WO2007099716A1 - Système de communication de données et mémoire portable - Google Patents

Système de communication de données et mémoire portable Download PDF

Info

Publication number
WO2007099716A1
WO2007099716A1 PCT/JP2007/000157 JP2007000157W WO2007099716A1 WO 2007099716 A1 WO2007099716 A1 WO 2007099716A1 JP 2007000157 W JP2007000157 W JP 2007000157W WO 2007099716 A1 WO2007099716 A1 WO 2007099716A1
Authority
WO
WIPO (PCT)
Prior art keywords
server
random number
data
portable memory
memory unit
Prior art date
Application number
PCT/JP2007/000157
Other languages
English (en)
Japanese (ja)
Inventor
Katsuhisa Suzuki
Masataka Tatsuno
Natsuki Mitani
Original Assignee
Bellwood International, Inc.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Bellwood International, Inc. filed Critical Bellwood International, Inc.
Publication of WO2007099716A1 publication Critical patent/WO2007099716A1/fr

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/78Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
    • G06F21/80Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data in storage media based on magnetic or optical technology, e.g. disks with sectors
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0838Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these

Definitions

  • the present invention relates to a data communication system, and more particularly to a data communication system capable of realizing a powerful data protection function for a file or the like between a portable memory and a server.
  • Japanese Patent Publication No. 2 0 0 4-2 1 9 5 6 discloses a flash memory in which others cannot access the stored data unless the password entered from the outside is correct.
  • An adapter for a portable storage medium such as a memory stick or a storage medium connected to a smart media, an SD card, a micromedia card, or the like is disclosed.
  • authentication is performed by inputting a password from a keypad or the like for file protection.
  • An object of the present invention is to provide a data communication system, a method thereof, and a portable memory capable of transmitting and receiving data such as files in a secure state between the portable memory and a server.
  • a data communication system includes a portable memory that stores data and generates a random number, a computer in which the portable memory is mounted, a random number, and communicates with the computer.
  • the portable memory is connected to the server in a state of being directly connected to the server, and the server generates a first random number generated by the portable memory.
  • the server By sharing the encryption key generated based on the second random number, data can be transmitted / received to / from the server while attached to the computer.
  • a common encryption key is generated for each using random numbers generated in a state where the portable memory is mounted on the server.
  • the portable memory of the invention of the second aspect generates an interface for inputting / outputting data to / from a computer capable of communicating with a server, memory for storing data, and random number generation.
  • Encryption Z decrypting means comprising: a random number generating means for encrypting data; an encryption function for encrypting data with an encryption key generated based on the random number generated by the random number generating means; and a decryption function for decrypting data A write operation for encrypting the data input via the interface to the encryption Z decryption means and writing it into the memory; and the encrypted data read from the memory to the encryption Z decryption means.
  • a read-out operation that is output via the interface after being decrypted, and a control unit that performs the following: a portable memory that is connected directly to the server and A shared encryption key generated based on the first random number generated by the portable memory and the second random number generated by the server. Data can be sent to and received from the server.
  • FIG. 1 is a functional block diagram of the data communication system 1 according to the present embodiment.
  • the data processing system 1 has a server 4, a memory unit 6, and a computer 10.
  • the server 4 and the computer 10 can communicate with each other via an arbitrary communication network 9 such as the Internet, a LAN (Local Area Network), or a data communication line.
  • an arbitrary communication network 9 such as the Internet, a LAN (Local Area Network), or a data communication line.
  • the computer 10 is a personal computer or the like having a known configuration equipped with a USB connector which is a known interface.
  • FIG. 2 shows a schematic configuration of the computer 10.
  • the computer 10 includes, for example, a USB interface 2 1, a display 2 2, an operation unit 2 3, a memory 2 4, a network interface 2 5, and a processing circuit connected via a bus 20.
  • a USB interface 2 1 is, for example, a USB connector conforming to the USB standard, but is not limited thereto.
  • FIG. 3 shows a schematic configuration of the memory unit 6 shown in FIG.
  • the memory unit 6 includes, for example, a USB plug 3 1, a USB controller 3 3, a flash memory controller 3 4, a flash memory 3 5, a random number generator 3 7, a timer 3 9, and a battery 4 1 And a microcomputer 4 3 and a biometric authentication unit 60 2.
  • the USB plug 3 1 is the USB interface of the computer 10 shown in Figure 2. Connected to the USB connector on face 21.
  • the USB controller 33 controls the microcomputer 43 to perform communication based on the USB protocol via the USB plug 31.
  • Such a USB controller 33 is commercially available.
  • the flash memory controller 34 performs a write operation and a read operation of the encrypted file (data) with respect to the flash memory 35 based on an instruction from the microcomputer 43.
  • the flash memory controller 34 stores a serial number unique to the memory unit 6.
  • the flash memory 35 stores the encrypted file.
  • an arbitrary media card incorporating the flash memory may be detachable.
  • the random number generator 37 for example, a device that generates a natural random number using a weak radioactive ray source and a sensor as disclosed in Japanese Patent No. 2926539 can be used. It should be noted that the present invention can also be implemented using a random number generator based on other types of hardware or a pseudo-random number generation function based on software.
  • the timer 39 has a time counting function including a crystal oscillator, for example. 41, and the memory unit 6 is disconnected from the computer 10 and the operation is continued even if the power is not supplied from the US plug 31.
  • the microcomputer 43 is a well-known single-chip computer having a CPU, RAM, ROM, flash memory, an interface port (bus) to the outside, and the like.
  • the microcomputer 43 is connected to the USB controller 33, the flash memory controller 34, the random number generator 37, and the timer 39, and the built-in CPU executes a program stored in the ROM.
  • the processing of the microcomputer 43 described in the present embodiment is executed based on the above program.
  • the ROM is unique to the microcomputer 43. A serial number is also stored.
  • the microcomputer 43 has encryption Z decryption means and control means.
  • the encryption Z decryption means has an encryption function for encrypting data stored in the flash memory 35 and a decryption function for decrypting data stored encrypted in the flash memory 35.
  • the control means has a control function for comprehensively controlling the operation of the memory unit 6.
  • File management information is stored in the flash memory in the microcomputer 43 shown in FIG.
  • File management information includes, for example, the name (file name) of the data (file) stored in the flash memory 35, the file size, the file storage address in the flash memory 35, the file update date and time, the flash memory 35 Stored data encryption method, encryption key, decryption conditions, update history information, etc.
  • Decryption conditions include the decryption permission period, the decryption permission period, the number of decryption permission times, the necessity of deletion in the case of expiration, etc., and the processing for unauthorized use.
  • the biometric authentication unit 602 acquires biometric data using a biometric sensor based on an instruction from the microcomputer 43 and outputs the biometric data to the micro computer 43. It is. Then, the microcomputer 43 registers the biometric data acquired from the biometric authentication unit 60 2 in advance in the storage means such as the flash memory or the flash memory 35 of the microcomputer 43 or the server 4 (storage). ) Verify the biometric data and output the authentication result.
  • biometrics to be authenticated examples include fingerprints, blood vessel patterns, eye glow patterns, and the like. Further, only one user may be registered as biometric data, or a plurality of users may be registered.
  • FIG 4 and 5 are external perspective views of the memory unit 6 according to the present embodiment.
  • the memory housing 5 7 has the USB controller 3 3 and flash memo shown in Figure 3.
  • USB plug that houses the controller 3 4, flash memory 3 5, random number generator 3 7, timer 3 9, battery 4 1, microcomputer 4 3, biometric authentication unit 60 2, and configures the interface 3 Make 1 protrude outside the housing.
  • a protection unit (protection means) 50 is provided outside the memory casing 57.
  • the protection part 50 is provided with receiving lids 51a and 51b at one end, and the other end is open.
  • the storage lids 51a and 51b are provided so as to be rotatable about the shafts 53a and 53b, respectively, in a state of being biased in the rotational direction for closing the lid.
  • the protection unit 50 can slide the outside of the memory casing 57 between the first position that covers the USB plug 31 and the second position that does not cover the USB plug 31. ing.
  • FIG. 5 shows an external perspective view of the state in which the protection unit 50 is located at the first position. In this state, the housing lids 51a and 51b are closed by the urging force. The USB plug 31 is covered with the protective means 50.
  • FIG. 4 shows an external perspective view of the state in which the protective part 50 is located at the second position. In this state, the urging force is exerted by the pressing force of the USB plug 31 and the memory casing 57. The storage lids 5 1 a and 5 1 b are opened, and the open state is held by the upper Z lower surface of the memory housing 5 7, and the USB plug 31 is not covered by the protection means 50.
  • the biometric authentication unit 6 0 2 includes a sensing unit 6 0 2 a, and acquires biometric data by the sensing unit 6 0 2 a.
  • the sensing unit 6 0 2 a is shown in Fig. 4.
  • the USB plug 31 is exposed to the outside through an opening window (opening) 50 c formed in the protection unit 50 in a state where the USB plug 31 is not recovered by the protection unit 50.
  • the server 4 includes, for example, an authentication server, a file server, a content management server, a gateway I server, and a history database.
  • the authentication server manages user information and authority.
  • Figure 6 shows the schematic configuration of this authentication server. As shown in Fig. 6, the authentication server is connected via bus 4 5 0, network interface 4 5 1, operation unit 4 5 2, memory 4 5 3, USB interface 4 5 4, random number generator 4 5 5 and processing circuit 4 5 7.
  • the random number generator 4 5 5 uses a weak radioactive ray source and a sensor as disclosed in, for example, Japanese Patent No. 2 9 2 6 5 39, similarly to the random number generator 37.
  • a device that generates natural random numbers can be used.
  • the present invention can also be implemented using a random number generator + generator using another type of hardware, or a pseudo-random number generation function using software.
  • the file server stores files created by the user.
  • the content management server manages usage rights and automatic processing settings for files.
  • the gateway server executes file encryption / decryption processing using an encryption key in communication with an arbitrary computer.
  • the history database stores and manages user and file history.
  • the server 4 and the memory unit 6 are directly connected to the encryption key. That is, the USB plug 3 1 of the memory unit 6 is inserted into the slot of the USB interface 4 5 4 of the server 4, and the random number generator 4 5 of the server 4 is inserted. It is generated based on the random number generated in 5 and the random number generated by the random number generator 37 in the memory unit 6. Moreover, generation and sharing can be exemplified in the following manner. (1) In the microcomputer 4 3 of the memory unit 6, an arbitrary random number is generated based on the random number generated by its own random number generator 37 and the random number generated and input by the random number generator 45 5 of the server 4. A mode in which an encryption key is generated using an algorithm and shared by outputting the encryption key to the server 4. (2) In the server 4, the random number generated by its own random number generator 4 5 5 and the memory unit ⁇ 6 random number generator
  • the server 4 stores the shared encryption key in association with the identification data of the memory unit 6.
  • the memory unit 6 stores a shared encryption key in a recording area such as a flash memory in the microcomputer 43.
  • FIG. 7 is a flowchart for explaining the registration process of the first memory unit 6 Step S 1 1: The USB interface 3 of the USB interface 4 5 4 of the server 4 is inserted into the USB plug 3 1 shown in FIG. Plug in.
  • Step S 1 2 Random number generator 4 5 5 of server 4 shown in FIG. 6 generates random numbers. Also, random numbers are generated in a random number generator 37 of the memory unit 6 shown in FIG.
  • Step S 1 3 Input and output random numbers generated between the server 4 and the memory unit 6.
  • Step S 14 Based on the random number generated by the random number generator 4 5 5 in Step S 1 2 and the random number input from the memory unit ⁇ 6 in Step S 1 3 in the processing circuit 4 5 7 of the server 4 A cryptographic key is generated using a predetermined algorithm.
  • a predetermined algorithm is executed based on the random number generated by the random number generator 37 in step S12 and the random number input from the server 4 in step S13. Use to generate encryption key.
  • the algorithm is set so that the encryption key is the same as the encryption key generated by the server 4.
  • Step S 15 The server 4 registers (stores) the encryption key generated in step S 14 in association with the identification data of the memory unit 6.
  • the memory unit 6 also stores the encryption key generated in step S 14 in a storage area such as a flash memory in the micro computer 43.
  • the new encryption key is obtained by connecting the memory unit 6 to the computer 10 and connecting the random number generated by the random number generator 4 5 5 of the server 4 and the random number generator 3 7 of the memory unit 6 between the server 4 and the memory unit 6.
  • the generated random numbers are sent and received via the communication network 9 and generated based on them.
  • the data is encrypted with the already-shared encryption key.
  • the generation and sharing can be exemplified by the following manner.
  • the random number generated by its own random number generator 4 5 5 and the received memory unit 6 A mode in which an encryption key is generated using an arbitrary algorithm based on the random number generated by the random number generator 37 and is shared by transmitting the encryption key to the memory unit 6, (3)
  • the memory unit 6 and the server In both modes, each uses a predetermined algorithm based on the random number generated by its own random number generator and the random number generated by the other party's random number generator.
  • the server 4 stores the shared encryption key in association with the identification data of the memory unit 6.
  • the memory unit 6 stores a shared encryption key in a storage area such as a flash memory in the microcomputer 43.
  • FIG. 8 is a flowchart for explaining the encryption key registration process for the second and subsequent times. This process is performed with the memory unit 6 attached to the computer 10 as shown in FIG.
  • Step S 2 1 The random number generator 4 5 5 of the server shown in FIG. 6 generates a random number. Also, random numbers are generated in the random number generator 37 of the memory unit 6 shown in FIG.
  • Step S 2 2 The processing circuit 4 5 7 of the server shown in FIG. 6 encrypts the random number generated in Step S 2 1 with the already-shared encryption key, and transmits the memory unit via the communication network 9. Send to.
  • the microcomputer 43 of the memory unit 6 encrypts the random number generated in step S 21 using the encryption key already shared and transmits it to the server via the communication network 9.
  • Step S 2 3 Each of the server and the memory unit 6 generates a new encryption key using a predetermined algorithm based on the random number generated by itself and the random number received from the other party.
  • Step S 24 The server registers (stores) the new encryption key generated in step S 23 in association with the memory unit 6 and the identification data. Memory Unit 6 also uses the new encryption key generated in Step S 23 to
  • the new encryption key is used for encryption of data to be transmitted / received at the next data transmission / reception performed between the server 4 and the memory unit 6.
  • the memory unit 6 executes the following initial operation when the user issues a request to start the application to the computer 10 shown in FIG. That is, when the USB plug 3 1 of the memory unit 6 shown in FIG. 6 is inserted into the USB connector of the USB interface 21 of the computer 10 shown in FIG. 2, the OS executed by the processing circuit 26 of the computer 10 ( Operating System) recognizes the memory unit 6 as an external storage device that is the same as a normal USB memory device and assigns a drive.
  • Operating System Operating System
  • the OS executed by the processing circuit 26 is Windows (registered trademark) XP, for example, the drive corresponding to the memory unit 6 is allocated in the folder of My Computer. Then, when the user operates the operation unit 23 to double-click the icon assigned to the drive of the memory unit 6 based on the screen displayed on the display 22, the microcomputer 43 of the memory unit 6 is Perform initial operation.
  • Windows registered trademark
  • FIG. 9 is a flow chart for explaining the initial operation executed by the memory unit 6.
  • Step S 4 1 The microcomputer 4 3 shown in FIG. 6 determines whether or not the biometric (for example, fingerprint) authentication process should be started.
  • biometric for example, fingerprint
  • the processing circuit 26 of the computer 10 shown in FIG. 2 displays a biometric authentication screen on which icons of “biometric authentication start” and “cancel” are displayed on the display 22. The user then double-clicks the “Start biometric authentication” icon. By checking, the microcomputer 43 shown in FIG. 3 determines that the biometric authentication process should be started. On the other hand, when the “Cancel” icon is double-clicked, the microcomputer 43 determines that the biometric authentication process should not be started and ends the process.
  • Step S42 The microcomputer 43 performs a biometric authentication process.
  • the biometric authentication process will be described in detail later.
  • Step S 4 3 The microcomputer 43 determines whether or not the result of the biometric authentication process performed in Step S 4 2 is biometric authentication OK. If the determination is affirmative, the process proceeds to step S44. If the determination is negative, the process ends.
  • Step S 4 4 The microcomputer 43 determines whether the file management process or the file transmission / reception process is selected. If the file management process is selected, the process proceeds to S 45 and the file transmission / reception process is selected. If yes, go to S 4 6. This is because the main menu screen with the “File Management” and “File Send / Receive” icons is displayed on the display 2 2 of the computer 10 and if “File Management” is selected by the user, S 4 5 is displayed. If file transmission / reception is selected, the process proceeds to S 46.
  • Step S45 The microcomputer 43 executes file management processing.
  • the file management process will be described in detail later.
  • Step S46 The microcomputer 43 executes file transmission / reception processing.
  • the file transmission / reception process will be described in detail later.
  • FIG. 10 is a flowchart for explaining biometric authentication processing such as step S 42 shown in FIG.
  • Step S51 The microcomputer 43 requests the user for biometric (for example, fingerprint) authentication.
  • biometric for example, fingerprint
  • the microcomputer 43 sends a predetermined request to the computer 10 to which the memory unit 6 is attached, and the network of the computer 10
  • the interface displays an image corresponding to the request on the display 22.
  • Step S 52 The microcomputer 43 compares the biometric data obtained by the biometric authentication unit 60 2 in response to the request of step S 51 with the biometric data registered (stored) in advance. It is determined whether or not. Then, the microcomputer 43 proceeds to step S53 if the determination is affirmative, and proceeds to step S54 if the determination is negative.
  • the biometric data may be registered (stored) in the server or registered (stored) in the memory unit 6. If it is registered (stored) in the server, the microcomputer 4 3 sends the biometric data obtained by the biometric authentication unit 60 2 to the server in response to the request in step S 51, and matches from the server. The determination result of whether or not is received.
  • Step S 53 The microcomputer 43 finishes the process assuming that the biometric authentication is OK because the biometric data obtained by the biometric authentication unit 60 2 matches the biometric data registered in advance. To do.
  • Step S 5 4 The microcomputer 4 3 determines whether or not the processing in step S 52 has been performed within the specified number of times. If the determination is affirmative, the process proceeds to step S 55 and a negative determination is made. If YES, go to step S56.
  • Step S 5 5 The microcomputer 4 3 displays authentication failure and requests authentication again, and returns to step S 5 2.
  • Step S 5 6 The microcomputer 4 3 determines whether or not countermeasures against unauthorized use are set.
  • measures against unauthorized use measures such as deleting data stored in flash memory 35 when a person other than a legitimate user whose biometric data is registered attempt to use it are set. It is a thing. Also, whether or not countermeasures against unauthorized use are set is included in the file management information.
  • the flash memory 35 may be set as one unit, or may be set for each folder or file provided in the flash memory 35.
  • step S 57 If an affirmative determination is made in this step, the process proceeds to step S 57 and a negative determination is made. If YES, go to step S61.
  • Step S 5 7 The microcomputer 4 3 determines whether or not deletion designation is set. If a positive determination is made, the process proceeds to step S58. On the other hand, if the determination is negative, the process proceeds to step S 59.
  • Step S 5 8 The microcomputer 43 performs the process of deleting the file stored in the flash memory 35.
  • Step S 5 9 The microcomputer 4 3 performs the invalidation processing of the file stored in the flash memory 3 5.
  • the invalidation process can be exemplified as a process for making the file unusable.
  • Step S 60 The microcomputer 43 records a history.
  • Step S 6 1 The microcomputer 4 3 ends the process as biometric authentication NG.
  • FIG. 11 is a flowchart for explaining the file management processing in step S 45 shown in FIG.
  • Step S 7 1 The microcomputer 4 3 displays the file management screen on the display 2 2 of the computer 10 shown in FIG. On the file management screen, a list of files stored in the flash memory 35 shown in FIG. 3 is displayed.
  • Step S 7 2 The microcomputer 4 3 obtains information on which file is selected from the file list displayed on the file management screen when the user operates the operation unit 23 shown in FIG. To do.
  • Step S73 The microcomputer 43 determines whether or not biometric authentication is necessary to use (read out) the file selected by the user in Step S72. If the determination is affirmative, the process proceeds to S74. If the determination is negative, the process proceeds to step S76.
  • Step S74 The microcomputer 43 performs the biometric authentication process described above.
  • Step S 75 The microcomputer 43 determines whether or not the result of the biometric authentication process in step S 74 is biometric authentication OK. If the determination is affirmative, the process proceeds to step S 76. On the other hand, if a negative determination is made, the process ends.
  • Step S 7 6 The microcomputer 43 calls the application corresponding to the file selected by the user in Step S 72 and opens the file. At this time, the microcomputer 43 decrypts the file read from the flash memory 35 with the corresponding encryption key.
  • Step S77 The microcomputer 43 generates a new random number in the random number generator 37, and generates an encryption key based on the random number.
  • Step S78 The microcomputer 43 monitors the update status of the file until the application that opened the file ends.
  • Step S79 The microcomputer 43 determines whether or not the file has been updated when the use of the file is terminated. If the determination is affirmative, the microcomputer proceeds to step S80. On the other hand, if the determination is negative, the process proceeds to step S81.
  • Step S 80 The microcomputer 43 encrypts the updated file with the encryption key newly generated in Step S 77 and writes it in the flash memory 35.
  • Step S81 The microcomputer 43 updates the file management information.
  • Step S82 The microcomputer 43 records the above process history.
  • FIG. 12 is a flowchart for explaining the file transmission / reception process.
  • Step S 1 0 1 The microcomputer 4 3 shown in FIG. 3 can send a file from the computer 10 with the memory unit 6 to the server and the memory unit 6 can receive the file from the server. Can use the file send / receive function, that is, can access the server Determine if it is an environment. If the determination is negative, the process proceeds to S 1 0 2. If the determination is affirmative, the process proceeds to S 1 0 3.
  • Step S 1 0 2 The microcomputer 4 3 displays on the display 2 2 of the computer 10 that the file transmission / reception function cannot be used, and ends the process.
  • Step S 1 0 3 The microcomputer 4 3 receives the user authentication data encrypted with a server and a shared encryption key in advance and the identification data of the memory unit 6 via the computer 10. Send to.
  • the server 4 decrypts the received user authentication data with a shared encryption key stored in advance, performs authentication processing, and transmits the result to the memory unit 6 via the computer 10.
  • Step S 1 0 4 The microcomputer 4 3 proceeds to step S 1 0 5 if the result of the authentication process received in step S 1 0 3 is affirmative, and proceeds to step S 1 if it is negative. Proceed to 1 0 2.
  • Step S 1 0 5 A new encryption key is shared between the server 4 and the memory unit 6 using the method described above.
  • Step S 10 6 The microcomputer 43 performs automatic transmission / reception processing. This process will be described in detail later.
  • Step S 1 0 7 The microcomputer 4 3 determines which one of the transmission process and the reception process is selected, and when the transmission process is selected, the process proceeds to Step S 1 0 8 and the reception process is selected. If YES, go to step S 1 0 9. This is because the main menu screen with the icons “transmission process” and “reception process” is displayed on the display 22 of the computer 10 and when the user selects “ ⁇ transmission process”, S 1 0 Proceed to 8, and if reception processing is selected, proceed to S 1 0 9.
  • Step S 1 0 8 The microcomputer 4 3 performs transmission processing. This process will be described in detail later.
  • Step S 1 0 9 The microcomputer 4 3 performs reception processing. Concerned The processing will be described in detail later.
  • FIG. 13 is a flow chart for explaining the automatic transmission / reception processing executed by the memory unit 6.
  • Step S 1 1 1 The microcomputer 43 of the memory unit 6 determines whether or not the memory unit 6 has been lost or lost in the server 4 in the server 4, and if the determination is affirmative, step S 1 1 2 Proceed, otherwise, terminate the process.
  • Step S 1 1 2 The microcomputer 43 performs unauthorized use processing described later.
  • FIG. 14 is a flowchart for explaining the unauthorized use processing in step S 1 1 2 shown in FIG.
  • Step S 1 31 The microcomputer 43 shown in FIG. 3 determines whether or not all the files stored in the flash memory 35 have been checked. Then, the microcomputer 43 ends the execution of this process with an affirmative determination, and proceeds to step S 1 32 with a negative determination.
  • Step S 1 32 The microcomputer 43 selects one unchecked file among the files stored in the flash memory 35.
  • Step S 1 33 The microcomputer 43 deletes the file selected in step S 1 32. This process will be described in detail later.
  • Step S 1 34 The microcomputer 43 records the deletion history of step S 1 33.
  • FIG. 15 is a flowchart for explaining the deletion process in step S 1 33 shown in FIG.
  • Step S1 41 The microcomputer 43 is the step shown in Fig. 14. Get the file length from the header information of the file selected in S1 3 2.
  • Step S 1 4 2 The microcomputer 4 3 overwrites all information areas of the file with NULL data according to the file length.
  • Step S 1 4 3 The microcomputer 4 3 sets the file header to N
  • Step S 1 4 4 The microcomputer 4 3 deletes the file management information.
  • FIG. 16 is a flowchart for explaining the transmission process.
  • Step S 1 6 1 The microcomputer 4 3 displays the file transmission screen on the display 2 2 of the computer 10 shown in FIG. On the file transmission screen, a list of files stored in the flash memory 35 shown in FIG. 3 is displayed.
  • Step S 1 6 2 The microcomputer 4 3 obtains information indicating which file has been selected from the file list displayed on the file transmission screen by the user operating the operation unit 23.
  • Step S 1 6 3 The microcomputer 4 3 determines whether or not biometric authentication is necessary to transmit the file selected in Step S 1 6 2. If the determination is affirmative, go to S 1 6 4; if the determination is negative, step
  • Step S 1 6 4 The microcomputer 4 3 executes the biometric authentication process described above.
  • Step S 1 6 5 The microcomputer 43 determines whether or not the biometric authentication in step S 16 4 is OK. If the determination is affirmative, proceed to step S 1 6 7. On the other hand, if a negative determination is made, the process proceeds to step S 1 6 6.
  • Step S 1 6 6 The microcomputer 4 3 ends this process without transmitting the selected file.
  • Step S 1 6 7 The microcomputer 4 3 transmits the encrypted file read from the flash memory 3 5 as it is to the server 4 via the computer 10.
  • Step S 1 6 8 The microcomputer 4 3 proceeds to step S 1 69 if it is a file move, and proceeds to step S 1 7 0 if it is a copy.
  • Step S 1 6 9 The microcomputer 4 3 deletes the selected file. The process described above is used as the deletion process.
  • Step S 1 70 The microcomputer 4 3 stores the history of processing described above.
  • FIG. 17 is a flowchart for explaining the reception process.
  • Step S 1 8 1 The microcomputer 4 3 is a file stored in the file server by accessing the content management server in the server via the computer 10 and used by a user who uses the memory unit 6.
  • the file reception screen that displays a list of files that can be displayed is displayed on the display 2 2 of the computer 10 shown in FIG.
  • Step S 1 8 2 The microcomputer 4 3 displays information indicating which file has been selected from the file list displayed on the file reception screen by operating the operation unit 23 shown in FIG. get.
  • Step S 1 8 3 The microcomputer 4 3 determines whether or not biometric authentication is necessary to use (read out) the file selected in Step S 1 8 2. If the determination is affirmative, the process proceeds to S 1 8 4. If the determination is negative, the process proceeds to Step S 1 8 7.
  • Step S 1 8 4 The microcomputer 4 3 executes biometric authentication processing. As the biometric authentication process, the above-described one is used.
  • Step S 1 8 5 The microcomputer 4 3 determines whether or not the biometric authentication in step S 1 8 4 is OK. If the determination is affirmative, Proceed to step S 1 8 7. On the other hand, if a negative determination is made, the process proceeds to step S 1 8 6.
  • Step S 1 8 6 The microcomputer 4 3 ends this process without receiving the selected file.
  • Step S 1 8 7 The microcomputer 4 3 receives the file stored in the file server. At that time, the file is encrypted with the encryption key generated based on the random number generated by the random number generator 4 5 5 of the server. Then, the encryption key is encrypted with the already-shared encryption key and sent to the memory unit.
  • Step S 1 8 8 The microcomputer 4 3 stores the history of processing described above.
  • any known method such as scrambling can be adopted as the encryption method used in the present embodiment.
  • a random number may be used to randomly select an encryption method from among a plurality of encryption methods, and encryption may be performed using an encryption key generated using the random number.
  • the encryption method is also recorded in the file management information.
  • the memory unit 6 can improve the security because the encryption key is changed each time the file (data) stored in the flash memory 35 is used.
  • the USB plug 31 can be covered with the protective part 50 by a simple operation of sliding the operation part 55.
  • the memory unit 6 since the memory unit 6 stores data in a secure module outside the computer 10 instead of in the computer 10, it can provide a powerful data protection function for data files. In addition, in the memory unit 6, even if only the memory unit is lost or stolen, the data cannot be decrypted without the corresponding encryption key, so that the risk of data leakage is low.
  • Memory Unit 6 it is possible to set decryption conditions such as the necessity of multiple types of authentication, deletion conditions, and expiration dates. For example, in addition to protecting confidential data files for business, various management such as management of paid contents
  • the protection function can be set arbitrarily according to the needs of the company.
  • the memory unit 6 of the present embodiment since user authentication is performed by biometric authentication instead of a password, the user does not need to remember a password. Also, unauthorized use due to password leaks can be eliminated.
  • the computer 10 connected to the communication network 9 tries to use the memory unit 6, it automatically connects to the server and is lost. ⁇ Check for theft. Then, if the memory unit 6 is lost or stolen, it is registered in the server, and all data in the memory unit is erased remotely. Thereby, even when the memory unit 6 is stolen, the confidentiality of the stored data can be maintained.
  • the memory unit 6 When the memory unit 6 is used, it is preferable to use an OS other than the OS of the computer 10 into which the memory unit 6 is inserted.
  • an OS that is activated by a recording medium for example, an optical disk
  • a dedicated OS may be used, or when the dedicated OS is stored in the memory unit 6 and the memory unit 6 is attached to the computer 10.
  • the OS may be started immediately.
  • the biometric authentication screen can be displayed on the display without the user double-clicking the icon of the computer 10 to which the drive is assigned.
  • a storage medium other than the memory unit 6 such as a hard disk or a USB memory is not connected. This allows you to disconnect the hard disk and other storage media and start up the memory unit. You can protect your data from viruses and spyware lurking in your PC's OS (eg Windows®).
  • KN0PP I X is used as the dedicated OS.
  • KN0PP I X you can boot from a CD or DVD, so you can use various commands and applications in the Linux environment without changing the hard disk.
  • a computer with only another OS installed, such as Windows (registered trademark) you can use Linux by booting from a CD-ROM.
  • the data communication system includes a server 4, a management memory unit 6, a non-management (general) memory unit 6 and a computer 10 having a management memory unit 6 and a non-management (general) memory unit 6.
  • a server 4 a management memory unit 6, a non-management (general) memory unit 6
  • a computer 10 having a management memory unit 6 and a non-management (general) memory unit 6.
  • the same processing as the memory unit 6 in the first embodiment can be executed.
  • the management memory unit 6 is used, for example, to manage files (data) stored in the server 4. More specifically, by using the management memory unit 6, it is possible to update the file stored in the server 4, and set the expiration date and usage authority. In addition, by using the management memory unit 6, management processing such as new registration, deregistration, and loss setting of the non-management (general) memory unit 6 can be performed.
  • the user can register both the management memory unit 6 and the non-management (general) memory unit 6 by the registration process described with reference to FIG. 7 in the same manner as the memory unit in the first embodiment.
  • the user does not directly attach the non-management (general) memory unit 6 to the server 4, and the registration process described with reference to FIG. It is possible to register using the registered memory unit 6 registered by.
  • the encryption key is shared between the server 4 and the non-management memory unit 6 to be registered this time.
  • the encryption key is generated between the server 4 and the non-management memory unit 6 to be registered, the random number generated by the random number generator 4 5 5 of the server 4, the random number generated by the random number generator 3 7 of the non-management memory unit 6, etc. Are transmitted and received via the communication network 9 and generated based on them.
  • the random numbers are encrypted with the encryption key shared between the registered management memory unit 6 and the server 4.
  • the generation and sharing can be exemplified by the following manner. (1) Based on the random number generated by its own random number generator 37 and the received random number generator 4 55 of the server 4 in the microcomputer 4 3 of the non-management memory unit 6 to be registered An encryption key is generated using an arbitrary algorithm and shared by sending the encryption key to server 4 (2) Generated by server 4 with its own random number generator 4 5 5 Generates an encryption key using an arbitrary algorithm based on the random number and the random number generator 3 7 of the received non-management memory unit 6 to be registered, and sends the encryption key to the memory unit 6 (3) Based on the random number generated by its own random number generator and the random number generated by the other party's random number generator in both the non-management memory unit 6 and the server 4 Each using a predetermined algorithm Aspect that generates a.
  • the server 4 stores the shared encryption key in association with the identification data of the non-management memory unit 6 to be registered this time.
  • the non-management memory unit 6 stores a shared encryption key in a flash memory or the like in the microcomputer 43.
  • FIG. 18 is a flowchart for explaining the registration process for registering the non-management memory unit 6 using the registered management memory unit 6.
  • Step S 2 0 1 Install the registered management memory unit 6 in the computer 10. Specifically, the USB plug 3 1 of the registered management memory unit 6 registered using FIG. 7 is inserted into the slot of the USB interface 2 1 of the computer 10. In addition, the non-management memory unit 6 to be registered this time is attached to the computer 10. Specifically, the USB plug 3 1 of the non-management memory unit 6 to be registered is inserted into another slot of the USB interface 2 1 of the computer 10.
  • Step S 2 0 2 A new encryption key is shared between the server 4 and the management memory unit 6. The sharing is performed by the method described with reference to FIG. 8 in the first embodiment.
  • Step S 2 0 3 Random number generator 4 5 5 of server 4 generates a random number. A random number is generated in the random number generator 37 of the non-management memory unit 6 to be registered this time.
  • Step S 2 0 4 Server 4 encrypts the random number generated in step S 2 0 3 using the encryption key shared in step S 2 0 2, and this time the registration target unmanaged memory unit 6 Send to.
  • the received random number is decrypted based on the encryption key shared in step S 2 0 2.
  • the micro computer 4 3 of the non-management memory unit 6 encrypts the random number generated by the random number generator 37 in step S 2 0 3 with the encryption key shared in step S 2 0 2, and Send to server.
  • Step S 2 0 5 The server processing circuit 4 5 7 uses a predetermined algorithm based on the random number generated in Step S 2 0 3 by itself and the random number received in Step S 2 0 4. Generate a new encryption key.
  • the microcomputer 43 of the non-management memory unit 6 has a predetermined value based on the random number generated by the random number generator 37 in step S 2 0 3 and the random number received in step S 2 0 4.
  • a new encryption key is generated using an algorithm.
  • the algorithm is set so that the encryption key is the same as the encryption key generated by the server 4.
  • Step S 2 0 6 The server 4 registers (stores) the encryption key generated in Step S 2 0 5 in association with the identification data of the non-management memory unit 6.
  • the non-management memory unit 6 also stores the encryption key generated in step S 2 0 5 in a flash memory or the like in the microcomputer 43.
  • the non-management memory unit 6 can be registered using the management memory unit 6 registered in advance.
  • the memory unit 6 and the server 4 are directly connected.
  • the non-management memory unit 6 uses the previously registered management memory unit 6. It is possible to register without connecting directly to server 4. As a result, the burden of registering the non-management memory unit 6 can be reduced.
  • the registration of the non-management memory unit 6 to be registered is performed with the registered management memory unit 6 attached to the computer 10.
  • the management memory unit 6 is removed from the computer 10 and the registration target Registration processing of the management memory unit 6 may be performed.
  • multiple non-management memory units must be registered using the registered management memory unit without being directly connected to the server 4. Be able to. This reduces the burden of registering multiple non-management memory units.
  • the data communication system includes a server 4, a computer 10, and a plurality (n) of memory units 6. All of the n memory units 6 can execute the same processing as the memory unit 6 in the first embodiment.
  • the first memory in n units As described in the first embodiment, the server 6 and the memory unit 6 are directly connected to share the encryption key between the server 4 and the memory unit 6, and the unit 6 is connected to the server 4. sign up. Then, the other (n — 1) memory units 6 can be registered using the previously registered memory units 6.
  • This method can be realized by using the method described in the second embodiment.
  • “management memory unit” is the ⁇ first memory unit ”, and“ non-management memory unit ”is the ⁇ second and subsequent memory units”, What is necessary is just to read.
  • the flash memory 35 is exemplified as the memory in the present invention.
  • other recording media such as a semiconductor memory, an optical disk, a HDD (Hard Disk Drive), etc. other than the flash memory 35 are used. Also good.
  • the microcomputer 43 has exemplified the case where the encryption function, the decryption function, and the control function are realized.
  • these functions may be realized by a plurality of circuits.
  • the memory unit 6 includes the timer 39 and the battery 41 is illustrated. However, when the file expiration handling processing is not performed, these are performed. It does not have to be built in.
  • the present invention is applicable to a data communication system using a portable memory.
  • FIG. 1 is a functional block diagram of a data communication system according to the first embodiment of the present invention. is there.
  • FIG. 2 is a block diagram of the computer shown in FIG. 1.
  • FIG. 3 is a configuration diagram of the memory unit shown in FIG. 1.
  • FIG. 4 An external perspective view of the memory unit with the protector in the second position.
  • FIG. 5 An external perspective view of the memory unit with the protection part in the first position.
  • FIG. 6 is a block diagram of the server shown in FIG. 1.
  • FIG. 7 is a flowchart for explaining the memory unit registration process.
  • FIG. 8 A flow chart for explaining encryption key generation processing for the second and subsequent times.
  • FIG. 9 A flow chart explaining the initial operation performed by the memory unit.
  • FIG. 10 is a flowchart for explaining the biometric authentication process.
  • FIG. 11 A flowchart for explaining the file management process.
  • FIG. 12 A flow chart for explaining file transmission / reception processing.
  • FIG. 13 is a flowchart for explaining automatic transmission / reception processing.
  • FIG. 14 A flow chart for explaining unauthorized use processing.
  • FIG. 15 is a flowchart for explaining the deletion process.
  • FIG. 16 is a flowchart for explaining the transmission process.
  • FIG. 17 is a flowchart for explaining the reception process.
  • FIG. 18 is a flowchart for explaining the registration process of a non-management memory unit using a management memory unit.

Abstract

La présente invention concerne un système de communication de données comportant une mémoire portable pour générer un nombre aléatoire, un ordinateur pour installer la mémoire portable, et un serveur pour générer un nombre aléatoire et communiquer avec ledit ordinateur. La mémoire portable partage avec le serveur une clé de chiffrement (tout en étant connectée directement au serveur) du type qui est générée sur la base du premier nombre aléatoire généré par la mémoire portable et du deuxième nombre aléatoire généré par le serveur, de sorte qu'elle puisse envoyer les données au serveur, et les recevoir de celui-ci, tout en étant installée sur l'ordinateur.
PCT/JP2007/000157 2006-03-01 2007-03-01 Système de communication de données et mémoire portable WO2007099716A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
JP2006054968 2006-03-01
JP2006-054968 2006-03-01

Publications (1)

Publication Number Publication Date
WO2007099716A1 true WO2007099716A1 (fr) 2007-09-07

Family

ID=38458838

Family Applications (2)

Application Number Title Priority Date Filing Date
PCT/JP2007/000159 WO2007099717A1 (fr) 2006-03-01 2007-03-01 Système de traitement de données et mémoire portable
PCT/JP2007/000157 WO2007099716A1 (fr) 2006-03-01 2007-03-01 Système de communication de données et mémoire portable

Family Applications Before (1)

Application Number Title Priority Date Filing Date
PCT/JP2007/000159 WO2007099717A1 (fr) 2006-03-01 2007-03-01 Système de traitement de données et mémoire portable

Country Status (1)

Country Link
WO (2) WO2007099717A1 (fr)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2009118327A (ja) * 2007-11-08 2009-05-28 Fuji Xerox Co Ltd 画像形成装置、プログラム、および媒体
JP2020145572A (ja) * 2019-03-06 2020-09-10 株式会社Ihi 通信装置、事前共有鍵の更新方法及び事前共有鍵の更新プログラム

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP5286855B2 (ja) * 2008-03-17 2013-09-11 富士通株式会社 リモートコピー方法及びストレージシステム

Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH0568033A (ja) * 1991-09-06 1993-03-19 Nippon Telegr & Teleph Corp <Ntt> 暗号通信装置
JPH11249825A (ja) * 1998-03-04 1999-09-17 Nec Corp 共通鍵管理方法およびこれを用いたデータ読み取り装置並びにicカードシステム
JP2000151576A (ja) * 1993-09-29 2000-05-30 Pumpkin House:Kk コンピュ―タを用いて暗号化/復号方法を実現するためのプログラム記録媒体
JP2001216546A (ja) * 2000-01-31 2001-08-10 Amano Corp 電子式タイムレコーダ
JP2001236232A (ja) * 2000-02-25 2001-08-31 Ntt Data Corp Icカードシステム、icカード、icカード処理方法及び記録媒体
JP2002157586A (ja) * 2000-11-17 2002-05-31 Nec Corp 指紋認証装置,指紋認証システムおよび指紋認証方法
JP2004348475A (ja) * 2003-05-22 2004-12-09 Hitachi Ltd 携帯電話端末及びicカード及び管理装置及び決済端末及びicカード管理方法及びプログラム
JP2005018251A (ja) * 2003-06-24 2005-01-20 Renesas Technology Corp 乱数発生装置
JP2005115418A (ja) * 2003-10-02 2005-04-28 Toshiba Corp 駅務システム
JP2005244534A (ja) * 2004-02-26 2005-09-08 Hitachi Ltd 暗号通信装置および暗号通信方法
JP2006018687A (ja) * 2004-07-02 2006-01-19 Sony Corp 可搬型メモリ装置

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPS63113729A (ja) * 1986-10-31 1988-05-18 Toppan Printing Co Ltd Icカ−ド
JP2003250183A (ja) * 2002-02-26 2003-09-05 Matsushita Electric Ind Co Ltd Icカード、端末、通信端末、通信局、通信機器及び通信制御方法
JP2005122402A (ja) * 2003-10-15 2005-05-12 Systemneeds Inc Icカードシステム

Patent Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH0568033A (ja) * 1991-09-06 1993-03-19 Nippon Telegr & Teleph Corp <Ntt> 暗号通信装置
JP2000151576A (ja) * 1993-09-29 2000-05-30 Pumpkin House:Kk コンピュ―タを用いて暗号化/復号方法を実現するためのプログラム記録媒体
JPH11249825A (ja) * 1998-03-04 1999-09-17 Nec Corp 共通鍵管理方法およびこれを用いたデータ読み取り装置並びにicカードシステム
JP2001216546A (ja) * 2000-01-31 2001-08-10 Amano Corp 電子式タイムレコーダ
JP2001236232A (ja) * 2000-02-25 2001-08-31 Ntt Data Corp Icカードシステム、icカード、icカード処理方法及び記録媒体
JP2002157586A (ja) * 2000-11-17 2002-05-31 Nec Corp 指紋認証装置,指紋認証システムおよび指紋認証方法
JP2004348475A (ja) * 2003-05-22 2004-12-09 Hitachi Ltd 携帯電話端末及びicカード及び管理装置及び決済端末及びicカード管理方法及びプログラム
JP2005018251A (ja) * 2003-06-24 2005-01-20 Renesas Technology Corp 乱数発生装置
JP2005115418A (ja) * 2003-10-02 2005-04-28 Toshiba Corp 駅務システム
JP2005244534A (ja) * 2004-02-26 2005-09-08 Hitachi Ltd 暗号通信装置および暗号通信方法
JP2006018687A (ja) * 2004-07-02 2006-01-19 Sony Corp 可搬型メモリ装置

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2009118327A (ja) * 2007-11-08 2009-05-28 Fuji Xerox Co Ltd 画像形成装置、プログラム、および媒体
US8411856B2 (en) 2007-11-08 2013-04-02 Fuji Xerox Co., Ltd. Image forming apparatus, computer readable medium and medium
JP2020145572A (ja) * 2019-03-06 2020-09-10 株式会社Ihi 通信装置、事前共有鍵の更新方法及び事前共有鍵の更新プログラム

Also Published As

Publication number Publication date
WO2007099717A1 (fr) 2007-09-07

Similar Documents

Publication Publication Date Title
US7389536B2 (en) System and apparatus for limiting access to secure data through a portable computer to a time set with the portable computer connected to a base computer
US8510572B2 (en) Remote access system, gateway, client device, program, and storage medium
JP4728120B2 (ja) ポータブル・データを保護するためのシステム及び方法
US8479013B2 (en) Secure portable data transport and storage system
US8918633B2 (en) Information processing device, information processing system, and program
US6173402B1 (en) Technique for localizing keyphrase-based data encryption and decryption
JP2008123490A (ja) データストレージデバイス
EP3525127B1 (fr) Système pour bloquer une attaque d&#39;hameçonnage ou de rançongiciel
WO2010061801A1 (fr) Ordinateur client pour protéger un fichier confidentiel, ordinateur serveur associé, procédé associé et programme d&#39;ordinateur
US20080320317A1 (en) Electronic device and information processing method
JP4998518B2 (ja) 情報処理装置、情報処理システム及びプログラム
US8677510B2 (en) System, method, and device for communicating and storing and delivering data
US7089424B1 (en) Peripheral device for protecting data stored on host device and method and system using the same
JP4084971B2 (ja) 電子データ交換システムにおけるデータ保護装置及びデータ保護方法並びにそれに用いるプログラム
JP4947562B2 (ja) 鍵情報管理装置
US8844054B2 (en) System, method, and device for communicating and storing and delivering data
JP2008005408A (ja) 記録データ処理装置
US20080080717A1 (en) Information processing apparatus, control method therefor and program
JP2007265400A (ja) 可搬型メモリ
WO2007099716A1 (fr) Système de communication de données et mémoire portable
US20070263868A1 (en) Method and apparatus for securely executing a background process
TW201738802A (zh) 用以防止檔案的未授權利用及控制存取的可卸式安全裝置及方法
US8448236B1 (en) System, method, and device for storing and delivering data
JP2005165900A (ja) 情報漏洩防止装置
JP4181246B2 (ja) ネットワークコンピューティグシステムに於ける暗号化システム、同システムに於ける暗号鍵管理方法、及び記憶媒体

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application
NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 07713539

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: JP