JP5422690B2 - Information processing apparatus and data protection method - Google Patents

Description

  Embodiments described herein relate generally to an information processing apparatus and a data protection method.

  For example, in a PC (personal computer) or the like, in order to prevent leakage of data at the time of loss, an encryption process is performed on a storage device such as an HDD (hard disk drive) and the encryption used for the encryption process of the storage device A technique capable of erasing a key by data communication is conventionally known.

  However, according to the conventional technology as described above, for example, when a PC is transferred to a place where data communication cannot be performed, and when a storage device such as an HDD is removed from the PC, data leakage is prevented. There is a problem that it is difficult.

JP 2008-269285 A JP 2008-269232 A

  An object of the present invention is to provide an information processing apparatus and a data protection method capable of reliably preventing data leakage as compared with the prior art.

The information processing apparatus according to the embodiment includes a first storage unit that has been encrypted with an N-bit encryption key, and a second storage unit that stores identification information including information for identifying a user. When shifting from the power-on state to another power state, the first storage unit saves M-bit data (1 ≦ M <N) of the N-bit encryption key from the first storage unit. An encryption key moving unit that makes the storage unit inaccessible, a communication unit configured to be able to communicate based on the identification information, and the communication unit based on the identification information in the other power state A communication state detection unit that detects whether communication is possible and the communication state detection unit detects that communication is possible, using the M-bit data saved by the encryption key moving unit Restore N-bit encryption key An encryption key restoration unit that makes the first storage unit accessible .

The figure which shows the principal part of the information processing apparatus which concerns on embodiment. 6 is a flowchart illustrating an example of processing performed when the power state of the information processing apparatus according to the embodiment shifts from a power-on state to another power state different from the power-on state. 6 is a flowchart illustrating an example of processing performed when the power state of the information processing apparatus according to the embodiment is another power state different from the power-on state.

  Hereinafter, embodiments will be described with reference to the drawings.

  FIG. 1 is a diagram illustrating a main part of the information processing apparatus according to the embodiment.

  As shown in FIG. 1, the information processing apparatus 1 configured as a PC (personal computer) includes a flash memory 21, a storage device 22, a CPU 23, a main board 24, a communication module 25, a SIM card 26, and the like. The input device group 27 and the RAM 28 are included. Further, as shown in FIG. 1, the flash memory 21, the storage device 22, the CPU 23, the communication module 25, the input device group 27, and the RAM 28 are connected to each other via the main board 24. Further, as shown in FIG. 1, the SIM card 26 is connected to the main board 24 via the communication module 25.

  The flash memory 21 can be accessed to a basic input / output system (BIOS) 21 a having a program group for controlling the input / output operation of signals (data) between the units of the information processing apparatus 1 and the storage device 22. The telephone number data included in the identification data for specifying a specific user and the password data used in the processing described later are stored in advance.

  The storage device 22 configured by an HDD (Hard Disk Drive) or an SSD (Solid State Drive) has an OS (Operating System) having a program group for integrally controlling the operation of the basic functions of the information processing apparatus 1. ) 22a and various data including password data used in the processing described later are stored in advance.

  The CPU 23 reads the BIOS 21a from the flash memory 21 immediately after the information processing apparatus 1 is turned on, and operates the main board 24 so that signals (data) are input / output based on the read BIOS 21a. . The CPU 23 further activates the OS 22 a stored in the storage device 22 in a state where the main board 24 is operating based on the BIOS 21 a read from the flash memory 21. Performs control related to function operation.

  On the other hand, the CPU 23 having a function as a power supply state control unit, for example, on / off of the power supply of the information processing apparatus 1, on / off of the suspend function of the information processing apparatus 1, and information processing based on the operation of the input device group 27. Control for switching on and off the hibernation function of the apparatus 1 is performed.

  Here, when the suspend function of the information processing apparatus 1 is turned on in the power-on state, work state data immediately before the suspend function is switched from off to on is stored in the RAM 28 and the information processing apparatus 1 A transition is made to a suspended state in which drive power is supplied only to the minimum necessary part including the RAM 28 of each part. Thereafter, when the suspend function of the information processing apparatus 1 is switched from on to off in the suspend state, the data on the work state stored in the RAM 28 is resumed and the supply of power to each part of the information processing apparatus 1 is resumed. As a result, the power-on state is entered.

  When the hibernation function of the information processing apparatus 1 is turned on in the power-on state, the data on the work state immediately before the hibernation function is switched from off to on is stored in the storage device 22 and the information processing apparatus 1 It shifts to a hibernation state in which the supply of drive power to each part of is stopped. After that, when the hibernation function of the information processing apparatus 1 is switched from on to off in the hibernation state, the work state data stored in the storage device 22 is resumed and the supply of power to each part of the information processing apparatus 1 is resumed. As a result, the power-on state is entered.

  The main board 24 includes various interfaces used for signal (data) input / output operations between the respective units of the information processing apparatus 1.

  The communication module 25 includes, for example, an antenna and a 3G communication module. The communication module 25 can be attached to and detached from an expansion slot (not shown) of the main board 24 and is provided outside the information processing apparatus 1 (or the CPU 23). Wireless communication with a base station apparatus (not shown).

  The SIM card 26 is configured to be detachable from the communication module 25. In addition, in the SIM card 26, data of a telephone number unique to each SIM card 26 is written in advance.

  The input device group 27 includes a keyboard and a pointing device, and is configured as a user interface capable of performing operations related to various functions of the information processing apparatus 1.

  Here, a specific operation of the information processing apparatus 1 having the above configuration will be described. In the following, when the encryption process of the storage device 22 has been performed in advance, that is, N-bit encryption key data used for the encryption process of the storage device 22 has been generated in advance, and the N In the following description, it is assumed that data in the storage device 22 can be accessed by returning the bit encryption key data to the storage device 22.

  FIG. 2 is a flowchart illustrating an example of processing performed when the power state of the information processing apparatus according to the embodiment shifts from the power-on state to another power state different from the power-on state.

  The CPU 23 is in a power-on state defined as a state in which the OS 22a is activated (access to data in the storage device 22 is possible) and power is supplied to each unit of the information processing device 1 In (step S101 in FIG. 2), it is determined whether or not an operation related to the change of the power supply state has been performed (by the input device group 27 or the like) (step S102 in FIG. 2).

  Specifically, the CPU 23 having a function as the operation state determination unit turns on the operation for turning off the power of the information processing apparatus 1 and the suspend function of the information processing apparatus 1 in step S102 of FIG. Whether or not an operation for turning on the hibernation function of the information processing apparatus 1 has been performed (by the input device group 27 or the like).

  When the CPU 23 having the function as the encryption key moving unit obtains the result of the operation relating to the change of the power supply state (by the input device group 27 or the like) in step S102 of FIG. M bits (1 ≦ M ≦ N) of the N-bit encryption key data stored therein are copied to the flash memory 21 (step S103 in FIG. 2).

  Then, the CPU 23 having the function as the encryption key moving unit erases the M-bit encryption key data copied to the flash memory 21 in step S103 in FIG. 2 from the encryption key data in the storage device 22 (step in FIG. 2). Thereafter, the power state of the information processing apparatus 1 is shifted to the power state according to the operation of the determination result in step S102 of FIG. 2 (step S105 of FIG. 2).

  Specifically, for example, when the CPU 23 obtains a determination result that an operation for turning off the power of the information processing apparatus 1 has been performed in step S102 of FIG. 2, the information is displayed in step S105 of FIG. The power state of the processing apparatus 1 is shifted from the power-on state to the power-off state (a state where power is not supplied to each unit of the information processing apparatus 1). Further, for example, when the CPU 23 obtains a determination result that the operation for turning on the suspend function of the information processing apparatus 1 has been performed in step S102 of FIG. 2, in step S105 of FIG. The power state of 1 is shifted from the power-on state to the suspend state. Further, for example, when the CPU 23 obtains a determination result that the operation for turning on the hibernation function of the information processing apparatus 1 has been performed in step S102 of FIG. 2, in step S105 of FIG. 1 is shifted from the power-on state to the hibernation state.

  On the other hand, when the CPU 23 having the function as the operation state determination unit obtains the determination result that the operation related to the change of the power state is not performed (by the input device group 27 or the like) in step S102 of FIG. Further, before a predetermined time elapses (by the input device group 27 or the like), it is determined whether or not an arbitrary operation including an operation related to a change in the power supply state has been performed (step S106 in FIG. 2).

  If the CPU 23 obtains a result of determination that an arbitrary operation (by the input device group 27 or the like) has been performed before the predetermined time has passed in step S106 of FIG. 2, the CPU 23 returns to step S102 of FIG. I do. In addition, when the CPU 23 obtains a determination result that the arbitrary operation has not been performed (by the input device group 27 or the like) by the step S106 in FIG. 2 before the predetermined time has elapsed, the CPU 23 requests the password input. Control for displaying a password input screen on a display device (not shown) such as a monitor is performed on an image processing circuit (not shown) connected to the main board 24 (step S107 in FIG. 2).

  Thereafter, the CPU 23 having a function as a password input determination unit uses the password data stored in advance in the storage device 22 and the password input in response to the request in step S107 in FIG. 2 (by the user). By checking, it is determined whether or not the input password is a correct password (step S108 in FIG. 2).

  The CPU 23 obtains the determination result that the password input in response to the request in step S107 in FIG. 2 is the correct password (matches the password stored in advance in the storage device 22) in step S108 in FIG. In the event that there is a failure, the process returns to step S102 in FIG. On the other hand, the CPU 23 having the function as the encryption key moving unit has an incorrect password entered in response to the request in step S107 of FIG. 2 (does not match the password stored in advance in the storage device 22). ) Is obtained in step S108 of FIG. 2, M bits (1 ≦ M ≦ N) of the N-bit encryption key data stored in the storage device 22 are transferred to the flash memory 21. Copy (step S109 in FIG. 2).

  In the password determination process in step S108 in FIG. 2, when the determination result that the password input in response to the request in step S107 in FIG. 2 is an incorrect password is obtained once, the step in FIG. When the determination result that the password input in response to the request in step S107 in FIG. 2 is an incorrect password is obtained a plurality of times (for example, 2 to 3 times) in succession. You may make it move to the process of step S109 of FIG.

  Then, the CPU 23 having the function as the encryption key moving unit erases the M-bit encryption key data copied to the flash memory 21 in step S109 in FIG. 2 from the encryption key data in the storage device 22 (step in FIG. 2). Thereafter, the power state of the information processing apparatus 1 is shifted from the power-on state to a predetermined power state (step S111 in FIG. 2). The predetermined power state described above may be any of a power off state, a suspend state, or a hibernation state.

  FIG. 3 is a flowchart illustrating an example of processing performed when the power state of the information processing apparatus according to the embodiment is a different power state from the power-on state.

  On the other hand, until the operation related to the return of the power state of the information processing apparatus 1 is performed (by the input device group 27 or the like) (step S122 in FIG. 3), after the transition according to the process in step S105 or step S111 in FIG. The power state of the information processing apparatus 1 (step S121 in FIG. 3) is maintained.

  Specifically, for example, the power state of the information processing apparatus 1 is maintained in the power-off state until an operation for turning on the power of the information processing apparatus 1 is performed. Further, for example, the power supply state of the information processing apparatus 1 is maintained in the suspended state until an operation for turning off the suspend function of the information processing apparatus 1 is performed. Further, for example, the power supply state of the information processing apparatus 1 is maintained in the hibernation state until an operation for turning off the hibernation function of the information processing apparatus 1 is performed.

  Then, when an operation related to the restoration of the power state of the information processing apparatus 1 is performed (by the input device group 27 or the like) (step S122 in FIG. 3), the operation of the CPU 23 is started.

  The CPU 23 determines whether or not the communication module 25 and the SIM card 26 are connected (attached) immediately after being activated in response to an operation related to the restoration of the power state of the information processing apparatus 1 (step S123 in FIG. 3).

  The CPU 23 indicates the determination result that the communication module 25 is not connected (attached) to the main board 24 or the determination result that the SIM card 26 is not connected (attached) to the communication module 25 in step S123 of FIG. If obtained by the above, control is performed to maintain the power supply state of the information processing apparatus 1 in the power supply state (power-off state, suspend state, or hibernation state) in step S121 in FIG. Further, the CPU 23 obtains a determination result that the communication module 25 is connected (attached) to the main board 24 and the SIM card 26 is connected (attached) to the communication module 25 in step S123 of FIG. In this case, the telephone number data stored in advance in the flash memory 21 and the telephone number data written in the SIM card 26 are collated, so that the telephone number of the SIM card 26 is correct. It is determined whether or not it is a telephone number (whether or not a telephone number matching the telephone number of the identification data stored in advance in the flash memory 21 has been input) (step S124 in FIG. 3).

  The CPU 23 determines the determination result that the telephone number written in the SIM card 26 is an incorrect telephone number (a telephone number that does not match the telephone number of the identification data stored in advance in the flash memory 21 is input). When obtained in step S124 in FIG. 3, the control for maintaining the power state of the information processing apparatus 1 in the power state (power off state, suspend state, or hibernation state) in step S121 in FIG. I do. In addition, the CPU 23 having a function as a communication state determination unit has the correct telephone number written in the SIM card 26 (the telephone number matching the telephone number of the identification data stored in the flash memory 21 in advance). 3 is obtained in step S124 in FIG. 3, the communication module 25 is further operated, so that the communication module 25 and the base station apparatus outside the information processing apparatus 1 are operated. It is determined whether or not communication is possible between them (step S125 in FIG. 3).

  The CPU 23 having the function as the encryption key control unit determines the result of determination that communication between the communication module 25 and the base station apparatus outside the information processing apparatus 1 is possible (within a range) in FIG. When it is obtained in S125, or when a determination result described later is obtained in step S129 of FIG. 3, the M-bit encryption key data stored in the flash memory 21 is returned to the storage device 22, whereby the storage device After enabling access to the data in 22 (step S126 in FIG. 3), the power state of the information processing apparatus 1 is shifted to the power-on state (step S127 in FIG. 3). Further, when the CPU 23 obtains a determination result that communication between the communication module 25 and the base station device outside the information processing apparatus 1 is impossible (out of service area) in step S125 of FIG. Then, control for displaying a password input screen for requesting password input on a display device (not shown) such as a monitor is performed on an image processing circuit (not shown) connected to the main board 24 ( Step S128 in FIG.

  Thereafter, the CPU 23 having a function as a password input determination unit obtains the password data stored in advance in the flash memory 21 and the password input in response to the request in step S128 of FIG. 3 (by the user). By collating, it is determined whether or not the input password is a correct password (step S129 in FIG. 3).

  The CPU 23 obtains the determination result that the password input in response to the request in step S128 in FIG. 3 is the correct password (matches the password stored in advance in the flash memory 21) in step S129 in FIG. In the case where it is found, the processing of step S126 and step S127 of FIG. 3 is performed. On the other hand, the CPU 23 determines that the password input in response to the request in step S128 in FIG. 3 is an incorrect password (does not match the password stored in advance in the flash memory 21). If it is obtained in S129, after the M-bit encryption key data stored in the flash memory 21 is erased (Step S130 in FIG. 3), what is the power state in Step S121 in FIG. Regardless, the power state of the information processing apparatus 1 is forcibly shifted to the power-off state (step S131 in FIG. 3).

  Specifically, for example, when the power state in step S121 in FIG. 3 is the power off state, the power off state is forcibly maintained by the process in step S131 in FIG. For example, when the power state in step S121 in FIG. 3 is the suspend state or the hibernation state, the process is forcibly shifted to the power-off state by the process in step S131 in FIG.

  That is, after the process of step S131 in FIG. 3 is performed, no complete encryption key data remains in either the flash memory 21 or the storage device 22. Therefore, even if an operation for turning on the power of the information processing apparatus 1 is performed (by the input device group 27 or the like) after the process of step S131 of FIG. Data cannot be accessed, so that the data in the storage device 22 is protected.

  In the password determination process in step S129 in FIG. 3, when the determination result that the password input in response to the request in step S128 in FIG. 3 is an incorrect password is obtained once, the step in FIG. When the determination result that the password input in response to the request in step S128 of FIG. 3 is an incorrect password is obtained a plurality of times (for example, 2 to 3 times) in succession. You may make it move to the process of step S130 of FIG.

  According to the embodiment described above, the communication module 25 and the SIM card 26 are connected to the main board 24 of the information processing apparatus 1, the telephone number of the SIM card 26 matches the telephone number in the flash memory 21, and When communication between the communication module 25 and the base station device outside the information processing apparatus 1 is possible, the encryption key data for enabling access to the data in the storage device 22 subjected to the encryption process is restored. Is done.

  Further, according to the embodiment described above, the communication module 25 and the SIM card 26 are connected to the main board 24 of the information processing apparatus 1, and the telephone number of the SIM card 26 matches the telephone number in the flash memory 21. In addition, when communication between the communication module 25 and the base station apparatus outside the information processing apparatus 1 is impossible, when a password different from the password stored in advance in the flash memory 21 is input, Since the M-bit encryption key data stored in the flash memory 21 is completely erased, the encryption key data for enabling access to the data in the storage device 22 subjected to the encryption process cannot be restored. It becomes possible.

  Therefore, according to the embodiment described above, for example, when the information processing apparatus 1 is transferred to a place where communication with the outside is impossible, and when the storage device 22 is removed from the information processing apparatus 1 Thus, access to data in the storage device 22 can be prevented, that is, data leakage can be reliably prevented as compared with the conventional case.

  The present invention is not limited to the above-described embodiment, and various modifications and applications are naturally possible without departing from the spirit of the invention.

1 Information processing device 21 Flash memory 22 Storage device 23 CPU
24 Main board 25 Communication module 26 SIM card 27 Input device group 28 RAM

Claims (10)

A first storage unit that has been encrypted with an N-bit encryption key;
A second storage unit storing identification information including information for specifying a user;
When shifting from the power-on state to another power state, the Mbit data (1 ≦ M <N) of the N-bit encryption key is saved from the first storage unit, thereby An encryption key moving unit for making the storage unit inaccessible ;
A communication unit configured to be able to communicate based on the identification information;
A communication state detection unit that detects whether or not the communication unit can communicate based on the identification information in the other power state;
When the communication state detection unit detects that communication is possible, the first storage unit restores the N-bit encryption key using the M-bit data saved by the encryption key moving unit. An encryption key recovery unit for making
An information processing apparatus. In the input screen that is displayed when the communication state detection unit detects that communication is not possible, the communication state detection unit further includes an authentication unit that determines whether or not an input that matches the authentication information has been made,
The encryption key restoration unit restores the N-bit encryption key using the M-bit data saved by the encryption key moving unit when the authentication unit determines that an input that matches the authentication information has been made. The information processing apparatus according to claim 1. The information processing according to claim 2, wherein the encryption key moving unit erases the M-bit data saved from the first storage unit when the authentication unit determines that an input that does not match the authentication information is input. apparatus. The authentication unit determines whether or not an input that matches the authentication information has been made on an input screen that is displayed when a predetermined operation is not performed before a predetermined time has elapsed,
When the authentication unit determines that an input that does not match the authentication information is received, the encryption key moving unit saves the M-bit data from the first storage unit, and then from the power-on state to the other The information processing apparatus according to claim 2, wherein the information processing apparatus is forcibly shifted to a power state . The information processing apparatus according to any one of claims 1 to 4, wherein the other power supply state is any one of a power-off state, a suspend state, and a hibernation state. When shifting from the power-on state to another power state, the M bits of the N-bit encryption key are used to make the first storage unit that has been encrypted with the N-bit encryption key inaccessible. Encryption key moving step of saving the data (1 ≦ M <N) from the first storage unit ;
In the other power state, the arithmetic processing unit can perform communication based on the identification information read from the second storage unit in which identification information including information for specifying the user is stored. A communication state detection step for detecting whether or not there is,
When it is detected by the communication state detection step that communication is possible, in order to make the first storage unit accessible, the N bits are used by using the M-bit data saved by the encryption key movement step. An encryption key recovery step for recovering the encryption key of
A data protection method comprising: In the input screen displayed when it is detected that communication is not possible in the communication state detection step, the processing unit further includes an authentication step for determining whether or not an input that matches authentication information has been made,
In the encryption key restoration step, when it is determined that the input corresponding to the authentication information has been made in the authentication step, the N-bit encryption key is obtained using the M-bit data saved in the encryption key transfer step. The data protection method according to claim 6 to be restored . 8. The data according to claim 7, wherein the encryption key moving step erases the M-bit data saved from the first storage unit when it is determined in the authentication step that an input that does not match the authentication information is made. Protection method. In the authentication step, the arithmetic processing unit determines whether or not an input that matches the authentication information is made on an input screen that is displayed when a predetermined operation is not performed before a predetermined time elapses. ,
In the encryption key moving step, when it is determined in the authentication step that an input that does not match the authentication information has been made, the M-bit data is saved from the first storage unit, and then the power-on state is changed to the other The data protection method according to claim 7 or 8, wherein the data is forcibly shifted to a power state . The data protection method according to any one of claims 6 to 9, wherein the other power supply state is any one of a power-off state, a suspend state, and a hibernation state.

Images