JP5142537B2 - Data processing apparatus, data processing method, program, and storage medium - Google Patents

Description

  The present invention relates to a data processing apparatus, a data processing method, a program, and a storage medium that can protect data from unauthorized access.

  Digital cameras that record captured images as digital data, unlike silver halide cameras that record captured images on a silver halide film, can easily edit and transmit the captured images and are used in a wide range of applications. It is done. For example, the user can immediately view, delete, or re-take a photographed image on the spot without waiting for development of the silver salt film. In particular, when each user shares an image captured by the user, it is not necessary to reprint the image, and a necessary image can be distributed to a desired user by sending and receiving a file storing the image.

  Image data taken by a digital camera is usually stored in a removable media card (hereinafter referred to as a memory card) such as a CF (Compact Flash) or SD memory card mounted on the camera. Images stored in the memory card can be played back by a playback application program installed in the digital camera. Further, the memory card can be inserted into another data processing apparatus such as a PC in which the memory card can be inserted, and an image directly stored in the memory card can be reproduced by a reproduction application program of the data processing apparatus. In the data processing device, it is also possible to copy the image in the memory card into the data processing device and reproduce the copied image by the reproduction application program of the data processing device.

  In recent years, protection of digital data has attracted attention from the viewpoint of security leakage. Digital data is data that does not deteriorate. That is, digital data can be distributed to an unspecified number of users without being deteriorated, and thus may be illegally viewed or edited. Therefore, there is a need for a data concealment technique that does not facilitate data access. In this way, data concealment is not only a counter-therapeutic point of view of copyright protection, privacy protection, and unauthorized access protection, but is also an active way that only users are allowed to access data and receive services. It is effective from the viewpoint.

  As one of the data hiding methods, there is a method of encrypting data using an encryption key or a specific conversion program. When the encrypted data is actually viewed or edited, the encrypted data is restored to the original data and displayed by the decryption key corresponding to the encryption key or the inverse conversion program corresponding to the conversion program. At this time, only a specific user having a decryption key or an inverse conversion program can access the data, and can protect the data from unauthorized access.

  In the case of a digital camera, a protection function for image data stored in a memory card is installed in order to realize a data shielding method. In this protection function, when protection is specified for an image photographed by a user from a menu screen of a GUI (graphical user interface) installed in the digital camera, erasure processing of the image for which protection is specified is restricted. As a result, it is possible to avoid a situation where an image stored in the memory card is inadvertently erased due to a user's erroneous operation or the like.

  However, the encryption as the data shielding method described above can realize privacy and copyright protection in browsing or editing, but cannot cope with data erasure due to unauthorized access. Similarly, the protect function of a digital camera can prohibit data erasure performed in the digital camera, but prohibits erasure of data after being copied to another data processing device such as a PC. Is not guaranteed.

  As described above, in any case, the data is not protected against the data erasure, and there is a possibility that the data is inadvertently erased. This is because no matter how the data body is processed, a data entry always exists in a normal file system. The data entry here is the data entity, and the file operation of the data entry from the file system is the same as the file operation of the data entity. Therefore, if the data entry is deleted, the data entity disappears.

  In order to solve such a problem, it is necessary to pretend that the substance of the data does not exist on the file system. As a method for realizing this, there is, for example, a method of defining a “hidden file” and apparently erasing the existence of the file. However, this method is merely a method of making a file invisible by display control for the file, and does not hide data from a general file system.

  A method of concealing the substance of data in a completely different format from a general file system is also conceivable. However, in this case, management by a completely different file system that does not comply with, for example, the FAT (file allocation table) standard is required. When two completely different file systems coexist, it is necessary to divide the file data area in the storage medium and manage it in consideration of it, and the control becomes complicated.

  Therefore, a control method for shielding data in a general file system has been proposed (see Patent Document 1). In this control method, information indicating accessible users, information indicating applications, and information indicating types of processing for files are registered in advance for each file. When an access command for a file is issued from an application that is currently being executed, the access command for the file is permitted or prohibited by referring to the registered information.

Further, a directory shielding method has been proposed in which an authentication code is acquired from a directory selector according to the directory selection, the acquired authentication code is authenticated, and the existence of the directory is denied according to the authentication result (Patent Literature). 2).
Japanese Patent Laid-Open No. 8-44630 JP 2002-351728 A

  As described above, as a method for shielding data on a general file system, a method for realizing data compatibility while maintaining compatibility with an existing file system as much as possible is desired, as in the above-described methods. .

An object of the present invention is to provide a data processing device, a data processing method, a program, and a storage medium that can protect data from unauthorized access while maintaining compatibility with existing file systems as much as possible .

In order to achieve the above object, the present invention provides a data processing apparatus having a file system in which a corresponding process is performed when a predefined attribute value is detected, and includes real data and management information for managing the real data. A data processing apparatus comprising a connection means for connecting to a recording medium for storing actual data management information including an attribute value predefined in the file system, wherein the file system is used to access a disk memory space of the recording medium First access means for creating, setting means for setting an extended attribute value not defined in the file system, creating means for creating another file system in which a corresponding process is performed when the extended attribute value is detected, and the separate file system a second access means for accessing the disk memory space of the recording medium using a pre And expansion index data creating means for creating expansion index data including the extended attribute values, the file system includes a predefined attribute values, required to access the to the first expansion index data created in the above by access means and expansion index management information creating means for creating a Do expansion index management information, and erasing means for erasing the actual data management information, as the data management information required to access the to the actual data by the second access means, wherein There is provided a data processing apparatus comprising: data management information creating means for creating other actual data management information specified when the extended attribute value included in the extended index data is detected and processed. .

In order to achieve the above object, the present invention is a data processing apparatus for handling a file system in which attribute values recorded in a directory entry of a recording medium are defined in advance , and using the file system, the directory entry In the data processing apparatus for accessing the data area of the recording medium based on the information recorded in the file name, the extended attribute value not defined in the file system and the name corresponding to the data recorded in the data area of the recording medium Is created, and the index data is recorded in the data area of the recording medium so as to be accessible by the file system, and information for accessing the data is associated with the index data. said the recorded extended directory entry directory Recording means for recording in the bird entry, the index of the first access means for accessing before heard emissions index data recorded in said data area, said first access means accesses using the file system When the extended attribute value is recorded in the data, based on the extended attribute value included in the index data and the name corresponding to the data, the extended directory entry corresponding to the index data is read, to provide a data processing apparatus according to the second access means and the said Bei example Rukoto accessing before Kide over data recorded in the data area based on the cluster number recorded in the extended directory entry .

In order to achieve the above object, the present invention is a data processing apparatus for handling a file system in which attribute values recorded in a directory entry of a recording medium are defined in advance , and using the file system, the directory entry In the data processing method of the data processing apparatus for accessing the data area of the recording medium based on the information recorded in the file, the extended attribute value not defined in the file system and the data recorded in the data area of the recording medium The index data in which the name corresponding to the name is recorded is created, the index data is recorded in the data area of the recording medium so as to be accessible by the file system, and the data is accessed in association with the index data. Extended directory entries that record information for A recording step of recording re in the directory entry, the first access step of accessing before heard emissions index data recorded in the data area using the file system, accessible at the first access step When the extended attribute value is recorded in the index data, the extended directory entry corresponding to the index data based on the extended attribute value included in the index data and the name corresponding to the data reads the data processing, characterized in Rukoto that having a second access step of accessing before Kide over data recorded in the data area based on the cluster number recorded in the extended directory entry Provide a method.

  In order to achieve the above object, the present invention provides a program for realizing each of the above data processing methods and a storage medium storing the program in a computer-readable manner.

Data can be protected from unauthorized access while maintaining compatibility with existing file systems as much as possible .

  Hereinafter, embodiments of the present invention will be described with reference to the drawings.

(First embodiment)
FIG. 1 is a block diagram showing the configuration of a digital camera incorporating a data processing apparatus according to the first embodiment of the present invention.

  As shown in FIG. 1, the digital camera 201 of this embodiment includes an imaging optical system 202, a CDS / AGC circuit 205, an A / D converter 206, and a signal processing circuit 207. The photographing optical system 202 includes a lens group 203 and a CCD (Charged Coupled Device) 204. The CCD 204 is driven by a drive signal generated by a drive circuit (V-drv) 208 and a timing signal generated by TG 108.

  The digital camera 201 includes a signal processing circuit 210, a ROM 213, a CPU 214, a CF card 215, a user interface (UI) 216, a display controller 217, and an SDRAM 219. The display controller 217 is provided with a VRAM 218. Furthermore, the digital camera 201 includes a liquid crystal monitor 220 and a communication interface (communication I / F) 221.

  The CPU 214 controls the signal processing circuit 210, ROM 213, CF 215, user interface (UI) 216, display controller 217, SDRAM 219, and communication I / F 221 via the control bus 212. In addition, the signal processing circuit 210, the ROM 213, the CF card 215, the user interface (UI) 216, the display controller 217, the SDRAM 219, and the communication I / F 221 exchange data with each other via the data bus 211.

  Specifically, at the time of shooting, a subject image is formed on the CCD 204 by the lens 203 of the imaging optical system 202, and the CCD 204 converts the subject image into an electrical signal and outputs it. Here, the CCD 204 captures the subject image in synchronization with the drive signal and timing signal generated by the drive circuit 208 and the TG circuit 209, respectively, and outputs a corresponding electrical signal. In the case of moving image shooting, the drive signal and timing signal are continuously generated at a predetermined cycle.

  The electric signal output from the CCD 204 is adjusted in amplitude and gain by the CDS / AGC circuit 205 and then converted into a digital signal by the A / D converter 206. This digital signal is a signal based on the color coordinate system of the filter of the CCD 204 and the characteristics of the dynamic range, and the signal is output by the signal processing circuit 207 based on the system design of the digital camera 201. Converted to data. Here, as the color coordinate system before and after conversion, there are combinations of coordinate systems of various color spaces such as the RGB coordinate system in addition to the Y-C coordinate system, but the color coordinate system used in the present embodiment is It is not limited to a specific color coordinate system.

  The signal processing circuit 207 outputs image data in synchronization with a pixel clock corresponding to the set number of pixels. Further, the signal processing circuit 207 outputs a control signal corresponding to the photographing area size of the CCD 204 to the drive circuit 208 and the TG circuit 209. In other words, the signal processing circuit 207 outputs an HD signal every time one line of the shooting area starts and a VD signal every other field of the shooting area.

  The image data output from the signal processing circuit 207 is input to the signal processing circuit 210. The signal processing circuit 210 mainly controls reading / writing of data to / from the SDRAM 219 and the CF 215, driving of the display controller 217, and writing of image display data to the VRAM 218. The signal processing circuit 210 controls decoding of address data from the CPU 214, transmission of a control signal to the imaging optical system 202, and transmission of image data to the outside of the digital camera 201.

  Specifically, the signal processing circuit 210 compresses input image data (for example, compression processing by JPEG), and writes the compressed data in the CF 215. In preview display or live image display, the image data is converted into data having a size corresponding to the number of pixels of the liquid crystal monitor 220 and written into the VRAM 218 via the data bus 211. At the same time, the display controller 217 is driven via the control bus 212 and image data is displayed on the liquid crystal monitor 220.

  Further, when the image data recorded in the CF 215 is read and displayed on the liquid crystal monitor 220, the image data is read from the CF 215, and this image data is expanded by the signal processing circuit 210. The expanded image data is written into the VRAM 218 and displayed on the liquid crystal monitor 220 as described above. In these processes, the SDRAM 219 is used as a work area.

  Furthermore, when imaged image data or image data stored in the CF 215 is transmitted to the outside of the digital camera 201, the image data is expanded on the SDRAM 219 and transmitted to the outside via the communication I / F 221. Conversely, when image data is received from the outside via the communication I / F 221, the image data is expanded on the work memory of the SDRAM 219.

  The UI 216 performs processing such as capturing input operations such as shooting, reproduction, and mode setting from the user and transmitting them to the CPU 214, the signal processing circuit 210, and the like.

  The digital camera 201 of the present embodiment is equipped with an access protection setting program for executing access protection setting processing. The access protection setting process by the access protection setting program is a process for shielding the data body (actual data) of the image data stored in the CF 215 and making it appear that only the index data of the image data exists.

  This access protection setting process will be described with reference to FIGS. FIG. 2 is a diagram showing the structure of a general directory entry format. FIG. 3 is a diagram showing a format structure of an extended directory entry newly defined to realize the access protection setting process. FIG. 4 is a diagram showing the configuration of the file system management area set in the CF 215.

  When recording captured image data in the CF 215, a directory entry for managing volumes, directories, files, and the like as shown in FIG. 2 is used. This directory entry is a general one defined by a disk format such as DOS, and is described in a format accessible by a general file system.

  The directory entry includes a short entry 309 made up of 32-byte data and a long entry 310. In the short entry 309, a file name 301 before the extension, a file name extension 302, and an attribute 303 are described. An attribute 303 indicates an attribute such as a read-only or hidden file, a system file of a computer system, a volume or a root directory, an attribute related to a file indicating whether backup has been performed, or the like. The attribute 303 is assigned as a flag to each of the 8 bits. In addition, the reserved area 304, the latest update time 305, and the latest update date 306 are each described in 2 bytes. In addition, a FAT start cluster number 307 and a file size 308 are described.

  The short entry 309 is configured to represent a file name with 8 characters and an extension with 3 characters, and therefore cannot correspond to a file name with a longer name. Therefore, a long entry 310 that is an extended directory entry is defined in order to correspond to a file name having a longer name.

  The long entry 310 is configured such that a plurality of 32-byte data columns are connected, and the maximum number of columns is seven. The number of data strings depends on the number of characters in the file name. An attribute 311 is described in the data string of the long entry 310. An attribute value “0Fh” indicating a long entry is assigned to this attribute 311. This attribute value “0Fh” is a value that does not normally exist in the DOS disk format such as a volume file, a system file, a hidden file, and a read-only file.

  In addition, the number of long entry columns 312 is described. This long entry sequence number 312 is represented by the lower 4 bits of the field byte. Since the number of 32-byte data strings is up to seven, the lower 4 bits representing the long entry string number 312 are defined only up to “07h”. The most significant bit serves as a flag indicating whether or not a long entry exists in the next data string. If “0”, the next data string exists, and if “1”, the end is completed. Indicates that Here, the byte value “01h” of the number 312 of the long entry columns is the first data column of the long entry and indicates that the next data column exists. The byte value “4xh” of the long entry column number 313 is the data column of the x column of the long entry, and indicates that the long entry ends at the column.

  In the long entry 310, “0000h” is assigned to the field 314 corresponding to the start cluster number of the short entry 309, and the file name is described in the remaining fields (shaded portions). With this long entry 310, a file name of up to 256 characters can be described.

  In the short entry 309, of the 8 bytes constituting the file name 301, the first byte includes binary data indicated by a character code defined by “JIS X 0605” in the case of Japanese DOS, for example. . Furthermore, there are cases where the attribute as a directory entry is indicated separately. For example, if the byte value is “E5h” (hexadecimal), this indicates that the directory entry has been erased.

  In a general file system, a byte value defined by these is detected and a corresponding process is performed. However, processing for undefined byte values (undefined byte values) is not defined, and processing corresponding to that area is ignored.

  Here, in the present embodiment, a file in which a newly defined byte value (newly defined byte value) is set for the first byte of the file name of the directory entry and processing corresponding to this byte value can be registered The system shall be used. The newly defined byte value is a byte value that is not defined in a general file system. In order to realize this file system, for example, a registration function having “new definition byte value” and “pointer value of processing function” as arguments is used for the interface of the file system program. The method of defining is used.

  In the present embodiment, a newly defined extended directory entry as shown in FIG. 3 is used to realize the file system described above.

  As shown in FIG. 3, the extended directory entry includes a short entry and a long entry. A byte value “FCh” that is not defined in a general file system is assigned to the first byte field 401 of the short entry. Here, “a byte value not defined in a general file system” means that the character code of “JIS X 0605” is not assigned to the directory entry attribute. Therefore, as long as the condition is satisfied, the byte value of the present embodiment is not limited to “FCh”.

  Subsequent to the first byte field 401 of the short entry, a field 402 which is an undefined invalid area is provided. This field 402 corresponds to a 10-byte field excluding the first byte among fields consisting of 11 bytes of a file name and a file extension name in a general directory entry. In this configuration, the file name cannot be specified, but instead, a long entry is used to specify the file name regardless of the number of characters.

  Thus, in the present embodiment, general directory entries and extended directory entries having newly defined attribute values are mixed in the disk memory space. Here, the general directory entry is an entry having an attribute value defined by the DOS disk format and recognizable by a general file system. In addition, as the data body acquired by scanning the FAT chain, the one indicated by the general directory entry and the one indicated by the extended directory entry are mixed.

  Next, the file system management area set in the CF 215 will be described.

  A file system management area 501 as shown in FIG. 4 is set for the CF 215. The file system management area 501 includes a directory entry and a data area. Here, it is assumed that there are two types of data: general data Img01.idx that can be accessed by a general file system and extended data Img01.jpg that cannot be accessed by a general file system.

Directory entries of the data Img01.idx and Img01.jpg exist as a general directory entry 502 and an extended directory entry 504, respectively. The data body of each data Img01.idx , Img01.jp exists as a general data body 503 and an extended data body 505. General data body 503, in a general file system, access to the data body 503 with reference to the directory entry 502 are those that can be browsed. On the other hand, the extended data body 505 cannot be accessed by a general file system, that is, does not exist when viewed from a general file system. This is because the extended directory entry 504 of the extended data Img01.jpg has a format that is not defined in a general file system.

  Next, a method for creating such extension data will be described with reference to FIGS. FIG. 5 is a flowchart showing the procedure of the access protection setting process. FIG. 6 is a diagram showing the index data created in step S602 of FIG.

  Image data captured by the digital camera 201 is stored in the CF 215 as an image file including a general directory entry accessible by a general file system and a general data body. Here, it is assumed that image data displayed on the liquid crystal monitor 220 during reproduction is protected by access protection setting processing. In this case, the user performs an operation for setting access protection on the displayed image data, and this operation is captured via the UI 216. In response to this operation, as shown in FIG. 5, the CPU 214 activates the access protection setting program and starts the access protection setting process (step S601). With the start of this access protection setting process, an access protection setting screen (not shown) is displayed on the liquid crystal monitor 220. On this access protection setting screen, operation buttons that can be operated by the user are displayed.

  Next, in response to an instruction to start setting by the user, index data for image data to be protected for access is created (step S602). As shown in FIG. 6, the index data is binary data having a 1-byte extended attribute flag field 701, a file name field 702 of 255 bytes or less, and a 1-byte end flag field 703 indicating the end of the file name field. is there. In the extended attribute flag field 701, the attribute value of the first byte field necessary for accessing the extended directory entry is substituted. As described above, since “FCh” is assigned to the first byte field of the extended directory entry defined in the digital camera 201, “FCh” is assigned to the extended attribute flag field 701. The file name field 702 is assigned the file name of the image data to be protected for access. “FFh” is assigned to the last end flag field 703.

  Next, a directory entry for the index data created in step S602 is created (step S603). Subsequently, the general directory entry corresponding to the image data to be protected for access is deleted, and an extended directory entry in which the byte value of the first byte field is “FCh” is created (step S604). Then, this process ends (step S605).

  For example, when the access protection is set for the data Img01.jpg stored so that a general file system can be accessed in the CF 215, the file structure in the CF 215 becomes a structure as shown in FIG.

  When setting the access protection for the data Img01.jpg, the general directory entry and the general data body of the data Img01.jpg stored so that the general file system can be accessed are extended directory entries (Img01.jpg). jpg) 504 and its extension data body (Img01.jpg) 505. Then, instead of the general directory entry and the general data body, a general directory entry (Img01.idx) 502 and a general data body (Img01.idx) 503 for the index data are generated.

  The general directory entry (Img01.idx) 502 corresponds to the file name 702 shown in FIG. Therefore, when browsing software such as a viewer executed on a general file system is used, only the general data body (Img01.idx) 503 is accessed based on the general directory entry (Img01.idx) 502. Is possible. However, the entity of the data Img01.jpg, that is, the data body cannot be accessed and browsed.

  Thus, by setting access protection for the target image data by the access protection setting process, it becomes impossible to access the image data, and the image data is protected from unauthorized access. Can do.

  Next, a case where access protection is canceled for image data for which access protection is set will be described with reference to FIG. FIG. 7 is a flowchart showing the procedure of the access protection cancellation process.

  In the playback mode, only the index data is displayed for image data for which access protection is set. Then, the index data of the image data to be the access protection cancellation target is selected by the user's operation. Then, access protection cancellation is set for the selected index data by a user operation. In response to this, the CPU 214 activates the access protection cancellation program and starts the access protection cancellation processing.

  Specifically, as shown in FIG. 7, when the access protection cancellation process is started (step S801), a general directory entry for the image data targeted for access protection cancellation is created (step S802). As a result, it becomes possible to access image data to be subject to access protection cancellation from a general file system.

  Next, the index data (directory entry and data body) for the access protection release target image data created for access protection is deleted (step S803). Then, the extended directory entry for the image data targeted for access protection cancellation is deleted (step S804), and this process ends (step S805).

  Next, a method for accessing image data for which access protection is set will be described.

  An access protection data reproduction program for executing an access protection data reproduction process is used for accessing image data for which access protection is set. In an apparatus equipped with this access protection data playback program, for example, when accessing image data for which access protection is set in a storage medium such as CF 215, the access protection data playback program is started and access protection data playback processing is performed. Be started. The access protection data reproduction process enables access to image data for which access protection is set in the storage medium.

  The digital camera 201 is mounted with the access protection data reproduction program so that it can be executed. The case where the digital camera 201 performs the access protection data reproduction process by the program will be described with reference to FIG. FIG. 8 is a flowchart showing a procedure of access protection data reproduction processing.

  Here, it is assumed that the image data set with access protection, that is, the extended data (Img01.jpg) 505 is read from the file system management area 501 of the CF 215 shown in FIG. 4 and reproduced. When reproducing the image data for which access protection is set, the CPU 214 activates an access protection data reproduction program.

  When the access protection data reproduction program is activated, an access protection data reproduction process is started as shown in FIG. 8 (step S1). Next, index data is read from the file system management area 501 (step S2). Here, first, the general data body 503 is read as index data based on the general directory entry 502. Then, the attribute and the file name are acquired from the read index data (general data body 503) (step S3). Here, “FCh” is acquired as an attribute, and “Img01.jpg” is acquired as a file name.

  Next, based on each of the acquired information, an extension directory entry in the directory entry area of the file system management area of the CF 215 is searched (step S4). That is, the search for the extended directory entry having the attribute value “FCh” and the file name “Img01.jpg” is performed (steps S5 and S6). The search for the extended directory entry is performed in the same manner as a general file system. However, the attribute of the undefined extension directory entry, that is, the value of the first byte field “FCh” is recognized and processed. In the present embodiment, as described above, a file system including an interface in which a general file system registers a specific first byte field value and a process corresponding thereto is used. It is assumed that the registration process related to reproduction has already been completed.

  When the extended directory entry having the attribute value “FCh” and the file name “Img01.jpg”, that is, the extended directory entry 504 is obtained by the search, FAT information is acquired from the extended directory entry (step S7). . Next, based on the acquired FAT information, the data body 505 of the image data “Img01.jpg” is acquired, and this image data is reproduced (step S8). Then, this process ends (step S9).

  In this way, data for which access protection is set can be reproduced by the access protection data reproduction process. Therefore, a device that does not have an access protection data reproduction program cannot access data for which access protection is set and reproduce the data. As a result, if access protection is set for desired image data, the image data can be protected from unauthorized access. For example, it is possible to prevent the image data from being deleted by mistake and from being intentionally deleted or tampered.

  Also, from a general file system, it is possible to delete index data created by access protection settings, but it is not possible to delete extended data. Therefore, even when this index data is deleted, the extended data remains.

  Therefore, when the index data is deleted, the index data recovery process is executed by the index data recovery program in order to recover the deleted index data. This index data restoration process is executed when the access protection data reproduction application program is started. Alternatively, it is possible to execute the index data restoration processing at an arbitrary timing.

  Next, the index data restoration process will be described with reference to FIG. FIG. 9 is a flowchart showing the procedure of index data restoration processing.

  When the access protection data reproduction application program is activated, index data restoration processing is started as shown in FIG. 9 (step S901). First, the directory entry area in the file system management area is scanned to extract one of the extended directory entries (step S902). Then, index data corresponding to the extracted extended directory entry is searched (step S903). Here, a different file extension name is given to the index data, but since the same name as the file name of the extension data is given, the index data corresponding to the extracted extension directory entry must be specified. Is easy.

  Next, based on the search result in step S903, it is determined whether or not index data corresponding to the extracted extended directory entry exists (step S904). If there is no index data corresponding to the extracted extension directory entry, the index data corresponding to the extension data is created by referring to the data body of the extension data (step S905). The index data is created according to the format shown in FIG.

  Next, it is determined whether or not the detection of whether or not the index data exists for all the extended directory entries (step S906). If detection of whether or not there is index data for all the extended directory entries has not been completed, the process returns to step S902, and the next extended directory entry is extracted. On the other hand, when the detection of whether or not the index data is present for all the extended directory entries is completed, this processing is terminated (step S907).

  If it is determined that there is index data corresponding to the extended directory entry extracted in step S904, step S906 is executed. That is, it is determined whether or not the detection of the presence or absence of the index data has been completed for all the extended directory entries. If the detection of the presence / absence of index data is not completed, the process returns to step S902, and the next extended directory entry is extracted. On the other hand, when the detection of whether or not the index data is present for all the extended directory entries is completed, this processing is terminated (step S907).

  For example, even if the user deletes the index data by mistake, the index data corresponding to the extended image data can be restored based on the remaining extended image data.

  Next, an access protection data erasing process for erasing image data for which access protection is set will be described. The access protection data erasure process is a process that can be executed at an arbitrary timing during the execution of the access protection data reproduction application program by the access protection data erasure program.

  This access protection data erasing process will be described with reference to FIG. FIG. 10 is a flowchart showing the procedure of the access protection data erasing process.

  When an operation for instructing deletion of image data for which access protection is set is performed by the user during execution of the access protection data reproduction application program, the access protection data deletion program is started. With the activation of this program, access protection data erasure processing is started as shown in FIG. 10 (step S1001).

  First, index data of image data (extended data) instructed to be erased is read (step S1002). Then, the attribute “FCh” and the file name of the extended directory entry are acquired from the read index data (step S1003).

  Next, the extended directory entry is searched using the acquired attribute “FCh” and the file name as search keys (step S1004). This search is performed until an extended directory entry having an attribute value “FCh” and a corresponding file name is obtained (steps S1005 and S1006).

  When the extended directory entry having the attribute value “FCh” and the corresponding file name is obtained by the search, a directory entry flag indicating deletion is set for the extended directory entry (step S1007). Here, the “directory entry flag indicating erasure” is a value set in the first byte field of the extended directory entry, and specifically, the value is “E5h”. Then, the extended directory entry in which this flag is set is deleted. As a result, the image data for which access protection is set is deleted.

  Next, the directory entry of the index data corresponding to the erased image data and its data body are erased (step S1008), and this process ends (step S1009).

  Thus, if access protection is set for the image data in the CF 215 that records the image data captured by the digital camera 201, the image data is converted into index data and extension data (image data body). This extended data can be accessed by the access protection reproduction application program, but cannot be accessed from the general file system. That is, the general file system can read the index data of the image data for which access protection is set in the CF 215, but cannot access the image data for which access protection is set. Therefore, image data for which access protection is set in the CF 215 can be protected from unauthorized access.

  Here, the case where the access protection setting process and the release process thereof are performed in the digital camera has been described. However, these processes may be applied to, for example, printing image data of a storage medium owned by an individual in a printing apparatus. it can.

  In this case, for example, when printing image data in a storage medium such as a CF, data other than the image data to be printed can be printed out by the printing apparatus. As a result, data other than image data to be printed is in a state where protection such as privacy protection and copyright protection is not achieved. Therefore, the access protection setting process and the cancellation process thereof may be linked to update processing of attribute information having a printability parameter, such as DPOF (Digital Print Order Format). That is, the image data is stored as general data when the print flag is enabled, and as extended data when the print flag is disabled. Is possible.

(Second Embodiment)
Next, a second embodiment of the present invention will be described with reference to FIGS. FIG. 11 is a diagram showing a format of image data compressed in the JPEG format in a digital camera incorporating a data processing apparatus according to the second embodiment of the present invention. FIG. 12 is a flowchart showing a RAW data reproduction process procedure of a digital camera incorporating a data processing apparatus according to the second embodiment of the present invention.

  In the present embodiment, image data captured by a digital camera is stored in a CF as raw image data that is a raw image and JPEG image data that has been subjected to development processing and compression processing in JPEG format. The present embodiment is configured so that only the JPEG image file is stored in the CF and the RAW image data can be shielded. Here, the configuration of the digital camera of the present embodiment is the same as that of the first embodiment, and thus the description thereof is omitted.

  The JPEG image data includes data 1201 having a format configuration as shown in FIG. JPEG image data is divided into a JPEG header area and a JPEG image data area. For digital cameras, a header standard related to JPEG image data, such as Exif, is provided. However, in this embodiment, it is sufficient that a header having a configuration necessary for reproduction of JPEG image data is provided. The configuration is not limited. However, this embodiment is different from a general file system in that a parameter area that can be arbitrarily set by the user is provided in the JPEG header area. The parameter area includes variable-length binary data having an extended directory entry attribute flag, an extended file data name, and an end flag.

  In the present embodiment, access protection for captured RAW image data is performed in the same procedure as the access protection setting process of the first embodiment. That is, the RAW image data is converted into extended data (extended directory entry and extended data body). As index data, data written in the parameter area of the header area of JPEG image data is used.

  Next, processing for reproducing RAW image data in which access protection in the CF is set will be described with reference to FIG.

  When the digital camera 201 reproduces the RAW image data stored in the CF, as shown in FIG. 12, first, the RAW data reproduction program is started by the CPU and the RAW data reproduction process is started ( Step S1101).

  Next, the JPEG image data stored in the CF is read and displayed on the liquid crystal monitor 220, and the index data (parameter) written in the JPEG header area is read (step S1102). Then, the attribute of the extended directory entry and the file name of the RAW image data are acquired from the read index data (step S1103). Here, the RAW data reproduction application program can recognize index data having a predefined format. However, this index data is not recognized by a general file system.

  Next, the corresponding extended directory entry is searched using the acquired attribute and file name as a search key (step S1104). The search for the extended directory entry is performed in the same manner as a general file system. In the present embodiment, a file system similar to that of the first embodiment is constructed by the RAW data reproduction program. This file system includes an interface for registering a first byte field value that can be specified by a general file system and a process corresponding to the value. Thereby, an attribute value that is not defined in a general file system is recognized, and processing corresponding to the attribute value is enabled.

  The search starts from the acquired attribute value and continues until an extended directory entry having the same extended data file name as the acquired file name is obtained (steps S1105 and S1106). Here, when the corresponding extended directory entry is obtained, the FAT information regarding the RAW image data is scanned from the extended directory entry (step S1107). Then, the corresponding RAW image data is read and displayed on the liquid crystal monitor 220 (step S1108), and this process ends.

  As described above, by defining RAW image data as JPEG image data including extension data and index data, the RAW image data can be shielded from being recognized from a general file system.

  Such RAW image data can be reproduced only by a RAW reproduction program that can recognize the extended directory entry. Therefore, it is impossible to access the RAW image data from another processing apparatus not equipped with the program. Further, in other processing apparatuses not equipped with the program, since the only data that can be viewed is a JPEG image including index data corresponding to the RAW image data, the RAW image data is deleted by mistake, or is intentionally deleted or There is no fear of falsification.

  In the present embodiment, it is possible to perform a process of erasing one of the JPEG image data including the index data and the RAW image data in the same procedure as in the first embodiment.

  In the first and second embodiments, the CF is exemplified as the storage medium. However, the present invention is not limited to this, and for example, a removable storage such as an SD card, a micro drive, a memory stick, or a smart media. It may be a medium. Further, instead of the storage medium built in the main body, it is also possible to use an external storage medium as a transfer destination of image data by wire or wireless.

  Further, although binary data and JPEG image data are shown as examples of index data, text data or the like can be used instead. Also, the index data format is not limited to the examples of the above embodiments.

  The object of the present invention is achieved by executing the following processing. That is, a storage medium that records a program code of software that realizes the functions of the above-described embodiments is supplied to a system or apparatus, and a computer (or CPU, MPU, etc.) of the system or apparatus is stored in the storage medium. This is the process of reading the code.

  In this case, the program code itself read from the storage medium realizes the functions of the above-described embodiments, and the program code and the storage medium storing the program code constitute the present invention.

  Moreover, the following can be used as a storage medium for supplying the program code. For example, floppy (registered trademark) disk, hard disk, magneto-optical disk, CD-ROM, CD-R, CD-RW, DVD-ROM, DVD-RAM, DVD-RW, DVD + RW, magnetic tape, nonvolatile memory card, ROM or the like. Alternatively, the program code may be downloaded via a network.

  Further, the present invention includes a case where the function of the above-described embodiment is realized by executing the program code read by the computer. In addition, an OS (operating system) running on the computer performs part or all of the actual processing based on an instruction of the program code, and the functions of the above-described embodiments are realized by the processing. Is also included.

  Furthermore, a case where the functions of the above-described embodiment are realized by the following processing is also included in the present invention. That is, the program code read from the storage medium is written in a memory provided in a function expansion board inserted into the computer or a function expansion unit connected to the computer. Thereafter, based on the instruction of the program code, the CPU or the like provided in the function expansion board or function expansion unit performs part or all of the actual processing.

It is a block diagram which shows the structure of the digital camera which incorporates the data processor which concerns on the 1st Embodiment of this invention. It is a figure which shows the structure of the format of a general directory entry. It is a figure which shows the structure of the format of the extended directory entry newly defined in order to implement | achieve an access protection setting process. It is a figure which shows the structure of the file system management area | region set to CF215. It is a flowchart which shows the procedure of an access protection setting process. It is a figure which shows the index data produced by step S602 of FIG. It is a flowchart which shows the procedure of the access protection cancellation | release process for canceling | releasing the access protection with respect to the image data in which access protection is set. It is a flowchart which shows the procedure of an access protection data reproduction process. It is a flowchart which shows the procedure of an index data restoration process. It is a flowchart which shows the procedure of an access protection data deletion process. It is a figure which shows the format of the image data compressed by the JPEG format in the digital camera which incorporates the data processing apparatus which concerns on the 2nd Embodiment of this invention. It is a flowchart which shows the procedure of the raw data reproduction | regeneration processing of the digital camera which incorporates the data processor which concerns on the 2nd Embodiment of this invention.

Explanation of symbols

201 Digital camera 213 ROM
214 CPU
215 CF

Claims (4)

A data processing apparatus for handling a file system in which attribute values recorded in a directory entry of a recording medium are defined in advance, and using the file system based on information recorded in the directory entry In a data processing apparatus that accesses a data area of a medium ,
Index data in which extended attribute values not defined in the file system and names corresponding to the data recorded in the data area of the recording medium are created, and data in the recording medium is accessible in the file system Recording means for recording the index data in an area, and recording in the directory entry an extended directory entry in which information for accessing the data is recorded in correspondence with the index data ;
A first access means for accessing pre-Symbol index data recorded in the data area using the file system,
When the extended attribute value is recorded in the index data accessed by the first access means, the index data is based on the extended attribute value included in the index data and the name corresponding to the data. It reads the extended directory entry corresponding to, Ru Bei give a second access means for accessing a Kide over data before being recorded in the data area based on the cluster number recorded in the extended directory entry A data processing apparatus. A data processing apparatus for handling a file system in which attribute values recorded in a directory entry of a recording medium are defined in advance, and using the file system based on information recorded in the directory entry In a data processing method of a data processing apparatus for accessing a data area of a medium ,
The data processing apparatus creates index data in which extended attribute values not defined in the file system and names corresponding to the data recorded in the data area of the recording medium are created and can be accessed in the file system Recording the index data in the data area of the recording medium, and recording in the directory entry an extended directory entry in which information for accessing the data is recorded corresponding to the index data ;
By the data processing device, a first access step of accessing before heard emissions index data recorded in the data area using the file system,
When the extended attribute value is recorded in the index data accessed in the first access step, the data processing device causes the extended attribute value included in the index data and the name corresponding to the data to based on the reads the extended directory entry corresponding to the index data, a second accessing before Kide over data recorded in the data area based on the cluster number recorded in the extended directory entry data processing method that have a access process. A data processing apparatus for handling a file system in which attribute values recorded in a directory entry of a recording medium are defined in advance, and using the file system based on information recorded in the directory entry To a data processing device that accesses the data area of the medium ,
Index data in which extended attribute values not defined in the file system and names corresponding to the data recorded in the data area of the recording medium are created, and data in the recording medium is accessible in the file system and records the index data in the area, the recording step so as to correspond to the index data, and records the extended directory entry that records the information for accessing the data in the directory entry,
A first access step of accessing before heard emissions index data recorded in the data area using the file system,
When the extended attribute value is recorded in the index data accessed in the first access step, the index is based on the extended attribute value included in the index data and the name corresponding to the data. It reads the extended directory entry corresponding to the data, to execute a second access step of accessing before Kide over data recorded in the data area based on the cluster number recorded in the extended directory entry A program characterized by that. A storage medium storing the program according to claim 3 in a computer-readable manner.

Images