved.

  Since the present invention is configured and functions as described above, according to this, in accordance with the input of the switching command, the data write destination in the information processing apparatus is a volatile main storage device or a nonvolatile auxiliary storage device. Therefore, it is possible to prevent storage of personal information, confidential information, and the like for the information processing apparatus. As a result, it is possible to suppress leakage of important information when away from home and to realize an information processing apparatus with high security. Even when writing to the auxiliary storage device is impossible, the processing data is stored in the volatile main storage device, so that no inconvenience occurs during normal use of the information processing device. Furthermore, such a change can be easily made by switching the writing destination to the auxiliary storage device only when changing the setting of the information processing apparatus or adding an application. Therefore, it has an unprecedented excellent effect that the convenience of the user can be improved while ensuring high security.

  The present invention is characterized in that the processing data write destination in the information processing apparatus is switched between a main storage device and an auxiliary storage device. Hereinafter, the configuration and operation will be described in detail in Examples. In the embodiment, a notebook personal computer will be described as an example of the information processing apparatus, and a USB key (USB memory) will be described as an example of a storage medium that can be attached to and detached from the computer. Both the information processing apparatus and the storage medium are not limited to those described above.

  A first embodiment of the present invention will be described with reference to FIGS. FIG. 1 is an external view showing a security system according to the present invention, and FIG. 2 shows a configuration of a computer. FIG. 3 shows an example of data stored in the USB key, and FIG. 4 shows an example of data stored in the auxiliary storage device of the computer. FIG. 5 is a functional block diagram showing the configuration of the computer. 6 to 8 are explanatory diagrams showing the operation of the security system.

[Constitution]
As shown in FIG. 1, the security system according to the present invention includes a computer 1 and a USB key 2 attached to and detached from the computer 1. Then, by using the USB key 2, the system can control on / off of a write restriction function (write emulation function) for a storage device built in the computer 1. The details will be described below.

  First, the computer 1 is a general notebook personal computer. Then, as shown in FIG. 2 (or FIG. 5), there are a CPU (1A) which is an arithmetic unit and a RAM (1B) which is a volatile main storage device whose data is erased when the power is turned off. And a flash memory (1C) that is a nonvolatile auxiliary storage device that retains data even when the power is turned off. The flash memory 1C may be a hard disk. Further, as shown in FIG. 5, the computer 1 is equipped with a USB port 1D (interface unit) into which the USB key 2 is inserted (attached).

  Then, by incorporating a predetermined program into the CPU (1A), as shown in FIG. 5, an external memory reading processing unit 11, a user authentication processing unit 12, and a write switching processing unit 13 are constructed. Is done. As shown in FIG. 2, the CPU (1A) has a file system 17 (operating system: OS) stored in the flash memory 1B and a driver 18 (relay software) that relays the OS and hardware. It is read and executed. The write switching processing unit 13 is realized, for example, by executing the driver 18. Here, each said process part 11-13 is explained in full detail.

  The external memory reading processing unit 11 (switch command receiving means) has a function of reading data stored in the USB key 2. Specifically, as described later, the USB key 2 stores control software 21 that issues a switching command and user authentication data 22 (medium-side user authentication data), which are stored in the CPU (1A). ). Then, the control software is executed in the CPU (1A), and the user ID and password which are the medium side user authentication data 22 are notified to the user authentication processing unit 12. Note that a switching command issued from the control software is notified to the write switching processing unit 13 when user authentication described later is successful. As described above, the external memory reading processing unit 11 has a function of receiving the switching command information, which is a command for switching the information writing destination in the computer 1, from the USB key 2 via the USB port 1D.

  Next, as described above, the user authentication processing unit 12 (authentication unit) refers to the user ID and password stored in the USB key 2, and the authenticator who owns the USB key 2 determines the right of origin. It has a function of authenticating whether or not it is a person who has. For example, an ID and a password (user authentication data) input from the user to the computer 1 via an input device such as a keyboard are received, and the ID and password read from the USB key 2 (for medium-side user authentication) Data 22) is authenticated. Then, when the authentication result is successful, the control software works to activate the write switching processing unit 13. That is, the control software issues the switching command information, and the writing switching processing unit 13 receives this switching command.

  The user ID and password (device-side user authentication data) corresponding to the user ID and password stored in the USB key 2 are stored in advance in the user authentication data storage unit 14 of the flash memory 1B. The ID and password read out from the USB key 2 may be authenticated. Furthermore, authentication may be performed based on all the above-described authentication data such as data stored in the USB key 2, data stored in the computer 1, and data input by the user.

  The write switching processing unit 13 (write switching means) switches the write destination of data processed in the arithmetic device between the RAM (1C) and the flash memory 1B in response to the received switching command. Specifically, when the USB key 2 is not attached and no switching command is input, the write switching processing unit 13 stores the RAM (1C) in the data write destination as indicated by an arrow Y2 in FIG. Set as. When the USB key 2 is not attached to the computer 1, the RAM (1C) is always the write destination. At this time, the flash memory 1 is read-only (see arrow Y1 in FIG. 2), and the above-described write emulation function is in an on state.

  On the other hand, when the USB key 2 is attached, the write switching processing unit 13 is in a state where the authentication is successful and the switching command is input as described above (see arrow Y3), the data write destination is the RAM (1C). To the flash memory 1B (switched from the arrow Y2 to Y4 in FIG. 2). That is, the write emulation function is released. Specifically, when a switching command is input, the flash memory 1B is set as a data write destination, and the computer 1 is automatically restarted. Furthermore, the write switching processing unit 13 switches the data write destination back to the RAM (1C) when it is restarted regardless of whether or not the USB key 2 is removed from the computer 1 (initial setting). Setting activation means). That is, the write emulation function is turned on again.

  As described above, the computer 1 can write data to the flash memory 1B only when the USB key 2 is attached (the write emulation function is off), and when the USB key 2 is removed, FIG. As indicated by the arrow Y1, the flash memory 1 is read-only, and the processed data is stored only in the RAM (1C) (the write emulation function is on).

  As shown in FIG. 4, the flash memory 1B includes an OS storage unit 15 in which an OS program is stored, and an application storage unit 16 in which various application programs are stored. These programs can be read at any time. However, as described above, for the upgrade and storage of other data (such as new installation) in the flash memory 1B, the USB key 2 is attached and the write emulation function is installed. You can't do it without turning it off.

  Next, the USB key 2 will be described. As shown in FIG. 3, the USB key 2 is a storage medium that includes a nonvolatile flash memory 20 and can be attached to the USB port 1 </ b> D of the computer 1. The USB key 2 is possessed by an administrator who maintains and manages the computer 1. For example, the administrator installs a predetermined application in the computer 1 or changes a setting. That is, it can be a user who has a legitimate authority to operate the computer 1.

  The flash memory 20 inside the USB key 2 stores control software 21 including a switching command read by the computer 1 as described above. Further, medium side user authentication data 22 such as an ID and a password for authenticating the user is stored. The area in which the control software 21 and the medium-side user authentication data 22 are stored is a secret area, cannot be accessed, and data cannot be rewritten. The flash memory 20 is also formed with a normal memory area 23 capable of storing various data.

[Operation]
Next, operations when the above-described security system, that is, the computer 1 and the USB key 2 are used will be described with reference to FIGS. FIG. 6 is an explanatory diagram showing the operation during the setting work for the computer 1, and FIG. 7 is a flowchart thereof. FIG. 8 is a flowchart showing the operation of the computer 1.

  First, the computer 1 is in a state where writing to the flash memory 1B is restricted (write emulation function is on) since the power is turned on (write destination initial setting step). Accordingly, work such as installation of a new application that involves writing to the flash memory 1B cannot be executed by the user A. Therefore, if the user A desires to change the settings of the computer 1, such a computer is used. Bring the computer 1 to the administrator B who has the USB key 2 corresponding to 1 and request the setting change (see FIG. 6A, step S1 in FIG. 7). The setting change of the computer 1 includes OS version upgrade, installation of a new application, environment setting such as communication, and the like.

  Here, when changing the setting of the computer 1, the administrator B can be a user of the computer 1. That is, it has the right to change the settings for the computer 1 and has the correct user ID and password.

  Then, the administrator B who has received the computer 1 takes out the USB key 2 being managed, enables writing to the flash memory 1B of the computer 1 using the USB key 2, and performs setting change work (FIG. 7). Step S2). The operation of the computer 1 at this time will be described with reference to FIG.

  First, when the USB key 2 is inserted into the USB port 1D of the computer 1 (Yes in step S11), the computer 1 reads the control software from the USB key 2 (step S12, switching command receiving step). At this time, the medium side user authentication data including the ID and password stored in the USB key together with the control software is read (step S13). Then, by requesting the administrator B to input the ID and password, the input of the ID and password is accepted from the administrator B (step S14). Thereafter, authentication is performed based on the ID and password stored in the USB key and the ID and password input by the administrator B (step S15, authentication step).

  If the authentication is successful (Yes in step S15), the control software is activated to issue a write destination switching command (step S16). When the write switching processing unit 13 receives this, the computer is restarted (step S17), the setting of the driver 18 that controls the write operation to the flash memory 1B and the RAM (1C) is changed, and the data write destination is changed. The computer 1 starts up in a state where the RAM (1C) is switched to the flash memory 1B (step S18, write switching step). That is, the write emulation function is turned off (released). Then, the administrator B performs operations such as OS version upgrade and various setting changes, and data associated with such operations is written to the flash memory 1B (see step S19, FIG. 6B).

  Thereafter, when the setting operation is completed, the administrator B removes the USB key 2 and stores the USB key 2 in a safe place (step S3 in FIG. 7). Then, the computer 1 is turned off and the computer 1 is returned to the user A. Thereafter, when the computer is started by the user A or by another person (step S20), the USB key 2 described above is not inserted at this stage, and the switching command is not input. The data write destination rises when the data is switched to the RAM (1C) (the write emulation function is on), and writing to the flash memory 1B is prohibited (step S21, write destination resetting step). As a result, the user A can safely use the computer 1 even if he / she takes the computer 1 outside (step S4 in FIG. 7).

  In this way, when the user A operates the normal computer 1, the write destination of the processed data is set in the volatile RAM (1 C), so that the data is stored in the computer 1. Saving is suppressed. As a result, even when the computer 1 is taken outside, personal information, confidential information, and the like are not stored. Therefore, leakage of such important information can be suppressed, and an information processing apparatus with high security can be realized. During such use, since the processing data is stored in the volatile RAM (1C), the computer can be operated without any inconvenience.

  On the other hand, when changing the setting of the computer 1 or adding an application, it is left to the administrator B so that only the administrator B having the USB key 2 can switch the data write destination to the flash memory 1B. Done. At this time, the use of the USB key 2 ensures security by managing one tangible object. Further, such a write switching setting operation can be easily performed.

  Here, the case where the administrator B possesses the USB key 2 has been exemplified above. However, the user A may possess the USB key 2 and change the setting by releasing the write emulation function of the computer 1.

  Next, an actual usage example of the computer 1 will be described with reference to FIGS. FIG. 9 is a block diagram showing a network configuration when the computer is taken out of the office. 10 to 13 are flowcharts showing the operation of the computer.

  The computer 1 having the above configuration is suitable for taking it out of the office and using it because data cannot be written into the nonvolatile flash memory 1B during normal use (the write emulation function is on). As shown in FIG. 9, when the user A is taken outside the company, the data server 61 installed in the in-house LAN 60 of the company to which the user A belongs is installed by attaching a communication device to the computer 1 and connecting it to the network N. Then, it is connected to a setting target device 30 that is set and operated using the computer 1, a mail server 40 that stores electronic mail, and a web server 50 that opens a website.

  Next, an operation when the computer 1 accesses the data server 61 will be described with reference to FIG. First, the user A turns on the computer 1 on the go. Then, the OS program is read from the flash memory 1B, and the OS is activated (step S21). At this time, the data write destination in the computer 1 is only the RAM (1C), and writing to the flash memory 1B is not possible (the write emulation function is on).

  Subsequently, the communication function of the OS is used, and the network N is accessed via a communication device equipped in the computer 1 (if it is not equipped, a communication card is inserted into a predetermined slot). The LAN 60 is accessed (step S22). At this time, data for user authentication is required when passing through the firewall 22 in the in-house LAN 20, or data for authentication is required when accessing the data server 21 or the user storage area. In response, the user A inputs a user ID and a password from the computer 1. Thereby, if the user authentication is successful, the data server 61 can be accessed (step S23).

  Then, the user A requests desired document data from the data server 61 (step S24). In response to this, the data server 61 reads the requested document data and transmits it to the computer 1. Then, the computer 1 acquires document data, and stores the acquired document data in the RAM (1C) (step S25).

  Thereafter, when the user A instructs the computer 1 to activate the document creation software on the OS to open the acquired document data, the document creation software is read from the flash memory 1B and the document creation software is activated. (Step S26). Then, the document data file is opened with such software and displayed on the display (step S27). Thereby, the user can confirm the content of the document data, or can present the content of the document data to the customer on the go. When the user edits the contents of the document data, the user inputs an editing instruction from a keyboard or the like, and the document data is changed on the RAM (1C) based on the editing instruction (step S27). The changed document data is stored on the RAM (1C). Then, the user can confirm the contents of the changed document data or can present the contents of the document data to the customer again.

  Thereafter, when the user desires to save the edited document data, the user cannot write to the flash memory 1B, and therefore transmits the document data to the data server 61 (step S28). Store it in its own storage area. When the necessary work is completed, the user A turns off the computer 1 (step S29). Thereby, the document data in the RAM (1C) is discarded. That is, since the document data which is personal data does not remain in the computer 1, there is no risk of information leakage even if the computer 1 is lost.

  When the user newly creates document data, a new document data file is created on the document application activated in step S26. Such document data is stored on the RAM (1C) and can be displayed and printed (step S27). However, in the case of saving, the document data is transmitted to the data server 61 as described above, and the data server 61 (step S28). Such data is also discarded from the RAM (1C) when the user A turns off the computer 1 (step S29).

  Next, with reference to FIG. 11, an operation when the computer 1 performs processing on the setting target device 30 will be described. First, the user turns on the computer 1 on the go. Then, the OS program is read from the flash memory 1B and the OS is activated (step S31). Subsequently, when an instruction to activate setting software used for maintenance and setting of the setting target device 30 is issued, the setting software program is read from the flash memory 1B and activated (step S32).

  Next, the computer 1 accesses the network N via the communication device, and accesses the setting target device 30 via the activated setting software (step S33). Then, the setting target device 30 is requested for setting data representing the current setting state of the setting target device 30 (step S34). Then, since the requested setting data is transmitted from the setting target device 30 to the computer 1 accordingly, the computer 1 acquires the setting data and stores the acquired setting data in the RAM (1C). (Step S35).

  Thereafter, the user opens the acquired setting data using setting software, displays it on the display (step S36), and confirms the setting contents. If necessary, the setting data is edited on the RAM (1C) based on the editing instruction by inputting the editing instruction from the keyboard or the like on the setting software (step S36). Setting data is stored on the RAM (1C).

  Thereafter, in order to set the edited setting data in the setting target device 30, the user transmits the setting data to the setting target device 30 (step S37) and registers the setting data in the setting target device 30. When the necessary work is completed, the user turns off the computer 1 (step S38). Thereby, the setting data in the RAM (1C) is discarded. In other words, since the setting data does not remain in the computer 1, there is no risk of information leakage even if the computer 1 is lost.

  When the user newly creates setting data, after the setting software is activated in step S32, new setting data is created on the setting software. Thereafter, the created setting data is transmitted to the setting target device 30 and set. Such data is also discarded from the RAM (1C) when the user A turns off the computer 1 (step S38).

  Next, a case where the computer 1 accesses the mail server 40 will be described with reference to FIG. First, the user turns on the computer 1. Then, the OS program is read from the flash memory 1B and the OS is activated (step S41). Subsequently, when the user instructs the computer 1 to start the mail software, the mail software program is read from the flash memory 1B and the mail software is started (step S42).

  Next, the user operates the mail software to select mail transmission / reception (step S43). At this time, if reception of mail is selected (Yes in step S43), the computer 1 accesses the network N via the equipped communication device and accesses the mail server 40 (step S44). At this time, user authentication is also executed (step S44). Since the mail software requests the received mail from the mail server 40 (step S45), the received mail is transmitted from the mail server 40 accordingly. At this time, by setting the mail software, the computer 1 can request the mail server 40 to receive only new mail, all past received mail, sent mail, and the like. The requested mail is received from the mail server 40 and stored in the RAM (1C) (step S46). Thereafter, the acquired mail data such as received mail is displayed on the mail software (step S47), and the user can confirm this.

  On the other hand, when the mail software is activated and the user requests to create a mail (negative determination at step S53, affirmative determination at step S48), the mail creation function is activated and the user creates a new outgoing mail. Can do. The created outgoing mail is stored in the RAM (1C) (step S49). Then, when sending the created outgoing mail, the mail server 40 is accessed via the mail software, and after user authentication (step S50), the outgoing mail is sent to the mail server 40 (step S51). As a result, the mail server 40 transmits the outgoing mail to the address of the other party.

  Thereafter, when the use of the mail software is finished (No in Step S52), the user turns off the computer 1 (Step S53). Thereby, the mail data in the RAM (1C) is discarded. In other words, since the mail data does not remain in the computer 1, there is no fear of information leakage even if the computer 1 is lost.

  Next, a case where the computer 1 accesses the web server 50 will be described with reference to FIG. First, the user turns on the computer 1. Then, the OS program is read from the flash memory 1B and the OS is activated (step S61). Subsequently, when the user gives an instruction to start the web browser software on the computer 1, the web browser program is read from the flash memory 1B and the browser software is started (step S62).

  Next, the user operates the browser software to access the web server 50 that has established a predetermined website, and requests web page data (step S63). Accordingly, since the web page data is transmitted from the web server 50, the web page data is received and stored as a cache in the RAM (1C) (step S64) and displayed on the browser (step S65). .

  Thereafter, when the user finishes browsing the website, the user turns off the computer 1 (step S66). Thereby, the web page data in the RAM (1C) is discarded.

  In this way, the computer 1 can implement certain processing work by activating predetermined software stored in the flash memory 1B and necessary information (document data, mail data, setting data, etc.). Can be acquired from an external device (such as the data server 61, the mail server 40, or the setting target device 30) on the network, or a storage medium such as a USB memory, etc., and processing for such information can be realized. Since the processing data is stored only in the RAM (1C), the processing data (for example, document data, mail data, setting data, etc.) is erased from the RAM (1C) after the computer 1 is turned off. Is done. That is, the processing data is not stored in the computer 1. Therefore, even when the computer 1 is carried outside, information leakage can be suppressed and security can be ensured.

  Then, when changing or newly introducing the OS, other applications, settings, and the like mounted on the computer 1, the computer 1 is entrusted to the administrator B as described in the first embodiment. Then, the administrator B uses the USB key 2 to set the flash memory 1B of the computer 1 to be writable, and can easily perform operations such as adding an application.

  By incorporating the present invention into an information processing terminal that is carried outside, security can be enhanced and the present invention has industrial applicability.

It is an external view which shows a security system. It is a figure which shows the structure of the computer disclosed in FIG. It is a figure which shows the data memorize | stored in the USB key disclosed in FIG. It is a figure which shows the data memorize | stored in the auxiliary storage device of the computer disclosed in FIG. FIG. 2 is a functional block diagram illustrating a configuration of a computer disclosed in FIG. 1. FIGS. 6A and 6B are explanatory diagrams illustrating an operation when changing the setting of the computer or the like in the first embodiment. 3 is a flowchart illustrating an operation when changing settings of a computer or the like in the first embodiment. 3 is a flowchart illustrating the operation of a computer when changing settings or the like of the computer in the first embodiment. FIG. 10 is a block diagram illustrating a configuration of the entire system in a second embodiment. 10 is a flowchart illustrating an operation when the computer is used in the second embodiment. 10 is a flowchart illustrating an operation when the computer is used in the second embodiment. 10 is a flowchart illustrating an operation when the computer is used in the second embodiment. 10 is a flowchart illustrating an operation when the computer is used in the second embodiment.

Explanation of symbols

1 Computer (information processing device)
2 USB key (storage medium)
11 External memory reading processing unit (switching command receiving means)
12 User authentication processing unit (authentication means)
13 Write switching processing unit (writing switching means)
15 OS storage unit 16 Application storage unit 17 OS
18 Driver 21 Control software 22 Media side authentication data 23 Memory area 1A CPU (arithmetic unit)
1B Flash memory (nonvolatile auxiliary storage device)
1C RAM (volatile main memory)
1D USB port (interface part)

Claims (17)

An information processing apparatus comprising an arithmetic device, a volatile main storage device, and a nonvolatile auxiliary storage device,
The arithmetic device includes a switching command receiving means for receiving an input of a switching command for switching an information writing destination, and a writing destination of information processed in the arithmetic device according to the received switching command. Write switching means for switching between storage devices;
An information processing apparatus comprising:   The writing switching means switches the information writing destination to the auxiliary storage device when the switching command is input when the main storage device is set as a writing destination. 1. An information processing apparatus according to 1.   3. The information according to claim 2, further comprising initial setting starting means for starting by setting an information writing destination in the main storage device when the information processing apparatus is started when the switching command is not received. Processing equipment. An information processing device is detachable, and includes an interface unit on which a storage medium storing the switching command can be mounted.
The switching command receiving means receives an input of the switching command by reading the switching command from the storage medium attached to the interface unit.
The information processing apparatus according to claim 2 or 3, The arithmetic device reads medium-side user authentication data stored in advance in the storage medium from the storage medium attached to the interface unit, and receives user authentication data input by a user, An authentication means for performing authentication based on
The write switching means operates when the authentication is successful.
The information processing apparatus according to claim 4.   The information processing apparatus according to claim 4, wherein the interface unit is a USB port. A storage medium that is detachable from an information processing device including an arithmetic device, a volatile main storage device, and a nonvolatile auxiliary storage device,
A switching command that is read when the information processing device is mounted and that is processed in the arithmetic device in the information processing device is stored between the main storage device and the auxiliary storage device. ,
A storage medium characterized by that.   The information processing apparatus is configured to switch the information writing destination to the auxiliary storage device when the switching instruction is input when the main storage device is set as a writing destination in the information processing apparatus. The storage medium according to claim 7, wherein the storage medium is information for instructing the storage medium.   The storage medium according to claim 7, wherein the storage medium is a USB memory.   A security system comprising the information processing apparatus according to claim 4 and the storage medium according to claims 7 to 9. A write destination switching method by an information processing device including an arithmetic device, a volatile main storage device, and a nonvolatile auxiliary storage device,
A switching command receiving step in which the arithmetic device receives an input of a switching command for switching the write destination, and a write destination of information processed in the arithmetic device in accordance with the received switching command, the main storage device and the auxiliary storage device A write switching process for switching between
A writing destination switching method characterized by comprising: The arithmetic unit has a write destination initial setting step of setting the main storage device as a write destination before the switching command receiving step,
The writing switching step switches the auxiliary storage device to a writing destination when receiving the switching command input in the switching command receiving step.
The write destination switching method according to claim 11, wherein:   13. The writing device resetting step of setting the information writing device in the information processing device to the main storage device and restarting after the writing switching step. To change the write destination.   The switching command receiving step receives an input of the switching command by reading the switching command stored in the storage medium from a storage medium that is detachable from the information processing apparatus. 13. The write destination switching method according to 13. The arithmetic unit reads medium-side user authentication data stored in advance in the storage medium at least before the write switching step, and receives user authentication data input to the information processing apparatus by a user. And an authentication step for performing user authentication based on these,
The write switching step operates when the authentication is successful.
The write destination switching method according to claim 14, wherein: In an information processing apparatus comprising an arithmetic device, a volatile main storage device, and a nonvolatile auxiliary storage device,
A switching command receiving step for receiving an input of a switching command for switching the writing destination, and a writing destination of information processed in the arithmetic device according to the received switching command is switched between the main storage device and the auxiliary storage device. Writing switching process;
A program for running In an information processing apparatus comprising an arithmetic device, a volatile main storage device, and a nonvolatile auxiliary storage device,
A program for executing the steps according to claim 11.

Images