WO2007052342A1 - Programme de preservation d’informations, procede de preservation d’informations et systeme de preservation d’informations - Google Patents

Programme de preservation d’informations, procede de preservation d’informations et systeme de preservation d’informations Download PDF

Info

Publication number
WO2007052342A1
WO2007052342A1 PCT/JP2005/020143 JP2005020143W WO2007052342A1 WO 2007052342 A1 WO2007052342 A1 WO 2007052342A1 JP 2005020143 W JP2005020143 W JP 2005020143W WO 2007052342 A1 WO2007052342 A1 WO 2007052342A1
Authority
WO
WIPO (PCT)
Prior art keywords
computer
approval
application
period
information
Prior art date
Application number
PCT/JP2005/020143
Other languages
English (en)
Japanese (ja)
Inventor
Osamu Aoki
Kenichi Koide
Original Assignee
Intelligent Wave Inc.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Intelligent Wave Inc. filed Critical Intelligent Wave Inc.
Priority to PCT/JP2005/020143 priority Critical patent/WO2007052342A1/fr
Priority to JP2007542189A priority patent/JPWO2007052342A1/ja
Publication of WO2007052342A1 publication Critical patent/WO2007052342A1/fr

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/554Detecting local intrusion or implementing counter-measures involving event detection and direct action
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2105Dual mode as a secondary aspect
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2111Location-sensitive, e.g. geographical location, GPS

Definitions

  • the present invention when a computer is used in an environment different from a regular network environment, in order to preserve the information that can be obtained from the computer, the computer is only obtained when it is approved in advance by the approver.
  • the present invention relates to an information security program, an information security method, and an information security system that make it possible to operate.
  • Patent Document 1 JP 2002-278932 A
  • the computer can be used without a password input operation during normal use, in view of being able to handle unauthorized computer removal due to theft or the like. Can do.
  • a password is issued in advance. The password must be entered each time the computer is started or the power-saving state is restored.
  • an approval authority such as a supervisor It is preferable to provide a mechanism that enables the use of the computer in an unusual network environment after confirming the circumstances.
  • the present invention has been made to cope with such a problem, and in order to maintain information that can be acquired from a computer when the computer is used in an environment different from a normal network environment,
  • This is an information security program, information security method, and information security system that enables the computer to operate only when approval from the approver is obtained in advance. Password issuing and input operations are required. The purpose is to provide something that is not bad.
  • a first invention for solving the problems that are important to the present application is an information maintenance program for protecting information that can also acquire computer power when the computer is used in an environment different from a regular network environment. While the computer is being used in a regular network environment, the computer is designated as the destination for the approver stored in the computer, and the borrowing period during which the computer is used outside the regular environment is designated. Transmitting an application notification for approval for taking out the application with an application ID for identifying the application notification, and application information including at least the application ID, the approver, and the export period to the computer. And storing the application ID and the approval result for the application notification transmitted by the approver who has received the application notification.
  • the export period included in the application information is set as the export approval period. Storing the setting information in the computer, and at the time of starting the computer, the step of determining whether the computer is connected to a normal network environment when the computer is started up; and If it is determined that the computer is not connected to the environment, check whether the export approval period is stored in the setting information of the computer.
  • the step of determining whether the startup time of the computer is within the period of the take-out approval period, and the take-out approval period When it is confirmed that the computer is not stored, or when it is determined that the startup time of the computer is not within the period of the export approval period, the computer is stopped, and the operation system stored in the computer Or at least one of a process for prohibiting activation of at least a part of the application program, a process for erasing at least a part of data stored in the computer, and a process for prohibiting an instruction to an external device connected to the computer.
  • An information storage program characterized by executing a step of starting two processes. .
  • a second invention for solving the problems that are relevant to the present application is that a computer is connected to a regular network environment.
  • An information security program for protecting information that can also be obtained by a computer when used in an environment different from the above, wherein the address of the approver is given to the computer while the computer is being used in a regular network environment.
  • a step of receiving an approval notification including: a sender power of the approval notification; and determining whether the approval notification is stored in the computer. And when the sender corresponds to the approver and the approval result approves the export, the application information corresponding to the application ID included in the approval notification is specified, and Storing the take-out period included in the application information in the setting information of the computer as a take-out approval period.
  • the computer is started, the computer is connected to a regular network.
  • the take-out period is specified for using the computer outside the regular environment by e-mail or the like to the authorized person. Sent the application notification and returned from the approval authority.
  • the take-out approval period approved by the approval notification is a computer setting information.
  • the computer is used outside the normal environment, it is checked whether the export approval period is stored in the setting information, and if it is within the export approval period, the computer can be used as it is. In other cases, predetermined processing for preserving computer information is performed.
  • the address of the application notification is designated in advance from an approver list having approval authority, whereas in the second invention, the sender of the approval notification is added to the approver list having approval authority. Judge whether or not applicable.
  • the time of starting the computer for determining the connection environment is not limited to the time of starting the computer after the power is turned off, but includes the time of restarting the computer, the time of power recovery from the power saving state, and the like. It may be.
  • the determination of the connection environment is not limited to the startup of the computer. In addition to the startup, if the check is performed at a predetermined timing such as every hour even during startup, it is taken out during startup. It becomes possible to cope with such cases.
  • the step of determining whether or not the computer is connected to a regular network environment the step of acquiring, in the computer, first environment information related to the network environment to which the computer is connected. And comparing the first network environment information with second environment information related to a regular network environment stored in advance in the computer, wherein the first environment information is the second environment information. If the information does not match, it may be characterized that the computer is connected to a regular network environment and is judged to be! /!
  • the present invention provides a step of determining whether or not the computer is connected to a regular network environment by transmitting a ping to the computer and an authentication server connected to the computer through a network; And confirming whether or not there is a reply to the ping from the authentication server, and confirming that there is no reply to the ping, the computer is connected to a regular network environment and V, It is characterized by judging.
  • the method for determining whether or not the environment in which the computer is started is a regular network environment is not particularly limited. It is possible to judge the network environment.
  • the information maintenance program according to the present invention having such features can be specified as an information maintenance method for maintaining information that can be acquired by a computer, which is executed by these information maintenance programs. It can also be configured as an information maintenance system equipped with these information maintenance programs.
  • the information maintenance system corresponding to the first invention is provided in the computer to maintain information that can be acquired from the computer when the computer is used in an environment different from the regular network environment. It is a blueprint maintenance system, and is used in an authorized network environment, and an approver storage means for storing an address of an approver who has the authority to carry out export approval when the computer is used outside the authorized environment.
  • the approver stored in the approver storage means is designated as the destination, and the application notification for the export approval for which the export period is specified is assigned to the application ID for identifying the application notification.
  • An approval notification receiving means for receiving an approval notification including at least the application ID and an approval result for the application notification transmitted by the approver, and application information corresponding to the application ID included in the approval notification is stored in the application information.
  • approver determination means for determining whether or not the sender of the approval notification is an approver included in the application information, and the sender corresponds to the approver and the approval result has.
  • the take-out approval period storage that reads out the take-out period included in the application information from the application information storage means and stores it in the setting information of the computer as the take-out approval period Means, a connection environment determination means for determining whether the computer is connected to a normal network environment at the time of starting the computer, and a connection to a normal network environment.
  • a take-out approval period determination means for determining whether the start-up time of the computer is within the period of the take-out approval period, and when it is confirmed that the take-out approval period is not stored, or the computer If it is determined that the activation time is not within the period of the export approval period, Computer stop processing, processing for prohibiting activation of at least part of an operation system or application program stored in the computer, processing for erasing at least part of data stored in the computer, connection to the computer And an information maintenance means for starting at least one of the processes for prohibiting a command to the external device.
  • the information maintenance system corresponding to the second invention is a blueprint maintenance system provided in a computer for maintaining information that can also be obtained by a computer when the computer is used in an environment different from a normal network environment.
  • An approver storage means for storing an approver who has the authority to perform a take-out approval to use the computer outside the normal environment, and an approver as a destination while being used in a normal network environment.
  • An application notification transmission means for transmitting an application notification for approval of the export with a specified export period, with an application ID for identifying the application notification, and at least the application ID and the export period
  • the application information storage means for storing the application information including the application ID and the approval result transmitted by the approver who has received the application notification are displayed.
  • An approval notification receiving means for receiving at least an approval notification, and an approver for judging whether the approver who has transmitted the approval notification is an approver having the authority to carry out take-out approval stored in the approver storage means
  • the take-out period included in the application information is Read out from the application information storage means and store it in the setting information of the computer as a take-out approval period, and whether the computer is connected to a regular network environment when the computer is started.
  • a connection environment determination means for determining whether or not it is not connected to a regular network environment.
  • a confirmation period confirmation means and if it is confirmed that the take-out approval period is stored, a take-out approval period determination means for determining whether the startup time of the computer is within the period of the take-out approval period; If the export approval period is memorized and it is confirmed that the computer is not active, or if it is determined that the startup time of the computer is not within the export approval period, the computer is stopped. Processing, operation system or application stored in the computer At least one process of prohibiting activation of at least a part of a program, erasing at least a part of data stored in the computer, and prohibiting an instruction to an external device connected to the computer And an information storage means for activating the information storage system.
  • the computer when a computer is used in an environment different from a regular network environment, the computer can be used only when it has been approved by the approver in advance. If the information is not received, it is possible to maintain the information that can be acquired by the computer by suppressing the information leakage from the inside by configuring the information maintenance process. Since no password issuance or input operation is required, the operational burden when using a computer is reduced.
  • FIG. 1 is a diagram showing an outline of an embodiment of an information maintenance system according to the present invention.
  • FIG. 2 is a block diagram showing a configuration of an information maintenance system that is effective in the present invention.
  • FIGS. 3 to 7 are FIGS. 1 to 5 showing a first operation flow of the information maintenance system according to the present invention, respectively.
  • FIGS. 8 to 12 are FIGS. 1 to 5 showing a second operation flow of the information maintenance system according to the present invention, respectively.
  • FIG. 13 and FIG. 14 are flowcharts showing the first and second flows for setting the export approval period according to the information maintenance program according to the present invention, respectively.
  • FIGS. 15 to 18 are flowcharts showing first to fourth flows, respectively, for checking whether or not information maintenance is possible by checking the connection environment of the computer by the information maintenance program according to the present invention.
  • the information maintenance system according to the present invention is provided in terminal A that is used by connecting to an in-house LAN.
  • Terminal B which is operated by an approver who has the authorization to approve temporary take-out of A, is also connected to the same corporate LAN.
  • Terminal A checks the connection environment to the network at startup, and if it is detected that the connection environment is not normal, the operation of terminal A is stopped and the operation system and application program of terminal A are stopped.
  • a program is installed in advance to execute processing for information protection, such as prohibition of activation, erasure of data in terminal A, and prohibition of a write command to an external device connected to terminal A.
  • processing for information protection such as prohibition of activation, erasure of data in terminal A, and prohibition of a write command to an external device connected to terminal A.
  • processing for information protection such as prohibition of activation, erasure of data in terminal A, and prohibition of a write command to an external device connected to terminal A.
  • the applicant when an applicant who uses terminal A wants to take terminal A out of the office on a business trip or the like, the applicant transmits an application mail specifying a take-out period to the approver. After confirming the application mail, the approver determines whether it can be taken out and sends an approval mail from terminal B to the applicant.
  • the take-out approval period is set as the setting information for terminal A, and the applicant must take terminal A with the take-out approval period set off from the internal LAN and take it outside. become.
  • terminal A is taken out with the export approval period set as the setting information. Therefore, when the use time falls under the export approval period, it differs from the normal environment. Even if it is a connection environment, it is possible to configure the information security processing to be performed only in the case of illegal take-out by setting the information security processing to be permitted in advance so that the information security processing is not performed.
  • Fig. 2 shows the configuration of an information maintenance system according to the present invention. The operation of the information maintenance system according to the present invention will be described in detail below, together with an example of the operation flow shown in FIGS. 3 to 7 and FIGS. 8 to 12.
  • the information maintenance system is provided in the applicant terminal 10, and a predetermined function is executed by a program or the like stored in the applicant terminal 10.
  • a predetermined function is executed by a program or the like stored in the applicant terminal 10.
  • various basic programs for hardware control such as input control and output control stored in the ROM 13 are started.
  • the CPU 11 executes arithmetic processing while the RAM 12 functions as the work area of the program that also reads the HDD 14 power.
  • data transmission / reception to / from other computers such as the approver terminal 20 and the monitoring server 30 through the company LAN is performed via the NIC 15.
  • the HDD 14 of the applicant terminal 10 needs to store an information maintenance program 142.
  • the information maintenance program 142 detects the network environment to which the applicant terminal 10 is connected from the NIC 15 and compares it with the regular network environment information stored in the ROM 13 or HDD 14 in advance, so that the environment is different from the regular network environment information. If it is determined that it is connected, the operation of the applicant terminal 10 is stopped, the operation system or application program is prohibited from starting, the predetermined data stored in the HDD 14 or RAM 12 is deleted, and the applicant terminal 10 is connected. Processing power for information protection such as prohibition of writing commands to external devices, etc.
  • the information conservation program that is relevant to the present invention is confirmed by the approval application program 141 that sets the export approval period after receiving approval from the approver, and the information environment is confirmed by checking the network environment at the time of startup.
  • the information maintenance program according to the present invention includes both the approval application program 141 and the information maintenance program 142.
  • the timing for starting the information maintenance program 142 and the timing for confirming the network environment are not particularly limited.
  • the information protection program 142 is normally started when the applicant terminal 10 is started up after the power is turned off, but is started when the applicant terminal 10 is restarted or when power is restored from the power saving state. It may be moved.
  • the timing to check the network environment it is normal to check at the time of starting the information protection program 142. Considering temporary movement within the company, etc. After the elapse of time, re-checking may be performed, and information integrity processing may be performed when it is confirmed that the network environment is not normal. Even if it is confirmed that the network environment is legitimate at the time of activation, it is taken out while the applicant terminal 10 is activated by re-checking at a predetermined timing such as every hour. It is possible to cope with the case.
  • the information maintenance program 142 is read at the timing when the applicant terminal 10 is started up, and is started in synchronism with the operating system (OS) of the computer.
  • OS operating system
  • several patterns can be set as follows.
  • the first is a pattern in which the information maintenance program 142 is stored not in the HDD 14 but in the ROM 13 and executed as a program independent of the OS.
  • the basic program for hardware control such as input control and output control is read from the ROM 13 and the computer is started.
  • Program 142 is also started before the OS is started as part of it, acquires information about the network environment to which applicant terminal 10 is connected from NIC 15, and stores the network environment information stored in ROM 13 or HDD 14 in advance. In contrast to this, it is determined whether or not the connected environment is normal.
  • the second is a pattern in which the information integrity program 142 is stored in the boot sector of the HDD 14 and read and executed by the RAM 12 before the OS is started.
  • various programs for hardware control such as input control and output control are read from the ROM 13 and the computer is started up.
  • the boot sector force is also read, and a determination is made as to whether or not the connected environment is normal before the processing by the OS is started.
  • the information maintenance program 142 is stored in the HDD 14 as a program operating on the OS, and when the OS is started, it is read out and executed as a part of the processing in the RAM 12. Pattern.
  • various basic programs for hardware control such as input control and output control are read from the ROM 13, the computer is started, the OS is started, and the domain is started.
  • the information maintenance program 142 uses the powerful information to determine whether or not the connected environment is normal.
  • the information maintenance program 142 is stored in the ROM 13 and also stored in the HDD 14 as a program operating on the OS, and the program stored in each is read out to the RAM 12 before and after the OS is started. In this pattern, information is exchanged while determining whether or not the connected environment is normal.
  • the method for determining whether the connected environment is valid or not is based on the current network environment information acquired from the NIC 15 and the regular network environment information stored in the ROM 13 or HDD 14. For example, it may be possible to judge the network environment by sending a ping from the applicant terminal 10 to the monitoring server 30 that can be accessed via the corporate LAN, and whether or not there is a reply to the ping. .
  • the applicant terminal 10 determines whether or not the connected environment is normal, and is not a normal environment! An information maintenance program 142 for executing processing is stored. Therefore, when the applicant terminal 10 is disconnected from the corporate LAN, taken outside and used in a different environment, the operation of the applicant terminal 10 is restricted by the information protection program 142.
  • the applicant terminal 10 can be operated as usual even when used in an environment other than a regular network environment.
  • the approval application program 141 is read into the RAM 12 and started on the applicant terminal 10.
  • the applicant terminal 10 displays a predetermined application e-mail form and is given an application ID that is automatically assigned by application unit to identify the application content (1001 in the example of Fig. 3). -Numbered 01).
  • the applicant inputs the take-out period etc. for which he / she wants to take out the terminal, and selects the approver such as the supervisor and designates it as the destination in the approval authority list stored in the approver information storage unit 143 (see FIG. 3).
  • employee code A001 is specified).
  • the format of the approval authority list is not particularly limited.
  • the presence / absence of export approval authority is registered as one item of a general-purpose employee list.
  • a list of authorized users registered as authorized from the employee list may be created and displayed in the pull-down menu.
  • the number of approvers to be specified is not particularly limited. When multiple approvers are designated as recipients and approval is obtained from all approvers, or when approval is obtained from at least one approver. In the meantime, it would be possible to take it out.
  • the address of the application mail including the person having the approval authority in the approval authority list is registered in advance.
  • the approver does not check the approval authority in the application mail, and after the approval mail of the approver is replied, the approver It is also possible to confirm whether the person has the approval authority registered in.
  • the application mail is sent in the format shown in the example of FIG.
  • the address of the approver (A001) is specified as the destination, and the sender (applicant: A101), application ID (1001-01) , At least information about the export period (October 1, 2005 to October 11, 2005) will be included. In addition, it is good also as adding the information regarding a take-out reason etc.
  • the application information storage unit 144 of the applicant terminal 10 stores the application information capability regarding the application contents for the export approval as shown in the example of FIG. In the example of Figure 4, the application information includes information on the application ID, approver, and the requested export period, but the second approver confirms the approver's approval authority after the approval email is returned.
  • the application information storage unit 144 may use a mailer's sent folder if application mail or approval mail is sent and received using a mailer. As an area setting, too.
  • the approver terminal 20 that has received the application mail the approver having the authorization authority confirms the application content and determines whether or not the application can be taken out.
  • an approval email as shown in the example of Fig. 5 is created and sent back to the applicant.
  • the address of the applicant (A1 01) is specified as the destination, the sender (approver: A001), the application ID that identifies the application mail and the application contents (1001-01), and the approval result (OK or NG) at least.
  • the sender approver: A001
  • the application ID that identifies the application mail and the application contents (1001-01)
  • the approval result OK or NG
  • information on the take-out period after the change may be added, and information on the reason for approval, incidental conditions of take-out, etc. may be added.
  • the approval mail in the second method also has the same format as shown in the example of FIG.
  • the application information includes information about the approver who has the authorization authority specified by the applicant, so if you confirm that it matches the sender of the approval mail, It can be confirmed that this is the result of approval. If it does not match the sender of the approval email, error processing such as displaying an error message is performed.
  • the approver who sent the approval mail at this stage will see the approval authority list. Check if it falls under the registered approval authority. In other words, as shown in the example of FIG. 11, it is confirmed whether the sender of the approval mail is registered as an authorized person in the approval authority list stored in the approver information storage unit 143. .
  • the export approval period is set in the registry setting information
  • the network environment is not confirmed in the normal network environment in the confirmation of the network environment at the time of starting the applicant terminal 10 described above. If it is confirmed that there is a problem, the information preservation process is not performed immediately.
  • the setting information in the registry is checked and the export approval period is set, the activation time is included in the export approval period. Determine whether or not. If it is included in the take-out approval period, it means that it has been approved for take-out, so information security processing is not performed. If the export approval period is not set, or if it is not included in the export approval period, information security processing will be performed in principle. It is also possible to use authentication or the like together.
  • FIG. 13 shows the flow in the first embodiment for confirming the approval authority of the approver when sending the application mail.
  • FIG. 14 shows a flow in the second embodiment in which the approval authority of the approver is confirmed when the approval mail is received.
  • the approval authority of the approver is confirmed when the application email is sent, and information on the approver with the approval authority is stored in the application information. It is confirmed whether the sender is an approver included in the application information (S04). If it does not match the approver, the approval mail from the approver with the approval authority is not accepted, so an error message is displayed (S08).
  • the approval authority of the approver is confirmed when the application mail is sent. Therefore, the sender of the application mail is registered as an authorized person in the approver list here. (S14). If the user does not have approval authority, an error message is displayed (S18).
  • the user has approval authority, it is confirmed whether the approval result in the approval mail is OK (S15). If it is NG, an NG message is displayed (S19), assuming that the computer is not allowed to be taken out. If the export is OK, read the export period specified when sending the application email included in the application information (S16), and record the read export period in the computer registry setting information as the export approval period. (S 17).
  • FIGS. Figures 15 to 17 show the case where the network environment is determined based on whether the network environment acquired by the computer matches the pre-registered environment information.
  • Figure 15 shows the pattern and diagram for starting the information maintenance program before the OS.
  • Figure 16 shows the pattern of starting the information integrity program on the OS, and
  • Fig. 17 shows the flow of the pattern in which the information integrity program is activated before the OS and also on the OS.
  • Figure 18 shows the flow for determining the network environment by sending a ping to the monitoring server.
  • the setting information power of the registry is also read out the export approval period (S25). Check if the export approval period is recorded and the current time falls within the period specified as the export approval period (S26), and if it falls within the export approval period, If the OS has been started and is in a bad state, the OS startup process is executed (S28, S30), and then the normal use of the terminal is permitted (S29).
  • the terminal Even if it is determined that the terminal is connected to the specified network, the terminal may be moved afterwards to be used in an unauthorized environment. It is preferable to reconfirm the network environment at a predetermined timing. If it is determined that the terminal is still connected to the specified network in the confirmation after the operation of such a terminal is started, or if it is confirmed that it falls within the export approval period, the OS is already started. Therefore, normal use is permitted as it is, and processing continues (S28, S29).
  • the OS when it is confirmed that the network is connected to the specified network in step 24, the OS is booted as it is. Even if it exists, the presence or absence of the export approval period may be confirmed, and if it falls within the export approval period, a predetermined information maintenance process may be performed.
  • information preservation processing Processing to stop the terminal, processing to prohibit startup of the OS or application program stored in the terminal, processing to erase data stored in the terminal, instructions to the external device connected to the terminal (printout or to external disk) In addition to the process of prohibiting the writing of data, etc.), the process of stopping the terminal's connection to the network is performed.
  • the order of confirming whether it is connected to the specified network and confirming whether or not the export approval period is set is not particularly limited. After confirmation, in any case, it may be possible to confirm whether or not a take-out approval period has been set, or first check whether a take-out approval period has been set and set a take-out approval period. If it is confirmed that it is not connected and connected to a legitimate network, OS startup processing etc. may be performed.
  • the OS when the terminal is turned on (S31), the OS also reads the HDD power and executes the startup process (S32). .
  • the information maintenance program is also read and started by the HDD as part of the OS (S33), and the application interface (API) also acquires information about the network environment such as the domain name and IP address specified by the OS. (S34), it is checked whether or not it is connected to the originally designated network in comparison with the regular network environment stored in advance in the HDD of the terminal (S35). If it is determined that it is connected to the specified network, use of the terminal as usual is permitted (S39).
  • the setting information power of the registry is also read out the export approval period (S36). Check if the export approval period is recorded and the current time falls within the period specified as the export approval period (S37). Use of the terminal is permitted (S39).
  • Information preservation processing includes terminal termination processing, processing for prohibiting startup of the OS or application program stored in the terminal, processing for erasing data stored in the terminal, and instructions for external devices connected to the terminal ( In addition to the process of prohibiting printout and writing to an external disk, etc., the process of stopping the terminal's connection to the network is performed.
  • the information maintenance program when the terminal is turned on (S41), the information maintenance program is activated by reading out the boot sector power of the ROM or HDD (S42).
  • the information maintenance program acquires information related to the network environment to which the terminal detected by the network interface is connected (S43), and is originally specified in comparison with the regular network environment stored in advance in the HDD of the terminal. It is confirmed whether or not it is connected to the network (S44). If it is determined that it is connected to the specified network, OS startup processing is executed (S47).
  • the setting information power of the registry is also read out the export approval period (S45). Check if the export approval period is recorded and the current time falls within the period specified as the export approval period (S46), and if it falls within the export approval period, start the OS Processing is executed (S47).
  • the information integrity program is read and started as a part of the OS (S48), and the application interface is used to obtain information about the network environment specified by the OS. (S49), it is checked whether or not it is connected to the originally designated network in comparison with the regular network environment stored in advance in the HDD of the terminal (S50). If it is determined that it is connected to the specified network, use of the terminal as usual is permitted (S53).
  • the setting information power of the registry is also read out the export approval period (S51). Check if the export approval period is recorded and the current time falls within the period specified as the export approval period (S52). Use of terminal is allowed (S53).
  • Step 44 when it is confirmed that the network is connected to the specified network in Step 44, the OS is started as it is, and it is confirmed that the network is connected to the specified network in Step 50. Normal use is allowed as it is. However, even when connected to a regular environment, the presence / absence of a take-out approval period may be confirmed, and if it falls within the take-out approval period, predetermined information maintenance processing may be performed.
  • Information preservation processing includes terminal stop processing, processing for prohibiting activation of the OS or application program stored in the terminal, processing for erasing data stored in the terminal, instructions for external devices connected to the terminal ( In addition to processing that prohibits printouts and export to external disks, etc., processing to stop the terminal's connection to the network is performed.
  • a flow for determining a network environment by sending a ping to the monitoring server will be described with reference to FIG.
  • a ping is sent to a monitoring server that can send and receive data in a legitimate network environment, and it is checked whether the power is a legitimate environment based on the presence or absence of a reply.
  • the information integrity program When the terminal is turned on (S61), the information integrity program is read and activated by the boot sector power of the ROM or HDD (S62). The information integrity program sends a ping to the monitoring server connected to the same network such as the LAN in the normal environment (S63). Whether the terminal is connected to the normal network environment is checked. Whether or not there is a response to the ping from the monitoring server (S64) is judged from this. If there is a reply, it is determined that the device is connected to the regular network environment, and the OS is started. If not, the OS is started (S68, S70), and then the normal terminal Use is permitted (S69).
  • the terminal is determined to be in an environment different from the normal network environment, and the setting information capability take-out approval period in the registry is read (S65).
  • the export approval period is recorded, and the current time is within the period specified as the export approval period. (S66), if it falls within the export approval period, if the OS has not been started, execute OS startup processing (S68, S70), and then continue normally Use of the terminal is permitted (S69).
  • step 64 when it is confirmed in step 64 that a ping reply has been received, the OS is started as it is, but this is a case where a normal environment is connected. Therefore, it is also possible to check whether or not a take-out approval period is set, and to perform predetermined information maintenance processing if it falls within the take-out approval period.
  • Information preservation processing includes terminal stop processing, processing for prohibiting activation of the OS or application program stored in the terminal, processing for erasing data stored on the terminal, and instructions for external devices connected to the terminal. In addition to the process of prohibiting printouts, writing to external disks, etc., the process of stopping the terminal's connection to the network is performed.
  • FIG. 18 describes the pattern in which the information maintenance program is started before the OS. In the same way, it is possible to apply either the pattern for starting the information maintenance program on the OS, the information protection program starting before the OS, and the pattern for starting on the OS.
  • FIG. 1 is a diagram showing an outline of an embodiment of an information maintenance system according to the present invention.
  • FIG. 2 is a block diagram showing a configuration of an information maintenance system according to the present invention.
  • FIG. 3 is a first diagram showing a first operational flow of the information maintenance system according to the present invention.
  • FIG. 4 is a second diagram showing a first operational flow of the information maintenance system according to the present invention.
  • FIG. 5 is a third diagram showing a first operational flow of the information maintenance system according to the present invention.
  • FIG. 6 is a fourth diagram showing a first operational flow of the information maintenance system according to the present invention.
  • FIG. 7 is a fifth diagram showing a first operational flow of the information maintenance system according to the present invention.
  • FIG. 8 is a first diagram showing a second operational flow of the information maintenance system according to the present invention.
  • FIG. 9 is a second diagram showing a second operational flow of the information maintenance system according to the present invention.
  • FIG. 10 is a third diagram showing a second operational flow of the information maintenance system according to the present invention.
  • FIG. 11 is a fourth diagram showing a second operational flow of the information maintenance system according to the present invention.
  • FIG. 12 is a fifth diagram showing a second operational flow of the information maintenance system according to the present invention.
  • FIG. 13 is a flowchart showing a first flow for setting a take-out approval period by the information maintenance program according to the present invention.
  • FIG. 14 is a flowchart showing a second flow for setting a take-out approval period by the information maintenance program according to the present invention.
  • FIG. 15 is a flowchart showing a first flow of determining whether or not information maintenance is possible by checking a computer connection environment by the information maintenance program according to the present invention.
  • FIG. 16 is a flowchart showing a second flow of determining whether or not information maintenance is possible by checking the connection environment of the computer by the information maintenance program according to the present invention.
  • FIG. 17 is a flowchart showing a third flow in which the information maintenance program according to the present invention checks the computer connection environment and determines whether or not information maintenance is possible.
  • FIG. 18 is a flowchart showing a fourth flow in which the information maintenance program according to the present invention checks the connection environment of the computer and determines whether or not information maintenance is possible.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)

Abstract

La présente invention concerne un programme de préservation d’informations, qui autorise un ordinateur à n’agir que dans le cas où le transport des informations à acquérir à partir d’un ordinateur est approuvé par avance, de telle manière qu’il est possible de préserver les informations dans le cas où l’ordinateur est utilisé dans un environnement différent de l’environnement de réseau normal. Lorsque l’opérateur d’un ordinateur est connecté à l’environnement de réseau normal, on envoie à une autorité d’approbation, par le biais d’un message électronique ou similaire, une notice d’application désignant le terme de transport de l’utilisation de l’ordinateur dans un environnement autre que l’environnement normal, et le terme de l’approbation de transport approuvée par une notice d’approbation ou un retour en provenance de l’autorité d’approbation est stocké en tant qu’informations d’ensemble de l’ordinateur. Lorsque l’ordinateur est utilisé dans un environnement autre que l’environnement normal, on vérifie si le terme d’approbation de transport est stocké dans les informations d’ensemble. Dans le cadre du terme d’approbation de transport, l’utilisation de l’ordinateur est autorisée telle quelle. Dans le cas contraire, on réalise une opération prédéterminée et destinée à préserver les informations de l’ordinateur.
PCT/JP2005/020143 2005-11-01 2005-11-01 Programme de preservation d’informations, procede de preservation d’informations et systeme de preservation d’informations WO2007052342A1 (fr)

Priority Applications (2)

Application Number Priority Date Filing Date Title
PCT/JP2005/020143 WO2007052342A1 (fr) 2005-11-01 2005-11-01 Programme de preservation d’informations, procede de preservation d’informations et systeme de preservation d’informations
JP2007542189A JPWO2007052342A1 (ja) 2005-11-01 2005-11-01 情報保全プログラム、情報保全方法及び情報保全システム

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/JP2005/020143 WO2007052342A1 (fr) 2005-11-01 2005-11-01 Programme de preservation d’informations, procede de preservation d’informations et systeme de preservation d’informations

Publications (1)

Publication Number Publication Date
WO2007052342A1 true WO2007052342A1 (fr) 2007-05-10

Family

ID=38005506

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2005/020143 WO2007052342A1 (fr) 2005-11-01 2005-11-01 Programme de preservation d’informations, procede de preservation d’informations et systeme de preservation d’informations

Country Status (2)

Country Link
JP (1) JPWO2007052342A1 (fr)
WO (1) WO2007052342A1 (fr)

Cited By (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2009015766A (ja) * 2007-07-09 2009-01-22 Nec Corp ユーザ端末、アクセス管理システム、アクセス管理方法、およびプログラム
JP2009093222A (ja) * 2007-10-03 2009-04-30 Fuji Xerox Co Ltd 情報処理装置、情報管理装置、情報管理システム、情報処理プログラムおよび情報管理プログラム
JP2009289187A (ja) * 2008-05-30 2009-12-10 Toshiba Corp 持出制御システム、持出装置、管理装置、持出プログラムおよび管理プログラム
JP2016038919A (ja) * 2014-08-11 2016-03-22 フィッシャー−ローズマウント システムズ,インコーポレイテッド プロセス制御システムに対するデバイスの安全化
US10503483B2 (en) 2016-02-12 2019-12-10 Fisher-Rosemount Systems, Inc. Rule builder in a process control network
US10551799B2 (en) 2013-03-15 2020-02-04 Fisher-Rosemount Systems, Inc. Method and apparatus for determining the position of a mobile control device in a process plant
US10649449B2 (en) 2013-03-04 2020-05-12 Fisher-Rosemount Systems, Inc. Distributed industrial performance monitoring and analytics
US10649424B2 (en) 2013-03-04 2020-05-12 Fisher-Rosemount Systems, Inc. Distributed industrial performance monitoring and analytics
US10656627B2 (en) 2014-01-31 2020-05-19 Fisher-Rosemount Systems, Inc. Managing big data in process control systems
US10678225B2 (en) 2013-03-04 2020-06-09 Fisher-Rosemount Systems, Inc. Data analytic services for distributed industrial performance monitoring
US10685121B2 (en) 2017-10-17 2020-06-16 Quanta Computer Inc. Secure environment examination
US10866952B2 (en) 2013-03-04 2020-12-15 Fisher-Rosemount Systems, Inc. Source-independent queries in distributed industrial system
US10909137B2 (en) 2014-10-06 2021-02-02 Fisher-Rosemount Systems, Inc. Streaming data for analytics in process control systems
US11385608B2 (en) 2013-03-04 2022-07-12 Fisher-Rosemount Systems, Inc. Big data in process control systems

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2001082086A1 (fr) * 2000-04-24 2001-11-01 Matsushita Electric Industrial Co., Ltd. Dispositif de definition de droit d'acces et terminal gestionnaire
JP2002304373A (ja) * 2001-04-05 2002-10-18 Matsushita Electric Ind Co Ltd セキュリティ方法、セキュリティシステム、保管箱およびそのプログラム
JP2004118623A (ja) * 2002-09-27 2004-04-15 Brother Ind Ltd 電子機器、及びプログラム
JP2005100141A (ja) * 2003-09-25 2005-04-14 Mitsubishi Electric Corp セキュリティ管理システム、セキュリティ管理方法、セキュリティ管理プログラム及び記録媒体

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2001082086A1 (fr) * 2000-04-24 2001-11-01 Matsushita Electric Industrial Co., Ltd. Dispositif de definition de droit d'acces et terminal gestionnaire
JP2002304373A (ja) * 2001-04-05 2002-10-18 Matsushita Electric Ind Co Ltd セキュリティ方法、セキュリティシステム、保管箱およびそのプログラム
JP2004118623A (ja) * 2002-09-27 2004-04-15 Brother Ind Ltd 電子機器、及びプログラム
JP2005100141A (ja) * 2003-09-25 2005-04-14 Mitsubishi Electric Corp セキュリティ管理システム、セキュリティ管理方法、セキュリティ管理プログラム及び記録媒体

Cited By (23)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2009015766A (ja) * 2007-07-09 2009-01-22 Nec Corp ユーザ端末、アクセス管理システム、アクセス管理方法、およびプログラム
JP2009093222A (ja) * 2007-10-03 2009-04-30 Fuji Xerox Co Ltd 情報処理装置、情報管理装置、情報管理システム、情報処理プログラムおよび情報管理プログラム
US7979467B2 (en) 2007-10-03 2011-07-12 Fuji Xerox Co., Ltd. Information processing device, information management device, information processing system and computer readable medium
JP2009289187A (ja) * 2008-05-30 2009-12-10 Toshiba Corp 持出制御システム、持出装置、管理装置、持出プログラムおよび管理プログラム
US10649424B2 (en) 2013-03-04 2020-05-12 Fisher-Rosemount Systems, Inc. Distributed industrial performance monitoring and analytics
US11385608B2 (en) 2013-03-04 2022-07-12 Fisher-Rosemount Systems, Inc. Big data in process control systems
US10866952B2 (en) 2013-03-04 2020-12-15 Fisher-Rosemount Systems, Inc. Source-independent queries in distributed industrial system
US10678225B2 (en) 2013-03-04 2020-06-09 Fisher-Rosemount Systems, Inc. Data analytic services for distributed industrial performance monitoring
US10649449B2 (en) 2013-03-04 2020-05-12 Fisher-Rosemount Systems, Inc. Distributed industrial performance monitoring and analytics
US10691281B2 (en) 2013-03-15 2020-06-23 Fisher-Rosemount Systems, Inc. Method and apparatus for controlling a process plant with location aware mobile control devices
US11169651B2 (en) 2013-03-15 2021-11-09 Fisher-Rosemount Systems, Inc. Method and apparatus for controlling a process plant with location aware mobile devices
US11573672B2 (en) 2013-03-15 2023-02-07 Fisher-Rosemount Systems, Inc. Method for initiating or resuming a mobile control session in a process plant
US10671028B2 (en) 2013-03-15 2020-06-02 Fisher-Rosemount Systems, Inc. Method and apparatus for managing a work flow in a process plant
US10649413B2 (en) 2013-03-15 2020-05-12 Fisher-Rosemount Systems, Inc. Method for initiating or resuming a mobile control session in a process plant
US10649412B2 (en) 2013-03-15 2020-05-12 Fisher-Rosemount Systems, Inc. Method and apparatus for seamless state transfer between user interface devices in a mobile control room
US10551799B2 (en) 2013-03-15 2020-02-04 Fisher-Rosemount Systems, Inc. Method and apparatus for determining the position of a mobile control device in a process plant
US11112925B2 (en) 2013-03-15 2021-09-07 Fisher-Rosemount Systems, Inc. Supervisor engine for process control
US10656627B2 (en) 2014-01-31 2020-05-19 Fisher-Rosemount Systems, Inc. Managing big data in process control systems
JP2016038919A (ja) * 2014-08-11 2016-03-22 フィッシャー−ローズマウント システムズ,インコーポレイテッド プロセス制御システムに対するデバイスの安全化
US10909137B2 (en) 2014-10-06 2021-02-02 Fisher-Rosemount Systems, Inc. Streaming data for analytics in process control systems
US11886155B2 (en) 2015-10-09 2024-01-30 Fisher-Rosemount Systems, Inc. Distributed industrial performance monitoring and analytics
US10503483B2 (en) 2016-02-12 2019-12-10 Fisher-Rosemount Systems, Inc. Rule builder in a process control network
US10685121B2 (en) 2017-10-17 2020-06-16 Quanta Computer Inc. Secure environment examination

Also Published As

Publication number Publication date
JPWO2007052342A1 (ja) 2009-04-30

Similar Documents

Publication Publication Date Title
WO2007052342A1 (fr) Programme de preservation d’informations, procede de preservation d’informations et systeme de preservation d’informations
US7546639B2 (en) Protection of information in computing devices
JP4781692B2 (ja) クライアントのi/oアクセスを制限する方法、プログラム、システム
US8219806B2 (en) Management system, management apparatus and management method
JP4656034B2 (ja) ストレージデバイスアクセスシステム
EP2345977B1 (fr) Ordinateur client pour protéger un fichier confidentiel, ordinateur serveur associé, procédé associé et programme d'ordinateur
US8561209B2 (en) Volume encryption lifecycle management
EP2256656A1 (fr) Gestion de clés pour protéger des données cryptées d'un dispositif informatique de point limite
US20120233428A1 (en) Apparatus and method for securing portable storage devices
JP4786501B2 (ja) データ管理システム、データ管理方法、情報処理装置
JP2007280096A (ja) ログ保全方法、プログラムおよびシステム
JP2003167606A (ja) プログラマブルコントローラまたはプログラマブル表示器およびそのユーザ認証方法
JP2005234729A (ja) 不正アクセス防御システム及びその方法
JP4044126B1 (ja) 情報漏洩抑止装置、情報漏洩抑止プログラム、情報漏洩抑止記録媒体、及び情報漏洩抑止システム
JP4948460B2 (ja) データ管理システム
CN113711261A (zh) 期限管理服务器、代理程序及终端借出系统
JP4830576B2 (ja) 情報処理装置、データ管理方法、プログラム
JP4683856B2 (ja) 認証プログラムおよび認証サーバ
JP4885168B2 (ja) 外部メディア制御方法、システム及び装置
TWI470458B (zh) A method and device for controlling control
WO2006059383A1 (fr) Procede et programme d’envoi de courrier electronique, programme d’approbation de courrier electronique, dispositif d’envoi de courrier electronique et systeme d’approbation/envoi de courrier electronique
JP2002312316A (ja) 不正アクセス防止装置および方法、不正アクセス防止用プログラム、記録媒体
WO2016193176A1 (fr) Dispositif électronique protégé à distance
JP2001056761A (ja) カードを用いたセキュリティ管理システム
JP2008181467A (ja) 携帯端末の情報流出防止装置

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application
WWE Wipo information: entry into national phase

Ref document number: 2007542189

Country of ref document: JP

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 05805423

Country of ref document: EP

Kind code of ref document: A1