JP4755851B2 - Confidentiality computer and program - Google Patents

Description

The present invention relates to secrecy of file data held in a computer, and relates to a security technique for preventing file operations such as data reading by a computer other than the computer that has taken out the file.

As a means to prevent the leakage of confidential information such as personal information and intellectual property, a technique to inflate data to a size larger than the capacity of a removable recording medium and prevent copying is proposed as in Patent Documents 1 and 2. Has been.

However, according to this method, saving and taking out file data for proper use is also restricted.

In general, when leakage of confidential information is prevented, technical difficulties are involved in prohibiting unauthorized take-out without hindering proper use.
JP 7-319628 A JP 2001-155423 A

Therefore, in the present invention, by preventing file data taken out from a specific computer from being read out by another computer, unauthorized outflow is prevented without hindering proper use.

A confidentiality computer according to the present invention is a computer including a disk drive device, a device driver of the disk drive device, and an I / O manager that instructs the device driver to perform file operations, and further includes the following elements: (1) a file operation instruction receiving unit for receiving a file operation instruction sent from the I / O manager to the device driver; and (2) a function for determining a function included in the received file operation instruction. Determination unit (3) When the determined function is a file close, the individual information of the module is obtained as computer specific information from the hardware module included in the computer, and the open file data is encrypted and encrypted. The file close processing unit (4) for generating mixed data composed of the stored data and computer specific information and sending a file write instruction for storing the mixed data as file data to the device driver. When the determined function is an existing file open , To acquire the individual information of the module from the hardware module included in the computer as computer specific information, restore the computer specific information from the mixed data of the open file,
When the acquired computer-specific information matches the restored computer-specific information, the encrypted data included in the hybrid data is decrypted, and an existing file open instruction is sent to the device driver to store the decrypted data as file data Processing part.

Further, the computer specific information is a MAC address of a network card provided in the computer.

The file close processing unit divides the computer-specific information into parts, distributes the divided computer-specific information parts in a chain in the hybrid data,
The existing file open processing unit reads a chain-like computer specific information part in the hybrid data and restores the computer specific information.

The file close processing unit encrypts the computer specific information, includes the encrypted computer specific information in the hybrid data,
The existing file open processing unit is characterized by decrypting the computer specific information read from the hybrid data.

A program according to the present invention includes a disk drive device, a device driver for the disk drive device, and an I / I for instructing file operation to the device driver.
(1) A file operation instruction receiving procedure for receiving a file operation instruction sent from the I / O manager to the device driver (2) received. Function determination procedure for determining a function included in a file operation instruction (3) When the determined function is a file close, individual information of the module is acquired as computer-specific information from a hardware module included in the computer and is open File close processing that encrypts file data, generates hybrid data consisting of the encrypted data and computer-specific information, and sends a file write instruction to the device driver to store the hybrid data as file data (4) When the determined function is an existing file open, the individual information of the module is acquired as the computer specific information from the hardware module included in the computer, and the computer specific information is obtained from the mixed data of the open file. Restore,
When the acquired computer-specific information matches the restored computer-specific information, the encrypted data included in the hybrid data is decrypted, and an existing file open instruction is sent to the device driver to store the decrypted data as file data Processing procedure.

According to the present invention, when a file is closed, the stored data is encrypted, and the file is held in a hybrid data format including the encrypted data and a MAC address (example of computer specific information) unique to the computer. By decrypting the encrypted data included in the hybrid data only when the MAC address included in the hybrid data held as a file when the file is opened matches the MAC address unique to the computer that performs the file open, File operations can be prohibited on computers other than those taken out.

In particular, since these operations are realized by adding a filter driver provided between the I / O device and the device driver, the existing functions such as application programs are not changed, and the conventional functions are generally confidential. It is excellent in that it can be retained.

Since the MAC address is divided into parts and distributed in a chain in the mixed data, MA
Analysis of the C address portion is difficult, and unauthorized file opening due to rewriting of the MAC address in the mixed data can be prevented.

Since the MAC address is encrypted and the encrypted MAC address is included in the hybrid data, M
Analysis of the AC address is difficult, and unauthorized file opening due to rewriting of the MAC address in the mixed data can be prevented.

Embodiment 1 FIG.
FIG. 1 is a diagram showing a data structure according to the present invention. In the present invention, confidentiality of the stored data file stored in the HDD drive is performed. Therefore, in the file open state,
Data operated as the plaintext data 100 is converted into the hybrid data 130 and written to the HDD drive when the file is closed. The hybrid data 130 is configured by combining hybrid data block groups 131 to 137 and MAC address part blocks 141 to 146. The hybrid data groups 131 to 137 are obtained by copying encrypted data block groups 111 to 117 obtained by dividing the encrypted data 110 obtained by encrypting the plaintext data 100.
The MAC address part blocks 141 to 146 include a MAC address (Media Access C) assigned to the network card connected to the computer.
control address: a physical address unique to a network device such as an Ethernet card)
Are divided and arranged in a chain shape.

FIG. 2 is a diagram illustrating a configuration example of the MAC address parts block. There are as many MAC address part blocks as the number of MAC address parts obtained by dividing the MAC address. In this example, a 6-byte MAC address is divided into 6 MAC address parts of 1 byte each. MAC address part 201 constituting a part of the MAC address and the M
A next part embedded address 202 indicating the address of the MAC address part block 200 including the MAC address part next to the AC address part 201 is included. In this example, the entire block has 8 bytes and includes a 3-byte spare area 203. Next M
The AC address part means the next part in the data array order of the MAC address.

In the present invention, a filter driver 600 that operates by interrupting between the I / O manager 300 and the device driver 400 is provided. The filter driver works in kernel mode
It is possible to change or add operations from hardware rather than applications. In the program described in the filter driver, the I / O manager 300 to the device driver 40
A function that performs processing in response to an instruction request to 0 is defined. And I / O manager 300
A function corresponding to an IRP (I / O Request Packet) sent from is executed. An IRP that is an input / output request packet is an I / O manager 300 and a device driver 40.
The function is a processing unit for each function between 0, and the filter driver reads MajorFunction (example of function) included in the IRP sent from the I / O manager 300, and in the case of a specific MajorFunction, the MajorFun
Execute the processing function associated with ction. The IRP is an example of a file operation instruction sent from the I / O manager 300 to the device driver 400.

FIG. 3 is a diagram illustrating the configuration of the filter driver. The filter driver 600 includes a packet reception unit (an example of a file operation instruction reception unit) 610, a function determination unit 620, a new file open processing unit 630, a file write processing unit 640, and a file read processing unit 65.
0, a file close processing unit 660, and an existing file open processing unit 670.

FIG. 4 is a diagram illustrating a processing flow of the filter driver. I / O at the packet receiver 610
The packet transmitted from the O manager 300 is received (S410), and the function determination unit 620 includes a function (corresponding to MajorFunction) included in the packet.
Is determined (S420). When the function is opening a new file, writing a file, or reading a file, the state of plain text data is handled, so that there is no substantial change or addition by the filter driver 600. When the function sent from the I / O manager 300 is closing a file or opening an existing file, the filter driver 600 performs processing according to the function.

In the following description, an HDD device and its device driver will be described as an example. However, similar filter drivers are provided so as to operate similarly in the case of FDD devices and other disk drive devices and their device drivers.

FIG. 5 is a diagram showing a data flow for opening a new file. I / O manager 30
0 designates a saved data file name and instructs the device driver 400 to create a file. New file open processing (S4) by the new file open processing unit 630
In 30), the contents are transferred to the device driver 400 via the filter driver. If the packet can be received by the device driver 400 without transferring, the new file open processing unit 630 does not perform processing. File creation corresponds to opening a file object in the device driver 400. The device driver 400 returns the file handle of the saved data file. The file handle is stored at a predetermined address, and the I / O manager 300 can read the file handle from the address.

FIG. 6 is a diagram illustrating a data flow of file write. The I / O manager 300
The saved data file handle, the address to write to, and the data size are specified, the plain text data to be written is transferred to the device driver 400, and a file write is instructed. In the file write process (S440) by the file write processing unit 640, the contents are transferred to the vise driver 400 via the filter driver. If the device driver 400 can receive a packet without transferring, the file write processing unit 640 does not perform processing. The stored data file handle, the write address, and the data size are included in the packet. Plain text data is stored in a predetermined buffer in advance. File write corresponds to writing to a file object in the device driver 400. The device driver 400 reads plaintext data from a predetermined buffer and writes the plaintext data to the saved data file 501 of the HDD device 500. When buffering is performed, the data may be temporarily stored in a buffer inside the device driver 400.

FIG. 7 is a diagram illustrating a data flow of file read. The I / O manager 300
The stored data file handle, the address to be read, and the data size are specified, and the device driver 400 is instructed to read the file. In the file read process (S450) by the file read processing unit 650, the contents are sent to the device driver 40 via the filter driver.
Transfer to 0. If the device driver 400 can receive a packet without transferring, the file read processing unit 650 does not perform processing. The stored data file handle, the read address, and the data size are included in the packet. File read corresponds to reading from a file object in the device driver 400. The device driver 400 reads plaintext data designated by an address from the saved data file 501 of the HDD device 500. When buffering is being performed, data may be read from a buffer in the device driver 400. The device driver 400 writes the read plaintext data into a predetermined buffer. The I / O manager 300 can read this plain text data from a predetermined buffer.

Next, the operation when closing a file will be described. With this operation, the plain text data is converted into mixed data, and then the file is closed.

FIG. 8 is a diagram showing a module configuration and data flow of file close. The I / O manager 300 designates the saved data file handle and instructs the closing of the file. The saved data file handle is included in the packet. Filter driver 60
0 operates in response to this instruction. The file close processing unit 660 that operates by the file close includes the elements of the parameter input unit 661, the MAC address acquisition unit 662, the acquisition MAC address storage unit 663, the data combination unit 664, the file object close unit 665, and the return value output unit 666. Have.

A file close process by the filter driver will be described. FIG. 9 is a diagram illustrating a file closing process flow of the filter driver. First, in a parameter input process (S901) by the parameter input unit 661, a saved data file handle included in the packet is obtained. Next, the MAC address acquisition process by the MAC address acquisition unit 662 (S9
02). In this process, a MAC address that is unique to a network device (in this example, a network card) connected to the computer is acquired using, for example, a NETBIOS (Network BIOS) command. Then, the acquired MAC address is stored in the acquired MAC address storage unit 663. The acquired MAC address storage unit 663 uses a storage area provided inside the file close processing unit 660. Next, a data mixing process (S903) by the data mixing unit 664 is performed. In this process, mixed data is generated from the acquired MAC address stored in the acquired MAC address storage unit 663 and the plain text data of the saved data file obtained from the device driver 400, and the generated mixed data is stored in the device driver 400. An instruction to write as the saved data file 501 is given.
Detailed processing will be described later with reference to FIGS. Then, in the file object close process (S904) by the file object close unit 665, the storage data file handle is specified and the device driver 400 is instructed to close the file. For example, a packet including a file close function and a stored data file handle is generated, and the packet is sent to the device driver 400. As a result, the hybrid data is held in the saved data file 501. Then, a return value is acquired from the device driver 400, and the return value is returned to the I / O manager 300 by return value output processing (S905) by the return value output unit 666. When the return value is stored in a predetermined buffer by the device driver 400 and can be read directly by the I / O manager 300, the return value output process (S905) is unnecessary.

Here, the data mixing process (S903) by the data mixing unit 664 will be described in detail. FIG. 10 is a diagram illustrating a module configuration of the data mixing unit. The data mixing unit 664
An encryption unit 1001, an encrypted data file handle storage unit 1002, and a data layout unit 1003 are included. In addition, the data mixing unit 664 temporarily generates the encrypted data file 502 in the process.

FIG. 11 is a diagram showing a data mixing process flow. First, encryption processing (S1101) by the encryption unit 1001 is performed. In this process, the plain text data in the saved data file 501 is encrypted to generate encrypted data, and the encrypted data is stored in the encrypted data file 502. Details will be described later with reference to FIG.

Next, data layout processing (S1102) by the data layout unit 1003 is performed. In this process, the encrypted data stored in the encrypted data file 502 and the acquired MAC
Hybrid data is generated from the acquired MAC address stored in the address storage unit 663 and written to the saved data file 501. Details will be described later with reference to FIG.

Finally, the encrypted data file erasure process by the encrypted data file erasing unit 1004 (S1
103), the encrypted data file 502 is deleted. Details will be described later with reference to FIG.

The above-described encryption process (S1101) will be described in detail. FIG. 12 is a diagram showing an encryption processing flow. First, the device driver 400 is instructed to specify the file name of the encrypted data file and create the encrypted data file (corresponding to opening the file object of the device driver 400) (S1201). For example, a packet including a file creation function and a predetermined encrypted data file name is generated, and the packet is sent to the device driver 400. Then, the file handle of the encrypted data file is acquired from the device driver 400 and stored in the encrypted data file handle storage unit 1002. Next, the file handle of the saved data file input by the parameter input unit 661 is designated, and the device driver 400 is instructed to read the entire plain text data of the saved data file (S1202). For example, a packet including a file read function, a stored data file handle, and a start address (0) to an end address (EOF (end of file)) is generated, and the packet is sent to the device driver 400. Then, the entire plaintext data is acquired from the device driver 400 and encrypted (S1203). The plain text data is stored in a predetermined buffer by the device driver 400, and the plain text data can be read from the buffer. The encryption data file handle stored in the encryption data file handle storage unit 1002 is designated, and the device driver 400 is instructed to write the encryption data obtained by the encryption (S1204). For example, a packet including a file write function, an encrypted data file handle, and a start address (0) to an end address (EOF) is generated, and the packet is sent to the device driver 400. The encryption unit 1001 stores the encrypted data in a predetermined buffer before that, and the device driver 400 reads the encrypted data from the buffer.

The data layout process (S1102) will be described in detail. FIG. 13 is a diagram showing a data layout processing flow. In the encryption data block determination (S1301), a block (unit to be copied) for dividing the encryption data is determined, and the arrangement of the hybrid data is determined (S13).
02), the arrangement of the hybrid data block for copying the encrypted data block and the MAC address part block for storing the MAC address in a chain is determined. In the hybrid data writing (S1303), the device driver 400 is instructed to write the hybrid data according to the determined arrangement. These processes will be described in detail below.

The encryption data block determination (S1301) will be described in detail. FIG. 14 is a diagram showing a process flow for determining an encryption data block. In this process, an encrypted data block table is generated. The encrypted data block table is provided in a storage area inside the file close processing unit 660. FIG. 15 is a diagram illustrating a configuration example of the encryption data block table. Records 1551 to 1557 are provided for each encrypted data block obtained by dividing the encrypted data, and the items of the start address 1501 of the encrypted data block and the end address 1502 of the encrypted data block are associated with each other and stored.

In this process, first, the file size of the encrypted data file is specified from the device driver 400 (S1401). By reading the encrypted data file to the end, the file size can be specified. Alternatively, the size of the encrypted data may be stored and used at the time of the above encryption. Then, the start address (1551: 1501) of the first encrypted data block 111 is set to 0 (S1402). Next, the start address (1552: 1501) of the second encrypted data block 112 is set as a predetermined starting address (S1).
403). In this embodiment, the address of the first MAC address part block 141 is fixed to a predetermined starting address (in this example, 100000 (H: hexadecimal, hereinafter omitted)). Also, since the first MAC address part block 141 is embedded between the first mixed data block 131 and the second mixed data block 132, the start address (1552: 1501) of the second encrypted data block 112 is This is always the predetermined starting address.

Subsequently, the start address 1501 of the seventh encrypted data block 117 is determined from the third encrypted data block 113 (S1404). These start addresses are arbitrarily determined each time. In this example, five arbitrary addresses are sequentially set between a predetermined starting point address and the end of the file (file size-1). For example, file size (F00000
) To subtract a predetermined starting address (100,000) to determine the size of the space to be divided,
The space to be divided (E00000) is divided into six non-uniformly (or evenly), and the divided size (200000 + 200000 + 100000 + 300000 + 200000 + 400).
000) and sequentially adding these division sizes to a predetermined starting address,
These start addresses can be determined. The above division of the division target space is obtained by subtracting the division size arbitrarily specified by a random number or the like five times in order. To specify the division size, a plurality of division size candidates (100,000, 200,000, 300,000,...
A method of selecting an appropriate division size from ()) is conceivable.

Next, the end address 1502 of the sixth encrypted data block 116 is determined from the first encrypted data block 111 (S1405). In this process, the end address 1 is obtained by subtracting 1 from the start address 1501 of the next encrypted data block for each encrypted data block.
502 is calculated. Finally, the end address of the seventh encrypted data block is set to file size-1 (S1406).

The determination of the arrangement of the hybrid data (S1302) will be described in detail. FIG. 16 is a diagram showing a flow for determining the arrangement of the hybrid data. In this process, a MAC address parts block table and a hybrid data block table are generated. These tables are provided in a storage area inside the file close processing unit 660.

FIG. 17 is a diagram illustrating a configuration example of a MAC address parts block table. Records 1751 to 1756 are provided for each MAC address part, and the items of MAC address part 1701 and embedded address 1702 are stored in association with each other.

FIG. 18 is a diagram illustrating a configuration example of a hybrid data block table. Records 1851 to 1857 are provided for each hybrid data block, and the items of the start address 1801 of the hybrid data block and the end address 1802 of the hybrid data block are stored in association with each other.

First, the MAC address is divided into MAC address parts, which are stored in the MAC address part 1701 of each record of the MAC address parts block table in the order of arrangement (S1601). Next, the start address and end address 1551 of the first encrypted data block 111 are copied to the start address and end address 1851 of the first mixed data block 131 in the mixed data block table (S1602). Next, the embedded address (1751: 1702) of the first MAC address part 141 is changed to a predetermined starting address (1
00000) (S1603). Then, the following processing is sequentially repeated for each corresponding encrypted data block and hybrid data block (S1604). The MAC address part block size (8 bytes in this example) is added to the previously assigned MAC address parts embedded address 1702 to calculate the start address 1801 of the hybrid data block (S16).
05). The calculated start address is written in the corresponding hybrid data block record of the hybrid data block table. Next, the start address 1501 is subtracted from the end address 1502 of the encrypted data block, and 1 is added to the difference to calculate the size of the encrypted data block (S1606). Then, the size of the calculated encrypted data block is added to the start address 1801 of the hybrid data block, and 1 is subtracted from the sum to calculate the end address 1802 of the hybrid data block (S1607). The calculated end address is written to the record of the corresponding mixed data block in the mixed data block table. When all the data blocks have been processed (S1608), the hybrid data block table is completed. Next, the embedded addresses of the second to sixth MAC address part blocks 142 to 146 are calculated (S1609). 2nd to 6th mixed data blocks 1 respectively
It is obtained by adding the sizes of the corresponding second to sixth cipher data blocks 111 to 116 to the start addresses of 32 to 136 (1852 to 1856: 1801). The calculated embedded address is sequentially assigned to one of the MAC address parts whose embedded address has not been determined, and is stored in the MAC address parts block table (S1610). The order of records to which embedded addresses are assigned may be arbitrary. A method may be considered in which a random number is divided by the number of records whose embedment address has not yet been determined, and a record is specified by a remainder value. Regardless of this example, embedded addresses may be assigned in ascending or descending order.

The hybrid data writing (S1303) will be described in detail. FIG. 19 is a diagram illustrating a mixed data write processing flow. The following processing is repeated for each corresponding encrypted data block and mixed data block (S1901). The encryption data file handle is designated, the device driver 400 is instructed to read the encryption data from the start address to the end address of the encryption data block in the encryption data block table, and the encryption data block is read (
S1902). For example, a packet including a file read function, an encrypted data file handle, a start address, and a block size is generated, the packet is sent to the device driver 400, and the encrypted data block is read into a predetermined buffer. Then, the mixed data file handle is designated, and the read encrypted data block is written as a mixed data block from the start address to the end address of the mixed data block in the mixed data block table (S1903). For example, the encryption data block is written to a predetermined buffer, a packet including a file write function, a stored data file handle, a start address, and a block size is generated, and the packet is sent to the device driver 400. If all data blocks are processed (S1904), then the MAC
The following processing is repeated for each address part (S1905). MAC address parts,
A MAC address part block is generated by combining the embedded address of the next MAC address part (S1906), and the generated MAC address part block is written in the embedded address of the part (S1907). For example, the MAC address part block is written in a predetermined buffer, a packet including a file write function, a stored data file handle, a start address, and a block size is generated, and the packet is sent to the device driver 400. The process ends when all the MAC address parts have been processed (S1908).

The encryption data file erasing process (S1103) in FIG. 11 will be described in detail. FIG. 20 is a diagram showing an encrypted data file erasing process flow. Encryption data file handle storage unit 1
The encrypted data file handle stored in 002 is designated, and the device driver 400
Is instructed to close the encrypted data file object (S2001). For example, a packet including a file close function and an encrypted data file handle is generated, and the packet is sent to the device driver 400. Further, the encryption data file handle is designated and the device driver 400 is instructed to delete the encryption data file object (S2002). For example, a packet including a file delete function and an encrypted data file handle is generated, and the packet is sent to the device driver 400.

In this way, the plain text data is converted into hybrid data and held in the saved data file.

Next, the operation when opening the saved data file held in this way will be described. In this operation, the file is opened, the MAC address is verified, and the hybrid data in the saved data file is converted to plain text data.

FIG. 21 is a diagram showing a module configuration and data flow of an existing file open. I
The / O manager 300 designates a saved data file name and instructs opening of the file. The filter driver 600 acquires this instruction and operates. The existing file open processing unit 670 that operates by opening the file includes a parameter input unit 671, a file object open unit 672, a saved data file handle storage unit 673, a MAC address verification unit 674, a data restoration unit 675, a parameter output unit 676, a file object. It has elements of a closing unit 677 and an error result output unit 678.

A file open process by the filter driver will be described. FIG. 22 is a diagram showing an existing file open process flow of the filter driver. First, the parameter input unit 6
The saved data file name included in the packet is obtained in the parameter input process (S2201) by 71. Next, a file object open process (S2202) is performed by the file object open unit 672. In this process, the storage data file name is designated and the device driver 400 is instructed to open the file object. For example, a packet including a file open (or file create) function and a saved data file name is generated and sent to the device driver 400. Next, a MAC address verification process (S2203) is performed by the MAC address verification unit 674. In this process, whether or not the access is legitimate is determined based on whether or not the MAC address extracted from the hybrid data held in the saved data file matches the MAC address unique to the computer. Detailed processing will be described later with reference to FIGS. If the access is legitimate, a data restoration process (S2204) by the data restoration unit 675 is performed. In this process, plain text data is restored from the hybrid data held in the saved data file and written back to the saved data file. Detailed processing will be described later with reference to FIGS. Then, parameter output processing (S2205) by the parameter output unit 676 is performed. In this process, the saved data file handle is returned to the I / O manager 300 as an output parameter. The file handle is stored at a predetermined address by the device driver 400, and the I /
If the O manager 300 can read the file handle directly from the address, the parameter output process (S2205) can be omitted.

On the other hand, if the access is not valid, the file object close unit 677 designates the save data file handle in the file object close process (S2206) to instruct the close of the save data file. For example, a packet including a file close function and a stored data file handle is generated, and the packet is sent to the device driver 400. In the error result output process (S2207), an error result indicating that the file open has failed because the MAC address is invalid and the access is not valid is returned to the I / O manager 300.

The MAC address verification process (S2203) by the MAC address verification unit 674 will be described in detail. FIG. 23 is a diagram illustrating a module configuration of the MAC address verification unit. MA
The C address verification unit 674 includes a MAC address restoration unit 2301, a restoration MAC address storage unit 2302, a MAC address acquisition unit 2303, an acquisition MAC address storage unit 2304, and an M
An AC address comparison unit 2305 is provided.

FIG. 24 is a diagram showing a flow of MAC address verification processing. MAC address restoration unit 23
The MAC address restoration process (S2401) is performed by 01. In this process, the MAC address is restored from the hybrid data, and the restored MAC address is restored to the restored MAC address storage unit 23.
02. Details will be described with reference to FIG. Next, the MAC address acquisition unit 2
In the MAC address acquisition process by S303 (S2402), for example, NETBIOS (Net
The MAC address is acquired using a (work BIOS) command and stored in the acquired MAC address storage unit 2304. Then, in the MAC address comparison process (S2403) by the MAC address comparison unit 2305, the restored MAC address stored in the restored MAC address storage unit 2302 is compared with the acquired MAC address stored in the acquired MAC address storage unit 2304. . If they match, it is a legitimate access, and the termination status is normal and the processing is terminated. On the other hand, if they do not match, it is an unauthorized access and the end status is ended as an error.

The MAC address restoration process (S2401) will be described in detail. FIG. 25 is a diagram showing a flow of MAC address restoration processing. First, a storage data file handle, a predetermined starting address, and a MAC address part block size are designated, and reading is instructed to the device driver 400 to acquire a first MAC address part block (S2501). For example, a packet including a file read function, a stored data file handle, a starting address, and a block size is generated, and the packet is transmitted to the device driver 400.
To read the MAC address part block from a predetermined buffer. Read MA
A MAC address part is specified from the C address part block (S2502). The following processing is repeated until all the MAC address parts are read (S2503).
. In this process, the MAC address part blocks corresponding to the number of MAC address parts are read. The next part address is specified from the previously read MAC address part block (S2
504), specifying the storage data file handle, the next part address, and the MAC address part block size, instructing the device driver 400 to read, and reading the next MAC address part block (S2505). For example, a packet including a file read function, a stored data file handle, a next part address, and a block size is generated, and the packet is sent to the device driver 400, and the MAC is read from a predetermined buffer.
Read the address part block. In this way, the MAC address parts are specified in order, and the specified MAC address parts group is arranged in the specified order to generate a MAC address (S2506).

The data restoration process (S2204) by the data restoration unit 675 will be described in detail. FIG. 26 is a diagram illustrating a module configuration of the data restoration unit. The data restoration unit 675 includes an encrypted data reproduction unit 2601, an encrypted data file handle storage unit 2602, a decryption unit 2603, a plaintext data file handle storage unit 2604, an encrypted data file deletion unit 2605, a plaintext data replication unit 2606, and a plaintext data file deletion. The element of the part 2607 is included. In addition, the data restoration unit 675 temporarily generates the encrypted data file 503 and the plaintext data file 504 in the course of processing.

FIG. 27 is a diagram showing a data restoration processing flow. Encryption data reproduction processing (S2701) by the encryption data reproduction unit 2601 is performed. In this process, the encrypted data is restored from the hybrid data held in the saved data file 501, and the restored encrypted data is temporarily stored in the encrypted data file 503. Details will be described in detail with reference to FIG. Next, a decoding process (S2702) by the decoding unit 2603 is performed. In this process, the encrypted data held in the encrypted data file 503 is decrypted, and the decrypted flat data is temporarily stored in the plaintext data file 504. Details will be described with reference to FIG. Then, the encryption data file 503 temporarily deleted is deleted by the encryption data file deletion processing (S2703) by the encryption data file deletion unit 2605. Details will be described in detail with reference to FIG. In the plaintext data replication process (S2704) by the plaintext data replication unit 2606, the plain data temporarily stored in the plaintext data file 504 is overwritten on the saved data file 501. That is, the plain data is stored instead of the hybrid data (updated from the hybrid data to the plain text data). Details will be described with reference to FIG. In the plaintext data file erasure processing (S2705) by the plaintext data file erasure unit 2607, the temporarily provided plaintext data file 504 is erased. Details will be described in detail with reference to FIG.

The encryption data reproduction process (S2701) in FIG. 27 will be described in detail. FIG. 28 is a diagram showing an encrypted data reproduction processing flow. Generation of embedded address sort table (S2801)
Then, an embedded address sorting table in which the embedded addresses of the MAC address part blocks included in the hybrid data are sorted in ascending order is generated. Details will be described later with reference to FIG. In the generation of the hybrid data block table (S2802), a hybrid data block table that specifies the arrangement of the hybrid data block on the hybrid data is generated based on the embedded address sort table. Details will be described later with reference to FIG. Generation of encrypted data (S
2803), based on the hybrid data block table, the hybrid data block is read and written into the storage data file as an encrypted data block. Details will be described later with reference to FIG.

The generation of the aforementioned embedded address sort table (S2801) will be described in detail. FIG.
FIG. 9 is a diagram showing a processing flow for generating an embedded address sort table. First, a predetermined starting address is stored as one of embedded addresses (S2901). Next, a storage data file handle, a predetermined starting address, and a MAC address part block size are designated, and reading is instructed to the device driver 400 to read the first MAC address part block (S2902). The next part embedded address is specified from the read MAC address part block (S2903), and the next part embedded address is stored as one of the embedded addresses (S2904). The loop processing is continued until all the MAC address part blocks are read (S2905), the storage data file handle, the next part embedded address, and the MAC address part block size are designated, and the device driver 400 is instructed to read the next MAC address. Read the address part block (S290)
6). When all the MAC address part blocks are read and all the embedded addresses are specified, the specified embedded address group is sorted in ascending order (S2907). In this way, an embedded address sort table is obtained. FIG. 30 is a diagram illustrating a configuration example of an embedded address sort table. The embedded address sort table 3000 is provided in a storage area inside the data restoration unit 675.

The generation of the hybrid data block table (S2802) will be described in detail. FIG. 31 is a diagram illustrating a generation processing flow of the hybrid data block table. In this process, a hybrid data block table 1800 similar to that shown in FIG. 18 is generated based on the embedded address sort table. First, the start address (1851: 1) of the first mixed data block
(801) is set to 0 (S3101), and the following processing is repeated for the embedded address and the hybrid data block in sequence (S3102). By subtracting 1 from the embedded address, the end address (1802) of the hybrid data block is calculated (S3103). Next, add the MAC address part block size (8 bytes in this example) to the embedded address,
The start address 1801 of the next hybrid data block is calculated (S3104). When the above processing is repeated for all the embedded addresses (S3105), the file size of the saved data file is acquired (S3106), and 1 is subtracted from the file size to obtain the end address of the last mixed data block (S3107). The end address of the last hybrid data block may be EOF. The file size can be specified by reading the entire file, for example.

The generation of encrypted data (S2803) will be described in detail. FIG. 32 is a diagram showing a flow of processing for generating encrypted data. First, the encryption data file name is designated to the device driver 400, the creation of the encryption data file object is instructed, and the device driver 4
The file handle of the encrypted data file is acquired from 00, and the acquired encrypted data file handle is stored in the encrypted data file handle storage unit 2602 (S3201). Then, the following processing is repeated for each record of the hybrid data block included in the hybrid data block table (S3202). The saved data file handle stored in the saved data file handle storage unit 673, the start address and the end address of the hybrid data block are designated, and reading is instructed to the device driver 400 to read the hybrid data block (
S3203). For example, a packet including a file read function, a stored data file handle, a start address, and a data size (end address−start address + 1) is generated, and the packet is sent to the device driver 400, and the mixed data is transmitted from a predetermined buffer. Read the block. Then, the read hybrid data block is written in the storage data file 501 as an encrypted data block in order from the top (S3204). At this time,
Specify the address to write the encryption data file handle and encryption data block. For example, the encrypted data block is written into a predetermined buffer, a packet including the file write function, the encrypted data file handle, the write address, and the data size is generated, and the packet is sent to the device driver 400. The address for writing the encrypted data block can be obtained by starting from 0 and sequentially adding the data size of the previously written encrypted data block. The process ends when all data blocks have been processed (S3205). As a result, the encrypted data blocks are concatenated.

The decoding process (S2702) will be described in detail. FIG. 33 is a diagram showing a decoding processing flow. First, the plaintext data file name is designated to the device driver 400, the creation of the plaintext data file object is instructed, and the file handle of the plaintext data file is acquired from the device driver 400. For example, create a packet that contains a file open (or file create) function and a given plaintext data file name,
Send to device driver 400. Then, the acquired plaintext data file handle is stored in the plaintext data file handle storage unit 2604 (S3301). Next, the encryption data file handle stored in the encryption data file handle storage unit 2602 is designated,
The device driver 400 is instructed to read the entire encrypted data, and the entire encrypted data is acquired (S3302). The entire acquired encrypted data is decrypted to generate plaintext data (S33).
03). Finally, the plaintext data file handle stored in the plaintext data file handle storage unit 2604 is designated, and the device driver 400 is instructed to write the entire plaintext data (S3304). For example, plain text data is written to a predetermined buffer, a packet including a file write function, a plain text data file handle, a write address, and a data size is generated, and the packet is sent to the device driver 400.

The encrypted data file erasure process (S2703) will be described in detail. FIG. 34 is a diagram showing an encrypted data file erasing process flow. Encrypted data file handle storage unit 26
The encrypted data file handle stored in 02 is designated, and the device driver 400 is instructed to close the encrypted data file object (S3401). Similarly, the encrypted data file handle is designated to delete the encrypted data file object. The device driver 400 is instructed (S3402).

The plaintext data replication process (S2704) will be described in detail. FIG. 35 is a diagram showing a plain text data replication processing flow. The plaintext data file handle stored in the plaintext data file handle storage unit 2604 is designated, the entire plaintext data is read from the plaintext data file object, and the entire plaintext data is acquired (S3501). Then, the device driver 400 is instructed to write the entire plaintext data to the saved data file object by designating the saved data file handle stored in the saved data file handle storage unit 673 (S3502).

The plaintext data file deletion process (S2705) will be described in detail. FIG. 36 is a diagram showing a plain text data file erasing process flow. Plain text data file handle storage unit 26
The plaintext data file handle stored in 04 is designated, and the device driver 400 is instructed to close the plaintext data file object (S3601). For example, create a packet containing a file close function and a plaintext data file handle,
The packet is sent to the device driver 400. Similarly, the plaintext data file handle is designated, and the device driver 400 is instructed to delete the plaintext data file object (S3602). For example, a packet including a file delete function and a plain text data file handle is generated, and the packet is sent to the device driver 400.
Embodiment 2. FIG.
A single block including the entire MAC address may be included in the hybrid data without dividing the MAC address. In that case, in the determination of the hybrid data block (S1301), the first and second
Only the encrypted data block is determined. Further, regarding the MAC address part block as one, the determination of the arrangement of the hybrid data (S1302) and the writing of the hybrid data (S1303)
).

In the case of this form, since the entire MAC address is included in the block corresponding to the MAC address part block, it can be called a MAC address block. The next part embedding address becomes unnecessary.

In the MAC address restoration process (S2401), the entire MAC address is read from a predetermined starting address. In the encrypted data reproduction process (S2701), the first and second encrypted data blocks are connected to reproduce the encrypted data.
Embodiment 3 FIG.
It is also effective to include the encrypted MAC address in the hybrid data.

Next to the MAC address acquisition process (S902) of FIG. 9, a MAC address encryption unit is provided for performing a process of encrypting the acquired MAC address. In the data mixing process (S903),
The encrypted MAC address is divided into parts and the same operation as described above is performed.

A process of decoding the generated MAC address is performed at the end of the MAC address restoration process (S2401) of FIG. 24, that is, after S2506 of FIG.

  The MAC address encryption and decryption of the present embodiment may be applied to the second embodiment.

By also encrypting the MAC address, it is possible to prevent spoofing due to the MAC address.
Embodiment 4 FIG.
The above-mentioned MAC address is individual information of network devices and is an example of computer-specific information. MAC address parts, MAC address parts block, MAC address parts block table, MAC address acquisition unit, acquisition MAC address storage unit, MAC address restoration unit, restoration MAC address storage unit, and MAC address comparison unit are computer-specific information parts, It is an example of a computer specific information part block, a computer specific information part block table, a computer specific information acquisition unit, an acquired computer specific information storage unit, a computer specific information restoration unit, a restored computer specific information storage unit, and a computer specific information comparison unit. As computer-specific information, for example, individual information held by a disk drive or the like, individual information held by a circuit such as a chip, or individual information held by an extension board or the like may be used. The computer-specific information acquisition unit operates to acquire individual information as computer-specific information from hardware modules included in the computer such as the disk drive, chip, or expansion board.

The operation module elements described above can execute processing by a program. Further, the program can be stored in a storage medium so that the computer can read the program from the storage medium.

FIG. 37 is a diagram illustrating a hardware configuration of a computer. Arithmetic device 370 on the bus
1, a data storage device 3702, a memory 3703, and a communication interface (network card) 3704 are connected. The data storage device 3702 is, for example, a ROM (Read
Only Memory) or a hard disk. The memory 3703 is a normal RAM (
Random Access Memory). The program is stored in the normal data storage device 3702, and is sequentially loaded into the memory 3703, and then the arithmetic device 37.
01 is read and processed. The communication interface (network card) 3704 stores a MAC address, and the arithmetic device 3701 is configured to acquire this MAC address via a bus.

It is a figure which shows the structure of the data based on this invention. It is a figure which shows the structural example of a MAC address part block. It is a figure which shows the structure of a filter driver. It is a figure which shows the processing flow of a filter driver. It is a figure which shows the data flow of a new file open. It is a figure which shows the data flow of a file write. It is a figure which shows the data flow of a file read. It is a figure which shows the module structure and data flow of a file close. It is a figure which shows the file close processing flow of a filter driver. It is a figure which shows the module structure of a data mixture part. It is a figure which shows a data hybrid processing flow. It is a figure which shows an encryption process flow. It is a figure which shows a data layout processing flow. It is a figure which shows the determination processing flow of an encryption data block. It is a figure which shows the structural example of an encryption data block table. It is a figure which shows the determination processing flow of arrangement | positioning of hybrid data. It is a figure which shows the structural example of a MAC address parts block table. It is a figure which shows the structural example of a hybrid data block table. It is a figure which shows the write-in processing flow of hybrid data. It is a figure which shows an encryption data file deletion process flow. It is a figure which shows the module structure and data flow of the existing file opening. It is a figure which shows the existing file open process flow of a filter driver. It is a figure which shows the module structure of a MAC address verification part. It is a figure which shows a MAC address verification process flow. It is a figure which shows a MAC address restoration process flow. It is a figure which shows the module structure of a data decompression | restoration part. It is a figure which shows a data restoration process flow. It is a figure which shows an encryption data reproduction process flow. It is a figure which shows the production | generation processing flow of an embedded address sort table. It is a figure which shows the structural example of an embedded address sort table. It is a figure which shows the production | generation processing flow of a hybrid data block table. It is a figure which shows the production | generation processing flow of encryption data. It is a figure which shows a decoding processing flow. It is a figure which shows an encryption data file deletion process flow. It is a figure which shows a plaintext data replication process flow. It is a figure which shows a plaintext data file deletion process flow. It is a figure which shows the hardware constitutions of a computer.

Explanation of symbols

100 plaintext data, 110 encrypted data, 120 MAC address, 130 hybrid data, 111-117 cryptographic data block, 131-137 hybrid data block, 1
41-147 MAC address part block, 200 MAC address part block, 201 MAC address part, 202 secondary part embedded address, 203 spare area, 300 I / O manager, 400 device driver, 500 HDD device,
501 Saved data file, 502 Encrypted data file, 503 Encrypted data file, 504 Plain text data file, 610 Packet receiving unit, 620 Function determining unit, 630 New file open processing unit, 640 File write processing unit, 650
File read processing unit, 660 file close processing unit, 661 parameter input unit,
662 MAC address acquisition unit, 663 acquisition MAC address storage unit, 664 data combination unit, 665 file object close unit, 666 return value output unit, 670
Existing file open processing unit, 671 Parameter input unit, 672 File object open unit, 673 Stored data file handle storage unit, 674 MAC address verification unit, 675 Data restoration unit, 676 Parameter output unit, 677 File object close unit, 678 Error result Output unit, 1001 encryption unit, 1002 encryption data file handle storage unit, 1003 data layout unit, 1004 encryption data file deletion unit, 1500 encryption data block table, 1501 start address of encryption data block, 1502 end address of encryption data block, 1700 MAC address parts block table, 1701 MAC address parts, 1702 embedded address, 1800 hybrid data block table, 1801 Start address of forming a data block, an end address of 1802 composite data blocks, 2301 MAC address restorer, 2302 restores MAC address storage unit, 2303 MAC address obtaining unit, 2304
Acquired MAC address storage unit, 2305 MAC address comparison unit, 2601 encrypted data reproduction unit, 2602 encrypted data file handle storage unit, 2603 decryption unit, 2604 plaintext data file handle storage unit, 2605 encrypted data file deletion unit, 2606 plaintext data replication unit 2607, plaintext data file erasure unit, 3000 I / O manager,
3701 arithmetic device, 3702 data storage device, 3703 memory, 3704 communication interface (network card).

Claims (4)

A computer comprising a disk drive device, a device driver for the disk drive device, and an I / O manager for instructing the device driver to perform file operations, and further comprising the following elements: I / O manager and device driver (1) A packet receiving unit (2) for receiving an I / O request packet sent from the I / O manager to the device driver, comprising a filter driver operating in the kernel mode. Function determination unit for determining the function included in the I / O request packet (3) When the determined function is file close, the individual information of the module is calculated from the hardware module included in the computer. Acquired as data-specific information,
Encrypts open file data , divides the encrypted data into encrypted data block groups that are at least partially arbitrary size,
Computer specific information is divided into computer specific information parts, and for each computer specific information part, a computer specific information part block in which the embedded address of the next part is added to the computer specific information part is generated.
Using the encryption data block group as a mixed data block group, generating mixed data in which each hybrid data block and each computer-specific information part block are alternately arranged, and instructing the file write to store the mixed data as file data to the device driver When the determined function is an existing file open, the individual information of the module is acquired as computer specific information from the hardware module included in the computer,
Read the computer specific information part block from the mixed data of the open file, identify the embedded address of the computer specific information part and the next part from the read computer specific information part block, and then specify the next computer specific based on the embedded address of the next part By repeating the process of specifying the storage location of the information part block, the computer-specific information is restored,
When the acquired computer-specific information matches the restored computer-specific information, the mixed data block group is read from the mixed data of the open file based on the embedded address of the next part, and the encrypted data is reproduced and reproduced. An existing file open processing unit that decrypts encrypted data and sends a file write instruction to the device driver to store the decrypted data as file data.   2. The confidential computer according to claim 1, wherein the computer specific information is a MAC address of a network device provided in the computer. The file close processing unit encrypts the computer specific information, sets the encrypted computer specific information as the object of the division ,
2. The confidential computer according to claim 1, wherein the existing file open processing unit decrypts the computer specific information read from the mixed data. A computer having a disk drive device, a device driver for the disk drive device, and an I / O manager that instructs the device driver to perform file operations is interrupted between the I / O manager and the device driver, and operates in a kernel mode. A program for executing the following procedure as a filter driver to perform (1) Packet reception procedure for receiving an I / O request packet sent from the I / O manager to the device driver (2) Included in the received I / O request packet Function determination procedure for determining a function (3) When the determined function is a file close, the individual information of the module is acquired as computer-specific information from the hardware module included in the computer,
Encrypts open file data , divides the encrypted data into encrypted data block groups that are at least partially arbitrary size,
Computer specific information is divided into computer specific information parts, and for each computer specific information part, a computer specific information part block in which the embedded address of the next part is added to the computer specific information part is generated.
Using the encryption data block group as a mixed data block group, generating mixed data in which each hybrid data block and each computer-specific information part block are alternately arranged, and instructing the file write to store the mixed data as file data to the device driver File close processing procedure (4) When the determined function is an existing file open, the individual information of the module is obtained as computer specific information from the hardware module included in the computer,
Read the computer specific information part block from the mixed data of the open file, identify the embedded address of the computer specific information part and the next part from the read computer specific information part block, and then specify the next computer specific based on the embedded address of the next part By repeating the process of specifying the storage location of the information part block, the computer-specific information is restored,
When the acquired computer-specific information matches the restored computer-specific information, the mixed data block group is read from the mixed data of the open file based on the embedded address of the next part, and the encrypted data is reproduced and reproduced. An existing file open processing procedure for decrypting encrypted data and sending a file write instruction for storing the decrypted data as file data to the device driver.

Images