JPH0218621B2 - - Google Patents

Description

[Detailed Description of the Invention] [Technical Field of the Invention] The present invention is directed to data protection in devices that transmit data between an offline terminal in a financial institution, that is, an automated transaction device installed in a company, and a center. Regarding data protection methods.

[Technical background of the invention]

Traditionally, when transmitting data between an offline terminal at a financial institution, i.e., an automated transaction device installed at a company, etc., and a center, the data is transmitted via a signal line that connects the automated transaction device and the center. It is being done. In order to perform this transmission, data is encrypted using a predetermined encryption key and then transmitted, and the encrypted data is decrypted at the destination using the encryption key.

[Problems with background technology]

However, in the above-mentioned devices, the operator (handler) handling the automatic transaction device or center can know the encryption key, so it is possible to read the data on the signal line, which poses a problem in terms of security. It was hot. Even if an attempt was made to protect it, the encryption key would have to be changed for each person handling it, which would be impossible.

[Purpose of the invention]

The present invention has been developed in view of the above circumstances, and its object is to provide a first device for storing data from a data source on a portable storage medium; A second device installed on the ground and reading the data stored in the storage medium, when sending and receiving data using the offline storage medium, the information processing device of the bearer (handler) , the data on the storage medium can be managed, safety is guaranteed, and when the information processing device is inserted, the operator can Since it is determined whether the information is legitimate or not, the legitimacy of the handler is guaranteed, the legitimacy of the storage medium is guaranteed, and after the legitimacy of the handler is guaranteed, encryption and decryption of the information is performed. Since this is done within the processing device, the contents of the encryption or decryption within the information processing device cannot be read from the outside, and the encryption key or decryption key does not get on the signal line. Therefore, the encryption key and the decryption key are not monitored, and the contents of the encryption or decryption cannot be deciphered.The object of the present invention is to provide a data protection method that is effective in terms of security.

[Summary of the invention]

The invention includes a first device for storing data from a data source on a portable storage medium; and a first device located at a remote location apart from the first device for reading data stored on the storage medium. and a second device, in which the first device compares the data inputted by the input means with the data stored in the information processing medium accepted by the receiving means. determine the validity of
When the legitimacy of this handler is determined, the data received by the receiving means is encrypted in the information processing medium using an encryption program stored in the information processing medium, and the encrypted data is The second device verifies the legitimacy of the handling person by comparing the data input by the input means and the data stored in the information processing medium accepted by the receiving means. When the authenticity of the handler is determined, the encrypted data read by the reading means is decoded into the information processing medium by a decryption program corresponding to the encryption program stored in the information processing medium. It is designed to be decrypted using .

[Embodiments of the invention]

An embodiment of the present invention will be described below with reference to the drawings.

In Figures 1 and 2, 1 is a data conversion device that is connected to an automatic transaction device (not shown) installed at a company, etc., and 2 is a data conversion device that is connected to a center (not shown) installed at a financial institution. This is a data conversion device. The data conversion device 1 converts data (transaction data) supplied from an automatic transaction device into encrypted data using an IC chip 15 of an IC card 10, which will be described later, and stores the conversion result in a storage medium, such as a floppy disk, which will be described later. For example, it is structured as follows. In other words, 3 is a CPU (central processing unit) that controls the entire system, 4 is a keyboard for entering passwords, etc., 5 is a CRT display device, and 6 is a storage area for control programs.
ROM (read only memory), 7 a RAM (random access memory) in which data is stored, 8 an information processing medium inserted from the card insertion slot 9, for example an IC chip 15 on the IC card 10, which will be described later. By contacting the contact part 19, data from the CPU 3 is transferred to the IC chip 15.
IC card reading/writing unit 11 that outputs data to the CPU 16 and outputs data from the CPU 16 to the CPU 3
is a floppy disk device that records and reproduces data on a floppy disk 13 inserted through a floppy disk insertion slot 12.

The IC card 10 is provided with a magnetic stripe section 14 and an IC chip 15, as shown in FIG. As shown in FIG. 4, the IC chip 15 includes a control CPU 16, a ROM 1 in which a control program, a password, and an encryption program are stored.
7. Consists of a RAM 18 for data storage and a contact section 19.

The CPU 16 outputs the PIN number stored in the ROM 17 and inputs the supplied transaction data.
Encrypt according to the encryption program in ROM 17 and output the encrypted data, or decrypt the supplied encrypted data according to the decryption program corresponding to the above encryption program in ROM 17 and output the decrypted data. is now output. For example, data can be encrypted using the above encryption program.
The Encryption Standard (DES) is known.

The IC card reading/writing section 8 is configured as shown in FIG. 5, for example. That is, a transport path 34 is provided for transporting the IC card 10 inserted from the card insertion slot 9. The transport path 34 is provided with a plurality of pairs of rotatable transport rollers 36, which are positioned so as to sandwich the IC card 10 from above and below when it is transported.

The conveyance rollers 36 are provided along the conveyance path 34 at equal intervals. The interval provided in the conveying direction of these conveying rollers 36 is from the center of one conveying roller 36 to the distance between adjacent conveying rollers 36.
The distance to the center of the card has the width dimension in the card transport direction. Therefore, the IC card 10 can move smoothly on the transport path 34. This conveyance path 34 is regulated by a conveyance guide 38. Furthermore, an IC chip reader/writer 21 is arranged on the conveyance guide 38.

Further, the data conversion device 2 converts the encrypted data supplied from the floppy disk device 11 into normal data using the decryption program in the ROM 17 in the IC chip 15 using the IC card 10.
It outputs to the center via CPU3,
It has the same configuration as the data conversion device 1, and its explanation will be omitted.

Next, the operation in such a configuration will be explained. For example, now, the handler inserts the IC card 10 into the card insertion slot 9 of the data conversion device 1. Then, the IC card 10 is taken into the card reading/writing section 8 and is connected to the contact section 19 of the IC chip 15.
The IC chip reader/writer 21 is electrically connected,
The IC chip reader/writer 21 reads the password stored in the ROM 17 within the IC chip 15. The output of the above IC chip reader/writer 21 is
Supplied to CPU3. Next, the handler inputs a password indicating the handler of the IC card 10 using the keyboard 4. Then, the CPU 3 compares the password from the keyboard 4 and the password read from the ROM 17 of the IC chip 15 to see if they match. If the results match, the CPU 3 determines that the IC card 10 for the correct handler has been inserted by the correct handler. Then, the CPU 3 receives transaction data supplied from an automatic transaction device (not shown).
It is supplied to the CPU 16 in the IC chip 15 via the IC card reading/writing section 8. As a result, CPU16
encrypts the supplied data according to the encryption program in the ROM 17, and outputs it to the CPU 3 via the IC card reading/writing section 8. Then, CPU3
transfers the encrypted data to floppy disk device 1
1, the data is sequentially stored on the floppy disk 13.

In this way, the floppy disk 13 storing transaction data and the IC card 10 used at this time are connected to a center (not shown) installed at a financial institution at a location where the data conversion device 2 is installed. carry (transmit) to. Then, the bearer (handler) of the floppy disk 13 and the IC card 10 inserts the IC card 10 into the card insertion slot 9 of the data converter 2, and also inserts the floppy disk 13 into the floppy disk insertion slot 1.
Insert into 2. Then, the IC card 10 is taken into the IC card reading/writing section 8, and the IC chip 15
electrically connected to the contact portion 19 of the
The ROM in the IC chip 15 is read by the IC card reading/writing section 8.
The password stored in 17 is read,
Supplied to CPU3. Further, the floppy disk device 11 sequentially reads transaction data (encrypted data) on the floppy disk 13 and outputs it to the CPU 3. Next, the handler inputs a password indicating the handler of the IC card 10 using the keyboard 4. Then, the CPU 3 compares the password from the keyboard 4 and the password read from the RAM 17 of the IC chip 15 to see if they match. As a result,
If they match, the CPU 3 determines that the correct handler has inserted the IC card 10 for that handler. Then, the CPU 3 supplies the encrypted data from the floppy disk device 11 to the CPU 16 in the IC chip 15 via the IC card reading/writing section 8. Then, the CPU 16 decrypts the supplied encrypted data using the decryption program in the ROM 17 and reads it via the IC card reading/writing section 8.
Output to CPU3. Thereby, the CPU 3 outputs the decrypted transaction data to a center (not shown).

In this way, when data is exchanged using a floppy disk, that is, an offline storage medium, the data on the floppy disk can be managed by the IC card held by the bearer (handler), and safety is guaranteed. Additionally, when inserting an IC card, the handler determines whether the handler is legitimate based on whether the PIN number on the IC card matches the input PIN number, which guarantees the legitimacy of the handler. , the validity of the floppy disk is guaranteed.

In the above embodiment, a floppy disk was used as the off-line storage medium, but the present invention is not limited to this, and magnetic tape, magnetic disk, optical disk, etc. may also be used. Further, although the storage medium is brought offline, it is also possible to transfer data online. In this case, IC card designation data is transferred along with the data, and processing is performed using the IC card according to this designation data. Furthermore, although data transmission between an automatic transaction device and a center has been described, the present invention is not limited to this, and can be similarly implemented as long as data is transmitted between at least two devices.

Further, although an IC card is used as the information processing medium, the present invention is not limited to this, and a passbook with an embedded IC chip may also be used.

〔Effect of the invention〕

As detailed above, according to the present invention, there is a first device for storing data from a data source in a portable storage medium, and the first device is provided in a remote location, and the storage medium and a second device that reads data stored in the storage medium, when data is transferred using an offline storage medium, the data on the storage medium cannot be managed by the information processing device of the bearer (handler). , safety is guaranteed, and when the information processing device is inserted, it is determined whether the handler is legitimate by checking whether the PIN number inside the information processing device matches the input PIN number. Therefore, the legitimacy of the handler is guaranteed, the legitimacy of the storage medium is guaranteed, and after the legitimacy of this handler is guaranteed, encryption,
Since decryption is performed within the information processing device, the contents of the encryption or decryption within the information processing device cannot be read from the outside.
Since the encryption key or decryption key does not get on the signal line, the encryption key or decryption key is not monitored, making it impossible to decipher the encrypted or decrypted contents, which is a security issue. Provide effective data protection methods.

[Brief explanation of drawings]

The drawings are for explaining one embodiment of the present invention, and FIG. 1 is a perspective view of a data conversion device, FIG. 2 is a block diagram schematically showing the configuration of the data conversion device, and FIG. 3 is an IC card. Figure 4 is a plan view showing the configuration of the IC chip, Figure 5 is a block diagram showing the configuration of the IC chip.
The figure is a sectional view schematically showing the configuration of the IC card reading/writing section. 1, 2...Data conversion device, 3...CPU, 4
... Keyboard, 8 ... Card reading/writing section, 10
... IC card (information processing medium), 11 ... Floppy disk device, 14 ... Magnetic stripe section,
15...IC chip, 16...CPU, 17...
ROM, 18...RAM, 9...Contact part,
21...IC chip reader/writer.

Claims (1)

[Scope of Claims] 1. A first device for storing data from a data source on a portable storage medium; a second device for reading data, the first device comprising a receiving means for receiving data from said data source, and an information processing device that is portable and has data indicating the handler and an encryption program. By comparing the data input by this input means with the data stored in the information processing medium received by the above-mentioned reception means; , a determination means for determining the legitimacy of the handling person; and when the validity of the handling person is determined by the determination means, the data received by the receiving means is stored in the information processing medium within the information processing medium. and a storage means for storing the encrypted data encrypted by the encryption means in the storage medium, and the second device is configured to be a reading means for reading encrypted data stored in a storage medium; an accepting means for accepting the information processing medium; an input means for inputting data indicating a handler; a determination means for determining the legitimacy of the handling person by comparing the data stored in the accepted information processing medium; and when the validity of the handling person is determined by this determination means, the reading means; and a decryption means for decrypting the encrypted data read by the information processing medium using a decryption program corresponding to the encryption program stored in the information processing medium. Data protection method.