JP5778018B2 - Electronic data management system and electronic data management method - Google Patents

Description

  The present invention relates to an electronic data management technique, and more particularly, to an electronic data management system, an information processing apparatus, an electronic data management program, and an electronic data management method that divide and manage important data into a plurality of non-critical data by secret sharing. It is related to effective technology when applied.

  A company having an information system needs to take measures to protect important data such as highly confidential data in order to prevent an information security accident such as information leakage. On the other hand, various means for realizing these have been proposed.

  As a means for protecting important data, for example, it is conceivable that a company or the like stores important data in a data center where multiple security measures are taken. However, the construction and operation of a private data center that can be accessed from the outside requires a great load in terms of technology and cost, and it is difficult for small and medium-sized enterprises to realize.

  On the other hand, it is also conceivable that a company or the like uses a data center operated by a third party and provided as a service to the outside. However, storing the company's important data in a data center operated and managed by a third party involves high risks such as information leakage and information corruption. Furthermore, storing important data in virtual data centers and virtual servers in cloud computing environments that have been increasingly used in recent years, in addition to the above risks, makes it impossible to grasp the actual data storage location, so there is a storage location. There are still concerns about the local risks and management conditions, and the risk is very high.

  On the other hand, when important data is stored, the data is concealed or stored by taking measures to prevent tampering. In general, important data is encrypted and stored using an encryption key. In this case, all the information in the important data is stored in the encrypted data although it is encrypted. Will be present in the place. Therefore, for example, when encrypted data is acquired by a third party, if the encryption key is also acquired / decrypted by the third party for some reason, the original data may be easily restored. Even if the encryption key is not acquired, the encryption key has a finite length, so that in theory, the original data may be restored from the encrypted data after a finite number of trials.

  On the other hand, a so-called secret sharing technique is also used as a method for strongly concealing important data. In secret sharing, important data is divided and distributed, so that it becomes non-important data that is meaningless (original data cannot be restored / estimated) only by the divided data pieces. Thereby, even when some non-important data is acquired by a third party, it is theoretically impossible to restore the original data by the third party.

  Various secret sharing techniques have been proposed. For example, in Japanese Patent No. 4039810 (Patent Document 1), two or more information blocks are obtained by dividing an electronic information file into a plurality of information elements, selecting the divided information elements, and combining them in a different order. In this case, an information block that does not include all information elements unless all the information blocks are integrated is generated, and division information relating to the method divided into information elements and formation information relating to the method generating the information block A technology that secures the security of electronic information by generating divided extracted data that records information, storing at least one of each information block and divided extracted data in a certification authority, and separately storing the other separately Is disclosed.

  On the other hand, as a secret sharing technique capable of restoring the original data if a predetermined number or more are collected without collecting all the partial data (information block, non-important data) for the original data, for example, as described in Non-Patent Document 1 The (k, n) threshold secret sharing method using polynomial interpolation has been used conventionally. According to this method, the original data can be restored by collecting at least k pieces (k ≦ n) of the partial data distributed in n pieces. Various threshold secret sharing methods that further improve this method have also been proposed.

  In relation to this, for example, in JP 2009-139990 A (Patent Document 2), the data stored in the storage device is converted into a secret sharing method that requires a reference number of partial data at the time of restoration. When dividing data into a predetermined number of partial data equal to or greater than the reference number, a transmission unit that transmits partial data to another information processing device and deletes the partial data from the storage device, An information processing apparatus including an acquisition unit that acquires partial data from an information processing device and stores the partial data in a storage device, and a restoration unit that restores data on condition that a reference number of partial data is stored in the storage device is disclosed. ing.

Patent No. 4039810 JP 2009-139990 A

A. Shamir, "How to Share a Secret", Communications of the ACM, vol.22 no.11 pp.612-613, 1979.

  In recent years, as portable information processing terminals such as notebook PCs (Personal Computers) are widely used, there is an increased risk of information leakage due to theft or loss of these terminals themselves. For example, in a company that handles personal information or the like, if an employee or the like loses these terminals, a report or report to a supervisory authority may be required. However, in the past, the actual information leakage range could not be specified in most cases, and when it was lost, all data had to be reported as leaked or possibly.

  On the other hand, it is conceivable to reduce the risk of terminal loss or the like by storing data including important data in the terminal in an external server or the like. With the technique described in Patent Document 1, the original data cannot be restored unless all of the secret-distributed partial data (information blocks) are collected. Therefore, by depositing one of the partial data to a certification authority, a so-called “trusted third party” (hereinafter sometimes simply referred to as “TTP”). However, a certificate authority can always be interposed in the restoration of the original data, which can improve the security, but it is necessary to collect all the partial data when restoring the original data. If at least one of the partial data cannot be acquired for some reason, such as loss of the original data, the original data cannot be restored, resulting in a lack of availability.

  On the other hand, in the threshold secret sharing method described in Non-Patent Document 1 and the technique described in Patent Document 2 using them, if the number of secret data is not collected, the number equal to or greater than the threshold is collected. The original data can be restored. However, for example, when consigning part of the partial data to the certification authority as described above, if the remaining partial data is collected more than the threshold, the original data can be restored alone, and the certification authority There is a problem that it is difficult to improve security by interposing TTP as described above.

  Therefore, an object of the present invention is to store a part of partial data in a certification authority, which is TTP, and to restore the original electronic data when the electronic data is divided into a plurality of partial data by secret sharing and distributedly managed. The original data can be restored by collecting more than a predetermined number of partial data, including the partial data stored in the certification authority. On the other hand, if the terminal is lost, etc. An object of the present invention is to provide an electronic data management system and an electronic data management method capable of specifying a range. The above and other objects and novel features of the present invention will be apparent from the description of this specification and the accompanying drawings.

  Of the inventions disclosed in this application, the outline of typical ones will be briefly described as follows.

  An electronic data management system according to a typical embodiment of the present invention, an information processing apparatus and an electronic data management program constituting the system, and an electronic data management method in the electronic data management system are instructed to be securely stored by a user With respect to electronic data, the electronic data is divided into a plurality of non-critical data by secret sharing, and each of the divided non-critical data is distributed and stored, and has the following characteristics.

  That is, the electronic data management system includes an information processing apparatus for a user that stores the electronic data and a certification authority that is a reliable information processing system of a third party, connected to a network.

  When the electronic data is securely stored, the information processing apparatus can restore the electronic data by collecting all by secret sharing based on the electronic data according to a predetermined condition. In addition, one or more key data and one or more partial data that cannot be restored and guessed alone are generated, and any k is obtained by secret sharing based on the partial data. It is possible to restore the partial data by collecting more than one, and a division unit that generates n (k <n) distributed data that cannot be restored and estimated by itself. .

  In addition, when the electronic data is restored, the restoration unit restores the partial data based on at least k pieces of the distributed data, and further restores the electronic data from the restored partial data and the key data. .

  Further, when the electronic data is securely stored, the key data generated by the dividing unit is deposited with the certification authority, and the n pieces of distributed data generated by the dividing unit are set to a predetermined condition. Are separately distributed and stored in n external data centers selected according to the above, and when the electronic data is restored, the corresponding key data is obtained through user authentication from the certification authority, and at least k number of data centers are obtained. A distributed management unit that acquires the distributed data from the k data centers selected according to a predetermined condition, and delivers the acquired key data and the distributed data to the restoration unit;

  In addition, the certification authority, the authentication unit that performs user authentication when receiving a request for deposit and / or acquisition of the key data from the information processing device, and the key data deposited from the information processing device, The electronic data is managed in association with the user and the identification information of the electronic data, and the contents of the key data deposit and acquisition processing from the information processing apparatus are recorded as a history, and the request from the user On the basis of the history, if it is determined that the key data related to the user has not been acquired after the specified reference date and time, it is proved that the electronic data related to the user is not leaked And a management unit that issues information to be performed.

  Among the inventions disclosed in the present application, effects obtained by typical ones will be briefly described as follows.

  According to the exemplary embodiment of the present invention, the electronic data to be stored is divided into two or more partial data that cannot be restored without collecting all of the electronic data, and at least one of them is divided. It is stored as key data in a certification authority which is TTP. Further, the remainder is distributed and stored by dividing it into n pieces of distributed data by (k, n) -type threshold secret sharing. As a result, when restoring the original electronic data, it is possible to obligate the acquisition of the key data through authentication by the certification authority, and security can be improved. In addition, even when a part of distributed data stored in a distributed manner is lost due to loss, failure or disaster, the original electronic data can be flexibly restored to improve data availability.

  Further, according to the representative embodiment of the present invention, each distributed data to be distributed and stored is non-critical data, and the original electronic data is restored even if part or all of the data is acquired by a third party. It is impossible. Thereby, for example, even if an operator of an external data center that stores distributed data in a distributed manner has a malicious intention, there is no fear that information of the original electronic data is leaked. Therefore, an external data center or the like can be used for distributed storage, and a means for securely managing electronic data can be constructed at a low cost.

  In addition, as described above, electronic data is distributed and stored in an external data center instead of a terminal, and the restoration is performed through authentication by a certification authority, and the certification authority holds its access log. This makes it possible to avoid direct leakage of data from the terminal even when the terminal is lost. In addition, we identify the range of information leaks from the access logs of certification authorities and data centers and grasp the access status. If there is no information leak, issue a certificate to that effect. Can be used for various reports and audits.

It is the figure shown about the outline | summary of the structural example of the electronic data management system which is one embodiment of this invention. It is the figure which showed the outline | summary about the example of the distribution method of the electronic data in one embodiment of this invention. It is the figure which showed the outline | summary about the example of the method of obtaining distributed data from the partial data in one embodiment of this invention. It is the flowchart which showed the example of the flow of a process at the time of dispersion | distribution of the electronic data in one embodiment of this invention. It is the flowchart which showed the example of the flow of the process at the time of the decompression | restoration of the electronic data in one embodiment of this invention. It is the flowchart which showed the example of the flow of the process at the time of non-leakage certification of electronic data in one embodiment of the present invention.

  Hereinafter, embodiments of the present invention will be described in detail with reference to the drawings. Note that components having the same function are denoted by the same reference symbols throughout the drawings for describing the embodiment, and the repetitive description thereof will be omitted.

  The electronic data management system according to an embodiment of the present invention, when storing electronic data with security, has no meaning by itself due to secret sharing (cannot restore / guess original electronic data) ) A computer system having a function of dividing partial data, which is non-important data, and distributing and storing them in an external data center.

  Here, at least one of the divided partial data is used as key data that is absolutely necessary when the original electronic data is restored, and this is deposited with the certification authority which is TTP. This makes it possible to improve security by intervening authentication by a certification authority when restoring the original electronic data.

  Further, when partial data other than key data is distributed and stored in an external data center, distributed data is generated by (k, n) -type threshold secret sharing, and these are distributed and stored. As a result, even if a part of the distributed data (up to nk) stored in the data center is lost or lost due to an attack, failure or disaster, the original electronic data can be restored flexibly. It is possible.

  In addition, as described above, electronic data is distributed and stored in an external data center instead of a terminal, and the restoration is performed through authentication by a certification authority, and the certification authority holds its access log. This makes it possible to avoid direct leakage of data from the terminal even when the terminal is lost. In addition, we identify the range of information leaks from the access logs of certification authorities and data centers and grasp the access status. If there is no information leak, issue a certificate to that effect. Can be used for various reports and audits.

[System configuration]
FIG. 1 is a diagram showing an outline of a configuration example of an electronic data management system according to an embodiment of the present invention. 1, the electronic data management system 1 includes, for example, one or more user terminals 100 connected to a network 400 such as the Internet, and a certification authority 200 connected to the network 400. A plurality of external data centers 300 that can be accessed from the user terminal 100 via the network 400 are connected to the network 400.

  The user terminal 100 is configured by, for example, a PC, and electronic data instructed by the user among electronic data stored in a storage device (not shown) is divided into partial data by secret sharing, and the certification authority 200 and the data center 300 are divided. It is an information processing apparatus that performs secure storage by distributed storage. The user terminal 100 includes a division unit 110, a distribution management unit 120, a restoration unit 130, and an interface unit 140 implemented by a software program, a distribution state 121 including a database, a file table, and the like, distribution destination information 151, and setting information There are 152 tables.

  The dividing unit 110, based on electronic data instructed to be securely stored by the user via the interface unit 140, which will be described later, one or more key data to be deposited with the certification authority 200 by secret sharing according to the setting contents of the setting information 152 A plurality of distributed data to be distributed and stored in the data center 300 is generated. Details of these procedures will be described later.

  The distributed management unit 120 uses the certification authority 200 and the data according to predetermined conditions based on the contents of the distribution destination information 151 and the setting information 152 for the key data and the distributed data generated by the dividing unit 110 when the electronic data is distributed and stored. The data is transmitted to the center 300 for distributed storage, and the status is recorded in the distributed status 121 and managed. Further, when electronic data is restored by the restoration unit 130 described later, key data and necessary shared data are collected from the certification authority 200 and the data center 300 based on the contents of the distribution state 121 and transferred to the restoration unit 130. .

  The restoration unit 130 acquires corresponding key data and distributed data via the distribution management unit 120 for the electronic data instructed to be used for reference or editing by the user via the interface unit 140, and acquires the acquired key data and Restore the original electronic data from the distributed data. Details of these procedures will also be described later.

  The interface unit 140 has a user interface such as screen display in the user terminal 100 and an input / output function such as data transmission / reception. The user can use the functions of the electronic data management system 1 by using, for example, a file management screen provided in a general OS (Operating System). For example, electronic data having important information on a file management screen is moved to a specific folder or the like by a simple operation such as drag and drop. Using this as a trigger, the dividing unit 110 and the distribution managing unit 120 can automatically divide the electronic data by secret sharing and securely store the electronic data in the certification authority 200 and the data center 300 without making the user aware of it.

  Further, for example, the user can perform operations such as referring to and editing electronic data that is managed in a specific folder and securely stored on the file management screen. With this as a trigger, the distributed management unit 120 and the restoration unit 130 can automatically collect necessary data from the certification authority 200 and the data center 300 and restore the original electronic data to the folder.

  The certification authority 200 is an information processing system of a reliable third party organization (TTP), which is configured by, for example, a PC, a server, and the like, manages key data transmitted from the user terminal 100 and deposited, and the user terminal When 100 is lost, it is proved that there is no unauthorized access to or leakage of electronic data held by the user terminal 100. The certification authority 200 includes authentication unit 210 and management unit 220 implemented by a software program, and key data management 221 and access log 222 databases.

  When the authentication unit 210 receives a request to acquire key data from the user terminal 100, the authentication unit 210 performs user authentication using a user ID / password or the like to determine whether the request is permitted. In order to perform user authentication, the interface unit 140 of the user terminal 100 displays a screen for requesting input of a user ID / password when receiving a request for referring to or editing electronic data securely stored from the user. You may do it. Further, not only when restoring electronic data such as reference and editing, but also when securely storing electronic data, user authentication is performed in order to deposit key data divided from the electronic data to the certification authority 200. May be.

  The management unit 220 manages the key data deposited from the user terminal 100 by the key data management 221 in association with the identification information (file name, ID, etc.) of the user (user ID) and the original electronic data. That is, based on a request from the user terminal 100, the information of the deposited key data is recorded in the key data management 221 or the key data is acquired from the key data management 221 to obtain the key data as the user terminal 100. To send to. Furthermore, the contents of these processes are recorded in the access log 222 as a history.

  Further, when the user terminal 100 is lost or the like, it is proved that there is no unauthorized access or leakage to the electronic data held in the user terminal 100 based on a request from the user. That is, it is proved that the key data corresponding to the electronic data held in the user terminal 100 has not been acquired since the user terminal 100 is lost. When the key data is acquired, the range of the original electronic data that may leak information is specified and output based on the access log 222 and the access log of each data center 300.

  The data center 300 is a facility where a plurality of server groups are operated and managed. Even if the data center 300 is a real data center that is operated by an external operator or the like and has fixed facilities as a general data center. Alternatively, it may be a virtual data center in a cloud computing environment using, for example, “Amazon EC2 (registered trademark)”. Of course, the data center 300 may include a private data center operated by the company. In this embodiment, the certification authority 200 is configured by an independent server or the like. However, the certification authority 200 may be installed in any of the data centers 300. Moreover, the structure which has two or more certification authorities 200 may be sufficient.

[Distribution method of electronic data]
FIG. 2 is a diagram showing an outline of an example of a method for distributing electronic data in the electronic data management system 1. In the user terminal 100, the electronic data instructed to be securely stored by the user via the interface unit 140 is first divided into two by secret sharing, and the two pieces of partial data 1 (101) and partial data 2 (102) Generate partial data.

  Since partial data 1 (101) and partial data 2 (102) are generated by secret sharing, each of them is meaningless data (it cannot restore and guess the contents of the original electronic data) alone. The original electronic data can be restored only after it is collected. The secret sharing technique is not particularly limited, and may be, for example, an information block generated by a technique described in Patent Document 1 or (k, n) described in Non-Patent Document 1. It may be generated as k = n = 2 using a threshold secret sharing method or the like.

  Either one of the partial data 1 (101) and the partial data 2 (102) (partial data 1 (101) in the example of FIG. 2) is deposited as key data 201 to the certification authority 200. This key data 201 is indispensable when restoring the original electronic data. In the example of FIG. 2, the original electronic data is divided into two, and one of them is deposited as the key data 201 with the certification authority 200. However, the original electronic data is divided into two or more and the key data Security may be further enhanced by having a plurality of 201. In this case, it is desirable to deposit a plurality of key data 201 to separate certificate authorities 200. Further, the partial data 2 (102) that is not the key data 201 may be divided so that a plurality of partial data 2 (102) are generated.

  While partial data 1 (101) is used as key data 201, the other partial data 2 (102) is secretly distributed by (k, n) type threshold secret sharing (k <n) to generate distributed data 103. To do. As a result, n pieces of distributed data 103 capable of restoring partial data 2 (102) can be generated by collecting arbitrary k pieces (in the example of FIG. 2, for example, k = 3, n = 4). ). Since each shared data 103 is also generated by secret sharing, each shared data 103 is non-important data that has no meaning by itself.

  Here, the secret sharing technique is not particularly limited. For example, the secret sharing technique is the distributed data 103 generated by using the (k, n) threshold secret sharing method described in Non-Patent Document 1 and the like, where k <n. May be. Further, even with the technique described in Patent Document 1, it is possible to obtain the distributed data 103 by performing (k, n) type secret sharing.

FIG. 3 is a diagram showing an outline of an example of a technique for obtaining the distributed data 103 from the partial data 2 (102) by the technique described in Patent Document 1. In the example of FIG. 3, _n C _{n−k + 1} pieces of partial data 2 (102) ( ₄ C ₂ = 6 in the example of FIG. This shows a state of being divided into pieces (information blocks or information elements). Here, by combining the respective divided pieces, it is possible to restore the partial data 2 (102) by collecting arbitrary k pieces (three pieces in the example of FIG. 3) (four pieces in the example of FIG. 3). Pieces of distributed data 103 are generated ((k, n) = (3,4)).

  At this time, in the present embodiment, redundancy is performed so that each divided piece is included in (n−k + 1) different distributed data 103 (two in the example of FIG. 3) in different combinations for each divided piece. . The table in FIG. 3 shows an example of a combination of the segment pieces and the distributed data 103 that satisfy the above conditions. Based on this, including division pieces A, B, C, including division pieces A, D, E, including division pieces B, D, F, and division pieces C, E, F Four pieces of distributed data 103 are generated. As a result, if any three of the four distributed data 103 are collected, at least one of all the divided pieces A to F can be obtained, and the partial data 2 (102) can be restored. It becomes.

  As shown in FIG. 2, the generated n pieces of distributed data 103 are selected from different external data centers 300 (in the example of FIG. 2, four data centers 300a, b, d, and e). Store in a distributed manner. Since the distributed data 103 is non-critical data that has no meaning by itself, it can be stored in the external data center 300 with confidence. Even if k or more distributed data 103 are collected by a third party, only partial data 2 (102) can be restored from these. In order to restore the original electronic data, it is necessary to acquire the key data 201 through authentication from the certification authority 200, so that even stronger security can be ensured.

  Further, the partial data 2 (102) can be restored by collecting at least k pieces of distributed data 103 stored in the data center 300. In other words, if it is up to (n−k) pieces, it can withstand loss due to loss, attack, etc., and the original electronic data without switching the system in response to a failure or disaster of the data center 300. Have the availability that can be restored. Accordingly, by providing these data centers 300 at geographically discrete locations, the electronic data management system 1 realizes so-called BCP (Business Continuity Plan) in addition to secure storage of electronic data. It is also possible to function as a disaster recovery system.

[Processing flow when distributed]
FIG. 4 is a flowchart illustrating an example of a processing flow when electronic data is distributed in the electronic data management system 1. In the user terminal 100, for the electronic data instructed to be securely stored by the user via the interface unit 140, first, the dividing unit 110 divides the original electronic data into two by secret sharing by the above-described method and outputs 2 Two pieces of partial data are generated (S01).

  Next, the dividing unit 110 transmits one of the partial data (partial data 1 (101)) as the key data 201 to the certification authority 200 via the interface unit 140 and deposits it (S02). Information such as a network address and a host name for accessing the certification authority 200 is set in advance in the setting information 152 of the user terminal 100, for example. The key data 201 may be deposited by selecting from a plurality of certification authorities 200.

  The certification authority 200 requested to deposit the key data 201 may request the user terminal 100 to input authentication information such as a user ID / password by the authentication unit 210. When the authentication is successful and the deposit of the key data 201 is permitted, the management unit 220 records the information of the key data 201 in the key data management 221 in association with the identification information of the user and the original electronic data. Further, the processing content is recorded as a history in the access log 222.

  Next, the dividing unit 110 uses the (k, n) -type threshold secret sharing (k <n) method as described above for the other partial data (partial data 2 (102)) that is not used as the key data 201. Thus, secret sharing is performed to generate n distributed data 103 (S03). The parameter values of k and n related to secret sharing are set in advance in the setting information 152 of the user terminal 100, for example. Thereby, when the user securely stores electronic data, it is not necessary to be aware of these conditions, and convenience can be improved. Note that flexibility may be ensured by making it possible to change these setting contents by the user, or by making it possible to specify each time as an option when the user makes a request to securely store electronic data.

  Next, the distribution management unit 120 selects the data center 300 to which the n pieces of distributed data 103 generated by the dividing unit 110 are stored in a distributed manner (S04). Here, the information of the data center 300 that is the distribution destination is set in advance in the distribution destination information 151 of the user terminal 100, for example. In the distribution destination information 151, for example, groups of data centers 300 that can be accessed for each user are set in a priority order as a list, and n data centers 300 from the top in the list are selected as distribution destinations.

  Priorities in the list are preferentially accessed based on performance information such as the operation rate (past access success rate) of each data center 300 and response time at the time of access, for example. You may make it change dynamically. When the accessible data center 300 is added, the list of the distribution destination information 151 is updated whenever the user terminal 100 accesses the data center 300, for example.

  Next, the distribution management unit 120 transmits and stores n pieces of distributed data 103 to the n distribution destination data centers 300 selected from the distribution destination information 151 (S05). Each data center 300 simply stores the distributed data 103 and records an access log, and no special processing is required. If a response indicating that the distributed data 103 cannot be stored is returned from the data center 300 of the distribution destination, such as service stop, disk full, timeout, etc., the unselected items in the list of the distribution destination information 151 are not selected. Of the data centers 300, the data center 300 of the next order is selected and stored.

  If there is no data center 300 of the next rank in the list of distribution destination information 151 and n distribution destination data centers 300 cannot be secured, the secure storage itself of the electronic data itself is regarded as an error and the processing so far is rolled. This is notified to the user via the interface unit 140 (the same applies when n distribution-destination data centers 300 cannot be selected in step S04).

  When the distributed data 103 is stored in the n distribution-destination data centers 300 in step S05, the distribution management unit 120 adds the key data 201 to the original electronic data as information necessary for restoring the original electronic data. The distribution management information that associates the information of the certification authority 200 of the deposit destination, the parameter values of k and n relating to the distributed data 103, the information of each distributed data 103 and the data center 300 of each distributed destination, and the like. (S06), and the process ends.

  At this time, the contents of the original electronic data are deleted from a storage device (not shown) of the user terminal 100. On the file system managed by the OS, for example, an empty file having only a file name may be retained so as to hide the distributed storage in the external data center 300 from the user. Note that the original electronic data may be retained without being deleted from the storage device or the like, and in that case, a function as a simple backup capable of immediate restoration is realized by distributed storage in the data center 300. can do.

  The processing order in the above flowchart is not limited to this, and can be appropriately changed according to mounting restrictions and the like. For example, the deposit of the key data 201 to the certification authority 200 in step S02 may be performed at the same timing as the distributed storage of the distributed data 103 in the data center 300 in step S05. In addition, for example, instead of selecting n distribution destination data centers 300 in step S04 and then distributing and storing in each data center 300 in step S05, a higher rank is selected from the list of data centers 300 in the distribution destination information 151. It is also possible to sequentially acquire the data and store the distributed data 103 in the data center 300 sequentially and repeat this n times.

[Processing flow at restoration]
FIG. 5 is a flowchart illustrating an example of a flow of processing when electronic data is restored in the electronic data management system 1. In the user terminal 100, when an operation such as referring to or editing electronic data stored securely via the interface unit 140 is requested by the user, first, the distribution management unit 120 first displays the distribution status 121. Then, an entry of the distribution management information related to the target electronic data is acquired (S11).

  Next, the distribution management unit 120 acquires key data 201 corresponding to the target electronic data from the certification authority 200 based on the content of the acquired distribution management information (S12). The certification authority 200 requested to acquire the key data 201 requests the user terminal 100 to input authentication information such as a user ID / password by the authentication unit 210. When the authentication is successful and the acquisition of the key data 201 is permitted, the management unit 220 refers to the key data management 221 to acquire the key data 201 corresponding to the target electronic data and transmits it to the user terminal 100. . Further, the processing content is recorded as a history in the access log 222.

  Further, the distribution management unit 120 acquires at least k pieces or more of the n pieces of distributed data 103 corresponding to the target electronic data from the distribution-destination data center 300 (S13). Here, the value of the threshold value k at the time of restoration is acquired from the content of the distribution management information corresponding to the target electronic data acquired in step S11. Further, k pieces are selected and acquired from the information of the distribution destination data center 300 recorded in the distribution management information.

  The distributed data 103 is sequentially acquired from each data center 300 specified by the acquired information of the k data centers 300. At this time, if there is a data center 300 that cannot be accessed due to a service stop, timeout, or the like, the access destination is switched so as to be acquired from another data center 300 recorded in the distributed management information. If k or more distributed data 103 cannot be acquired even for all n data centers 300, the processing so far is rolled back as an error in restoration processing, and the user is notified via the interface unit 140. To be notified.

  When the distribution management unit 130 acquires at least k pieces of distributed data 103, the restoration unit 130 restores one of the partial data (partial data 2 (102) in FIG. 2) from the k pieces of distributed data 103 (S14). ). Next, the restoration unit 130 restores the original electronic data from the key data 201 acquired from the certification authority 200 in step S12 and the partial data 2 (102) restored in step S14 (S15). Store in a predetermined folder or the like. At this time, the entry of the target distribution management information is deleted from the distribution status 121 via the distribution management unit 120 (S16), and the process ends. Similar to the processing at the time of distribution, the above-described processing order is not limited to this, and can be appropriately changed according to mounting restrictions and the like.

[Processing flow for non-leakage certification]
FIG. 6 is a flowchart showing an example of a flow of processing when electronic data is not leaked in the electronic data management system 1. When the user terminal 100 is lost or the like, the certification authority 200 performs proof that there is no unauthorized access or leakage to the electronic data held in the user terminal 100. That is, it is proved that the key data corresponding to the electronic data held in the user terminal 100 has not been acquired since the user terminal 100 is lost.

  When the certification authority 200 receives a request for proof of non-leakage of electronic data from the user, for example, via the network 400 or the like, first, the authentication unit 210 performs authentication using a user ID / password or the like (S21). Next, the management unit 220 acquires a reference date and time serving as a reference for non-leakage proof by input from the user or the like (S22). That is, the date and time when the target user loses the user terminal 100 is acquired.

  Next, the management unit 220 determines whether the key data 201 related to the target user has been acquired after the acquired reference date and time based on the access log 222 (S23). What is determined not to be acquired includes those that could not be acquired such as attempted acquisition but being rejected by user authentication.

  If the key data 201 is not acquired after the reference date and time in step S23, the corresponding original electronic data is not restored. Therefore, since it can be determined that there is no information leakage after the reference date and time, the management unit 220 issues a certificate having information to that effect (S24) and ends the process. There are no particular restrictions on the specific contents of the certificate, the issuing method, and the like. For example, various methods such as outputting a message digitally signed by the certification authority 200 can be used.

  When the key data 201 has been acquired after the reference date and time in step S23, the management unit 220 acquires the contents of the corresponding part of the access log 222 for the acquired key data 201 (S25). Further, an access log for the distributed data 103 generated from the original electronic data corresponding to the acquired key data 201 is acquired from each data center 300 (S26).

  Next, based on the access log 222 of the certification authority 200 and the access log of each data center 300 acquired in steps S25 and S26, the range of the original electronic data that can be leaked, that is, the key data 201 and The range of the original electronic data from which k or more pieces of distributed data 103 have been acquired is specified and output (S27), and the process ends. Note that, similar to the processing at the time of distribution and restoration, the above processing order is not limited to this, and can be appropriately changed according to mounting restrictions and the like.

  As described above, according to the electronic data management system 1 which is an embodiment of the present invention, electronic data to be securely stored is divided into two or more partial data by secret sharing. At least one is deposited as key data 201 to the certification authority 200 which is TTP. Further, the remaining partial data is divided and stored in n pieces of distributed data 103 by (k, n) -type threshold secret sharing. As a result, when the original electronic data is restored, acquisition of the key data 201 that has been authenticated by the certification authority 200 can be obliged, and security can be improved. Further, even when a part of the distributed data 103 stored in a distributed manner is lost, the original electronic data can be flexibly restored to improve data availability.

  Further, according to the present embodiment, the distributed data 103 to be distributed and stored is non-critical data, and it is impossible to restore the original electronic data even if part or all of the data is acquired by a third party. . Thereby, for example, even if an operator of the external data center 300 that stores the distributed data 103 is malicious, there is no fear that the information of the original electronic data is leaked. Therefore, the external data center 300 and the like can be used for distributed storage, and a means for securely distributing and managing electronic data can be constructed at low cost.

  In addition, it is possible to conceal the processing of electronic data division and distributed storage, and to collect the distributed data 103 and restore the original electronic data from the user. Consciousness can be made unnecessary, and convenience can be improved.

  In addition, as described above, electronic data is distributed and stored not in the user terminal 100 but in the external data center 300, and the restoration is mediated by authentication by the certification authority 200. Further, the certification authority 200 holds the access log 222. deep. This makes it possible to avoid direct leakage of data from the user terminal 100 even when the user terminal 100 is lost. Further, the access log 222 of the certification authority 200 and the access log of each data center 300 are used to accurately identify the range where there is a possibility of information leakage and grasp the access status. Can be used for various reports and audits.

  As mentioned above, the invention made by the present inventor has been specifically described based on the embodiment. However, the present invention is not limited to the embodiment, and various modifications can be made without departing from the scope of the invention. Needless to say.

  The present invention can be used for an electronic data management system and an electronic data management method for distributing and managing important data by dividing it into non-important data by secret sharing.

1 ... Electronic data management system,
DESCRIPTION OF SYMBOLS 100 ... User terminal, 101 ... Partial data 1, 102 ... Partial data 2, 103 ... Distributed data, 110 ... Dividing part, 120 ... Distributed management part, 121 ... Distributed state, 130 ... Restoring part, 140 ... Interface part, 151 ... Distribution destination information, 152 ... setting information,
200 ... Certificate Authority 201 ... Key Data 210 ... Authentication Unit 220 ... Management Unit 221 ... Key Data Management 222 ... Access Log
300, 300a-e ... data center,
400: Network.

Claims (4)

An electronic data management system that divides the electronic data into a plurality of non-important data by secret sharing and distributes and stores each of the divided non-important data for electronic data instructed to be securely stored by a user,
An information processing device of a user that stores the electronic data connected to a network, and a certification authority that is a reliable information processing system of a third party,
The information processing apparatus includes:
When securely storing the electronic data, it is possible to restore the electronic data by collecting all by secret sharing based on the electronic data according to a predetermined condition, and the electronic data alone Generating one or more key data and one or more partial data that cannot be restored and guessed, and collecting any k or more by secret sharing based on the partial data A dividing unit capable of restoring partial data and generating n pieces of distributed data (k <n) that cannot alone restore and estimate the partial data;
A restoration unit that restores the partial data based on at least k pieces of the distributed data when restoring the electronic data, and further restores the electronic data from the restored partial data and the key data;
When securely storing the electronic data, the key data generated by the dividing unit is deposited with the certification authority, and the n pieces of distributed data generated by the dividing unit are selected according to a predetermined condition. And separately stored in each of the n external data centers, and when the electronic data is restored, the corresponding key data is obtained from the certification authority through user authentication, and at least k of the distributed data centers are obtained. A distribution management unit for acquiring data from the k data centers selected according to a predetermined condition, and transferring the acquired key data and the distributed data to the restoration unit;
The certification authority is
An authentication unit that performs user authentication when receiving a request for deposit and / or acquisition of the key data from the information processing apparatus;
The key data deposited from the information processing device is managed in association with the user holding the electronic data and the identification information of the electronic data, and the key data deposit and acquisition processing from the information processing device Is recorded as a history, and in response to a request from the user, based on the history, it is determined whether or not the key data related to the user has been acquired after a specified reference date and time. And a management unit that issues information proving that the electronic data relating to the user is not leaked when it is determined that the electronic data is not leaked. The electronic data management system according to claim 1.
The management unit of the certification authority
In response to a request from the user, when it is determined that the key data related to the user has been acquired after the reference date and time, the user relates to the user based on the history and the access log of each data center An electronic data management system characterized in that the key data and at least k corresponding distributed data are output from the data center by specifying a range of the acquired electronic data. In an electronic data management system that is connected to a network and has an information processing apparatus for storing electronic data and a certification authority that is a trusted third party information processing system, the user is instructed to securely store the data. For electronic data, the electronic data is divided into a plurality of non-important data by secret sharing, and each of the divided non-important data is distributed and stored,
When securely storing the electronic data,
The information processing apparatus is
One that can restore the electronic data based on the electronic data according to a predetermined condition by collecting all of them by secret sharing and cannot restore and infer the electronic data alone. Generating the above key data and one or more partial data;
Depositing the key data with the certification authority;
Based on the partial data, by secret sharing, it is possible to restore the partial data by collecting arbitrary k or more and n pieces of data (individually unable to restore and guess the partial data) generating k <n) distributed data;
Selecting n external data centers for storing the generated n distributed data according to a predetermined condition;
And separately storing the generated n distributed data in the selected n data centers, respectively.
When restoring the electronic data,
The information processing apparatus is
Obtaining the key data corresponding to the electronic data from the certification authority via user authentication;
Obtaining at least k of the distributed data from the k data centers selected according to a predetermined condition;
Restoring the partial data based on the obtained distributed data;
Performing the step of restoring the electronic data from the restored partial data and the acquired key data;
When certifying that the electronic data held in the information processing apparatus is not leaked,
The certification authority
Obtaining a reference date and time for performing the certification from the user;
Determining whether or not the key data related to the user has been acquired after the reference date and time based on a history of processing related to depositing and acquiring the key data; and
Issuing the information proving that the electronic data relating to the user is not leaked when it is determined that the key data relating to the user has not been acquired after the reference date and time; A featured electronic data management method. The electronic data management method according to claim 3,
When certifying that the electronic data held in the information processing apparatus is not leaked,
The certification authority further comprises:
When it is determined that the key data related to the user has been acquired after the reference date and time, based on the history and the access log of each data center, the key data related to the user and at least k corresponding data And a step of specifying and outputting the range of the electronic data in which the distributed data is acquired from the data center.

Images