JP4753819B2 - Information processing method, program and apparatus for enhancing evidence capability and / or evidence value of electromagnetic records - Google Patents

Description

  The present invention relates to an information processing method, program, and apparatus for outputting an electromagnetic record after taking measures to increase the evidence capability or evidence value of the electromagnetic record.

  In recent years, electronic document-related legal systems such as the Electronic Book Storage Law, Electronic Signature Law, and Electronic Document Law have legally allowed the storage, creation, general inspection, and delivery of electromagnetic records. On the other hand, in order to fulfill the legal compliance and duty of good caution of organizations such as companies, the organization's internal control system is established and the results of the activities are left as evidence to prepare for internal control audits and shareholder representative lawsuits. There is a growing need. In general, the records output by an information system related to an organization's internal control tend to be enormous. Therefore, in view of economy, ease of search, etc., it is desirable to store electromagnetic records instead of paper. ing.

  Techniques have been disclosed for providing legal requirements for electronic records to electronic records and enhancing the evidence capacity and / or evidence value in criminal cases and the evidence value in civil cases. Hash technology that proves that electromagnetic records have not been tampered with (integrity), electronic signature technology that proves who the signature creator is (authenticity), and that electromagnetic records existed before a certain time (real And a time stamp technique for proving that electromagnetic recording has not been tampered with before a certain time (completeness) (Non-Patent Document 1).

There is also a technique for proving non-generation of electronic signatures in the past. For example, a method of performing another tampering detection measure in addition to an electronic signature has been proposed (Non-Patent Document 2). The forgery of the electronic signature is proved by verifying that the falsified electronic signature has not been subjected to the falsification detection measure. Specifically, the falsification detection measure is a method of providing a time-series chain structure between a plurality of electronic signatures to be generated. By this method, the generation order between a plurality of electronic signatures is proved, and an attempt is made to prove that there is no third electronic signature between the electronic signatures.
Independent Administrative Institution Information Processing Promotion Organization, “Survey Report on Timestamp Technology”, April 2004 Seiichi Susaki, Tsutomu Matsumoto “Electronic Signature Alibi Realization Mechanism-Hysteresis Signature and History Crossing”, Journal of Information Processing Society of Japan, August 2002

  The electromagnetic records that serve as the basis for determining the existence or nonexistence of a proof fact have taken technical measures to satisfy the above-mentioned integrity, authenticity, and existence before the records are required. Without it, there is no point. Even if the above technical measures are applied after receiving a request for submission by a third party for auditing or litigation, the evidence capacity and evidence value will not increase. For example, the electromagnetic record with a time stamp indicating the date and time after the incident is pointed out cannot be dismissed as a subsequent forgery. Therefore, it is desirable for electromagnetic recording to satisfy integrity, authenticity, and reality without leaving time from the output.

  In addition, in order for the business history of internal control, etc. to be recognized as “documents created in the normal process of business” (Article 323-2 of the Criminal Procedure Code), the normal process of business is continued continuously. Therefore, it is good to record without omission (coverability). The comprehensive business history recorded before the incident was pointed out can be used to select and submit only evidence that is advantageous to the self, and dispel the suspicion that the adverse evidence is concealed. This increases the probability that evidence capacity and evidence value will be recognized in criminal cases and evidence value in civil cases. In order to prove completeness with logical completeness, it is necessary not only to prove the existence of the record but also to prove that there is no other record other than the record (proof of the absence). is there. By positively proving the absence of evidence submitted by an auditor, litigation partner, third party, etc., it is possible to develop audits, litigation, etc. in an advantageous manner.

  However, the above-described background art embodiments take the technical measures on the recording after the electromagnetic recording is recorded on the medium. A certain or sometimes long time may elapse between the output of the record and the action of the technical means. That is, there is a period in which no measures are taken to increase the evidence capacity and evidence value in electromagnetic records (Problem 1).

  In addition, the electromagnetic record output as the business history has a characteristic that each business has a fixed recording unit (message, form, slip, transaction, file, event, etc.), and the records are stacked as a time series history. . On the other hand, in the embodiments of the background art described above, it is possible to arbitrarily select whether to take the technical means for each output recording unit or for each unit in which the recording units are further combined. In other words, the third party can know that the technical means can be taken only for the remaining history that has worked out any part of the series of history, and that the extracted history exists. I can't. Therefore, the electromagnetic recording using the technical means is not comprehensive, and it cannot be proved that there is no other recording other than the recording (problem 2). For example, in the case of an electronic signature method that performs another alteration detection measure in addition to the above-described electronic signature, the signer himself has the ability and option to execute only the electronic signature without performing the alteration detection measure. . Therefore, it is not possible to prove to a third party that the electronic signature is denied or the electronic signature is not generated, using only the fact that the electronic signature does not include the falsification detection measure. In this case, in order to prove the non-generation of the electronic signature, a separate proof regarding the operational fact of the generation of the electronic signature that the tampering detection measure is necessarily included in the electronic signature performed by itself is required.

  Furthermore, one of the factors that make the above comprehensiveness more difficult is that business operations continue beyond the hardware renewal period. When an information processing device that generates an electromagnetic record with a chain structure is renewed with hardware, the chain structure of the electromagnetic record is maintained unless the electromagnetic record with the chain structure is transferred from the old hardware to the new hardware. Can not. However, in the conventional example, when the electromagnetic recording is transferred to different hardware, the operation of resuming the chain structure from any electromagnetic recording cannot be prevented (Problem 3). Erasing electromagnetic records that have not yet been notarized by a third party among the electromagnetic records with a chain structure, following the last electromagnetic record of the remaining electromagnetic records, An injustice to resume a new chain structure is possible. In the succession of the history of electromagnetic records associated with hardware renewal, if the completeness of the history to be inherited cannot be proved, the evidence capacity and evidence value may be impaired.

  In view of the above problems, an object of the present invention is to set the following problems to be solved and to solve these problems. That is, before an electromagnetic record that requires evidence capacity and / or evidence value is output to the medium, measures are taken to increase the evidence capacity and / or evidence value (Issue 1). Or, all the electromagnetic records that require evidence value are subject to the task 1 and the output of the electromagnetic records that are not subject to this measure is restricted (issue 2). Even if there is a renewal, the completeness of electromagnetic records with a chain structure is proved (Problem 3).

  In one aspect, the present invention provides an information processing method for increasing the evidence capability and / or evidence value of electromagnetic recording in an information processing apparatus capable of outputting electromagnetic recording to an auxiliary storage device.

  This method is an information processing method for increasing the evidence capability and / or evidence value of electromagnetic recording in an information processing apparatus capable of outputting electromagnetic recording to an auxiliary storage device, and permits arbitrary writing by a user. Along with the writing of the electromagnetic recording to the first storage area, arbitrary writing, rewriting, overwriting, and deletion by the user are prohibited, and only the specific additional writing is permitted, to the first storage area. The step of appending the same electromagnetic record as the one to be written, and writing either when writing the electromagnetic record to the first storage area or appending the electromagnetic record to the second storage area is not successful And erasing the electromagnetic recording in the first and second storage areas.

  In addition, the information processing method for enhancing the evidence capability and / or evidence value of electromagnetic recording according to the present invention may further include a step of adding time information to the second storage area. The method may further include performing a hash operation on information obtained by adding time information to the electromagnetic recording, and additionally writing the hash value calculated by the hash operation to the second storage area.

  A first hash operation is performed on information obtained by adding time information to the electromagnetic recording, and an exclusive logic between the hash value calculated by the first hash operation and the previous first hash chain value is obtained. A step of performing a second hash operation on the sum and additionally writing the second hash chain value calculated by the second hash operation to the second storage area may be further included. The method may further include a step of generating an electronic signature by encrypting the second hash chain value using a secret key and adding the electronic signature to the second storage area.

  Further, it is preferable that the first and second hash operations and the encryption with the secret key are performed by a tamper-resistant device.

  Furthermore, the present invention provides a method in which two information processing devices for enhancing the evidence capability and / or evidence value of the electromagnetic record of the present invention form a chain of hash digest and electronic signature.

  This method generates two electronic signatures for a second hash chain value and appends the electronic signature to the second storage area to increase the evidence capability and / or evidence value of electromagnetic records. A step of outputting the generated first electronic signature to an external information processing apparatus between the processing apparatuses, and a second electronic signature generated for the first electronic signature in the external information processing apparatus is external And generating a third electronic signature with respect to the second electronic signature.

  In another aspect, the present invention provides a program for enhancing the evidence capability and / or evidence value of electromagnetic recording in an information processing apparatus capable of outputting electromagnetic recording to an auxiliary storage device, and Two information processing devices for increasing the evidence capability and / or evidence value provide a program for forming a chain of hash digests and electronic signatures. The program of the present invention has the same steps as the information processing method in order to increase the evidence capability and / or evidence value of the above-described electromagnetic record.

  In another aspect, the present invention includes a central processing unit, a main storage device, a timer, and one or a plurality of auxiliary storage devices connected by a bus, and performs electromagnetic processing by performing the information processing method described above. An information processing apparatus that enhances the evidence ability and / or evidence value of a historical record is provided.

  In accordance with the present invention, electromagnetic records that require evidence capacity and / or evidence value are subjected to measures to increase evidence capacity and / or evidence value before being written to the auxiliary storage medium. Electromagnetic records that are not subjected to this measure will not remain on the medium. That is, according to the present invention, there is no period in which the electromagnetic record once output is left without taking measures for increasing the evidence ability and the evidence value. Furthermore, since the measures for increasing the evidence capacity and / or the evidence value according to the present invention are automatically executed by the information processing apparatus, the user can intentionally change the automatically executed measures. I can't. Therefore, the completeness of the business history as evidence is ensured, and proof that there is no other record other than the record (proof of non-existence) becomes easy.

  Further, according to the present invention, when the hardware that outputs the business history is renewed, the electromagnetic records that have not yet been notarized by a third party are deleted from the electromagnetic records having a chain structure, and the remaining electromagnetic records are deleted. It is possible to prevent the fraud of resuming a new chain structure from the electromagnetic record generated after the last electromagnetic record of the target record. Even if the hardware that is the main output of electromagnetic recording is renewed, it becomes easy to prove the completeness of the electromagnetic recording having a chain structure.

  Hereinafter, the present invention will be described in detail with reference to embodiments of the present invention and the accompanying drawings. In addition, when showing the same element in several drawing, the same referential mark is attached | subjected.

  FIG. 1A is a schematic block diagram showing the configuration of an information processing apparatus for increasing the evidence capability and / or evidence value of electromagnetic recording according to the first embodiment of the present invention. 1A, the information processing apparatus includes a central processing unit (CPU) 1001, a main storage device 1002, a timer 1A25, a bus 1004, and I / O devices 1005, 1006, and 1007 that are auxiliary storage devices. It is a storage-type computer. FIG. 1A is an embodiment, and there may be a plurality of CPUs and buses, and the number of I / O devices may be smaller or larger, and is not limited to the description of FIG. 1A.

  The CPU 1001 includes an arithmetic logic unit (ALU), a register, a sequencer including a program counter and an additional circuit, and performs various operations according to a program on the main memory. In addition, the CPU 1001 may further include an interrupt control unit (ICU), a memory management unit (MMU), a secondary cache, and the like.

  The main storage device 1002 is a large capacity memory that can be read and written. A word is designated by an address assigned in the main storage device 1002, and an instruction and data are held in units of words.

  The timer 1A25 is a so-called real time clock (RTC) inside the information processing apparatus, which includes a clock oscillator and a counter and an independent battery. The timer 1A25 returns time information in response to the inquiry.

  The I / O devices 1005, 1006, and 1007 are auxiliary storage devices that can input and output, and are network interfaces that include media or can communicate with auxiliary storage devices that include media.

  When the information processing apparatus is activated, the OS 1013 and the interrupt handler 1000 are loaded into the main storage device 1002. The interrupt handler 1000 may be part of the OS 1013 or may be configured as part of a virtual machine monitor (VMM) located between the OS 1013 and hardware. After the information processing apparatus is activated, application software 1012 is held on the main storage device 1002 by a user operation, and electromagnetic recording is created by the application software 1012.

  The page table 1003 is an array structure of pages obtained by dividing a virtual address space in order to manage virtual memory. The page table 1003 can include an entry in which write prohibition is set for an address that controls the I / O devices 1005, 1006, and 1007. When the application software 1012 writes the file of the electromagnetic record 1011, the file system included in the operating system (OS) 1013 searches for and calls the device driver 1014. The called device driver 1014 issues an I / O device write command to an address that controls the I / O device. An interrupt is generated in the CPU 1001 that has received a write for a page for which writing has been prohibited by the memory protection function of the CPU. The page table 1003 is held in the main storage device 1002 in FIG. 1A, but is not limited to this configuration, and is not limited to this configuration, and is a memory management unit (MMU) integrated with the CPU 1001 or independent of the CPU. ) May be held inside.

  In response to the interrupt, the CPU 1001 interrupts the program being executed (such as an output routine), saves the internal register, flag information, and the like of the CPU that is executing the instructions of the program to the main memory, and then calls the interrupt handler 1000. Besides the interrupt, the interrupt handler 1000 can be directly called by the application software 1012. The interrupt handler 1000 executes the following series of processes.

  When the interrupt handler 1000 is called by a CPU interrupt, the write control to the page table is transferred to the interrupt control process 1020. The interrupt control processing 1020 is a main routine for controlling the entire interrupt handler 1000, and starts and ends each subroutine, sequence control, data transmission / reception control between subroutines, and data temporarily stored in the main storage device 1000. Data transmission / reception control through I / O processing 1023 is performed. Note that the encryption key and encryption algorithm of the interrupt control process 1020 are the same as the encryption key and encryption algorithm of the value protection process 1A27 described later. It is desirable that the encryption key be managed by a trusted third party in a state where not only the user of the information processing apparatus but also the operation manager cannot obtain it.

  First, the interrupt control process 1020 determines whether a page that has received a write command to the I / O device is a predetermined address (an address in an operation area O described later). Start up. Next, the interrupt control process 1020 passes the electromagnetic record that is the target of the write command to the I / O process 1023 and the hash calculation process 1A26 according to the processing result of the comparison / registration process 1021, or ends the interrupt handler 1000. Return to the state before the interrupt. On the other hand, when called by the individual application software 1012, the interrupt control process 1020 calls the comparison / registration process 1021, the I / O process 1023, the signature generation / verification process 1A29, or the key protection process 1A30.

  The comparison / registration process 1021 is started by the interrupt control process 1020. The comparison / registration processing 1021 compares the address of the page that has received the write command to the I / O device with the address registered in the address table 1022, or by user operation through individual application software 1012. Then, an area designation and attribute designation of an arbitrary address are registered in the address table 1022. The address table 1022 indicates an address indicating a predetermined area (an operation area O and a protection area P described later) and a correspondence relationship between the areas, and is stored in any of the I / O devices 1005, 1006, and 1007. . The address table 1022 is read and written through the I / O processing 1023 by the comparison / registration processing 1021. The address table 1022 is accessed by any application software 1012 and is not changed.

  The hash calculation process 1A26 has a hash calculation algorithm and performs a hash calculation. The hash calculation algorithm can be changed at any time by a user operation through the interrupt control process 1020 in consideration of compromise. The hash calculation process 1A26 uses the electromagnetic recording that is the target of the write command passed from the interrupt control process 1020, the time information obtained from the timer 1A25, and the process result passed from the exclusive OR (XOR) calculation process 1024. Perform a hash operation as the target. The result of the hash calculation process is passed to an exclusive OR (XOR) calculation process 1024, a signature generation / verification process 1A29, and an I / O process 1023. In addition, the hash calculation process 1A26 performs a hash calculation on any electromagnetic recording input by the user through the interrupt control process 1020, and returns the calculation result to the I / O process 1023.

  The exclusive OR (XOR) operation processing 1024 performs an exclusive OR (XOR) operation between the operation result of the hash operation processing 1A26 and the value 1A28 stored by the value protection processing 1A27. The result of the exclusive OR (XOR) operation is returned to the hash operation processing 1A26 through the interrupt control processing 1020.

  The signature generation / verification process 1A29 has an encryption algorithm based on a public key cryptosystem, and generates or verifies an electronic signature by performing an encryption operation. The encryption algorithm can be changed at any time by a user operation through the interrupt control process 1020 in consideration of compromise. The signature generation / verification process 1A29 generates an electronic signature from the hash calculation result passed from the hash calculation process 1A26 through the interrupt control process 1020, and the electronic signature is transferred to the I / O process 1023. The secret key and the public key used in the public key cryptosystem are the secret key / public key 1A31 protected by the key protection processing 1A30. The signature generation / verification process 1A29 accesses the key protection process 1A30 and acquires a secret key or a public key every time a signature is generated and verified. By user operation through the interrupt control process 1020, the signature generation / verification process 1A29 generates an electronic signature for any electromagnetic record input by the user, and for a hash value and an electronic signature input by the user The signature can be decrypted and the match with the hash value can be verified.

  The key protection processing 1A30 has an encryption key and an encryption algorithm, encrypts and decrypts the private key / public key 1A31, and protects them. The encryption key and the encryption algorithm may not be the same as the encryption key and the encryption algorithm of the interrupt control process 1020 and the value protection process 1A27 described later, but the encryption key is not limited to the user of the information processing apparatus, It is desirable for the operation manager to be managed by a reliable third party without obtaining it. The private key / public key 1A31 encrypted by the key protection processing 1A30 is written to and read from any of the I / O devices 1005, 1006, and 1007. Each time the signature generation and verification process is executed, the private key / public key 1A31 is read out, decrypted by the key protection process 1A30, and then passed to the signature generation / verification process 1A29. The secret key / public key 1A31 is a secret key and a public key of the public key cryptosystem, and the pair of the secret key and the public key can be changed at any time in consideration of the security of key management. The changed private key and public key are encrypted by the key protection processing 1A30, and then written to any of the I / O devices 1005, 1006, and 1007 by the I / O processing 1023.

  The I / O process 1023 is activated by the interrupt control process 1020. The electromagnetic records to be output by the I / O processing 1023 are the electromagnetic records that need to increase the evidence capability and / or the evidence value, the I / O addresses in the address table 1022, the time information generated by the timer 1A25, the hash The calculation result of the calculation processing 1A26, the value 1A28, the processing result of the signature generation / verification processing 1A29, and the secret key / public key 1A31. When outputting to any of the I / O devices 1005, 1006, and 1007, the I / O processing searches for the device driver 1014, and the device driver 1014 sends a write command to any of the I / O devices 1005, 1006, and 1007. Do. The input target of the I / O processing 1023 is the I / O address in the address table 1022, the secret key / public key 1A31, and any electromagnetic record input by the user.

  The value protection process 1A27 has an encryption key and an encryption algorithm, encrypts and decrypts the value 1A28, and protects it. The encryption key and the encryption algorithm are the same as the encryption key and the encryption algorithm of the interrupt control process 1020. It is desirable that the encryption key be managed by a trusted third party in a state where not only the user of the information processing apparatus but also the operation manager cannot obtain it. The value protection process 1A27 is started by the interrupt control process 1020 that confirms the completion of writing of the electromagnetic record that needs to increase the evidence capability and / or the evidence value. The result of the hash calculation process 1A26 written in any of the I / O devices 1005, 1006, and 1007 is a value 1A28. The value 1A28 is encrypted by the value protection processing 1A27 based on the data held in the main storage device 1002 before being written to the I / O device, and then overwritten by the I / O processing 1023. Saved. The value 1A28 is written to and read from any of the I / O devices 1005, 1006, and 1007. The value 1A28 read by the I / O devices 1005, 1006, and 1007 is decrypted by the value protection process 1A27, and then passed to the exclusive OR (XOR) operation process 1024 through the interrupt control process 1020. .

FIG. 2 shows an example of a table of records for generating and storing an electromagnetic record that needs to be improved in evidence capacity and / or evidence value as an evidence record. Let D _k be an electromagnetic record that needs to be improved in evidence capacity and / or evidence value. The time information generated by the timer 1A25 of Figure 1A and the timer value _{T k.} The calculation result of the hash calculation process 1A26 in Figure 1A and the hash value _{H k} and the hash chain value HC _k. An electronic signature generated by the signature generation and verification process 1A29 in Fig. 1A and _{S k.} Let the evidence record record R _k be R _k = {D _k , T _k , H _k , HC _k , S _k }. The subscript k of each symbol is k = {0, 1, 2,..., N}, and is an ordinal number indicating the generation order of records. The evidence record records _Rk are sequentially accumulated in the order in which they are generated and recorded as a history.

Hash value _{H n} is two values _{D n} and _{T n} data linked _D n | a | _{(T n} D n) _{T n} of the hash function _h. The symbol | represents concatenation, and the symbol h () represents a hash function. Hash chain value HC _n is, n-1-th hash chain value _{HC n-1} and the exclusive OR of the n-th hash value _{H n HC n-1 (+} ) H n of the hash function h _{(HC n- 1} (+) H _n ). The symbol (+) represents an exclusive OR (XOR) operation. The electronic signature S _n is a result of the cryptographic processing c (HC _n ) of the hash chain value HC _n . The symbol c () represents encryption by an encryption algorithm.

Electromagnetic record D ₀ is used as the initial information to indicate an entity that generates electromagnetic record D _k (principal). The electromagnetic recording D ₀ preferably includes information unique to the information processing apparatus or the information processing system that is the generation subject of the electromagnetic recording, and further to the management and operation subject of the information processing apparatus or information processing system. The information specific to the subject suitable for the electromagnetic recording D ₀ is, for example, the machine number of the electronic computer, BIOS, boot loader, expansion ROM data, license number of the operating system (OS) 1013, license number of the application software 1012, Information obtained by adding the encrypted secret key / public key 1A31 to the administrator name, the operator name, or the hash digest of these information or the hash digest of all the programs used in the information processing system is conceivable. -1st and _{HC -1} = 0 because the hash chain value _{HC -1} does not exist, the hash chain value HC ₀ is exclusive 0 0 and _{H 0} (+) hash function _{H 0} h (0 (+) H ₀ ).

Evidence record record R _n is based on its structure and generation process, electromagnetic record D ₀ to hash signature value H _n to the integrity of electromagnetic record D _n and electronic signature S _n to the authenticity of the signature creator. by to subject that generates electromagnetic record D _n, to generate a time or generation interval of the electromagnetic record D _n by the timer value T _n, the electronic records D _n and D _n-1 by a hash chain value HC _n A reasonable guarantee is given to continuity. The evidence record record R _n or at least the electronic signature S _n is preferably stored in a reliable third party (TTP) that provides a notary service such as a time stamp service whenever possible. Timestamp by TTP can provide reasonable assurance against reality evidence recording records R _n. However, if all the evidence recorded record R _n or digital signature S _n by cost side and operational problems it is difficult to store in the TTP, business operations, important evidence record records R _n or digital signature S _The evidence record record R _n or the electronic signature S _n may be stored in the TTP by selecting _n or periodically and as short as possible.

  FIG. 3A is a conceptual diagram of an example of region designation within one I / O device to define the handling of electromagnetic records that need to increase evidence capacity and / or evidence value. FIG. 3B is a conceptual diagram of an example of region designation in multiple I / O devices to define the handling of electromagnetic records that need to increase evidence capacity and / or evidence value.

The operation area O refers to an output destination of an electromagnetic record that needs to be improved in evidence capacity and / or evidence value according to the user's designation among the electromagnetic records _Dk generated by the application software 1012 or the operating system (OS) 1013. This is a write area of the I / O device. The operation area O can be directly written by the application software 1012 and the operating system (OS) 1013. The protection area P writes the electromagnetic record D _{k written} in the operation area O as an evidence record record R _k = {D _k , T _k , H _k , HC _k , S _k } separately from the operation area O, This is the area of the I / O device to be protected. The non-designated area is an area that is not the operation area O or the protection area P, and is not a component essential to the present invention. On the other hand, the operation area O or the protection area P (hereinafter, O or P is referred to as “designated area”) is an indispensable component for the present invention. The presence of the non-designated area only indicates the degree of freedom of the configuration of the present invention for the user who uses the present invention. The operation area O, the protection area P, and the non-designated area are mutually exclusive. The concept of the designated area can give the following definition from another aspect to the electromagnetic recording _Dk . That is, the electromagnetic record D _k is all the electromagnetic records written in the operation area O, and every time the operation area O is written, the evidence record record R is stored in the protection area P at the same time or before the writing. _k = {D _k , T _k , H _k , HC _k , S _k }, an electromagnetic record that is written and protected. Therefore, the user needs to increase the evidence capability and / or evidence value by designating the operation area O as the output destination of the electromagnetic record generated by the application software 1012 or the operating system (OS) 1013. it is possible to define the electromagnetic record D _k of.

  In FIG. 3A, an operation area O, a protection area P, and a non-designated area are allocated in one I / O device 3A02. The I / O device 3A02 is a device including an auxiliary storage medium that can be written at least once and read a plurality of times. On the other hand, in FIG. 3B, a non-designated area, an operation area O, and a protection area P are allocated to each of the plurality of I / O devices 3B02, 3B03, and 3B04. The I / O device 3B04 to which the protection area P is assigned is a device that includes an auxiliary storage medium that can be written at least once and read a plurality of times, or an auxiliary storage that can be read at least once and read a plurality of times. A network interface device connected to a device including a medium. The I / O devices 3B02 and 3B03 may include a storage medium, or may be a simple output device that does not include a storage medium.

  The buses 3A01 and 3B01 are system buses or I / O buses, and the types of buses such as an ISA bus, a PCI bus, and a SCSI bus are not limited. In FIG. 3B, the bus 3B01 is described as one bus, but one bus may be configured for each of the I / O devices 3B02, 3B03, and 3B04. FIG. 3B only conceptually illustrates one embodiment, and the number and combination of buses and I / O devices can be arbitrarily determined.

FIG. 4 is a diagram illustrating the attributes of electromagnetic recording and the permitted / prohibited operations of the operation area O and the protection area P, which are designated areas, and the relationship between the operation area O and the protection area P. As described above, the electromagnetic recording _Dk is output to the operation area O. The operation permitted to the operation area O only needs to be at least an output operation to the I / O device, and restrictions on the operations of rewriting, overwriting, adding to a free area, deleting, and reading are arbitrary. On the other hand, the evidence record record R _k is written in the protected area P as described above. In the protection area P, writing operations other than the evidence record record R _k based on the output request of the electromagnetic record D _{k in} the operation area O are not allowed at all. In addition, the write operation of the evidence record record R _k is not permitted by the user, is automatically performed by the information processing apparatus, and rewriting, overwriting, and deletion are prohibited, and additional writing to the free area is permitted. Is done. For read operations evidence recording record R _k, the user can arbitrarily execute.

  Symbols 1 described below the solid line connecting the operation area O and the protection area P in FIG. . * Represents the correspondence between the operation area O and the protection area P. That is, one or more operation areas O are set for one storage area P. Conversely, two or more protection areas P can be set for one operation area O. A plurality of protection areas P and operation areas O can be set in the same information processing apparatus while satisfying the correspondence relationship between the specified areas O and P described above.

  FIG. 5 is a flowchart illustrating an example of an interrupt setting procedure and an interrupt procedure for starting the interrupt handler 1000 by the information processing apparatus of FIG. 1 according to the first embodiment. The setting procedure described in the left half of FIG. 5 represents a procedure for performing a setting necessary as a preliminary preparation for realizing the interrupt procedure for starting the interrupt handler 1000. The interrupt procedure described in the right half of FIG. 5 represents an interrupt procedure from the completion of the setting procedure to the activation of the interrupt handler 1000 from the write operation of the electromagnetic recording 1011 by the application software 1013. The arrows extending to the right from step S503 and step S504 indicate that step S503 and step S504 are setting conditions that are prerequisites for realizing the transition process of each step of the interrupt procedure indicated by each arrow.

  The setting procedure of FIG. 5 is as follows. When the information processing apparatus is activated, an interrupt setting routine is activated (S501). The interrupt setting routine may be a part of the OS routine or a part of the virtual machine monitor routine. The CPU shifts to the privileged mode by the interrupt setting routine (S502). Next, based on the address table 1022, the address for controlling the designated areas O and P of the I / O device connected to the information processing device is determined, and the access right for the entry of the page table 1003 corresponding thereto is set. The possible bit is set to OFF (write prohibition) (S503). Further, the branch instruction in the interrupt destination address corresponding to the memory protection interrupt is set as the execution instruction of the interrupt handler 1000 (S504). Thereafter, the user mode is restored (S505). The above is the procedure necessary when starting up the information processing apparatus for executing the subsequent interrupt procedure.

  The interrupt procedure in FIG. 5 is as follows. When the user operates the application software 1012 and outputs an electromagnetic record to the I / O device, generally, the application software 1021 often calls an output routine by a software interrupt. The output routine is an API of the OS 1013 (S506). In response to this system call, the file system of the OS 1013 searches for the device driver 1014 for accessing the I / O device having the logical address indicating the position of the file from the logical name of the write destination file, and activates it (S507). ). The activated device driver 1014 issues a write command to the page table entry corresponding to the address that controls the I / O device (S508). At this time, since the page table entry is already write-protected in step S503, a CPU memory protection interrupt is generated (S509). At this time, before completing the write command in step S508, the CPU saves the register and flag information in the CPU to the stack in the main storage device 1002, and saves the CPU internal state (S510). Further, the CPU jumps to a predetermined interrupt destination address (S511) and executes a branch instruction in the interrupt destination address (S512). The branch instruction is set in advance as an effective instruction of the interrupt handler 1000 in step S504. As a result, the interrupt handler 1000 is activated (S513), and the interrupt procedure is completed. The above is the process in which the output routine is called by the application software and the interrupt routine is called. Subsequent step S7A02 will be described later with reference to FIG. 7A.

  FIG. 6A is a flowchart showing a procedure until the designated areas O and P of the information processing apparatus are designated and the operation is started. The user starts the program for performing the designation input of the operation area O and the protection area P of the information processing apparatus included in the interrupt handler 1000 to move the process to the interrupt handler 1000, and the privilege control mode is executed by the interrupt control process 1020. (S6A01), and then the comparison / registration process 1021 is started.

  The user performs designation input of the paired operation area O and protection area P by the comparison / registration process 1021 (S6A02). Next, the comparison / registration processing 1021 performs determination (S6A03, S6A04) by comparing the user designation destinations O and P with the address area in the address table 1022. If the designated destination O has already been designated as the protection area P, an error display (S6A05) is returned and the process returns to step S6A02. Next, when the designated destination O is not designated as the storage area P, the process proceeds to determination of the designated destination P (S6A04). If the designated destination P has already been designated as the operation area O, an error display (S6A05) is returned and the process returns to step S6A02. When the designated destination P is not designated as the operation area O, the writable bit for setting the access right of the page table entry corresponding to the address controlling the designated areas O and P is determined (S6A06). For example, after setting to OFF (write prohibition) by the I / O processing 1023 (S6A07), the process returns to the determination in step S6A06. When the determination result of step S6A06 is Yes, the process proceeds to step S6A08.

  In step S6A08, the I / O processing 1023 is activated to register the pair of O and P designated by the user in the address table 1022 as the operation area O and the protection area P, respectively. The I / O processing 1023 sets the bit for setting the access right of the page table entry of the address that controls the I / O device storing the address table 1022 to ON (write permission) (S6A08). The I / O processing 1023 issues a command for writing the address table specified by the user to the address from the CPU, whereby the designated areas O and P are addressed to the I / O device storing the address table 1022. It is written into the table and registered (S6A09). Next, the I / O processing 1023 sets the bit for setting the access right of the page table entry of the address that controls the I / O device stored in the address table 1022 to OFF (write prohibition) (S6A10), The interrupt control process 1020 ends and returns to the user mode. As described above, steps S6A01 to S6A11 are a series of flows by a program for the user to perform designation input of the designated areas O and P.

Next, the user selects and starts application software or an OS that generates an electromagnetic record D _n that needs to increase the evidence capability and / or the evidence value (S6A12). Subsequently, it sets the output destination of the electromagnetic record D _n generated by the application software or OS selected in the operational area O (S6A13). As described above, in steps S6A12 to S6A13, the user simply determines the application software or OS that should retain the electromagnetic record generation history, sets the output destination to O, and all the output electromagnetic records are used as evidence. A generation history is left.

  FIG. 7A is a flowchart illustrating an example of a flow of processing for writing the electromagnetic recording and the evidence recording record of the information processing apparatus of FIG. 1A of the first embodiment into the I / O apparatus. This will be described in detail below on the assumption that the procedure of FIG.

  When the interrupt handler 1000 is activated in FIG. 5 described above (S513), first, the interrupt control process 1020 is called. The interrupt control process 1020 is based on the internal register and flag information stored in the stack in step S510. The address that is the target of the write command to the I / O device is read out (S7A02). Next, in order to determine whether or not the page that has received the write command to the I / O device is an address in the operation area O, the comparison / registration process 1021 is started and the read address is compared with the comparison / registration process 1021. To pass.

  The comparison / registration process 1021 compares the address of the page that has received the write command to the I / O device and the address of the designated area 0 registered in the address table 1022. Based on the comparison, in step S7A03, it is determined whether or not the address of the page that has received the write command is an address in the operation area O. If the determination result of step S7A03 is No, the process proceeds to step S7A18 to process the error. If the determination result is No, it means that writing is prohibited, and an error to that effect is notified to the CPU.

If the determination result in step S7A03 is Yes, the comparison / registration process 1021 returns the result to the interrupt control process 1020. The interrupt control process 1020 uses the I / O device based on the CPU information saved in the stack in step S510. the electromagnetic record _{D n} as a target of the write instruction to the reads (S7A04), is stored in main memory the electromagnetic record Dn (S7A09). Next, the interrupt process 1020 requests time information from the timer 1A25 via the I / O process 1023.

Timer 1A25 having received the request, calculates a timer value _{T n} (S7AO5). The timer value T _n is the time information of the time when the timer 1A25 has received the request. I / O processing 1023 receives the timer value _{T n,} and stores it in the main memory (S7AO9), returns to the interrupt control process 1020.

Next, the interrupt control process 1020 starts the hash calculation process 1A26. Hash calculation process 1A26 is concatenated data _D n of the _{D n} and _{T n} stored in the main memory in | _{T n} hash function _h | calculates the _(D n _{T n),} obtaining the hash value _{H n} (S7A06 ). Hash calculation process 1A26 is stored in main memory hash value _{H n} (S7A09), passes the hash value _{H n} exclusive-OR operation processing 1024.

Exclusive OR operation process 1024, receives the hash value _{H n} from the hash calculation process 1A26, acquires the _{HC n-1} stored by accessing the values protection process 1A27 to the value 1A28. At this time, the value protection process 1A27 decrypts the value 1A28 in which HC _n-1 is encrypted, and delivers it to the hash calculation process 1A26. Exclusive OR operation process 1024 calculates the an exclusive logical sum of the _{HC n-1} and _{H n (XOR) HC n-} 1 (+) H n, the hash calculation process 1A26, _{HC n-1} (+) H Returns the value of _n .

Hash calculation process received a _{HC n-1 (+) H} n 1A26 performs calculation of _{HC n-1 (+) H} n of the hash function _{h (HC n-1 (+} ) H n), the hash chain value HC _n is obtained (S7A07). The hash calculation process 1A26 stores HC _n in the main memory (S7A09), and starts the signature generation / verification process 1A29.

The activated signature generation / verification process 1A29 accesses the key protection process 1A30 and acquires the secret key from the secret key / public key 1A31. At this time, the key protection process 1A30 decrypts the secret key / public key 1A31 in which the secret key is encrypted, and delivers the secret key to the signature generation / verification process 1A29. Calculating a digital signature _{S n} by encrypting process c (HC _n) the HC _n stored in the main memory by using the secret key (S7A08). Electronic signature _{S n} are stored in the main memory (S7A0).

  It is assumed that the area on the main storage device 1002 that stores each value in step S7A09 is a predetermined temporary storage area and is protected by encryption by the interrupt control processing 1020. The interrupt control processing 1020 performs encryption when writing to the temporary storage area, and decryption when reading.

When the evidence record records R _n = {D _n , T _n , H _n , HC _n , S _n } are prepared in the main memory, the I / O processing 1023 obtains the free areas of the designated areas O and P, respectively, It is determined whether or not there is a free area for writing the record D _n and the evidence record record R _n (S7A10). The determination of the presence / absence of an empty area is performed by the logical product of the determination result of the designated area O and the determination result of the protection area P. In other words, if any one of the designated area O and the protection area P is insufficient, the determination result is No.

If the determination result is No, error processing S7A18 is performed. That is, the CPU notifies the CPU of an error that the free space is insufficient, and erases the electromagnetic record D _n and the evidence processing record R _n stored in the main storage device 1002.

When the determination result of step S7A10 is Yes, the I / O processing 1023 sets the writable bit of the access right of the page table entry corresponding to the control addresses of the designated areas O and P to ON (write permission) ( S7A11). Next, the I / O processing 1023 searches for a device driver 1014 for accessing the I / O device corresponding to each address of the designated areas O and P, and branches to the device driver 1014. Activated device driver 1014 which is an evidence recording records R _n to the address to control the protection area P, and electromagnetic record D _n in an address to control the operation region of O, issues a writing each document command (S7A12). Write command in this case electromagnetic record D _n is a command based on a user operation, rewriting, overwrite, append to the free space, delete, read is optional. On the other hand, write instruction evidence recording records R _n is rewritten, overwriting and deletion is not performed, only the additional recording to the space area is executed.

The I / O device that has received the write command executes writing in the order of R _n and D _n (S7A13). Completion or interruption of the write operation of the I / O device is confirmed by the status information sent from the I / O device to the CPU. When the write operation of the I / O device is interrupted for some reason, error processing S7A19 is executed for each interrupt factor. Determination of該書inclusive and completion interruption is performed by the logical product of the write completion of the write completion and evidence recording records R _n of the electromagnetic record D _n. That is, until you have completed either parameter writing electromagnetic record D _n and evidence recording record R _n, is determined as an error. Error handling S7A19, in addition to displaying the error cause, if there is the written electromagnetic records D _n or evidence recording record R _n halfway the write execution S7A13 by deleting this electromagnetic record D simultaneous writing of _n and evidence recording record R _n can be avoided state does not hold.

As described above, if the electromagnetic record D _n is output to the I / O device, the evidence record record R _n is also output. If the evidence record record R _n is not output, the electromagnetic record D _n is not output. . That is, electromagnetic records that are not evidenced are never written to the media.

Note that the electromagnetic record D _n written in the designated area O needs to be decrypted by the interrupt processing control 1020, while the evidence record record R _n written in the protected area P is not decrypted. Alternatively, it may be output as encrypted. Encryption and decryption of determination, by the management's discretion to operate the evidence recorded record R _n.

When the write operation of the I / O device is completed, the interrupt control processing 1020 calls the value protection processing 1A27 and delivers the HC _n encrypted in the temporary storage area on the main storage device 1002. The value protection processing 1A27 overwrites the encrypted hash chain value HC _n on the value HC _n−1 encrypted and stored in the value 1A28, and stores it in the value 1A28 (S7A14). At this time, the writable bit of the access right of the page table entry corresponding to the control address of the I / O device in which the value 1A28 is stored is confirmed. If the bit is OFF (write prohibition), this is turned ON ( change the write permission), after overwriting the completion of the hash chain value HC _n, and shall return to OFF (write-protected).

  Next, the process proceeds to step S7A15. The interrupt control process 1020 is a program counter of instructions to be executed by the program executed by the CPU 1001 before the interrupt is generated by the interrupt handler 1000 based on the state of the process completed so far. Find the value of.

  For example, it is assumed that the program executed by the CPU 1001 before the occurrence of the interrupt is an output routine by the device driver. Under this assumption, when the writing in step S7A13 is completed, at least a part of the instruction scheduled by the output routine has already been executed by the interrupt handler 1000. Therefore, the interrupt handler 1000 calculates the destination address of the instruction address next to the executed instruction as a new program counter value. By newly inputting the next address thus obtained to the program counter, the program executed by the CPU 1001 before the occurrence of the interrupt skips the instruction executed by the interrupt handler 1000 after being interrupted, It is possible to resume from an instruction that has not yet been executed by the interrupt handler 1000. That is, this avoids execution of duplicate instructions between the interrupt handler and the interrupted program. Needless to say, the value of the program counter to be executed next is obtained after the error processing S7A19.

  The interrupt processing 1020 having calculated the value of the program counter in this way updates the value of the program counter in the stack by the I / O processing 1023 (S7A15).

  Step S7A16 is the reverse procedure of step S7A11. The writable bit of the access right of the page table entry corresponding to the control addresses of the designated areas O and P is returned to OFF (write prohibited) (S7A15).

  Thus, the interrupt handler 1000 ends and returns to the program executed before the occurrence of the interrupt (S7A17). The CPU 1001 reads the contents of various registers and flags saved in the stack, holds them in the CPU 1001, and moves to execution of the instruction stored at the instruction address indicated by the updated program counter value. The program interrupted by the interrupt continues the subsequent operation without being affected by the generation of the interrupt and the skipping of some instructions by the interrupt handler.

  FIG. 8 is a diagram illustrating an example of a data structure that inherits the chain of evidence record records when the information processing apparatus of FIG. The meanings of the symbols in FIG. 8 are the same as those in FIG. In addition, the symbols having the same symbol with '(dash) mean that the attributes are the same, and the specific values may be different. In particular, the symbols h ′ () and C ′ () representing functions may be the same algorithm or different algorithms.

An entity A, a renewal before the information processing apparatus, represents the principal output evidence recording record R _k. The entity A ′ is the information processing apparatus after the renewal, and represents an entity that outputs the evidence record record R ′ _k . In FIG. 8, it is assumed that the business operation for which the evidence record record R _k by the entity A has to be generated is completed with R _n and the business operation is continued by the renewed entity A ′.

The electromagnetic record D ′ ₋₁ is basic data of initial information D ′ ₀ for indicating the entity A ′ that generates the electromagnetic record D ′ _k . The electromagnetic record D ′ ₋₁ includes information specific to the information processing apparatus or the information processing system as the entity A ′ that generates the electromagnetic record, and further to the management operation entity of the information processing apparatus or the information processing system It is preferable. Information unique to the subject suitable for the electromagnetic record D′- ₁ includes, for example, the machine number of the electronic computer, the license number of the operating system (OS) 1013, the license number of the application software 1012, the administrator name, and the operator Information obtained by adding the encrypted secret key / public key 1A31 to the name or hash digest of the information or the hash digest of all the programs used in the information processing system can be considered.

The digital signature S ′ ₋₁ = c ′ (D ′ ₋₁ ) is obtained by encrypting D ′ ₋₁ with the private key of the entity A ′ (S905), and the (n + 1) th electromagnetic record D _{n + 1} = S ′ of the entity A _-1 is input to the entity A (S907).

The electronic signature S _{n + 1} (S908) generated based on the input of the electromagnetic record D _{n + 1} is the initial information D ′ ₀ = S _{n + 1} for indicating the entity A ′ that generates the electromagnetic record D ′ _k (S910). ). This is the same as that used as the initial information to indicate the entity A to electromagnetic records D ₀ to generate electromagnetic record D _k. The initial record R ′ ₀ is generated by the input of the electromagnetic record D ′ _{0 to} the entity A ′ (S911).

As described above, the electronic signature S ′ ₋₁ that can only be generated by the entity A ′ is passed to the entity A, and the hash chain HC _{n + 1} having the continuity is obtained by involving the electronic signature S ′ ₋₁ and the hash chain HC _{n of the} entity A. In this process, an electronic signature S _{n + 1} that can be generated only by entity A is generated, passed to entity A ′, and an electronic signature S ′ ₀ that can be generated only by entity A ′ is generated based on electronic signature S _{n + 1} . The structure of each value S ′ ₋₁ , HC _n , HC _{n + 1} , S _{n + 1} , S ′ ₀ is evidence that the process exists.

The structure of each value S ′ ₋₁ , HC _n , HC _{n + 1} , S _{n + 1} , S ′ ₀ is that the electronic signature S _n is the latest electronic signature in the entity A until at least immediately before the electronic signature S _{n + 1} is generated, After the electronic signature S _n is generated, that is, retroactively, the electromagnetic record is recorded as D _{n−α + 1} = S ′ ₋₁ immediately after any n−αth electronic signature S _n−α. This indicates that it is impossible to generate the (n-α + 1) th electronic signature S _{n-α + 1} . Therefore, among the electromagnetic records having the chain structure, the evidence record record of the entity A that has not been notarized by the third party is deleted, and the latest evidence record record among the remaining evidence record records is followed by the entity record. It is possible to prevent an illegal act of restarting a new chain structure from the evidence record record generated in A ′.

Further, the presence of the electronic signature S _{n + 1} indicates that the entity A ′ existed before the time when the entity A can operate. The presence of the electronic signature S ′ ₀ indicates that the entity A existed before the time when the entity A ′ can operate. Thus, the presence of electronic signatures S _{n + 1} and S ′ ₀ indicates that there could have been overlapping periods when both entities A and A ′ can operate simultaneously. Then, inputting the electronic signature S ′ ₋₁ to the entity A, inputting the electronic signature S _{n + 1} which is one of the output results based on the input to the entity A ′, and outputting the electronic signature S ′ ₀ means that When the persons who can execute the operations of the entities A and A ′ are the same person or are not the same person, it means that persons who can operate the entities A and A ′ cooperate with each other. A series of electronic signatures S ′ ₋₁ , S _{n + 1} , and S ′ ₀ indicate that there is a coordinated operation between two different entities A and A ′.

FIG. 9 is a flowchart showing an example of a procedure for realizing an example of a data structure that inherits the chain of evidence record records of FIG. Similar to FIG. 8, a said information processing apparatus before renewal and the entity A, representing the principal of outputting the evidence recorded record R _k in FIG. The entity A ′ is the information processing apparatus after the renewal, and represents the entity that outputs the evidence record record R ′ _k in FIG. Here, it is assumed that the entities A and A ′ have at least different hardware, are connected to the same network, and can communicate with each other.

Step S901 of FIG. 9 is a state in which the entity A is the information processing apparatus of the present embodiment drives out electromagnetic record D _n, finished last business operations that require proof. Next, the user activates the business succession program so that the entity A transmits and receives the necessary information S ′ ₋₁ and S _{n + 1 with} the entity A ′ (S902). The program activates the I / O process 1023 through the interrupt control process 1020 and waits in an input waiting state.

Step S6A14 in FIG. 9 represents a state in which the entity A ′, which is the information processing apparatus of this embodiment, has completed preparations for starting operation. Next, the user inputs D ′ ₀ to the entity A ′ to generate an electronic signature S ′ ₋₁ , and transmits / receives the entity A and necessary information S ′ ₋₁ and S _{n + 1} to generate R ′ ₀ . Therefore, the business succession program is started (S903).

Next, the user inputs a predetermined electromagnetic recording D′- ₁ from the program (S904). The program activates the I / O process 1023 from the interrupt control process 1020 and receives the input of the electromagnetic recording D′- ₁ . The interrupt control process 1020 activates the signature generation / verification process 1A29 and passes the electromagnetic record D′- ₁ to the signature generation / verification process 1A29. The signature generation / verification process 1A29 is the secret in the private key / public key 1A31. The electronic signature S ′ ₋₁ = c ′ (D ′ ₋₁ ) is calculated using the key (S905). The electronic signature S′- ₁ is transmitted from the entity A ′ to the entity A through the network by the output of the I / O processing 1023 (S906). At this time, the electronic signature S′- ₁ is decrypted by the interrupt control processing 1020.

The entity A connected to the entity A ′ via the network receives the I / O interrupt from the network interface and receives the electronic signature S ′ ₋₁ by the I / O processing 1023. The I / O processing 1023 that has received the electronic signature S ′ _-1 writes S ′ ₋₁ in the operation area O. The electronic signature S ′ ₋₁ is input to the entity A as the (n + 1) th electromagnetic record D _{n + 1} = S ′ ₋₁ of the entity A (S907). At this time, an interrupt occurs, the interrupt routine of FIG. 7A is executed by the interrupt handler 1000, and an electronic signature Sn _{+ 1} is generated in the protected area P (S908). Then, the business succession program executed by the CPU before the interrupt routine interrupts is restored. The business succession program that has returned from the interrupt transmits the electronic signature S _{n + 1} from the entity A to the entity A ′ through the network by the output of the I / O processing 1023 (S909), and ends the program (S913). At the time of transmission in step S909, the electronic signature S _{n + 1} is decrypted by the interrupt control process 1020.

The entity A ′ connected to the entity A via the network receives an I / O interrupt from the network interface and receives the electronic signature S _{n + 1} by the I / O processing 1023. The I / O processing 1023 that has received the electronic signature S _{n + 1} writes S _{n + 1} into the operation area O ′. The electronic signature S _{n + 1} is input to the entity A as initial data D ′ ₀ = S _{n + 1} of the entity A ′ (S910). At this time, an interrupt occurs, the interrupt routine of FIG. 7A is executed by the interrupt handler 1000 to generate an initial record R ′ ₀ including the electronic signature S _{n + 1} in the protected area P ′ (S911), and the program ends.

  Thus, the procedure for realizing the example of the data structure that inherits the chain of evidence record records in FIG. 8 is completed when the information processing apparatus in FIG. .

The function of the second embodiment of the present invention is the same as that of the first embodiment of the present invention, but there is a difference in the configuration for realizing the function. In order to clarify the difference between the first embodiment and the second embodiment, the drawings used for the description of the first embodiment are compared. As shown in the table below, the difference between the drawings used in the first embodiment and the second embodiment is only FIG. 1A and FIG. 1B, and the other drawings are all the same.

  Therefore, the following description will be given only for FIG. 1B.

  FIG. 1B is a schematic block diagram showing the configuration of an information processing apparatus for increasing the evidence capability and / or evidence value of electromagnetic recording according to the second embodiment of the present invention. Components having the same reference numerals as those in FIG. 1A indicate the same elements, and have already been described in Example 1 showing the first embodiment of the present invention, and thus description thereof is omitted in Example 2. Here, differences from the first embodiment will be described in detail with a focus on components not included in FIG. 1A.

  The biggest difference between FIG. 1B and FIG. 1A is that the information processing apparatus of FIG. 1B includes a trusted platform module 1B01, and there are few processes constituting a subroutine in the interrupt handler 1000.

  The TPM 1 B 01 is a kind of so-called security chip that makes an integrated circuit resistant to physical and logical attacks, and is connected to the bus 1004. The TPM 1B01 includes a timer unit 1B25, a hash calculation unit 1B26, a value storage unit 1B27, a cryptographic calculation unit 1B28, and a key storage unit 1B30 as constituent elements. The TPM 1B01 can be accessed by the I / O processing 1023 as a kind of I / O device.

  The interrupt handler 1B00 of FIG. 1B lacks the following elements in the interrupt handler 1000 of FIG. 1A. That is, hash calculation processing 1A26, signature generation / verification processing 1A29, key protection processing 1A30, and private key / public key 1A31.

  The timer unit 1B25 measures the time interval, and generates and outputs an electronic signature for the measured elapsed time. The timer unit 1B25 performs a function corresponding to the timer 1A25 in FIG. 1A. Therefore, in FIG. 1B, the timer 1A25 is not used, and thus the description is omitted. However, this does not mean that the timer 1A25 should not be mounted in the information processing apparatus.

  The hash calculation unit 1B26 stores a hash algorithm, performs a hash calculation inside the hash calculation unit 1B26 on data input from the outside, and outputs a hash value as a calculation result to the outside. The hash algorithm cannot be changed after the factory shipment of TPM1B01. The hash calculation unit 1B26 performs a function corresponding to the hash calculation process 1A26 in FIG. 1A.

The value storage unit 1B27 is a register that holds a value stored at the time of factory shipment. A hash value of information unique to the information processing apparatus (machine number, BIOS, boot loader, expansion ROM data, etc.) can be stored in the value storage unit 1B27, and the hash value cannot be changed after the TPM 1B01 is shipped from the factory. In FIG. 1A, there is no element corresponding to the value storage unit 1B27. Specific information to the information processing apparatus stored in the value storing section 1B27 is electromagnetic records D ₀ in FIG. 2 and FIG. _8, for use as electromagnetic record D _'-1 in FIG. The value storage unit 1B27 provides a function of storing and outputting the electromagnetic records D ₀ and D ′ ₋₁ .

  The cryptographic operation unit 1B29 stores the cryptographic algorithm, performs cryptographic operations on the data input from the outside, inside the cryptographic operation unit 1B29, and outputs the encrypted data or decrypted data that is the operation result to the outside. . The encryption algorithm cannot be changed after the TPM 1B01 is shipped from the factory. The cryptographic operation unit 1B29 performs a function corresponding to the signature generation / verification process 1A29 in FIG. 1A.

  The key storage unit 1B30 is a register that holds a pair of encryption keys stored at the time of factory shipment. After the TPM 1B01 is shipped from the factory, the key pair cannot be changed. The key storage unit 1B30 performs a function corresponding to the private key / public key 1A31 in FIG. 1A.

The third embodiment of the present invention has the same basic idea for solving the problem as the first embodiment of the present invention, but there are differences in specific means and configuration for realizing the basic idea. In order to clarify the difference between the first embodiment and the third embodiment, the drawings used for the description of the embodiment are compared. As shown in the table below, the difference between the drawings used in the first and third embodiments is that FIG. 1A and FIG. 1C showing the device configuration, FIG. 5 showing the interrupt procedure, FIG. 6A and FIG. 7A and 7B showing the same, and all others use the same drawing.

  Therefore, the following description will be given only for FIGS. 1C, 6B, and 7B.

  FIG. 1C is a schematic block diagram showing the configuration of an information processing apparatus for increasing the evidence capability and / or evidence value of electromagnetic recording according to the third embodiment of the present invention. The same reference numerals as those in FIG. 1A denote the same elements, and since they have already been described in Example 1 showing the first embodiment of the present invention, description thereof is omitted in Example 3. Here, differences from the first embodiment will be described in detail with a focus on components not included in FIG. 1A.

  The biggest difference between FIG. 1C and FIG. 1A is that the information processing apparatus of FIG. 1C includes a bus bridge 1C00 and does not require the interrupt handler 1000. The main storage device 1002 in FIG. 1C does not include the page table 1003, the electromagnetic recording 1011, the application software 1012, the operating system 1013, and the device driver 1014. This means that these components are stored on the main storage device 1002. It does not mean that it must not be retained.

  On the other hand, FIG. 1C has a bus configuration not shown in FIG. 1A. That is, the bus in FIG. 1C includes at least two types of system bus 1C03 and I / O bus 1C04, and two or more buses, and the plurality of buses are connected to each other by a bus bridge 1C00.

  The bus bridge 1C00 performs a bridge between the system bus 1C31 and the I / O bus 1C04, and connects the three types of signal lines of the two types of buses, address lines, data lines, and control lines. When the source address and the destination address are on the same bus, the bus bridge does not transmit the signal to the other bus. In some systems, a high-speed synchronous bus is used between the CPU and the main storage device, and a PCI bus or standard bus is used between the I / O devices.

Bus bridge 1C00 in the third embodiment, not aimed at high-speed of the effect described above, the write signal of the electromagnetic record _{D n} for any I / O devices 1005, 1006 and 1007 from the CPU1001 is the I / Generating an evidence record record R _n before being transmitted to the O device, and sending a write command of the evidence record record R _n to the target I / O device before the write command of the electromagnetic record D _n Objective. While the interrupt handler 1000 of the first embodiment interrupts the process of CPU processing, the bus bridge 1C00 of the third embodiment has a great difference in that it interrupts the bus signal transmission process. Therefore, FIG. 5 required in the first embodiment of the present invention, that is, the flowchart showing an example of the interrupt setting procedure and the interrupt procedure for the information processing apparatus to start the interrupt handler, is necessary in the third embodiment. Absent.

The functions realized by the bus bridge 1C00 are roughly the following three points.
(1) Transmission of signal between system bus 1C03 and I / O bus 1C04 (2) Control of electromagnetic recording detection, generation of evidence record record, electromagnetic recording to I / O device and writing of evidence record record (3) Various settings to the bus bridge 1C00 by user operation and generation and verification of an electronic signature

  An arrow using a solid line in FIG. 1C indicates that the address, data, and control transmitted between the system bus 1C03 and the bus bridge 1C00 and between the I / O bus 1C04 and the bus bridge 1C00 are held inside the bus bridge 1C00. Represents the flow of data generated from the inside. Arrows using long and short broken lines in the figure represent instructions issued from the CPU to the bus bridge 1C00, responses to the instructions, and data flow. An arrow using a short broken line in the figure represents a flow of control and response in the bus bridge 1C00.

  The bus bridge 1C00 includes an I / O interface unit 1411, a timer unit 1412, a hash calculation unit 1413, an exclusive OR (XOR) calculation unit 1414, a value storage unit 1415, a key storage unit 1416, a signature generation / verification unit 1417, a write The buffer unit 1418, the control unit 1419, and the address table storage unit 1420 are constituent elements.

  The control unit 1419 monitors and controls the operating states of all the components inside the bus bridge 1C00. In addition, in order for the user to make various settings to the bus bridge 1C00 and to generate and verify an electronic signature, the CPU 1001 receives a command for the bus bridge 1C00 from the CPU 1001 through the I / O interface 1411, responds, and a hash calculation unit according to the command 1413, the key storage unit 1416, the signature generation / verification unit 1417, and data transmission / reception and control to / from the address table storage unit 1420.

  The I / O interface unit 1411 writes a command register for writing an instruction from the CPU 1001 to any of the I / O devices 1005, 1006, and 1007, and an address for designating any of the I / O devices 1005, 1006, and 1007 from the CPU 1001. An address register to be written, a data register to write data to be written and read, and a status register to write status information for notifying the CPU 1001 of the input / output status of the bus bridge 1C00 and the I / O devices 1005, 1006, and 1007 It comprises. The I / O interface unit detects a write command from the CPU 1001 from the command register, compares the physical address related to the write command from the address register with the physical address stored in the address table storage unit 1420, determines, and determines Perform actions according to the results.

  The operation according to the determination result is suitable for the three functions of the bus bridge 1C00 described above. The I / O interface unit 1411 transparently transfers various signals between the system bus 1C03 and the I / O bus 1C04 to realize the function (2) in order to realize the function (1) based on the determination result. The determination result is notified to the control unit 1419, data is transmitted from the data register to other components in the bus bridge 1C00, and the execution result of the I / O device that has executed the specific write instruction from the status register is transmitted. A notification is sent to the control unit 1419, and in order to realize the function (3), a unique I / O address is given to the bus bridge 1C00, and a command and a response are exchanged between the CPU 1001 and the control unit 1419.

  The timer unit 1412 is a so-called real-time clock (RTC) inside the bus bridge 1C00, which includes a clock oscillator and a counter and an independent battery. Alternatively, it may be a tick counter that measures a time interval and generates and outputs an electronic signature for the measured elapsed time. In response to the inquiry from the control unit 1419, the timer unit 1411 outputs time or time information to the write buffer unit 1418 and the hash calculation unit 1412. In FIG. 1C, the description is omitted because the timer 1A25 is not used, but this does not mean that the timer 1A25 should not be mounted in the information processing apparatus.

  The hash calculation unit 1413 has a hash calculation algorithm and performs a hash calculation. The hash calculation algorithm can be changed at any time by a user operation through the control unit 1419 in consideration of compromise. The hash calculation unit 1413 performs a hash calculation on the electromagnetic recording received from the I / O interface unit 1411, the timer value received from the timer unit 1412, and the calculation result received from the exclusive OR (XOR) calculation unit 1414. Do. The result of the hash calculation process is transmitted to the write buffer unit 1418, the exclusive OR (XOR) calculation unit 1414, and the signature generation / verification unit 1417. In addition, the hash calculator 1413 performs a hash calculation on any electromagnetic recording input by the user through the controller 1419 and returns the calculation result to the controller 1419.

  The exclusive OR (XOR) operation unit 1414 performs an exclusive OR (XOR) operation between the operation result of the hash operation unit 1413 and the value stored in the value storage unit 1415. The result of the exclusive OR (XOR) operation is returned to the hash calculation unit 1413.

  The signature generation / verification unit 1417 has an encryption algorithm based on a public key cryptosystem, and generates or verifies an electronic signature by performing an encryption operation. The encryption algorithm can be changed at any time by a user operation through the control unit 1419 in consideration of compromise. The signature generation / verification unit 1417 generates an electronic signature from the hash calculation result passed from the hash calculation unit 1413, and the electronic signature is transmitted to the write buffer unit 1418. A secret key and a public key used in the public key cryptosystem are stored in the key storage unit 1416. The signature generation / verification unit 1417 accesses the key storage unit 1416 and generates a private key or a secret key each time a signature is generated and verified. Obtain a public key. By a user operation through the control unit 1419, the signature generation / verification unit 1417 generates an electronic signature for an arbitrary electromagnetic record input by the user, and a signature for the hash value and the electronic signature input by the user. Can be decrypted and the match with the hash value can be verified.

  The key storage unit 1416 is a type of security chip that provides an integrated circuit with tamper resistance against physical and logical attacks. The key storage unit 1416 accepts access only by a predetermined method by the signature generation / verification unit 1417 and the control unit 1419. The key storage unit 1416 stores a secret key and a public key of the public key cryptosystem, and the pair of the secret key and the public key is determined by a user operation through the control unit 1419 in consideration of the security of key management. It can be changed at any time.

  The write buffer unit 1418 designates a command register for writing an instruction from the control unit 1419 to any of the I / O devices 1005, 1006, and 1007, and specifies any of the I / O devices 1005, 1006, and 1007 from the control unit 1419. An address register for writing an address and a data register for writing an electromagnetic record and an evidence record record to be written are provided. The electromagnetic record and evidence record record to be written are the electromagnetic record received from the I / O interface unit 1411, the timer value received from the timer unit 1412, the calculation result received from the hash calculation unit 1413, and the signature generation. Consists of the electronic signature received from the verification unit 1417. The electromagnetic record and evidence record record written in the write buffer unit 1418 are assigned predetermined addresses by commands issued by the control unit 1419, and write commands for any of the I / O devices 1005, 1006, 1007 And transferred to the I / O bus 1C04. Further, part of the calculation result of the hash calculation unit 1413 written in the write buffer unit 1418 is transmitted to the value storage unit 1415 under the control of the control unit 1419.

  The value storage unit 1415 is a type of security chip that provides an integrated circuit with tamper resistance against physical and logical attacks. The value storage unit 1415 accepts access only by a predetermined method by the write buffer unit 1418 and the control unit 1419. The value storage unit 1415 stores a part of the calculation result of the hash calculation unit 1413 written in the write buffer unit. The value stored in the value storage unit 1415 cannot be changed except by a predetermined method by the control unit 1419, and the output destination of the value is limited to the exclusive OR (XOR) operation unit 1414. .

  The address table storage unit 1420 is a register that stores a physical address of each of the designated areas O and P and an address table indicating a correspondence relationship between the operation area O and the protection area P. The address table is read by the I / O interface unit 1411 through the control unit 1419 and written and read by a user operation through the control unit 1419.

  FIG. 6B is a flowchart showing a procedure until the operation is started by specifying the designated areas O and P of the information processing apparatus according to the third embodiment of the present invention. The user starts the procedure by starting a program for performing designation input of the operation area O and the protection area P of the information processing apparatus. The program designates an I / O address unique to the I / O interface unit 1411 from the CPU 1001 and accesses the control unit 1419 through the I / O interface unit 1411.

  The user who has accessed the control unit 1419 performs designation input of the paired operation area O and protection area P using the program (S6B01). Receiving this, the control unit 1419 performs determination (S6B03, S6B04) by comparing the user designation destinations O and P with the area in the address table in the address table storage unit 1420. When the designated destination O has already been designated as the protection area P, an error display (S6B02) is returned and the process returns to step S6B01. Next, when the designation destination O is not designated as the storage area P, the process proceeds to determination of the designation destination P (S6B04). If the designated destination P has already been designated as the operation area O, an error display (S6B02) is returned and the process returns to step S6B01. When the designation destination P is not designated as the operation area O, the process proceeds to step S6B05. In step S6B05, the control unit 1419 registers the pair of O and P designated by the user in the address table as the operation area O and the protection area P, respectively. As described above, steps S6B01 to S6B05 are a series of flows by a program for the user to perform designation input of the designated areas O and P.

Next, the user selects and starts application software or an OS that generates an electromagnetic record D _n that needs to increase the evidence capability and / or evidence value (S6B06). Subsequently, it sets the output destination of the electromagnetic record D _n generated by the application software or OS selected in the operational area O (S6B07). As described above, in steps S6B06 to S6B07, the user simply determines the application software or OS that should retain the generation history of electromagnetic records, sets the output destination to O, and all the output electromagnetic records are used as evidence. A generation history is left.

  FIG. 7B is a flowchart illustrating an example of a flow of processing for writing the electromagnetic recording and the evidence recording record of the information processing apparatus in FIG. 1C of the third embodiment into the I / O apparatus. This will be described in detail below on the assumption that the procedure of FIG.

  The procedure in FIG. 7B starts when a certain instruction is issued from the CPU 1001 to the system bus 1C03. The bus bridge 1C00 connected to the system bus 1C03 via the I / O interface unit 1411 receives the command from the system bus 1C03 (S7B01). The received instruction and the address and data related to the instruction are written in the command register, address register, and data register in the I / O interface unit 1411, respectively.

The I / O interface unit 1411 reads the instruction written in the command register and determines whether or not the instruction is a write instruction (S7B02). If the determination result in step S7B02 is No, the information in the command register, address register, and data register is transparently transferred to the I / O bus 1C04 (S7B14). If not a write command is because not output to the electromagnetic record D _n is the storage medium. When the determination result is Yes, the process proceeds to the next determination step S7B03.

  In step S7B03, the physical address written in the address register of the I / O interface unit 1411 is read, and whether or not the address is an address in the operation area O of the address table registered in the address table storage unit 1420. Is determined (S7B03).

  When the determination result of step S7B03 is No, it is determined whether or not the address is the protection area P (S7B13). If the determination result in step S7B13 is No, since the address is an address in the non-designated area, information in the command register, address register, and data register is transparently transferred to the I / O bus 1C04. (S7B14). When the determination result of step S7B13 is Yes, the process proceeds to step S7B15 to perform error processing. By the error processing, information in the command register, address register, and data register of the I / O interface unit 1411 is discarded, and a notification that writing to the protection area P is prohibited is returned to the CPU 1001.

If the determination result of step S7B03 is Yes, the data in the data registers of the I / O interface 1411, it is determined that electronic records _{D n,} I / O interface unit 1411, the determination to the control unit 1419 Notify the result. Upon receiving the notification, the control unit 1419 writes the electromagnetic record and the evidence record record to the I / O devices of the respective physical addresses, so that the write buffer unit 1418, the timer unit 1412, the hash calculation unit 1413, Control of the logical sum (XOR) operation unit 1414, the value storage unit 1415, the key storage unit 1416, and the signature generation / verification unit 1417 is started.

The electromagnetic recording D _n identified by the I / O interface unit 1411 is transmitted to the write buffer unit 1418 and the hash calculation unit 1413. The write buffer unit 1418, under control of the control unit 1419, stores the electronic records _{D n} (S7B08).

Timer unit 1412 which receives the output request of the timer value from the control unit 1419, calculates a timer value _{T n} and (S7BO4), the timer value _{T n} is sent to the write buffer portion 1418 and the hash calculator 1413. The write buffer unit 1418 stores the timer value T _n under the control of the control unit 1419 (S7B08).

Upon receiving the hash calculation execution request from the control unit 1419, the hash calculation unit 1413 concatenates the electromagnetic recording D _n received from the I / O interface unit 1411 and the timer value T _n received from the timer unit 1412 to obtain a value D _n | _{T n} hash function _{h (D n} | _T n) for calculating a hash value _{H n} from (S7B05). The hash value H _n is transmitted to the write buffer unit 1418 and the exclusive OR (XOR) operation unit 1414. The write buffer unit 1418 stores the hash value H _n under the control of the control unit 1419 (S7B08). At this time, the control unit 1419 causes the value storage unit 1415 to transmit the stored value HC _n−1 to the exclusive OR (XOR) operation unit 1414.

The exclusive OR (XOR) operation unit 1414 that has received the exclusive OR (XOR) operation execution request from the control unit 1419, stores the hash value H _n received from the hash operation unit 1413 and the value storage unit 1415. An exclusive OR of the values HC _n−1 is calculated. The hash calculator 1413 that has received the exclusive OR operation result HC _n−1 (+) H _n performs an operation on the hash function h (HC _n−1 (+) H _n ) (S7B06). The hash chain value HC _n that is the calculation result of the hash function h (HC _n−1 (+) H _n ) is transmitted to the write buffer unit 1418 and the signature generation / verification unit. The write buffer unit 1418 stores the hash chain value HC _n under the control of the control unit 1419 (S7B08).

The signature generation / verification unit 1417 that has received the request to execute the cryptographic operation from the control unit 1418 uses the secret key obtained by accessing the key storage unit 1416 to the hash chain value HC _n received from the hash operation unit 1413. Then, the cryptographic calculation, that is, the electronic signature calculation c (HC _n ) is performed (S7B07). The electronic signature S _n that is the result of the electronic signature calculation c (HC _n ) is transmitted to the write buffer unit 1418. The write buffer unit 1418, under control of the control unit 1419, stores the digital signature _{S n} (S7B08).

When the controller 1419 detects that the electromagnetic recording D _n and the evidence recording record R _n = {D _n , T _n , H _n , HC _n , S _n } are prepared in the write buffer unit 1418, the electromagnetic recording D _n The size of the evidence record record R _n is calculated, and the presence / absence of a free area in the I / O device having the designated areas O and P is determined (S7B09). The determination of the presence / absence of an empty area is performed by the logical product of the determination result of the designated area O and the determination result of the protection area P. In other words, if any one of the designated area O and the protection area P is insufficient, the determination result is No. If the determination result is No, the process proceeds to error processing S7B15. By the error processing, information (electromagnetic record D _n and evidence record record R _n ) in the command register, address register, and data register of the write buffer unit 1418 is discarded, and writing to the protected area P is prohibited. A notification is returned to the CPU 1001.

If the determination result in step S7B09 is Yes, that is, if there are free areas in the designated areas O and P, the control unit 1419 transfers the evidence record record R _n from the command register, address register, and data register of the write buffer unit 1418 to the protected area P. to, it issues a writing electromagnetic record _{D n} into the operational area O instruction to the I / O bus 1C04 (S7B10). At this time, the write command of the electromagnetic record D _n, a command based on a user operation, rewriting, overwrite, append to the free space, delete, read it is optional. On the other hand, write instruction evidence recording records R _n is rewritten, overwriting and deletion is not performed, only the additional recording to the space area is executed.

The I / O device that has received the write command executes writing in the order of R _n and D _n (S7B11). Completion or interruption of the write operation of the I / O device is detected by a notification from the I / O interface unit 1411 to the control unit 1419 that has received status information sent from the I / O device to the CPU. When the write operation of the I / O device is interrupted for some reason, error processing S7B15 is executed for each cause of the interrupt. Determination of該書inclusive and completion interruption is determined by a logical product of the write completion of the electromagnetic record D _n write complete and evidence recording records R _n of. That is, until you have completed either parameter writing electromagnetic record D _n and evidence recording record R _n, is determined as an error. Error handling S7B15, in addition to signal an error condition and cause the CPU, if there is electromagnetic records written up to the middle by the write executing S7B11 D _n or evidence recording records R _n may issue a command to remove it by, it is possible to avoid a state in which simultaneous writing of the electromagnetic record D _n and evidence recording record R _n is not satisfied.

When the write execution in step S7B11 is completed, the control unit 1419 controls the write buffer unit 1418 and the value storage unit 1415 to store the hash chain value HC _n in the data register of the write buffer 1419 in the value storage unit 1415. transmitted, the value storing section 1415 which has received the hash chain value HC _n overwrites the hash chain value HC _n the stored value _{HC n-1} which is stored in the value storing section, stores (S7B12).

As described above, the process of writing the electromagnetic recording D _n and the evidence recording record R _n to the I / O device by the bus bridge 1C00 can be started and ended without depending on the instruction other than the writing instruction of the CPU 1001. .

The function of the fourth embodiment of the present invention is the same as that of the third embodiment of the present invention, but there is a difference in configuration for realizing the function. In order to clarify the differences between the first embodiment, the third embodiment, and the fourth embodiment, the drawings used for the description of the embodiments are compared. As shown in the table below, the difference between the drawings used in Example 3 and Example 4 is only FIG. 1C and FIG. 1D, and the other figures are the same.

  Therefore, the following description will be given only for FIG. 1D.

  FIG. 1D is a schematic block diagram showing the configuration of an information processing apparatus for increasing the evidence capability and / or evidence value of electromagnetic recording according to the fourth embodiment of the present invention. The same reference numerals as those in FIGS. 1A and 1C indicate the same elements, and have already been described in Example 3 showing the first embodiment and the third embodiment of the present invention. In the fourth embodiment, the description is omitted. Here, differences from the third embodiment will be described in detail with a focus on components and structures not included in FIG. 1C.

  The biggest difference between FIG. 1D and FIG. 1C is that the information processing apparatus of FIG. 1D has the internal components of the bus bridge 1C00 of FIG. The bus and the bus bridge are not essential.

  In the configuration of the information processing apparatus according to the fourth embodiment, the I / O apparatus 1D00 is one of the I / O apparatuses, and is not different from the other I / O apparatuses 1005, and functions as a hard disk drive. . Furthermore, the I / O device 1D00 may be configured as a storage system connected to the information processing device.

  The I / O bus 1D21 is in the I / O device 1D00, and is a bus for connecting the HDD IDs 22 and 1D23 to other components in the I / O device 1D00. The HDDs 1D22 and 1D23 are hard disk drives (HDD). In FIG. 1D, two HDDs are shown, but the number is not limited to two, and may be one or three or more.

  One of the HDDs 1D22 and 1D23 is set as the operation area O or the protection area P. This setting may be performed before shipment from the factory, or may be performed by a user operation manager or an end user. There may be a non-designated area, but when the I / O device 1005 is connected in addition to the I / O device 1D00, the significance and purpose of leaving the non-designated area inside the I / O device 1D00 are: Not necessarily many.

  The present invention enables production and use as an information processing apparatus, method, and program that can be industrially mass-produced by the above-described first to fourth embodiments. Therefore, the present invention is an invention that can be used industrially because it has a property that can be implemented mainly as an information processing industry.

It is a schematic block diagram which shows the structural example of the information processing apparatus which raises the evidence capability and / or evidence value of electromagnetic recording by embodiment of Example 1 of this invention. It is a schematic block diagram which shows the structural example of the information processing apparatus which raises the evidence capability and / or evidence value of electromagnetic recording by embodiment of Example 2 of this invention. It is a schematic block diagram which shows the structural example of the information processing apparatus which raises the evidence capability and / or evidence value of electromagnetic recording by embodiment of Example 3 of this invention. It is a schematic block diagram which shows the structural example of the information processing apparatus which raises the evidence capability and / or evidence value of electromagnetic recording by embodiment of Example 4 of this invention. It is a figure which shows the example of a table | surface of the evidence record record R which the information processing apparatus of FIG. 1A of Example 1 of FIG. 1, FIG. 1B of Example 2, FIG. 1C of Example 3, and FIG. is there. FIG. 1A of the first embodiment of the present invention, FIG. 1B of the second embodiment, FIG. 1C of the third embodiment, and FIG. 1D of the fourth embodiment. It is a conceptual diagram of the example of area | region designation | designated in / O apparatus. 1A of Example 1 of the present invention, FIG. 1B of Example 2, FIG. 1C of Example 3, and FIG. It is a conceptual diagram of the example of area | region specification between / O apparatuses. It is a figure which shows the relationship of the attribute of the electromagnetic recording output to the operation area | region O of FIG. 3A and FIG. 3B, and the protection area | region P, operation permitted or not, and the operation area | region O and the protection area | region P. FIG. It is a flowchart which shows the example of the interruption setting procedure for the information processing apparatus of FIG. 1A of Example 1 of this invention and FIG. 1B of Example 2 to start an interrupt handler, and an interruption procedure. It is a flowchart which shows the example of the procedure until the operation | movement start of the information processing apparatus of FIG. 1A of Example 1 of this invention of FIG. 1B of Example 2. FIG. It is a flowchart which shows the example of the procedure until the operation | movement start of the information processing apparatus of FIG. 1C of Example 3 of this invention of FIG. 1D of Example 4. FIG. It is a flowchart which shows the example of the flow of a process which writes in the I / O apparatus the electromagnetic recording of the information processing apparatus of Example 1 of this invention of FIG. 1A, and FIG. It is a flowchart which shows the example of the flow of a process which writes the electromagnetic recording of the information processing apparatus of FIG. 1C of Example 3 of this invention of FIG. 1A of the first embodiment of the present invention, FIG. 1B of the second embodiment, FIG. 1C of the third embodiment, and FIG. 1D of the fourth embodiment. It is a figure which shows the example of the data structure which succeeds. It is a flowchart which shows the example of the procedure for implement | achieving the example of the data structure which succeeds the chain | strand of the evidence record record of FIG.

Explanation of symbols

1000, 1B00 Interrupt handler 1B01 Trusted platform module (TPM)
1C00 Bus bridge 1D00 I / O device 1001 Central processing unit (CPU)
1002 Main storage device 1003 Page table 1C03 System bus 1C04, 1D21 I / O bus 1004 Bus 1005, 1006, 1007 I / O device 1011 Electromagnetic recording 1012 Application software 1013 Operating system (OS)
1014 Device driver 1020 Interrupt control processing 1021 Comparison / registration processing 1022 Address table 1023 I / O processing 1024 Exclusive OR (XOR) operation processing 1A25 Timer 1A26 Hash operation processing 1A27 Value protection processing 1A28 Value 1A29 Signature generation / verification processing 1A30 Key Protection processing 1A31 Private key / public key 1B25 Timer unit 1B26 Hash operation unit 1B27 Value storage unit 1B29 Cryptographic operation unit 1B30 Key storage unit 1411 I / O interface unit 1412 Timer unit 1413 Hash operation unit 1414 Exclusive OR (XOR) operation unit 1415 Value storage unit 1416 Key storage unit 1417 Signature generation / verification unit 1418 Write buffer unit 1419 Control unit 1420 Address table storage unit 1D22, 1D23 Hard disk drive (HDD)

Claims (10)

In an information processing apparatus capable of outputting electromagnetic recording to an auxiliary storage device, an information processing method for increasing the evidence capability and / or evidence value of electromagnetic recording,
A second storage area that prohibits arbitrary writing, rewriting, overwriting, and deletion by the user, and writing only a specific additional writing together with the writing of the electromagnetic record to the first storage area that permits arbitrary writing by the user And appending the same electromagnetic recording as writing to the first storage area;
The electromagnetic recording of the first and second storage areas already written when either the writing of the electromagnetic recording to the first storage area or the additional recording of the electromagnetic recording to the second storage area is not successful. A step of deleting
An information processing method for enhancing the evidence ability and / or evidence value of electromagnetic records, characterized by comprising:   The information processing method according to claim 1, further comprising a step of adding time information to the second storage area, and improving the evidence ability and / or evidence value of electromagnetic recording.   The information processing method according to claim 2, wherein a hash operation is performed on information obtained by adding time information to the electromagnetic recording, and a hash value calculated by the hash operation is added to a second storage area. An information processing method for increasing the evidence capability and / or evidence value of electromagnetic records, further comprising:   The information processing method according to claim 3, wherein a first hash operation is performed on information obtained by adding time information to the electromagnetic recording, and a hash value calculated by the first hash operation and a previous hash value are calculated. Performing a second hash operation on the exclusive OR with the first hash chain value, and adding the second hash chain value calculated by the second hash operation to the second storage area; An information processing method for increasing the evidence capability and / or evidence value of electromagnetic records, further comprising:   5. The information processing method according to claim 4, wherein an electronic signature is generated by encrypting the second hash chain value using a secret key, and the electronic signature is added to the second storage area. The information processing method which raises the evidence capability and / or evidence value of the electromagnetic record characterized by further including the step to perform.   6. The information processing method according to claim 5, wherein the first and second hash operations and the encryption with a secret key are performed by a tamper-resistant device, Or an information processing method that increases the value of evidence. An electronic signature is generated with respect to the second hash chain value by the information processing method according to claim 5 or 6, and the electronic signature is added to the second storage area so that the evidence capability of electromagnetic recording and / or Or, between two information processing devices that increase the evidence value,
Outputting the generated first electronic signature to an external information processing apparatus;
A step of generating a third electronic signature for the second electronic signature when the second electronic signature generated for the first electronic signature in the external information processing apparatus is input from the external information processing apparatus. When,
A method for forming a chain of hash digests and electronic signatures characterized by comprising:   The program for making a computer perform the information processing method which raises the evidence capability and / or evidence value of electromagnetic recording in any one of Claim 1 to 6.   A program for causing a computer to execute the method of forming a chain of hash digest and electronic signature according to claim 7.   A central processing unit, a main storage device, a timer, and one or a plurality of auxiliary storage devices connected by a bus are provided, and the information processing method according to claim 1 is performed. An information processing device that increases the evidence capability and / or evidence value of electromagnetic records.

Images