JPH03154137A - Security system for data - Google Patents

Abstract

PURPOSE:To prevent the information from being read out illegally and falsified willfully by a person for which important information is not permitted by providing an approval permitting means for giving an access approval to an access permitting means. CONSTITUTION:A person in charge inputs the own ID number and a document name from a user side terminal 21, and when the security level of its document is higher than the level of the person in charge, an access permitting task 27 outputs an access approval request to an approval permitting task 28, and the document name brought to access request and the change contents are outputted to a superintendent side terminal 22. When the access request is acknowledged, the superintendent side inputs the ID number of the superintendent himself, a password of its document, etc. In this case, when response data is not inputted from the superintendent side terminal 22 within a prescribed time after the access approval request is outputted, the approval permitting task 28 makes its access request invalid. In such a manner, it can be prevented surely that important data is read out illegally and information is falsified by a person who is not permitted.

Description

DETAILED DESCRIPTION OF THE INVENTION [Object of the Invention] [Field of Industrial Application] The present invention relates to a data security system that prevents leakage and falsification of important data stored in a database.

[Conventional technology]

Conventionally, security systems have been developed to prevent important information stored in the databases of computer systems from being read illegally or tampered with by unauthorized persons. .

FIG. 2 is a diagram showing an example of the configuration of a conventional security system. This security system is
A large number of documents are stored in the document database 2 in the registrant file 3, and the security level of each document to be accessed and the users and administrators who are allowed to access the documents at each level are stored in the registrant file 3. ID numbers, passwords for reading each document, etc. are stored in advance. Note that the password is, for example, a combination of a security code and a personal identification number, and is known only to those who are permitted access for each security level.

When reading a predetermined document in the document database 2,
From a terminal 5 connected to the computer 1, an access request is issued by inputting the ID number of the person in charge of accessing the document and the document name of the document to be accessed. When an access request is issued, the access permission task 4 accesses the registrant file 3.
to determine whether the person with the entered ID number is allowed to access the document, and if so, request the user to enter the password for the document. do. If the password input by the person in charge matches the password of the document for which the access request was issued, the document is read out to the output device 6.

On the other hand, if the security level of the document for which the access request has been made is high and the person with the input ID number is not permitted to access it, the administrator's access approval is required. That is, the administrator who is permitted to access the document for which the access request has been issued determines whether or not to permit access to the document, and if access is permitted, the administrator directly inputs the password.

In this way, with conventional data security, a password is set for documents of a certain level or higher, and this password is known only to designated registrants according to the security level of the document. When accessing a document at a higher level, you can access important information stored in the document database 2 by having another registrant or administrator who knows the password for that document enter the password directly. This prevents the information from being read illegally or tampered with by unauthorized persons.

However, for example, if you are familiar with system protection, you can relatively easily find the passwords of other registrants and administrators in the registrant file 3, and unauthorized passwords can be used to access important data. Unequal access was also possible.

[Problem to be solved by the invention]

Therefore, traditional data security systems
There is a problem that there is a high possibility that important data may be read out illegally by unauthorized persons, and that there is a high possibility that the information may be tampered with.

The present invention was made in view of the above-mentioned circumstances, and it prevents illegal reading of important data by unauthorized persons.
The purpose is to provide a data security system that can reliably prevent falsification of information.

[Structure of the Invention] [Means for Solving the Problem] In order to solve the above problem, the present invention sets a security level for each document stored in a database according to the importance of each document. In a data security system, when accessing a document with a high security level, permission is requested from an administrator who is authorized to access the document. A user terminal for inputting data; an administrator terminal installed at a predetermined distance from the user terminal for inputting response data to the access request; and a predetermined document input from the user terminal. When a request for access to the document is made, it is determined whether or not access to the document is permitted, and if access is permitted, the document is granted access, and if access is not permitted, is an access permission means that outputs an access approval request; and if data approving access is input from the administrator side terminal as the response data within a predetermined time after the access approval request is issued, this input and an approval/permission means for determining whether or not the document can be accessed based on the data obtained, and if access is permitted, giving access approval to the access permission means.

[Effect]

The present invention takes the above measures, so that when data for an access request is input from a user terminal to a predetermined document, the access permission means accepts the access request and allows access. If the access request is from an unauthorized person, an access approval request is issued to the approval/permission means. The approval/permission means waits for response data to be input manually from an administrator terminal installed at a predetermined distance from the user terminal, and if data approving access is input within a predetermined time, Based on the input data, it is determined whether or not access to the document for which the access request has been made is permitted, and if access is permitted, access approval is granted to the access permission means. Further, if data for approving access is not input from the administrator terminal within a predetermined time after an access approval request is issued, the access request is invalidated. Therefore, even if you know the password of an administrator who is allowed to access a document with a high security level, the administrator's terminal, which is far away from the user's terminal that issued the access request, can be accessed for a specified period of time. You cannot access the document unless you enter the password.

〔Example〕

Examples of the present invention will be described below.

FIG. 1 is a diagram showing the configuration of a data security system according to an embodiment. This security system is
A user terminal 21 where a data user inputs data for an access request into the computer 20, and an administrator inputs data such as access approval in response to an access request input from this user terminal. Administrator terminal 22
and are located a predetermined distance apart. The two terminals 21.22 are separated by a distance that makes it impossible to operate both terminals 21.22 simultaneously or within a short period of time.

On the other hand, the computer 20 to which these two terminals 21 and 22 are connected includes a document database 23 and a registrant file 24 . Licensed registrant file 25゜Career database 26
．． A main storage unit is provided in which control programs such as an access permission task 27 and an approval permission task 28 are stored. A plurality of documents are stored in the document database 23, and a security level is set for each document. The registrant file 24 contains the data user ID.
Numbers are stored in advance, and for each document with a different security level, the ID number of a user who is permitted to access the document at that level is registered. Furthermore, the registrant file 24 stores passwords for accessing each document. The data user can read the specified document using this password. The authorized registrant file 25 also stores the ID number of an administrator who approves access to documents of a certain level or higher, and the password of the document of a certain level or higher. The access permission task 27 determines permission to access the document for which an access request has been made, and if permission is granted, outputs the document to the output device 29, and if not, approves the document. It has a function of outputting an access approval request to the task 28 and outputting the document to the output device 29 if there is a response of access approval. Approval permission task 2
8 searches the authorized registrant file 25 and authorizes access when data for authorizing access is input from the administrator terminal 22 within a predetermined time after an access authorization request is issued from the access authorization task 27. If the access is permitted, access approval is sent back to the access permission task 27. Furthermore, if response data is not input within a predetermined time or if access is not permitted, the access request is invalidated. Access permission task 2
7 and the approval/permission task 28 are connected by e-mail, and can exchange access approval or inquiries regarding access approval requests from the access permission task 27 via e-mail. The history of this e-mail communication is stored in the history database 26.

Next, the operation of this embodiment will be explained.

When reading or changing a predetermined document stored in the document database 23, the person in charge must use the user terminal 21.
Enter your ID number and document name. The access permission task 27 checks the registrant file 24 for the document and the level of the person in charge for which access is requested.

As a result, if the person in charge is allowed to access the document for which the access request has been made, the user is prompted to enter the password for that document, and if the passwords match, the document is output from the document database 23. Output to device 29.

On the other hand, if the security level of the document for which an access request has been issued is higher than the level of the person in charge, access approval is requested from the administrator who can access the document.

That is, an access approval request is issued to the approval permission task 28, and the name of the document for which the access request was issued and the contents of the changes are output to the administrator terminal 22. The administrator side confirms the requirements output to the administrator side terminal 22, and if the access request is approved, the administrator's own ID number and the password of the document for which the access request has been issued as data for approving access. etc. If response data is not input from the administrator terminal 22 within a predetermined time after the access approval request is issued, the approval permission task 28 invalidates the access request. In addition, if the administrator's own ID number, password, etc. are input as data to approve access within a predetermined time, the authorized registrant file 25 is searched and whether access is possible using the data input from the administrator terminal 22 is performed. If it is determined that access is possible, access approval is given to the access permission task 27. Access permission task 2 with access approval granted
7 causes the output device 29 to output the document. Note that approval for the requirements output to the administrator terminal 22 is performed with an electronic signature, and the name of the administrator who granted access permission.

The time is written in the called document.

In addition, if there are any doubts about the requirements output on the administrator terminal 22, the person in charge will be contacted by e-mail, and if the results of the verification and confirmation are not met, the person in charge will be notified of the comments to that effect by e-mail. . Additionally, if the access is valid, input data for access approval. The document is then read out in the same manner as above.

Note that the history of communications by e-mail is stored in the history database 26 for a necessary period of time.

According to this embodiment, the user terminal 21 and the administrator terminal 22 are installed at a distance that makes it impossible to operate them at the same time or within a short period of time, and the user terminal 21 and the administrator terminal 22 are installed at a distance that makes it impossible to access them from the user terminal 21. If a request is input and response data is not input from the administrator terminal 22 within a predetermined time after the access request is issued, the access request will be invalidated, so access to high-level documents will not be allowed. Even if someone who does not know the password or the administrator's ID number by illegal means can invalidate the access request while moving from the user terminal 21 to the administrator terminal 22. Therefore, if only one person tries to gain unauthorized access, unauthorized reading or modification by that person can be effectively prevented, and the reliability of the security system can be improved.

In addition, since communications between the person in charge and the administrator, such as access approval requests, access approvals, and comments from the administrator, are stored in the history database 26, the document can be read later and the person who made the changes can be easily discovered. be able to.

In the above embodiment, the administrator was authenticated using the administrator's ID number and password, but the fingerprint, face, and voiceprint of the administrator who gives access approval may also be used.

It is even more effective to use physical characteristics such as signs. For fingerprint authentication, a commercially available fingerprint matching device or fingerprint reading device can be used. Facial authentication involves reading the outline of a person's face when they sit facing a CRT for data input, for example. In voiceprint authentication, approval is entered by voice and checked against a registered voiceprint. Authentication by signature uses a character recognition device to confirm a handwritten signature.

[Effects of the Invention] As detailed above, according to the present invention, it is possible to provide a data security system that can reliably prevent unauthorized reading of important data and falsification of information by unauthorized persons.

[Brief explanation of the drawing]

FIG. 1 is a block diagram showing the configuration of a data security system according to an embodiment of the present invention, and FIG. 2 is a block diagram showing the configuration of a conventional data security system. 20... Computer, 21... User side terminal, 2
2...Administrator terminal, 23...Document database,
24... Registrant file, 25... Permitted registrant file, 26... History database, 27... Access permission task, 28... Approval permission task.

Claims (1)

[Claims] A security level is set for each document stored in a database according to the importance of each document, and when accessing a document with a high security level, access is permitted. In a data security system that requests permission from an administrator, a user-side terminal for inputting data for an access request to a predetermined document stored in the database; and a predetermined distance from the user-side terminal. An administrator terminal is installed in a separate location and inputs response data to the access request, and when an access request for a given document is issued from the user terminal, it is checked whether access to the document is permitted. an access permission means for determining whether access is allowed or not, and if access is permitted, allowing access to the document; if access is not allowed, outputting an access approval request; If data approving access is input as the response data from the administrator side terminal within a predetermined period of time, it is determined whether or not the document can be accessed based on the input data, and access is permitted. A data security system comprising: an approval/permission means for granting access approval to the access permission means if the access permission means is authorized.