JP5617981B2 - Device, management device, device management system, and program - Google Patents

Description

  The present invention relates to a device, a management device for the device, a management system, and a program.

  As a method for detecting falsification of software installed in a computer, there is a method using a hash value (see Patent Document 1). In this method, when installing software, the hash value is calculated and stored in the secondary storage device. When the computer is started next time, the software is read to calculate the hash value, and the secondary storage device. Whether or not the software has been tampered with is determined based on whether or not the hash value stored in the file matches.

  However, this falsification detection method has a problem that software falsification cannot be detected if the hash value stored in the secondary storage device is falsified together with the software.

  As a method for solving this problem, it is conceivable to prevent the hash value from being falsified by encrypting the hash value stored in the secondary storage device. However, since the encryption / decryption key for encrypting / decrypting the hash value is stored in the secondary storage device, a malicious third party illegally obtains the decryption key and decrypts the encrypted hash value. There is a problem that can not be prevented.

  Therefore, the applicant of the present application proposed a method for detecting firmware tampering using a TPM (Trusted Platform Module) and filed a patent application (Japanese Patent Application No. 2008-36267).

  The TPM is a security chip that conforms to the specifications defined by the industry standard group TCG (Trusted Computing Group). For example, the TPM is mounted on the motherboard of a multi-function peripheral and can be extracted from a private key that cannot be extracted outside and a public key that can be extracted outside. A non-volatile memory for storing an asymmetric key pair (Endorsement key) and a microprocessor dedicated to cryptographic processing are provided.

  In the invention filed earlier, the encryption key (key blob) encrypted in advance with the public key of the asymmetric key pair is stored in a secondary storage device (non-volatile memory, etc.) inside the multi-function peripheral, and at the time of factory shipment, etc. When installing the firmware, the hash value is calculated, the encryption key is decrypted from the key blob by TPM, the hash value is encrypted with the encryption key, and stored in an external secondary storage device (such as an SD card). . After that, when the MFP is installed, the key blob read from the internal secondary storage device is decrypted by the TPM, and the encrypted hash value read from the external secondary storage device is converted to the encryption key decrypted from the key blob. Decrypt and compare the hash value with the hash value recalculated from the firmware. As a result of the comparison, if they match, it is determined that the firmware has not been tampered with. If it does not match, it is determined that the firmware has been tampered with. be able to.

  However, in the case of this method, since the software tampering detection process is closed in the multifunction peripheral, for example, when the software for determining whether the comparison result matches / mismatches is tampered with, there is a problem that the firmware tampering cannot be detected. .

  In such a device, information stored in a storage device such as a hard disk device (hereinafter referred to as HDD) is encrypted in order to prevent eavesdropping of data stored therein. Although not described in the literature, the device encryption key for encrypting the storage data for the storage device is encrypted using the public key of the TPM asymmetric key pair to form a key blob, and the non-volatile device It is considered to be stored in memory.

  However, if the board on which the TPM is installed fails, the device encryption key cannot be decrypted. Therefore, even if the storage device such as the HDD is normal, the encrypted data stored in the storage device is used. There is a problem that it becomes impossible. This problem can be solved by providing a means for the user to store (backup) the key blob in some form, but for security reasons, it is necessary to back up the key every time the user changes the key. This process is not only troublesome for the user, but also the key information may be leaked depending on the operation, and the security of the system is impaired.

  The present invention has been made to solve such a problem, and an object of the present invention is to ensure that detection of falsification of software installed in a device can be executed without taking time and effort for a user. It is.

  The present invention is a device management system that includes a device in which software is installed and a management device connected to the device, wherein the software identification information of the software installed in the device is associated with the device identification information of the device. Means for storing in the management device; means for transmitting the device identification information to the management device after the device installs the software; and stored in the management device based on the device identification information received by the management device. Means for searching for device identification information and transmitting the search result to the device, and when the device receives a search result indicating that the device identification information exists in the management device, the software installed in the device Means for transmitting software identification information to the management device; and software received by the management device Means for comparing different information with software identification information stored in the management device, and software falsification determining means for determining whether software installed in the device has been falsified based on the comparison result. A device management system characterized by comprising:

[Action]
In the present invention, when software is installed in a device, device identification information unique to the device and software identification information of the installed software are associated with each other and stored in an external management apparatus. Therefore, it is possible to detect whether or not the software has been tampered with by comparing the software identification information of the software installed in the device with the software identification information stored in the management apparatus.

  According to the present invention, it is possible to reliably detect falsification of software installed in a device without troublesome user.

It is a figure which shows the structure of the apparatus management system of embodiment of this invention. It is a figure which shows schematic structure of TPM. It is a figure for demonstrating encryption of HDD. FIG. 2 is a diagram illustrating software used when installing firmware in a multifunction peripheral. FIG. 11 is a sequence diagram illustrating an operation when installing firmware in a multifunction machine. It is a figure which shows an example of a version report. It is a sequence diagram which shows the detail of the version report transmission procedure of FIG. It is a figure which shows an example of a firmware version database. FIG. 3 is a diagram illustrating software related to device encryption key processing when a multifunction device is activated. FIG. 6 is a diagram illustrating an operation of the TPM when the multifunction machine is activated. It is a figure which shows encryption and decoding of information using TPM. FIG. 6 is a diagram illustrating processing for acquiring a device encryption key when a multifunction device is activated. FIG. 10 is a sequence diagram illustrating processing for acquiring a device encryption key when a multifunction device is activated. It is a sequence diagram which shows a key report transmission procedure. It is a figure which shows an example of a key report. It is a figure which shows an example of the database for device keys. It is a sequence diagram which shows the procedure which detects the falsification of the firmware installed at the time of shipment. FIG. 11 is a sequence diagram illustrating an example of a procedure for restoring a device encryption key.

Hereinafter, embodiments of the present invention will be described with reference to the drawings.
As shown in FIG. 1, the device management system according to the embodiment of the present invention is configured such that a multifunction device 1 that is a management target device and a management server 2 are communicably connected via a network 3.

  The multifunction device 1 is an image forming apparatus having a copy function, a facsimile function, a printer function, a scanner function, and the like, and includes a bus 10, a controller board 11 connected to the bus 10, an operation / display unit 12, and a nonvolatile memory. The memory 14 and the HDD 14 are provided. The operation / display unit 12 includes various operation keys and an LCD. The nonvolatile memory 13 is composed of NVRAM, FRAM (registered trademark), and the like, and various data to be held even when the power is turned off is written.

  The controller board 12 includes a CPU 15, a ROM 16, a RAM 17, a network I / F (interface) 18, an engine controller 19, and a TPM 20. These are connected via a bus 10.

  The CPU 15 performs control of the entire multifunction device 1 and the like. The ROM 16 includes a NAND flash memory, a NOR flash memory, and the like, and stores firmware such as a BIOS, an OS (operating system), and a program. The RAM 17 serves as a work area for temporarily storing programs and data when the CPU 15 operates. The network I / F 18 is an interface for connecting the multifunction device 1 to the network 3. The engine controller 19 controls a printer engine, a scanner engine, etc. (not shown).

  As shown in FIG. 2, the TPM 20 has a root key 161 and a bidirectional communication interface 162. The root key 161 is an asymmetric key pair including a secret key (decryption key) that cannot be extracted outside the TPM 20 and a public key (encryption key) that can be extracted. The bi-directional communication interface 162 encrypts the input plaintext data with the public key of the root key 161 and outputs the data, and the input data encrypted with the public key of the root key 161 is output with the secret key of the root key 161. It is an interface for decoding and outputting. In the following description, encryption with the public key of the root key 161 and decryption with the secret key of the root key 161 are referred to as encryption with the root key 161 and decryption with the root key 161, respectively. The TPM 20 is directly attached to the controller board 12, and cannot be removed and attached to another board for use.

  In the non-volatile memory 13, as shown in FIG. 3, the device encryption key / decryption key (device encryption key blob) encrypted with the public key of the root key 161 is stored in the non-encrypted area. The data stored in the encryption area of the nonvolatile memory 13 is encrypted data encrypted with the device encryption key / decryption key. When this encrypted data is read out, the device encryption key / decryption key is read out. It can be used by decrypting with. A device encryption key used for encrypting data stored in the HDD 14 and a device decryption key used for decrypting the encrypted data are also stored in the nonvolatile memory 13 as a device encryption key blob.

  Returning to the description of FIG. The management server 2 includes a bus 21, a CPU 22, a ROM 23, a RAM 24, a network I / F 25, an operation / display unit 26, and an HDD 27 each connected to the bus 21. The functions of these constituent elements are the same as those of the multifunction apparatus 1 having the same name. The HDD 27 includes a device such as a firmware version DB (database) 26 for storing firmware version information written in the nonvolatile memory 13 of the multifunction device 1 and a device encryption key / decryption key of the HDD 14 of the multifunction device 1. A device key DB 29 for storing keys is created and stored.

  In the device management system having the above configuration, the TPM 20 is initialized when the multifunction device 1 is shipped from the factory. In this initialization, an asymmetric key pair (Endorsement key) is created. This asymmetric key pair is the root key 161 described above. The public key of the asymmetric key pair is used as device unique identification ID information as it is or in combination with a uniquely identifiable ID such as the model number / manufacturing number of the controller board 11. A communication key (hereinafter referred to as a factory setting communication key) used for predetermined communication with the management server 2 is supplied from the management server 2. The multi-function device 1 encrypts the communication key set at the time of shipment with the root key 161 to make a communication key blob, and stores it in the nonvolatile memory 13 or in the NVRAM in the TPM 20.

  When the initialization of the TPM 20 is completed, the firmware is installed in the multifunction device 1 next. FIG. 4 is a diagram showing software used when installing firmware in the multifunction device 1, and includes an OS (operating system) 133, an installation application 180, and an installation file group 185 configured as a platform 132. . The installation file group 185 includes a firmware group 182 and respective version file groups 186. Each version file 1 to n of the version file group 186 is a text file of a character string of version information of the corresponding firmware 1 to n of the firmware group 182. Here, the installation application 180 and the installation file group 185 are supplied from the management server 2 via the network, or read by connecting a reading (reproducing) device of a recording medium on which they are recorded to the multifunction device 1.

  FIG. 5 is a sequence diagram showing an operation when firmware is installed in the multifunction machine 1. First, in step S1, the installation application 180 installs the installation file group 185, that is, the firmware group 182 and the version file group 186 in the ROM 16 and the HDD 14, and then in step S2, sends a version report to the management server 2. Send.

  As shown in FIG. 6, the version report includes device unique ID information and a firmware version list. The firmware version list corresponds to the version file group 186 in FIG. 4 and includes a firmware identifier and version information thereof.

FIG. 7 is a sequence diagram of the detailed procedure of step S2 of FIG.
First, in step S11, the multifunction device 1 requests the management server 2 to send a session communication key. This session communication key request signal is encrypted with a shipping communication key obtained by decrypting the communication key blob stored in the controller board 11 with the root key of the TPM 20 when the TPM 20 is initialized.

  The management server 2 receives the session communication key request signal and decrypts it with the factory-set communication key held inside. In step S12, the session communication key is sent to the multifunction device 1. This session communication key is encrypted with a factory-set communication key.

  The multifunction device 1 receives the encrypted session communication key, decrypts it with the factory setting communication key, obtains the session communication key, and then transmits a version report in step S13. This version report is encrypted with the session communication key.

  The management server 2 receives the encrypted version report, decrypts it with the session communication key, obtains the version report, and stores it in the firmware version DB 28 in the HDD 27. FIG. 8 shows an example of the firmware version DB 28.

  In step S14, the management server 2 sends a content acceptance OK notification to the multifunction device 1 in step S14. This notification is encrypted with the session communication key.

The above is the processing at the time of shipment of the multifunction device 1. Next, processing when the multifunction device 1 is installed at the shipping destination and the HDD 14 as a storage device is encrypted will be described.
FIG. 9 shows software related to device encryption key processing when the multifunction device 1 is activated, among the software installed in the multifunction device 1. The BIOS 220, basic package 221, first application package 222, and second application package 223. These pieces of software are installed when the multi-function device 1 is shipped. Among them, the BIOS 220 is installed in the ROM 16, and other firmware is installed in the ROM 16 and the HDD 14.

  The basic package 221 includes an OS 133, a system activation module 231, a system management module 232, an encryption key management module 233, and a basic application (copy) 234. The first application package 222 includes a basic application (printer) 244 and a basic application (network) 245, and the second application package 223 includes a basic application (scanner) 246.

  The BIOS 220 is a module that is responsible for the initial startup of the system, and has a means for accessing the TPM 20. The OS 133 provides a function of using a hardware function from another software module. The file system 241 of the OS 133 manages data.

  When the MFP 1 is activated, the BIOS 220 activates the OS 133. After the activation of the OS 133, the system activation module 231 for activating other software in the system is activated. The system activation module 231 activates other software (module) in the prescribed order. Modules such as the BIOS 220, the OS 133, and the file system 241 are read into the RAM 17 by the CPU 15 and executed.

  Here, encryption and decryption of information using the TPM 20 will be briefly described. FIG. 10 is a diagram illustrating the operation of the TPM 20 when the multifunction device 1 is activated. In the platform 132, the BIOS 220 first calculates its own hash value and registers it in the PCR (PCR_ 0) 251 in the TPM 20. The BIOS 120 calculates its own hash value by, for example, a calculation method that generates a fixed-length pseudorandom number from the original text.

  Next, the BIOS 220 calculates a hash value of the first basic package 221, registers the hash value in the PCR (PCR — 1) 252 in the TPM 20, and then activates the basic package 221. Further, the basic package 221 calculates the hash value of the application package 222 and registers it in the PCR (PCR_2) 253 in the TPM 5, and then activates the application package 222.

  As described above, the hash values calculated from the BIOS 220, the basic package 221, and the application package 222 when the MFP 1 is activated are registered in the PCRs 251 to 253 of the TPM 20.

  FIG. 11 is a diagram showing information encryption and decryption using the TPM 20. A in this figure represents encryption of information “Data P” by the TPM 20. The TPM 20 creates a blob 260 based on the information “Data P” to be encrypted and the hash values “X” to “Z” stored in “PCR — 0” to “PCR — 2”.

  FIG. 11B shows decoding of blobs 261 to 263 by TPM 20. In the TPM 20, when the multifunction device 1 is started, for example, three hash values “X” to “Z” calculated from the BIOS 220, the basic package 221 and the application package 222 are registered in “PCR_0” to “PCR_2”. .

  The file system 241 manages the blobs 261 to 263 including the information “Data P”. In the blob 261, “X” to “Z” are registered in “PCR_0” to “PCR_2”. In the blob 262, “X”, “G”, and “Z” are registered in “PCR — 0” to “PCR — 2”. In the blob 263, “X” is registered in “PCR_0”.

  Since the hash values registered in “PCR_0” to “PCR_2” of the blob 261 and the “PCR_0” to “PCR_2” of the TPM 20 are the same, the TPM 20 permits the extraction of the information “Data P” from the blob 261. . However, since the hash values registered in “PCR_1” of the blob 262 and “PCR_1” of the TPM 20 are different, the TPM 20 does not permit the extraction of the information “Data P” from the blob 262. As for the blob 63, since the “PCR_0” and the hash value registered in “PCR_0” of the TPM 5 are the same, the TPM 20 permits the extraction of the information “Data P” from the blob 263. Note that the TPM 20 does not use the PCR for which the hash values such as “PCR_1” and “PCR_2” of the blob 263 are not registered to determine whether or not to permit the extraction of the information “Data P”.

  FIG. 12 is a diagram illustrating processing for acquiring a device encryption key when the multifunction device 1 is activated. A blob (device encryption key blob) 270 obtained by encrypting the device encryption key 271 with the root key 161 is stored in the file system 241 in the platform 132 of the multifunction machine 1 in advance at the time of shipment. Whether or not the device encryption key blob 270 can be decrypted is controlled by a hash value registered in the PCRs 251 to 253. The device encryption key 271 is used for encryption of secret information arranged on the file system 241 or decryption of the encrypted secret information.

  In the TPM 20, when the multifunction device 1 is started up, three hash values “X” to “Z” calculated from the BIOS 220, the basic package 221 and the application package 222 are registered in “PCR_0” to “PCR_2”.

  On the other hand, in the encryption key blob 270, “X” to “Z” are registered in “PCR_0” to “PCR_2”. Since the “PCR_0” to “PCR_2” of the encryption key blob 270 and the hash values registered in “PCR_0” to “PCR_2” of the TPM 20 are the same, the TPM 20 decrypts the device encryption key 271 from the encryption key blob 270. . Using the device encryption key 271, the encryption key management module 238 can decrypt the secret information 273 from the encrypted secret information 272.

  FIG. 13 is a sequence diagram showing processing for acquiring a device encryption key at the time of activation. First, in step S <b> 21, the BIOS 220 calculates its own hash value and registers it in the PCR 251 in the TPM 20. Next, in step S22, the BIOS 220 calculates the hash value of the basic package 221. In step S23, the BIOS 220 expands the basic package 221. In step S24, the BIOS 220 registers the hash value of the basic package 221 in the PCR 252 in the TPM 20. In step S25, the BIOS 220 activates the OS 133.

  In step S26, the OS 133 activates the system activation module 235. In step S27, the system activation module 235 activates the system management module 234. In step S28, the system activation module 235 activates the basic application 233.

  In step S29, the system activation module 235 calculates the hash value of the application package 222. In step S30, the system activation module 235 registers the hash value of the application package 222 in the PCR 253 in the TPM 20.

  In step S31, the system activation module 235 activates the encryption key management module 238. In step S32, the encryption key management module 238 decrypts (decompresses) the device encryption key 271 from the encryption key blob 270 as described above. The encryption key management module 238 can decrypt the secret information 273 from the encrypted secret information 272 using the device encryption key 271.

  The TPM 20 receives the decryption of the encryption key blob 270 after the hash values calculated from the BIOS 220, the basic package 221 and the application package 222 are registered in the PCRs 251 to 253. The encryption key module 238 requests the TPM 20 to decrypt the encryption key blob 270 at the timing when the TPM 20 has received the decryption of the encryption key blob 270. Thereafter, the encryption key management module 238 can acquire the device encryption key 271 decrypted by the TPM 20 from the encryption key blob 270.

  By using the device encryption key 271 acquired as described above, the data on the HDD 14 can be used by writing to the HDD 14 while encrypting the data and reading while decrypting the data. When the device encryption key 271 is updated and the HDD 14 is initialized with a new device encryption key, a key report is transmitted to the management server 2 in the sequence shown in FIG. The transmission of the key report is also executed when a device encryption key is newly created at the time of shipment or installation of the multifunction device 1. In the present invention, “creating a device encryption key” means creating a new device encryption key and changing (updating) an existing device encryption key.

  In the sequence of this figure, steps S41 and S42 are the same as steps S11 and S12 of FIG. 7, respectively. In the next step S <b> 43, the multifunction device 1 transmits a key report to the management server 2. This key report is encrypted with the session communication key.

  As shown in FIG. 15, the key report includes device-specific ID information, device type (HDD, etc.), device ID information (ID information obtained by ATA command in the case of HDD), device encryption key, and system administrator. It consists of a passphrase input from the operation / display unit 12.

  The management server 2 receives the encrypted key report, decrypts it with the session communication key, obtains the key report, and stores it in the device key DB 30 in the HDD 27. FIG. 16 shows an example of the device key DB 29.

  In step S44, the management server 2 sends the content acceptance OK notification to the multifunction device 1 in step S44 if the key report is successfully obtained and saved, and the content acceptance OK notification is sent. This notification is encrypted with the session communication key.

  Next, a procedure for detecting falsification of firmware installed at the time of shipment will be described with reference to a sequence diagram shown in FIG. This procedure is to detect that unintentional tampering has occurred after shipment until installation, that is, during transportation.

  In step S51, the multi function device 1 requests the management server 2 for a session communication key. In response to this request, the management server 2 sends the session communication key to the multifunction device 1 in step S52. These communications may be encrypted with the factory-set communication key, as in steps S11 and S12 of FIG.

  Next, the multifunction device 1 transmits a device unique ID search request signal encrypted with the session communication key to the management server 2 in step S53. The device unique ID search request signal is accompanied by the device unique ID of the multifunction device 1.

  The management server 2 that has received the device unique ID search request signal searches the firmware version database 28, and returns the search result in step S54. This search result response notification is a notification indicating the presence or absence of the requested device unique ID, and is encrypted with the session communication key.

  When the multifunction device 1 receives a notification from the management server 2 that it has its own device unique ID, it transmits a firmware comparison request signal in step S55. This firmware comparison request signal is attached with the device unique ID of the multifunction device 1 and the version information of the firmware installed in the nonvolatile memory 13 at that time, and is encrypted with the session communication key.

  The management server 2 that has received the firmware comparison request signal refers to the firmware version database 29 using the received device unique ID, and determines whether or not the version information written therein matches the received version information. The determination result is encrypted with the session communication key, and the response is made to the multi-function device 1 in step S56, and the determination result is stored in the HDD. Based on the received response, the multifunction device 1 can determine that there is no falsification if there is a match and that there is falsification if there is no match.

  As described above, in this embodiment, when the multifunction device 1 is shipped, the version information of the installed firmware is stored in the management server 2, and at the time of installation, the multifunction device 1 inquires the management server 2, and the management server 2 Since the version information is compared with the conventional method, the falsification detection can be more reliably performed as compared with the conventional method in which the falsification detection process is closed in the multifunction peripheral.

  Next, the device encryption key recovery process will be described. Conventionally, since the device encryption key is stored as a device encryption key blob in a secondary storage device such as an HDD, when the controller board 11 cannot be used, the device encryption key cannot be decrypted from the device encryption key blob. The data encrypted and stored in the HDD 14 cannot be used. In the present embodiment, when a device key is stored in the device key database 29 of the management server 2, by receiving it, data encrypted and stored in the HDD 14 can be used.

  Hereinafter, an example of this procedure will be described with reference to the sequence diagram of FIG. The procedure in this figure is a procedure to be executed when the HDD 14 is attached to another multifunction device 1 and the multifunction device 1 is activated because the controller board 11 can no longer be used.

  First, when the system of the multifunction device 1 reads the device ID of the HDD 14, if the ID is not already recognized, it is detected in step S61 that a new HDD is connected to the multifunction device 1.

  The next step S62 and the next step S63 are the same as steps S51 and S52 of FIG. Next, in step S64, the multifunction device 1 transmits a device unique ID search request signal encrypted with the session communication key to the management server 2. The device unique ID search request signal is accompanied by the device unique ID of the HDD 14.

  The management server 2 that has received the device unique ID search request signal searches the device key database 30 and returns the search result in step S65. This search result response notification is a notification indicating the presence or absence of the device unique ID requested to be searched, and is encrypted with the session communication key.

  When receiving a notification from the management server 2 that the device unique ID requested to be searched exists, the multifunction device 1 transmits a device key request signal in step S66. The device key request signal is attached with the device unique ID of the multifunction device 1 and a passphrase, and is encrypted with the session communication key.

  The management server 2 that has received the device encryption key request signal refers to the device key database 29 using the received device unique ID, compares the passphrase written therein with the received passphrase, and matches. If not, the device encryption key is encrypted. If they do not match, the transmission rejection notification is encrypted with the session communication key, and is sent to the multifunction device 1 in step S67. The multifunction device 1 can decrypt the data read from the HDD 14 using the received device encryption key.

  The above is the procedure for restoring the device encryption key of the HDD 14 when the HDD 14 is attached to another multifunction device 1, but the device encryption key can be restored by the same procedure when the controller board 11 is replaced. .

  DESCRIPTION OF SYMBOLS 1 ... MFP, 2 ... Management server, 13 ... Nonvolatile memory, 14 ... HDD, 20 ... TPM, 28 ... Firmware version DB, 29 ... Device key DB, 161 ... root key, 270 ... device encryption key blob.

JP 2005-84789 A

Claims (10)

A device management system including a device on which software is installed and a management device connected to the device,
Means for associating the software identification information of the software installed in the device with the device identification information of the device and storing it in the management device;
Means for transmitting the device identification information to the management device after the device has installed the software;
Means for searching for device identification information stored in the management device based on the device identification information received by the management device, and transmitting the search result to the device;
Means for transmitting software identification information of software installed in the device to the management device when the device receives a search result indicating that the device identification information exists in the management device;
Means for comparing the software identification information received by the management device with the software identification information stored in the management device;
Software falsification determining means for determining whether the software installed in the device has been falsified based on the result of the comparison;
A device management system comprising: The device management system according to claim 1,
The device management system, wherein the device identification information is an encryption key held in a security means built in the device. In the equipment management system according to claim 1 or 2,
Means for storing in the management device a device encryption key for encrypting data stored in the storage device of the device;
A device encryption key recovery means for recovering the device encryption key by supplying a device encryption key stored in the management apparatus to the device;
A device management system comprising: In the equipment management system according to claim 3,
The device management system characterized in that the means for storing the device encryption key in the management apparatus stores the device identification information of the storage device in association with the device encryption key in the management apparatus. In the equipment management system according to claim 3 or 4,
The device management system, wherein the means for storing the device encryption key in the management apparatus stores the device encryption key in the management apparatus when the device encryption key is created. In the apparatus management system of any one of Claims 3-5,
Means for storing, in the device, a device encryption key blob obtained by encrypting the device encryption key with an encryption key held in a security means incorporated in the device;
A device management system comprising: In the equipment management system according to claim 3,
The device encryption key recovery means is:
It means for transmitting the device identification information to the management device,
Means for retrieving device identification information stored in the management device based on the device identification information received by the management device;
Means for transmitting the device encryption key to the device when the device identification information is present in the management device;
A device management system comprising: In a device management system including a device on which software is installed and a management device connected to the device,
Storing the software identification information of the software installed on the device in the management device in association with the device identification information of the device;
Transmitting the device identification information to the management device after the device has installed the software;
Searching the device identification information stored in the management device based on the device identification information received by the management device, and transmitting the search result to the device;
When the device receives a search result indicating that the device identification information exists in the management device, the step of transmitting software identification information of software installed in the device to the management device;
Comparing the software identification information received by the management device with the software identification information stored in the management device;
A software tampering determination step for determining whether or not the software installed in the device has been tampered with based on the result of the comparison;
A program for running A management device connected to the device on which the software is installed,
Means for storing software identification information of software installed in the device in association with the device identification information of the device;
The device receives device identification information transmitted after the device installs the software from the device, searches the device identification information stored in the management device based on the device identification information, and obtains the search result as the device. Means for transmitting to,
The software identification information of the software installed in the device transmitted from the device that has received the search result indicating that the device identification information exists in the management device is received and stored in the management device. Means for comparing the software identification information,
Software falsification determining means for determining whether the software installed in the device has been falsified based on the result of the comparison;
A management apparatus comprising: A device connected to a management device and installed with software,
Means for transmitting the software identification information of the software installed in the device and the device identification information to the management device so as to be stored in the management device;
Means for transmitting the device identification information to the management device after installing the software;
Means for transmitting the software identification information of the software installed in the device to the management device when receiving a search result transmitted from the management device and indicating that the device identification information exists in the management device;
The management apparatus determines whether or not the software installed in the device has been tampered with based on the comparison result between the transmitted software identification information and the software identification information stored in the management apparatus. Means for receiving from,
A device characterized by comprising:

Images