WO2007142072A1 - Terminal device and data managing system using the same - Google Patents

Terminal device and data managing system using the same Download PDF

Info

Publication number
WO2007142072A1
WO2007142072A1 PCT/JP2007/060855 JP2007060855W WO2007142072A1 WO 2007142072 A1 WO2007142072 A1 WO 2007142072A1 JP 2007060855 W JP2007060855 W JP 2007060855W WO 2007142072 A1 WO2007142072 A1 WO 2007142072A1
Authority
WO
WIPO (PCT)
Prior art keywords
data
identification information
terminal device
user
terminal
Prior art date
Application number
PCT/JP2007/060855
Other languages
French (fr)
Japanese (ja)
Inventor
Yukitoshi Maeda
Original Assignee
Heartland Co., Ltd.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Heartland Co., Ltd. filed Critical Heartland Co., Ltd.
Priority to JP2008520503A priority Critical patent/JPWO2007142072A1/en
Publication of WO2007142072A1 publication Critical patent/WO2007142072A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/72Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in cryptographic circuits
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/82Protecting input, output or interconnection devices
    • G06F21/85Protecting input, output or interconnection devices interconnection devices, e.g. bus-connected or in-line devices

Definitions

  • Terminal apparatus and data management system provided with the same
  • the present invention relates to a terminal device that is connected to a recording medium for storing data, encrypts and stores the data in the recording medium, a plurality of the terminal devices, and a management server that manages these terminal devices.
  • TECHNICAL FIELD OF THE INVENTION relating to a data management system connected via a telecommunication line
  • JP-A-9-204330 An encryption / decryption device as disclosed in the publication has been proposed.
  • This encryption / decryption device can encrypt or decrypt a specific file (data) selected by the user from among the files (data) stored therein. It is configured so that the user can encrypt the problematic file if known to a third party, so that even if the encrypted file leaks outside, the encrypted file Information about the file will not be leaked.
  • Patent Document 1 Japanese Patent Laid-Open No. 9 204330
  • the present invention has been made in view of the above circumstances, and can perform data encryption and decryption without bothering the user, and more reliably leak information. It is an object of the present invention to provide a terminal device that can be prevented, and a data management system including the same.
  • the present invention provides:
  • a terminal device to which a recording medium for storing data is connected, a reading process for reading data stored in the recording medium, an editing process for editing the read data, and a document for writing the edited data to the recording medium In a terminal device equipped with an editing processing unit that performs embedding processing,
  • the editing processing unit executes the writing process
  • the edited data is encrypted and stored in the recording medium instead of the editing processing unit.
  • the editing processing unit executes the reading processing, instead of the editing processing unit, the encrypted data to be read is read from the recording medium, and the read data is decrypted and provided to the editing processing unit.
  • the present invention relates to a terminal device characterized by further comprising a data management unit that performs encryption and decryption processing.
  • the user After a recording medium is connected to the terminal device, the user performs an editing operation on the data stored in the recording medium as appropriate. Alternatively, editing work of data stored in a recording medium connected in advance to the terminal device is appropriately performed.
  • the recording medium stores, for example, data relating to documents, sounds, images, computer programs, and the like, which has been previously encrypted (encrypted data).
  • the data management unit that monitors the processing in the editing processing unit confirms that the reading processing is executed by the editing processing unit, the encryption key to be read instead of the editing processing unit.
  • Data is read from the recording medium, and the read data is decrypted and provided to the editing processing section.
  • the data management unit replaces the editing processing unit with the edited data.
  • the data is encrypted and stored in a recording medium.
  • the data read by the editing processing unit is decrypted by the encryption / decryption processing of the data management unit, and the data written by the editing processing unit is encrypted.
  • the user can perform data encryption or decryption without any special operation.
  • the data management unit automatically encrypts the data. Since the data is decrypted and the edited data is automatically encrypted, the data can be easily decrypted and encrypted without any troublesome operation. In addition, since the data in the recording medium is encrypted, the third party recognizes the contents of the data even if the data leaks to the outside or the recording medium reaches the third party. This information cannot be leaked to the outside.
  • the terminal device further includes a terminal-side medium identification information storage unit that stores medium identification information based on unique information of the connected recording medium, and the data management unit stores the data described above.
  • the medium identification information of the target recording medium is stored by checking whether it is stored in the terminal-side medium identification information storage unit. If it is determined that the data is encrypted, the data is encrypted and stored, or the data is read and decrypted.
  • the data management unit encrypts the data and the recording medium only when the medium identification information of the target recording medium is stored in the terminal-side medium identification information storage unit.
  • data is read from the recording medium and decoded. Therefore, data is read by storing (registering) the medium identification information of the recording medium connected to the terminal device (used by the terminal device) in advance in the terminal-side medium identification information storage unit. It is possible to manage and restrict the recording media to be read or written, and to prevent important information from being taken out to the outside or unnecessary data from being brought in, thereby improving security.
  • the recording medium stores encrypted data in the first folder, and decrypted data is stored in the second folder.
  • the data management unit is externally input. Is When a signal for decrypting the specific encrypted data in the first folder is received, the encrypted data corresponding to the received signal is decrypted to generate new data, and the generated decryption is performed. It may be configured to further perform a decryption data generation process for storing digital data in the second folder.
  • the data management unit encrypts and decrypts the data using terminal identification information based on unique information (for example, a CPU number, a hard disk number, etc.) of the terminal device as a key. It may be configured to perform. In this way, since the terminal identification information differs for each terminal device, data editing (data encryption and decryption) cannot be performed except for the terminal device, and the data stored in the recording medium cannot be edited. Protection can be tightened.
  • unique information for example, a CPU number, a hard disk number, etc.
  • the present invention also provides:
  • a data management system in which a plurality of the terminal devices and a management server that manages each terminal device are connected via an electric communication line,
  • Terminal identification information set for each user to identify the user, and the terminal device Terminal identification information based on device specific information, and stored in association with terminal identification information related to at least one terminal device used by the user
  • the received user identification information and the terminal identification information transmitted from the terminal device are stored in the user information storage unit.
  • An authentication processing unit that confirms whether or not the V is valid and transmits an execution permission signal to the terminal device when it is determined that the device is stored.
  • a process for confirming whether or not the encryption / decryption process is executed accepting the user identification information input from the outside, and generating the terminal identification information of the terminal device;
  • the received user identification information and the generated terminal identification information are transmitted to the management server, and the confirmation process for receiving the execution permission signal transmitted from the management sano is performed periodically or irregularly.
  • the present invention relates to a data management system configured to execute the encryption / decryption process until the next confirmation process is performed when an execution permission signal is received.
  • the confirmation process is executed by the data management unit periodically or irregularly (for example, when the terminal device is activated or when a predetermined time comes). Specifically, the data management unit first receives user identification information input from an external force, generates terminal identification information of the terminal device, and manages the received user identification information and the generated terminal identification information. Send to server.
  • the user identification information and the terminal identification information transmitted from the terminal device are received by the authentication processing unit, and the authentication processing unit that receives them receives the received user identification information and the terminal identification information from the user information storage unit. If it is determined that it is stored, the execution permission signal is transmitted to the terminal device.
  • the execution permission signal transmitted from the management server is received by the data management unit, The data management unit that has received the encryption / decryption process until the next confirmation process is performed.
  • the data management unit performs the confirmation process periodically or irregularly, so that the user who uses the terminal device satisfies the use conditions. Therefore, it is possible to more reliably prevent information leakage by managing access to data stored in the recording medium by the management server.
  • authentication is performed based on different terminal identification information for each terminal device including only user identification information, unauthorized use of the terminal device can be prevented more reliably, and the data stored in the recording medium can be prevented. Safety can be further enhanced.
  • the management server further includes a server-side medium identification information storage unit that stores medium identification information of a recording medium connected to each terminal device, and the authentication processing unit receives the execution permission signal.
  • the medium identification information stored in the server-side medium identification information storage unit is configured to be transmitted together with the execution permission signal, and the data management unit is configured to transmit the execution permission signal from the management server.
  • the received medium identification information may be stored in the terminal-side medium identification information storage unit.
  • the medium identification information of the recording medium connected to each terminal device or connected in advance to each terminal device is stored (registered) in the server-side medium identification information storage unit in advance.
  • the medium identification information stored in the server-side medium identification information storage unit is transmitted to the terminal device together with the execution permission signal by the authentication processing unit. Then, the transmitted medium identification information is received by the data management unit and stored in the terminal-side medium identification information storage unit. Therefore, the management server can manage and restrict the recording medium from which data is read or written, thereby increasing the security of the data management system.
  • the data management unit may be configured to erase the decrypted data in the second folder when the confirmation process is executed. In this way, the data in the second folder can be automatically (forcedly) deleted to prevent information leakage more reliably.
  • Permission information regarding whether to permit execution of the process is further stored in association with the user identification information, and the authentication processing unit
  • the user identification information and the terminal identification information are received from the device, the user identification information and the terminal identification information are obtained by referring to the data stored in the user information storage unit based on the received user identification information and the terminal identification information. And confirming whether or not the permission information associated with the received user identification information permits the execution of processes other than the confirmation process. Identification information and terminal identification information are stored, and execution of processes other than the confirmation process is permitted!
  • the management server is configured to transmit the execution permission signal to the terminal device when it is determined that the device is to be called, and the management server is configured to transmit the permission information associated with user identification information relating to a specific user, which is input from an external force. It may further comprise a user information update unit that receives update information for changing or updating the information and updates the permission information stored in the user information storage unit based on the received update information.
  • the authentication processing unit confirms whether the user identification information received from the terminal device and the terminal identification information are stored in the user information storage unit, and the user It is confirmed whether or not the permission information associated with the identification information permits execution of processes other than the confirmation process, the user identification information and the terminal identification information are stored, and the execution of processes other than the confirmation process is permitted.
  • the execution permission signal is transmitted to the terminal device only when it is received.
  • the user of the terminal device or the creator of the data stored in the recording medium is managed by operating the terminal device as appropriate, such as another terminal device or a mobile phone terminal capable of data communication. Tubes that have been sent to or contacted by the user or creator The operator of the management server inputs update information to the management server and updates the update information for the specific user by the user information update unit, thereby executing processing other than the confirmation processing in the terminal device for the specific user. Can be permitted or not permitted, and the data in the recording medium can be managed more flexibly. Specifically, for example, if the permission information is changed to prohibit the execution of processes other than the confirmation process when the terminal device or recording medium is in the hands of a third party, Data can be effectively prevented from being viewed, altered or copied by a third party.
  • the authentication processing unit is configured to transmit a key used in the encryption / decryption processing together with the execution permission signal when transmitting the execution permission signal to the terminal device,
  • the data management unit may be configured to perform encryption and decryption of the data using the received key.
  • the data management unit since the data management unit performs data encryption / decryption using the key transmitted from the management server, it is not managed by the management server (the management server).
  • the terminal device cannot be encrypted or decrypted because it is connected to the server, and the leakage of information related to the data stored in the recording medium can be more effectively prevented.
  • the terminal devices managed by the management server can share the key and access data in the recording medium with any terminal device power.
  • the data management unit is configured to encrypt and decrypt the data using the key received from the management server and the unique data identification information set for each data as a key. May be. In this way, the same effects as described above can be obtained, and the data stored in the recording medium can be more securely protected.
  • the authentication processing unit transmits the user identification information and the terminal identification information stored in the user information storage unit together with the execution permission signal.
  • the terminal device further includes a key information storage unit that stores user identification information and terminal identification information transmitted from the management server, and the data management unit receives the execution permission signal, the user from the management server, Identification information
  • the terminal identification information is received, the received user identification information and terminal identification information are associated and stored in the key information storage unit, and when the data is encrypted and stored, the terminal of the terminal device is stored.
  • the identification information is encrypted as an encryption key, and the encrypted data is stored including the user identification information of the user who uses the terminal device, while the data stored in the recording medium is read and decrypted. Recognizes the terminal identification information associated with the user identification information and stored in the key information storage unit based on the user identification information included in the data, and uses the recognized terminal identification information as a decryption key. It may be configured to decrypt.
  • the execution permission signal when the execution permission signal is transmitted to the terminal device by the authentication processing unit, the user identification information and the terminal identification information stored in the user information storage unit are also transmitted and transmitted.
  • the user identification information and the terminal identification information received by the data management unit are stored in the key information storage unit in association with each other.
  • the data management unit encrypts the terminal identification information of the terminal device as an encryption key and stores the encrypted data in the encrypted data.
  • the user identification information of the user who uses the terminal device is included and stored.
  • the terminal identification information stored in the key information storage unit is associated with the user identification information based on the user identification information included in the data. And decrypt the data using the recognized terminal identification information as the decryption key.
  • data is encrypted using the terminal identification information of the terminal device used by the user, and encrypted using the user identification information and terminal identification information (key information) transmitted from the management server.
  • key information transmitted from the management server.
  • the management server generates log information for the processing in the authentication processing unit.
  • a server-side log information generation unit, and a log information storage unit that stores the log information generated by the server-side log information generation unit, or the terminal device performs processing in the data management unit.
  • a terminal-side log information generating unit that generates the log information and transmits the generated log information to the management server, wherein the management server stores the log information;
  • a log information receiving unit that receives the log information transmitted from the terminal-side log information generation unit and stores the received log information in the log information storage unit may be further provided.
  • Examples of the recording medium include a non-portable built-in hard disk, a portable USB memory, a memory card, FD, MO, CD, DVD, and an external hard disk.
  • the force that can be used is not limited to these.
  • the built-in hard disk includes those provided in the file server in addition to those provided in the terminal device itself.
  • the encrypted data is automatically decrypted, and the edited data is automatically encrypted. And encryption can be performed easily and without complicated operations. Further, since the data in the recording medium is encrypted, it is possible to prevent information related to the data from leaking.
  • the user who uses the terminal device appropriately checks whether or not the usage conditions are satisfied, and therefore, the access to the data stored in the recording medium is possible. Information leakage can be prevented more reliably.
  • authentication is performed based on user identification information and terminal identification information! /, Unauthorized use of the terminal device can be prevented more reliably, and the safety of the data stored in the recording medium can be further improved. be able to.
  • FIG. 1 is a block diagram showing a schematic configuration of a data management system according to an embodiment of the present invention.
  • FIG. 2 is a block diagram showing a schematic configuration of a management server of the present embodiment.
  • FIG. 3 is a block diagram showing a schematic configuration of a terminal device according to the present embodiment.
  • FIG. 4 is a data table showing data stored in the user information storage unit of the present embodiment.
  • FIG. 5 is an explanatory diagram for explaining data stored in the recording medium of the present embodiment.
  • FIG. 6 is a flowchart showing a series of processes in the encryption / decryption process of the present embodiment.
  • FIG. 7 is a flowchart for explaining confirmation processing and the like in the present embodiment.
  • FIG. 8 is a flowchart for explaining confirmation processing and the like in the present embodiment.
  • FIG. 9 is a block diagram showing a schematic configuration of a terminal apparatus according to another embodiment of the present invention.
  • FIG. 10 is a flowchart showing a series of processing in encryption / decryption processing according to another embodiment of the present invention.
  • FIG. 1 is a block diagram showing a schematic configuration of a data management system according to an embodiment of the present invention.
  • FIG. 2 is a block diagram showing a schematic configuration of a management server according to the embodiment.
  • FIG. 3 is a block diagram showing a schematic configuration of the terminal device according to the present embodiment.
  • the data management system 1 of this example includes a plurality of terminal devices 6, a management server 7 that manages each terminal device 6, and a file server 8 that stores data. And are connected to each other via the Internet 5.
  • the management server 7 includes a user information storage unit 11, a user information registration unit 12, a user information update unit 13, a medium information storage unit 14, a medium information registration unit 15, an authentication processing unit 16. , A log information generation unit 17, a log information reception unit 18, a log information storage unit 19, a communication interface 20, and the like, and is connected to the Internet 5 through the communication interface 20.
  • a user ID and password (user identification information) that are set for each user and identify the user, and unique information of the terminal device 6 (for example, the CPU number and the number) Terminal ID (terminal identification information) based on at least one terminal device 6 used by the user, and encryption / decryption processing and decryption in the terminal device 6 It is stored in association with permission information regarding whether or not it is permitted to execute the key data generation process (see FIG. 4).
  • the user information registration unit 12 stores (registers) the user ID, password, terminal ID, and permission information in the user information storage unit 11. Specifically, for example, it communicates with each terminal device 6 connected to the management server 7, receives the user ID, password and terminal ID from each terminal device 6, and receives the received user ID, password and terminal.
  • the ID and the permission information are stored in the user information storage unit 11.
  • the permission information is initially set to execute permission. Further, the user information registration unit 12 transmits a community ID set in advance for the management server 7 to each terminal device 6 when communicating with each terminal device 6. When registering a user ID or the like, the operator of the management server 7 may input the registration information to the user information storage unit 11 via the user information registration unit 12.
  • the user information update unit 13 receives update information for changing or updating the permission information associated with a user ID related to a specific user, which is input from the outside, and based on the received update information. In addition, the permission information stored in the user information storage unit 11 is updated.
  • the medium information storage unit 14 includes a recording medium 22 connected to each terminal device 6, recording media 31, 32 connected to each terminal device 6, and a recording medium provided in the file server 8. 8a, that is, a medium ID (medium identification information) based on the unique information of all the recording media 8a, 22, 31, 32 used by each terminal device 6 is stored.
  • a medium ID medium identification information
  • the medium information registration unit 15 performs a process of storing (registering) the medium ID in the medium information storage unit 14. Specifically, for example, it communicates with each terminal device 6 or a specific terminal device 6, receives the medium ID of the recording medium 8a, 22, 31, 32 from the terminal device 6, and uses the received medium ID as the medium. Store in the information storage unit 14.
  • the operator of the management server 7 may input the medium ID into the medium information storage unit 14 via the medium information registration unit 15.
  • the recording medium 8a of the file server 8 is registered by receiving the medium ID from the specific terminal device 6 and communicating between the management server 7 and the file server 8. You may do it.
  • the authentication processing unit 16 receives the user ID, password, community ID, and terminal ID transmitted from the terminal device 6, and the received user ID, password, and terminal ID are the user.
  • the process of confirming whether or not it is stored in the information storage unit 11 and whether or not the received community ID matches the community ID set in advance for the management server 7 is confirmed.
  • the log information generation unit 17 generates log information related to the processing in the authentication processing unit 16, stores the generated log information in the log information storage unit 19, and the log information reception unit 18 The log information transmitted from the terminal device 6 is received, and the received log information is stored in the log information storage unit 19.
  • the file server 8 includes a recording medium 8a such as a magnetic disk, for example, and is configured to store data in the recording medium 8a.
  • This recording medium 8a is, for example, data relating to a document, sound, image, computer program, etc., and is unique to the community ID and set by the operating system of the terminal device 6 at the time of data generation, for example. Data encrypted using the data ID (data identification information) as an encryption key is stored.
  • the terminal device 6 includes a data storage unit 21, an edit processing unit 24, a medium information storage unit 25, a data input / output unit 26, a data management unit 27, a log information generation unit 28, A communication interface 29 and an input / output interface 30 are provided, and the communication interface 29 is connected to the Internet 5.
  • the data storage unit 21 includes, for example, a recording medium 22 such as a magnetic disk, and a drive device 23 that reads / writes data from / to the recording medium 22.
  • the recording medium 22 has an area for storing encrypted data (encrypted data) and an area for storing decrypted data (decrypted data).
  • the encryption key data is classified and stored in the encryption key data folder (first folder), and the decrypted data is classified in the decryption data folder (second folder).
  • the encrypted data folder 2 In la, as with the recording medium 8a, for example, data relating to documents, sounds, images, computer programs, etc., and data encrypted using the community ID and data ID as an encryption key are stored. Is done.
  • data is stored in the encrypted data folder 21a as follows, for example. That is, when a program for causing the terminal device 6 to function as the data storage unit 21 and the data management unit 27 is installed, the encrypted data folder 21a and the decrypted data folder 21b are generated and the recording medium 22
  • the data (encrypted, unencrypted) stored in is encrypted and encrypted, and the data is replaced with the encrypted data, and the replaced data (encrypted Data) is stored in the encryption key data folder 21a.
  • encrypting data it is possible to encrypt only the designated data.
  • the input / output interface 30 is configured to be connectable with recording media 31, 32 such as a USB memory, a memory card, FD, MO, CD, DVD, and an external hard disk.
  • the recording medium 31 is directly connected to the input / output interface 30, and the recording medium 32 is connected to this via an appropriate drive device 33 for reading and writing data.
  • the recording media 31 and 32 are similar to the recording media 8a and 22, for example, data relating to documents, sounds, images, computer programs, etc., and the community ID and data ID are stored in the recording media 31 and 32, respectively.
  • the encrypted data is stored as the encryption key.
  • the edit processing unit 24 is provided in the recording medium 22 connected to the terminal device 6, the recording media 31, 32 connected to the terminal device 6, and the file server 8 according to various application programs.
  • the data stored in the recording medium 8a is edited. Specifically, a read process for reading data from the recording media 8a, 22, 31, and 32 through an read command of the operating system, an edit process for editing the read data, and the edited data are written to the operating system. And write processing to write to the recording media 8a, 22, 31, 3 2 through the embedded command.
  • data is read and written by the drive devices 23 and 33.
  • the medium information storage unit 25 stores a medium ID transmitted from the management server 7.
  • the data input / output unit 26 receives data input from the outside and receives the recording medium 8a, 22, 31, 32 [Inside the storage thread or recording media 8a, 22, 31, 32 [Outside output of the data stored in this storage thread (for example, to other terminal devices 6 via the Internet 5) Send or copy to a recording medium as appropriate).
  • the data management unit 27 executes three processes described below, that is, an encryption / decryption process, a decrypted data generation process, and a confirmation process.
  • the process in the editing processing unit 24 is monitored, and when the editing processing unit 24 executes the reading process, it reads out instead of the editing processing unit 24.
  • Data to be read from the recording media 8a, 22, 31, 32, and the read data is decrypted and provided to the editing processing unit 24, while the editing processing unit 24 executes the writing process.
  • the edited data is encrypted and stored in the recording media 8a, 22, 31, 32.
  • the medium ID of the target recording medium 8a, 22, 31, 32 is stored in the medium information storage unit 25. If it is determined whether or not it is stored, the encrypted data is read or the edited data is encrypted and stored.
  • Step Sl the editing processing unit 24 executes the reading process or the writing process. This can be determined, for example, by the force that hooks the read or write command of the operating system.
  • step S1 the medium ID of the recording medium 8a, 22, 31, 32 to be read or written is set. Recognize (step S2) and confirm whether or not the recognized medium ID is stored in the medium information storage unit 25 (step S3).
  • step S4 When it is determined that the data is stored in step S3, it is confirmed whether the editing processing unit 24 executes the reading process or the writing process (step S4). For example, it is possible to grasp which process is executed by confirming which one of the read instruction and the write instruction of the operating system is hooked in step S1.
  • step S4 If it is determined in step S4 that read processing is to be executed, the community ID and the read After recognizing the data ID of the encrypted data to be extracted as key information (step S5), the encrypted data to be read is read from the recording media 8a, 22, 31, 32, and the read encrypted data is The recognized community ID and data ID are written into the temporary file while being decrypted as a decryption key (step S6).
  • the edit processing unit 24 refers to the data written in the temporary file and enables the edit processing.
  • step S4 if it is determined in step S4 that the writing process is to be executed, the community ID and the data ID of the edited data to be written are recognized as key information (step S7) and then recognized.
  • the edited data is encrypted using the community ID and data ID as encryption keys and stored in recording media 8a, 22, 31, 32.
  • step S3 If it is determined that it is stored in step S3, an error message is displayed on the display of the terminal device 6 (step S9).
  • an externally input signal for decrypting specific encrypted data in the encrypted data folder 21a is received, and an encryption corresponding to the received signal is received.
  • the decrypted data is decrypted to generate new data, and the generated decrypted data is stored in the decrypted data folder 2 lb.
  • the confirmation process it is necessary to confirm whether or not the encryption 'decryption process is executed and whether or not it is possible to execute the decryption data generation process.
  • the ID and terminal ID are transmitted to the management server 7, the execution permission signal and the medium ID transmitted from the management server 7 are received, and the received medium ID is stored in the medium information storage unit 25.
  • the data management unit 27 is configured to perform the confirmation processing periodically or irregularly (for example, when the terminal device 6 is activated or when a predetermined time comes), and the execution is performed.
  • the permission signal and the medium ID are received from the management server 7, the encryption / decryption process is executed and the decryption data generation process is made executable.
  • the log information generation unit 28 generates and generates log information related to processing in the data management unit 27 (for example, decrypted data generation processing and confirmation processing) and processing in the data input / output unit 26. Processing to send log information to the management server 7 is performed.
  • each terminal device 6 the user who uses each of them appropriately edits the data stored in the recording media 8a, 22, 31, 32 (for the recording media 22, the encrypted data folder 21a).
  • the data management unit 27 that monitors the processing in the editing processing unit 24 recognizes that the reading processing is executed by the editing processing unit 24
  • the recording medium 8a, 22, 31, to be read is read. If it is determined whether or not 32 medium IDs are stored in the medium information storage unit 25 and it is determined that they are stored, the encrypted data to be read is stored in the recording medium instead of the editing processing unit 24. 8a, 22, 31 and 32 are read, and the read data is decrypted and provided to the editing processing unit 24.
  • the data management unit 27 recognizes that the writing processing is executed by the editing processing unit 24, first, the medium ID of the recording medium 8a, 22, 31, 32 to be written is stored in the medium information storage unit. If it is determined whether the data is stored in the storage medium 25 and if it is determined that the data is stored, the edited data is encrypted instead of the editing processing unit 24 and the recording medium 8a, 22, 31, 32 To store. Data decryption and encryption are performed using the community ID and data ID as keys.
  • the data read by the editing processing unit 24 is decrypted by the encryption / decryption processing of the data management unit 27, and the data written by the editing processing unit 24 is encrypted.
  • the user can perform data encryption and decryption without any special operation.
  • the user transmits data stored in the encrypted data folder 21a of the recording medium 22 to a terminal device (not shown) other than the terminal device 6 connected to the management server 7.
  • a signal for decrypting specific encrypted data in the encrypted data folder 21a input to the external terminal device 6 is received by the data management unit 27, and the received signal is received.
  • the encrypted data corresponding to is decrypted to generate new data, and the generated decrypted data is stored in the decrypted data folder 2 lb.
  • the data decoded in this way is transmitted by the data input / output unit 26 to the terminal device (FIG. (Not shown). Since the receiver of the data has received the decrypted data, the information related to the data can be recognized without any inconvenience.
  • the user can copy the data stored in the recording media 8a, 22, 31, 32 to the other recording media 8a, 22, 31, 32 or other terminals under the control of the data input / output unit 26. Can be sent to device 6.
  • the data management unit 27 executes the confirmation process regularly or irregularly, and manages the execution of the encryption and decryption processes. Specifically, a series of processes as shown in FIGS. 7 and 8 are executed.
  • a user ID and password input screen is displayed on the display of the terminal device 6 (step Sl 1). Thereafter, the user ID and password input to the terminal device 6 by the user are accepted, the community ID set in advance for the management server 7 to which the terminal device 6 is connected is recognized, and the terminal ID of the terminal device 6 is recognized. Is generated, and the received user ID and password, recognized community ID, and generated terminal ID are transmitted to the management server 7 (step S12).
  • the transmitted user ID, password, community ID, and terminal ID are received by the authentication processing unit 16 of the management server 7 (step S13), and the received user ID, password, and terminal ID are stored in the user information storage unit 11 And whether the received community ID matches the community ID set in advance for the management server 7 or not is checked (step S 14).
  • step S14 If it is determined in step S14 that the user ID, password, and terminal ID are stored and the community ID is correct, then the user information storage unit 11 is associated with the user ID. Confirm whether or not the permission information (permission information for the user associated with the user ID) stored in the field permits the execution of encryption / decryption data processing and decryption data generation processing (Step S15).
  • step S 15 If it is determined in step S 15 that execution of the encryption / decryption process and the decrypted data generation process is permitted, the execution permission signal and the medium stored in the medium information storage unit 14 The ID is transmitted to the terminal device 6 (step S16).
  • step S14 it is determined that the user ID, password, and terminal ID are stored. Or if it is determined that the community ID is not correct, and it is determined in step S15 that the execution of the encryption / decryption process and the decrypted data generation process is permitted. In this case, an error signal is generated and transmitted to the terminal device 6 (step S17).
  • step S18 The execution permission signal and medium ID transmitted in step S16 or the error signal transmitted in step S17 is received by the data management unit 27 of the terminal device 6 (step S18), and the execution permission signal and medium ID are received. Alternatively, it is confirmed which of the error signals has been received (step S19).
  • step S19 If it is determined in step S19 that the execution permission signal and the medium ID have been received, the received medium ID is stored in the medium information storage unit 25 (step S20), and then the decryption data folder The data in 21b is erased (step S21) .After that, the encryption / decryption process is executed, and the decrypted data generation process is enabled (step S22). The process ends.
  • step S19 if it is determined in step S19 that an error signal has been received, the data in the decryption data folder 21b is erased (step S23), and the series of processing ends.
  • the edit processing unit 24 reads the encrypted data stored in the recording media 8a, 22, 31, 32, the encrypted data Is not decrypted and the user cannot edit the data.
  • the log information generation unit 28 of the terminal device 6 generates and generates log information related to the decryption data generation processing and confirmation processing in the data management unit 27 and the processing in the data input / output unit 26
  • the log information is transmitted to the management server 7, and the transmitted log information is received by the log information receiving unit 18 of the management server 7 and stored in the log information storage unit 19.
  • the log information generation unit 17 of the management server 7 generates log information related to the processing in the authentication processing unit 16, and the generated log information is stored in the log information storage unit 19.
  • the editing processing unit 24 reads data from the recording media 8a, 2 2, 31, 32, and writes data to the recording media 8a, 22, 31, 32.
  • the encrypted data is automatically decrypted by the data management unit 27 and the edited data is automatically encrypted, it is easy and troublesome to decrypt and encrypt the data. This can be done without any troublesome operations.
  • the data in the recording media 8a, 22, 31, 32 is encrypted, the data leaks to the outside or the recording media 8a, 22, 31, 31, 32 are in the hands of third parties. Even if it is passed, the contents of the data cannot be recognized by a third party, and the information related to the data will not leak to the outside.
  • the data management unit 27 performs the confirmation process regularly or irregularly, it is possible to confirm whether or not the user using the terminal device 6 satisfies the usage conditions.
  • Access to the data stored in the recording media 8a, 22, 31, 32 can be managed by the management server 7 to prevent information leakage more reliably.
  • authentication is performed based on a different terminal ID for each terminal device 6 that includes only the user ID and password, unauthorized use of the terminal device 6 can be prevented more reliably, and the recording media 8a, 22, The safety of the data stored in 31 and 32 can be further increased.
  • the data management unit 27 stores the data in the recording media 8a, 22, 31 and 32, and stored in recording media 8a, 22, 31, and 32. Therefore, it is possible to manage and restrict the recording media 8a, 22, 31, and 32 for reading and writing data. Security can be improved by preventing information from being taken outside and unnecessary data from being brought in.
  • the permission information stored in the user information storage unit 11 can be updated by the user information update unit 13, for example, the user of the terminal device 6 and the recording media 8a, 22, 3 1,
  • the creator of the data stored in 32 sends the update information to the management server 7 by operating the terminal device as appropriate, such as another terminal device 6 or a mobile phone terminal capable of data communication.
  • the user information update unit 13 updates the update information for the specific user, and the terminal device for the specific user Other than the confirmation process in 6
  • the execution of this process can be permitted or not permitted, and the data in the recording media 8a, 22, 31, 32 can be managed more flexibly.
  • the permission information is changed to prohibit the execution of processes other than the confirmation process. It is possible to effectively prevent the data in the recording media 8a, 22, 31, 32 from being viewed, altered or copied by a third party.
  • the data management unit 27 performs encryption and decryption using the community ID transmitted from the management server 7 and the data ID of the data to be read or written as keys
  • the terminal device 6 that is not managed by the management server 7 (when connected to the management server 7) cannot perform data encryption / decryption, and the recording media 8a, 22, 31 , 32 can be more effectively prevented from leaking information stored in it.
  • the terminal device 6 managed by the management server 7 can share the key (community ID) and access the data in the recording media 8a, 22, 31, 32 from any terminal device 6. .
  • the decrypted data can be generated by the decrypted data generation process of the data management unit 27, it is convenient when the user takes out the encrypted data to the outside. Also, since the encryption key data is stored in the encryption key data folder 21a and the decryption key data is stored in the decryption key data folder 21b, the encrypted data power and the decrypted data are stored. Can be easily determined. Further, since the decrypted data is not generated unless the user performs a specific operation, the terminal device 6 and the recording media 8a, 22, 31, 32 are transferred to a third party, or the recording media 8a, 22, Even if the data in 31 and 32 is leaked to the outside, the leakage of information can be minimized.
  • the log information related to the processing in the authentication processing unit 16 is configured to be stored in the log information storage unit 19, it is stored in the log information storage unit 19.
  • the log information storage unit 19 By analyzing the recorded log information, for example, when the terminal device 6 This can be used to understand when the decryption data generation process was performed, what data was decrypted, what information might have been leaked, and so on.
  • the community ID and the data ID are used as keys for encryption and decryption. good.
  • the terminal device 6 further includes a key information storage unit 34.
  • the key information storage unit 34 stores key information transmitted from the management server 7.
  • the user ID and the terminal ID are stored in association with each other.
  • step S16 the authentication processing unit 16 is configured to transmit the user ID and terminal ID stored in the user information storage unit 11 to the terminal device 6 as key information, and the data management The unit 27 is configured to store the user ID and the terminal ID received from the management server 7 in the key information storage unit 34 in association with each other in step S20.
  • the data management unit 27 performs a series of processes as shown in FIG. 10 to execute an encryption / decryption process. That is, first, by monitoring the process in the edit processing unit 24, it is confirmed whether or not the edit processing unit 24 executes the reading process or the writing process (step S31). The medium ID of the recording medium 8a, 22, 31, 32 to be read or written is recognized (step S32), and whether or not the recognized medium ID is stored in the medium information storage unit 25 is checked. Confirm (step S33).
  • step S34 the editing processing unit 24 checks whether the reading process or the writing process is executed. In this case, after the encrypted data to be read is read from the recording media 8a, 22, 31, 32 (step S35), the user ID incorporated in the head portion of the read data is recognized and recognized. Based on the user ID, the terminal ID associated with the user ID and stored in the key information storage unit 34 is recognized, and further the community ID is recognized ( In step S36), the read data is decrypted and written to a temporary file using the recognized terminal ID and community ID as a decryption key (step S37). The editing processing unit 24 refers to the data written in the temporary file and enables the editing process.
  • step S34 if it is determined in step S34 that the writing process is to be executed, the terminal ID and community ID of the terminal device 6 are recognized, and the user ID of the user who uses the terminal device 6 is recognized.
  • Step S38 the edited data is encrypted using the recognized terminal ID and community ID as an encryption key, and the recognized user ID is incorporated into the header portion of the data to record media 8a, 22 , 31, 32 (Step S39
  • step S40 If it is determined that it is stored in step S33, an error message is displayed on the display of the terminal device 6 (step S40).
  • the data management unit 27 recognizes the medium ID of the recording medium 8a, 22, 31, 32 to be read or written in step S2 or step S32, and performs step S3 or step S32.
  • the power to confirm whether or not the recognized medium ID is stored in the medium information storage unit 25 is not limited to this, and these processes may be omitted.
  • the management server 7 and the terminal device 6 may be configured as follows. That is, when the authentication processing unit 16 of the management server 7 transmits the medium ID and the key information together with the execution permission signal in the above step 16, the recording medium that stores unencrypted data that is registered in advance as appropriate is stored. 31 and 32 medium IDs and a read-only key used when reading data stored in the recording media 31 and 32 are transmitted to the terminal device 6. On the other hand, the data management unit 27 of the terminal device 6 stores the recording medium 3 1, 32 storing the unencrypted data received from the management server 7 when storing the medium ID and key information in step S20.
  • the read-only key used when reading the data stored in the recording medium 31 and 32 and the data stored in the recording media 31 and 32 is appropriately stored in the storage unit.
  • the data management unit 27 determines that the editing processing unit 24 executes the reading process or the writing process and recognizes the medium ID of the recording medium 31 or 32 to be read or written, the data ID However, if it is determined that it matches the medium ID of the recording media 31 and 32 in which the unencrypted data is stored, after the data to be read is read from the recording media 31 and 32, the read data is Write to temporary file while converting with read-only key.
  • the read-only key is a key for converting data that has not been encrypted without being encrypted.
  • the data management unit 27 when the data management unit 27 receives a specific signal input from the outside during the confirmation process, the data management unit 27 does not perform communication (authentication) with the management server 7, and the input signal
  • the encryption / decryption process may be executed and the decrypted data generation process may be executed for a time corresponding to This is convenient when the terminal device 6 is used offline.
  • the icons may be displayed differently for the encryption key data and the decryption key data.
  • the terminal device 6 may be provided offline with the management server 7 that does not necessarily need to be managed by the management server 7. However, in this case, the user needs to update the data stored in the medium identification information storage unit 25 and the key information storage unit 34 as appropriate.
  • the present invention is capable of performing data encryption and decryption without bothering the user, and a terminal device that can more reliably prevent information leakage, and It is suitable as a data management system provided.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Mathematical Physics (AREA)
  • Storage Device Security (AREA)

Abstract

Provided is a terminal device capable of encrypting and decrypting data without troubling a user. The terminal device (6) includes an edition processing unit (24) and a data managing unit (27). The edition processing unit (24) performs a read process for reading out data, an edition process for editing the read out data, and a write process for writing the edited data. The data managing unit (27) monitors a process in the edition processing unit (24). When the edition processing unit (24) executes the write process, the data managing unit (27) encrypts the data after edited and stores the encrypted data in recording media (22, 31, 32) instead of the edition processing unit (24). When the edition processing unit (24) executes the read process, instead of the edition processing unit (24), the data managing unit (27) reads out the encrypted data to be read from the recording media (22, 31, 32), decrypts the read out data, and supplies it to the edition processing unit (24).

Description

明 細 書  Specification
端末装置及びこれを備えたデータ管理システム  Terminal apparatus and data management system provided with the same
技術分野  Technical field
[0001] 本発明は、データを記憶する記録媒体が接続され、当該記録媒体にデータを暗号 化して格納する端末装置、及び当該端末装置の複数台と、これら各端末装置を管理 する管理サーバとが電気通信回線を介して接続されたデータ管理システムに関する 背景技術  The present invention relates to a terminal device that is connected to a recording medium for storing data, encrypts and stores the data in the recording medium, a plurality of the terminal devices, and a management server that manages these terminal devices. TECHNICAL FIELD OF THE INVENTION relating to a data management system connected via a telecommunication line
[0002] 近年、コンピュータ内に格納されたデータが外部に流出し、秘密情報が外部に漏 れるといった問題が頻発しており、このような問題に対応すベぐ例えば、特開平 9— 204330号公報に開示されたような暗号化,復号ィ匕装置が提案されている。  In recent years, there has been a frequent problem that data stored in a computer has leaked to the outside and secret information has been leaked to the outside. For example, JP-A-9-204330 An encryption / decryption device as disclosed in the publication has been proposed.
[0003] この暗号化,復号化装置は、これに格納されたファイル (データ)の内、ユーザによ つて選択された特定のファイル (データ)を暗号ィ匕したり、復号ィ匕することが可能に構 成されたもので、ユーザは、第 3者に知られると問題のあるファイルを暗号ィ匕しておく ことで、当該暗号ィ匕ファイルが外部に流出したとしても、当該暗号ィ匕ファイルに係る情 報が漏洩することはない。  [0003] This encryption / decryption device can encrypt or decrypt a specific file (data) selected by the user from among the files (data) stored therein. It is configured so that the user can encrypt the problematic file if known to a third party, so that even if the encrypted file leaks outside, the encrypted file Information about the file will not be leaked.
[0004] 特許文献 1 :特開平 9 204330号公報  [0004] Patent Document 1: Japanese Patent Laid-Open No. 9 204330
発明の開示  Disclosure of the invention
発明が解決しょうとする課題  Problems to be solved by the invention
[0005] ところが、上記従来の暗号化,復号化装置では、ファイルを暗号ィ匕したり、復号ィ匕 する操作をユーザ自身が行う必要があることや、例えば、暗号ィ匕されたファイルの内 容を確認したり、編集するといつた作業を行う際に、その都度、作業前にファイルを復 号化し、作業後にファイルを暗号ィ匕しなければならないことから、非常に煩わしいとい う問題があった。 [0005] However, in the conventional encryption / decryption device, the user needs to perform an operation of encrypting or decrypting the file, or, for example, in the encrypted file. Every time you check or edit the contents, you must decrypt the file before the work and encrypt the file after the work, which is very troublesome. It was.
[0006] また、力かる問題があるために、秘密情報に係るデータを含んだファイルがユーザ によって暗号ィ匕されないことも多ぐこのようなファイルが外部に流出すると、秘密情 報が外部に漏れることとなる。 [0007] このように、上記従来の暗号化,復号化装置では、情報の漏洩を防止するのに手 間が掛かり、し力も、情報の漏洩を完全に防止することはできな力つた。 [0006] In addition, due to a strong problem, a file containing data related to secret information is often not encrypted by the user. If such a file leaks to the outside, the secret information leaks to the outside. It will be. [0007] As described above, the conventional encryption / decryption device takes time and effort to prevent the leakage of information, and the strength of the conventional encryption / decryption device cannot prevent the leakage of information completely.
[0008] 本発明は、以上の実情に鑑みなされたものであって、ユーザを煩わせることなぐデ ータの暗号ィ匕ゃ復号ィ匕を行うことができるとともに、情報の漏洩をより確実に防止する ことができる端末装置、及びこれを備えたデータ管理システムの提供をその目的とす る。  [0008] The present invention has been made in view of the above circumstances, and can perform data encryption and decryption without bothering the user, and more reliably leak information. It is an object of the present invention to provide a terminal device that can be prevented, and a data management system including the same.
課題を解決するための手段  Means for solving the problem
[0009] 上記目的を達成するための本発明は、 In order to achieve the above object, the present invention provides:
データを記憶する記録媒体が接続される端末装置であって、前記記録媒体に格納 されたデータを読み出す読出処理、読み出したデータを編集する編集処理、及び編 集したデータを前記記録媒体に書き込む書込処理を行う編集処理部を備えた端末 装置において、  A terminal device to which a recording medium for storing data is connected, a reading process for reading data stored in the recording medium, an editing process for editing the read data, and a document for writing the edited data to the recording medium In a terminal device equipped with an editing processing unit that performs embedding processing,
前記編集処理部における処理を監視し、該編集処理部が前記書込処理を実行す る際には、該編集処理部に代わり、編集後のデータを暗号化して前記記録媒体に格 納する一方、該編集処理部が前記読出処理を実行する際には、該編集処理部に代 わり、読み出すべき暗号化データを前記記録媒体から読み出し、読み出したデータ を復号化して該編集処理部に提供する暗号化 '復号化処理を行うデータ管理部を更 に備えてなることを特徴とする端末装置に係る。  When the processing in the editing processing unit is monitored and the editing processing unit executes the writing process, the edited data is encrypted and stored in the recording medium instead of the editing processing unit. When the editing processing unit executes the reading processing, instead of the editing processing unit, the encrypted data to be read is read from the recording medium, and the read data is decrypted and provided to the editing processing unit. The present invention relates to a terminal device characterized by further comprising a data management unit that performs encryption and decryption processing.
[0010] この端末装置によれば、ユーザにより、端末装置に記録媒体が接続された後、当該 記録媒体に格納されたデータの編集作業が適宜行われる。或いは、端末装置に予 め接続されている記録媒体に格納されたデータの編集作業が適宜行われる。尚、記 録媒体には、例えば、文書,音声,画像,コンピュータ 'プログラムなどに係るデータ であって予め暗号ィ匕されたデータ(暗号ィ匕データ)が格納されて 、る。 [0010] According to this terminal device, after a recording medium is connected to the terminal device, the user performs an editing operation on the data stored in the recording medium as appropriate. Alternatively, editing work of data stored in a recording medium connected in advance to the terminal device is appropriately performed. The recording medium stores, for example, data relating to documents, sounds, images, computer programs, and the like, which has been previously encrypted (encrypted data).
[0011] このとき、編集処理部における処理を監視するデータ管理部が、当該編集処理部 によって読出処理が実行されることを確認した場合には、当該編集処理部に代わり、 読み出すべき暗号ィ匕データを記録媒体力 読み出し、読み出したデータを復号ィ匕し て当該編集処理部に提供する。一方、データ管理部は、編集処理部によって書込処 理が実行されることを確認した場合には、当該編集処理部に代わり、編集後のデー タを暗号化して記録媒体に格納する。 [0011] At this time, if the data management unit that monitors the processing in the editing processing unit confirms that the reading processing is executed by the editing processing unit, the encryption key to be read instead of the editing processing unit. Data is read from the recording medium, and the read data is decrypted and provided to the editing processing section. On the other hand, when the data management unit confirms that the writing process is executed by the editing processing unit, the data management unit replaces the editing processing unit with the edited data. The data is encrypted and stored in a recording medium.
[0012] このようにして、データ管理部の暗号化'復号ィ匕処理により、編集処理部によって読 み出されるデータが復号化され、編集処理部によって書き込まれるデータが暗号ィ匕 される。これにより、ユーザは、何ら特別な操作を行うことなくデータの暗号化ゃ復号 化を行うことができる。  In this manner, the data read by the editing processing unit is decrypted by the encryption / decryption processing of the data management unit, and the data written by the editing processing unit is encrypted. As a result, the user can perform data encryption or decryption without any special operation.
[0013] 斯くして、本発明に係る端末装置によれば、編集処理部が記録媒体からデータを 読み出したり、記録媒体に書き込む際に、データ管理部によって、暗号化されたデー タが自動的に復号ィ匕されたり、編集後のデータが自動的に暗号ィ匕されるので、デー タの復号化や暗号化を容易に且つ煩わし ヽ操作を伴うことなく行うことができる。また 、記録媒体内のデータが暗号ィ匕されているので、当該データが外部に流出したり、当 該記録媒体が第 3者の手に渡ったとしてもデータの内容を第 3者が認識することはで きず、当該データに係る情報が外部に漏れることはない。  [0013] Thus, according to the terminal device of the present invention, when the editing processing unit reads data from the recording medium or writes data to the recording medium, the data management unit automatically encrypts the data. Since the data is decrypted and the edited data is automatically encrypted, the data can be easily decrypted and encrypted without any troublesome operation. In addition, since the data in the recording medium is encrypted, the third party recognizes the contents of the data even if the data leaks to the outside or the recording medium reaches the third party. This information cannot be leaked to the outside.
[0014] 尚、前記端末装置は、接続される前記記録媒体の固有情報に基づいた媒体識別 情報を記憶する端末側媒体識別情報記憶部を更に備え、前記データ管理部は、前 記データを前記記録媒体から読み出し又は前記記録媒体に格納するに当たり、対 象となる記録媒体の媒体識別情報が前記端末側媒体識別情報記憶部に格納されて いるカゝ否かを確認して、格納されていると判断した場合に、前記データを暗号化して 格納し又は前記データを読み出して復号ィ匕するように構成されて 、ても良!、。  [0014] The terminal device further includes a terminal-side medium identification information storage unit that stores medium identification information based on unique information of the connected recording medium, and the data management unit stores the data described above. When reading from the recording medium or storing it in the recording medium, the medium identification information of the target recording medium is stored by checking whether it is stored in the terminal-side medium identification information storage unit. If it is determined that the data is encrypted, the data is encrypted and stored, or the data is read and decrypted.
[0015] このようにすれば、対象となる記録媒体の媒体識別情報が端末側媒体識別情報記 憶部に格納されている場合にのみ、データ管理部により、データが暗号化されて記 録媒体に格納され、また、データが記録媒体から読み出されて復号化される。したが つて、当該端末装置に接続される(当該端末装置で利用される)記録媒体の媒体識 別情報を予め端末側媒体識別情報記憶部に格納 (登録)しておくことで、データを読 み出したり、書き込む記録媒体を管理,制限することができ、重要な情報が外部に持 ち出されたり、不要なデータが持ち込まれるのを防止してセキュリティを高めることが できる。  According to this configuration, the data management unit encrypts the data and the recording medium only when the medium identification information of the target recording medium is stored in the terminal-side medium identification information storage unit. In addition, data is read from the recording medium and decoded. Therefore, data is read by storing (registering) the medium identification information of the recording medium connected to the terminal device (used by the terminal device) in advance in the terminal-side medium identification information storage unit. It is possible to manage and restrict the recording media to be read or written, and to prevent important information from being taken out to the outside or unnecessary data from being brought in, thereby improving security.
[0016] また、前記記録媒体には、暗号ィ匕されたデータが第 1フォルダに、復号化されたデ 一タが第 2フォルダに分類されて格納され、前記データ管理部は、外部から入力され る、前記第 1フォルダ内の特定の暗号ィ匕データを復号ィ匕するための信号を受け付け ると、受け付けた信号に対応する暗号化データを復号化して新たなデータを生成し、 生成した復号ィヒデータを前記第 2フォルダ内に格納する復号ィヒデータ生成処理を更 に行うように構成されて 、ても良 、。 [0016] Further, the recording medium stores encrypted data in the first folder, and decrypted data is stored in the second folder. The data management unit is externally input. Is When a signal for decrypting the specific encrypted data in the first folder is received, the encrypted data corresponding to the received signal is decrypted to generate new data, and the generated decryption is performed. It may be configured to further perform a decryption data generation process for storing digital data in the second folder.
[0017] このようにすれば、外部力 入力される、第 1フォルダ内の特定の暗号ィ匕データを 復号ィ匕するための信号がデータ管理部によって受け付けられると、受け付けられた 信号に対応する暗号化データが復号化されて新たなデータが生成され、生成された 復号化データ (復号化されたデータ)が第 2フォルダ内に格納される。そして、ユーザ は、第 2フォルダ内の復号ィ匕データによって当該端末装置以外の端末装置で編集作 業を行ったり、当該端末装置以外の端末装置を利用する他のユーザに暗号化デー タと同内容のデータを提供することができる。  [0017] With this configuration, when a signal for decrypting specific encrypted data in the first folder, which is input by an external force, is received by the data management unit, it corresponds to the received signal. The encrypted data is decrypted to generate new data, and the generated decrypted data (decrypted data) is stored in the second folder. Then, the user performs editing work on the terminal device other than the terminal device by using the decryption key data in the second folder, or the same as the encrypted data to other users who use the terminal device other than the terminal device. Content data can be provided.
[0018] したがって、ユーザが暗号ィ匕データを外部に持ち出す際に好都合である。また、生 成された復号化データが第 2フォルダ内に格納されるので、暗号化されているデータ 力 復号ィ匕されているデータかを容易に判別することができる。また、更に、ユーザが 特定の操作を行わない限り、復号化データは生成されないので、当該端末装置や記 録媒体が第 3者の手に渡ったり、記録媒体内のデータが外部に流出するようなことが あっても、情報の流出を最小限に抑えることができる。  [0018] Therefore, it is convenient when the user takes out the encrypted data to the outside. In addition, since the generated decrypted data is stored in the second folder, it is possible to easily determine whether the data is encrypted or not. In addition, since the decrypted data is not generated unless the user performs a specific operation, the terminal device or the recording medium is transferred to a third party, or the data in the recording medium flows out to the outside. Even if there is nothing wrong, information leakage can be minimized.
[0019] また、前記データ管理部は、前記端末装置の固有情報 (例えば、 CPU番号やハー ドディスク番号など)に基づ!ヽた端末識別情報をキーとして前記データの暗号化及び 復号ィ匕を行うように構成されていても良い。このようにすれば、端末識別情報が端末 装置毎に異なることから、当該端末装置以外ではデータの編集 (データの暗号化や 復号化)を行うことができず、記録媒体に格納されたデータの保護をより厳重なものに することができる。  Further, the data management unit encrypts and decrypts the data using terminal identification information based on unique information (for example, a CPU number, a hard disk number, etc.) of the terminal device as a key. It may be configured to perform. In this way, since the terminal identification information differs for each terminal device, data editing (data encryption and decryption) cannot be performed except for the terminal device, and the data stored in the recording medium cannot be edited. Protection can be tightened.
[0020] また、本発明は、  [0020] The present invention also provides:
前記端末装置の複数台と、前記各端末装置を管理する管理サーバとが電気通信 回線を介して接続されたデータ管理システムであって、  A data management system in which a plurality of the terminal devices and a management server that manages each terminal device are connected via an electric communication line,
前記管理サーバは、  The management server
ユーザ毎に設定され、該ユーザを識別するためのユーザ識別情報と、前記端末装 置の固有情報に基づいた端末識別情報であって、前記ユーザによって利用される少 なくとも 1台の端末装置に関する端末識別情報とを関連付けて記憶するユーザ情報
Figure imgf000007_0001
User identification information set for each user to identify the user, and the terminal device Terminal identification information based on device specific information, and stored in association with terminal identification information related to at least one terminal device used by the user
Figure imgf000007_0001
前記端末装置から送信されるユーザ識別情報及び端末識別情報を受信すると、受 信したユーザ識別情報及び端末識別情報が前記ユーザ情報記憶部に格納されて When the user identification information and the terminal identification information transmitted from the terminal device are received, the received user identification information and the terminal identification information are stored in the user information storage unit.
Vヽるカゝ否かを確認し、格納されて ヽると判断した場合に実行許可信号を該端末装置 に送信する認証処理部とを備え、 An authentication processing unit that confirms whether or not the V is valid and transmits an execution permission signal to the terminal device when it is determined that the device is stored.
前記端末装置のデータ管理部は、  The data management unit of the terminal device
前記暗号化'復号ィ匕処理を実行する力否かを確認する処理であって、外部から入 力される前記ユーザ識別情報を受け付けるとともに、該端末装置の前記端末識別情 報を生成して、受け付けたユーザ識別情報及び生成した端末識別情報を前記管理 サーバに送信し、該管理サーノから送信される前記実行許可信号を受信する確認 処理を定期的又は不定期的に行い、該確認処理において前記実行許可信号を受 信した場合に、次に前記確認処理を行うまでの間、前記暗号化 '復号化処理を実行 するように構成されてなることを特徴とするデータ管理システムに係る。  A process for confirming whether or not the encryption / decryption process is executed, accepting the user identification information input from the outside, and generating the terminal identification information of the terminal device; The received user identification information and the generated terminal identification information are transmitted to the management server, and the confirmation process for receiving the execution permission signal transmitted from the management sano is performed periodically or irregularly. The present invention relates to a data management system configured to execute the encryption / decryption process until the next confirmation process is performed when an execution permission signal is received.
[0021] このデータ管理システムによれば、ユーザ情報記憶部に、ユーザ毎に設定され、当 該ユーザを識別するためのユーザ識別情報と、ユーザによって利用される少なくとも [0021] According to this data management system, user identification information set for each user in the user information storage unit for identifying the user, and at least used by the user
1台の端末装置の端末識別情報とが関連付けられて予め格納 (登録)される。 It is stored (registered) in advance in association with the terminal identification information of one terminal device.
[0022] そして、端末装置では、データ管理部によって確認処理が定期的又は不定期的( 例えば、端末装置の起動時や所定時刻になったときなど)に実行される。具体的には 、データ管理部は、まず、外部力 入力されるユーザ識別情報を受け付けるとともに、 当該端末装置の端末識別情報を生成して、受け付けたユーザ識別情報及び生成し た端末識別情報を管理サーバに送信する。 [0022] Then, in the terminal device, the confirmation process is executed by the data management unit periodically or irregularly (for example, when the terminal device is activated or when a predetermined time comes). Specifically, the data management unit first receives user identification information input from an external force, generates terminal identification information of the terminal device, and manages the received user identification information and the generated terminal identification information. Send to server.
[0023] 端末装置から送信されたユーザ識別情報及び端末識別情報は認証処理部によつ て受信され、これを受信した認証処理部は、受信したユーザ識別情報及び端末識別 情報がユーザ情報記憶部に格納されて 、る力否かを確認し、格納されて 、ると判断 すると、実行許可信号を当該端末装置に送信する。 [0023] The user identification information and the terminal identification information transmitted from the terminal device are received by the authentication processing unit, and the authentication processing unit that receives them receives the received user identification information and the terminal identification information from the user information storage unit. If it is determined that it is stored, the execution permission signal is transmitted to the terminal device.
[0024] 管理サーバから送信された実行許可信号はデータ管理部によって受信され、これ を受信したデータ管理部は、次に確認処理を行うまでの間、暗号化'復号化処理を 実行する。 The execution permission signal transmitted from the management server is received by the data management unit, The data management unit that has received the encryption / decryption process until the next confirmation process is performed.
[0025] 斯くして、本発明に係るデータ管理システムによれば、データ管理部が確認処理を 定期的又は不定期的に行うことにより、端末装置を利用するユーザが利用条件を満 たして 、る力否かを確認することができるので、記録媒体に格納されたデータへのァ クセスを管理サーバにより管理して情報漏洩をより確実に防止することができる。また 、ユーザ識別情報だけでなぐ端末装置毎に異なる端末識別情報を基に認証を行つ ているので、端末装置の不正使用をより確実に防止することができ、記録媒体に格納 されたデータの安全性を更に高めることができる。  [0025] Thus, according to the data management system of the present invention, the data management unit performs the confirmation process periodically or irregularly, so that the user who uses the terminal device satisfies the use conditions. Therefore, it is possible to more reliably prevent information leakage by managing access to data stored in the recording medium by the management server. In addition, since authentication is performed based on different terminal identification information for each terminal device including only user identification information, unauthorized use of the terminal device can be prevented more reliably, and the data stored in the recording medium can be prevented. Safety can be further enhanced.
[0026] 尚、前記管理サーバは、前記各端末装置に接続される記録媒体の媒体識別情報 を記憶するサーバ側媒体識別情報記憶部を更に備え、前記認証処理部は、前記実 行許可信号を前記端末装置に送信するに当たり、前記サーバ側媒体識別情報記憶 部に格納された媒体識別情報を該実行許可信号とともに送信するように構成され、 前記データ管理部は、前記管理サーバから前記実行許可信号及び媒体識別情報を 受信すると、受信した媒体識別情報を前記端末側媒体識別情報記憶部に格納する ように構成されていても良い。  [0026] The management server further includes a server-side medium identification information storage unit that stores medium identification information of a recording medium connected to each terminal device, and the authentication processing unit receives the execution permission signal. In transmitting to the terminal device, the medium identification information stored in the server-side medium identification information storage unit is configured to be transmitted together with the execution permission signal, and the data management unit is configured to transmit the execution permission signal from the management server. When the medium identification information is received, the received medium identification information may be stored in the terminal-side medium identification information storage unit.
[0027] このようにすれば、各端末装置に接続される或 、は各端末装置に予め接続されて いる記録媒体の媒体識別情報が予めサーバ側媒体識別情報記憶部に格納 (登録) され、当該サーバ側媒体識別情報記憶部に格納された媒体識別情報は、認証処理 部によって実行許可信号とともに端末装置に送信される。そして、送信された媒体識 別情報は、データ管理部によって受信され、端末側媒体識別情報記憶部に格納さ れる。したがって、管理サーバにより、データを読み出したり、書き込む記録媒体を管 理,制限して当該データ管理システムのセキュリティを高めることができる。  [0027] With this configuration, the medium identification information of the recording medium connected to each terminal device or connected in advance to each terminal device is stored (registered) in the server-side medium identification information storage unit in advance. The medium identification information stored in the server-side medium identification information storage unit is transmitted to the terminal device together with the execution permission signal by the authentication processing unit. Then, the transmitted medium identification information is received by the data management unit and stored in the terminal-side medium identification information storage unit. Therefore, the management server can manage and restrict the recording medium from which data is read or written, thereby increasing the security of the data management system.
[0028] また、前記データ管理部は、前記確認処理の実行時に前記第 2フォルダ内の復号 化データを消去するように構成されていても良い。このようにすれば、第 2フォルダ内 のデータを自動的(強制的)に削除して情報の流出をより確実に防止することができ る。  [0028] Further, the data management unit may be configured to erase the decrypted data in the second folder when the confirmation process is executed. In this way, the data in the second folder can be automatically (forcedly) deleted to prevent information leakage more reliably.
[0029] また、前記ユーザ情報記憶部には、前記端末装置における前記確認処理以外の 処理(暗号化 '復号化処理や復号化データ生成処理)の実行を許可するか否かに関 する許可情報が前記ユーザ識別情報と関連付けられて更に格納され、前記認証処 理部は、前記端末装置から前記ユーザ識別情報及び端末識別情報を受信すると、 受信したユーザ識別情報及び端末識別情報を基に前記ユーザ情報記憶部に格納 されたデータを参照して、該ユーザ識別情報及び端末識別情報が格納されて ヽるか 否かを確認するとともに、受信したユーザ識別情報と関連付けられた許可情報が前 記確認処理以外の処理の実行を許可するものであるカゝ否かを確認し、該ユーザ識別 情報及び端末識別情報が格納され且つ前記確認処理以外の処理の実行が許可さ れて!ヽると判断した場合に前記実行許可信号を該端末装置に送信するように構成さ れ、前記管理サーバは、外部力 入力される、特定のユーザに係るユーザ識別情報 と関連付けられた前記許可情報を変更,更新するための更新情報を受け付け、受け 付けた更新情報を基に、前記ユーザ情報記憶部に格納された許可情報を更新する ユーザ情報更新部を更に備えていても良い。 [0029] Further, in the user information storage unit, other than the confirmation processing in the terminal device Permission information regarding whether to permit execution of the process (encryption 'decryption process or decryption data generation process) is further stored in association with the user identification information, and the authentication processing unit When the user identification information and the terminal identification information are received from the device, the user identification information and the terminal identification information are obtained by referring to the data stored in the user information storage unit based on the received user identification information and the terminal identification information. And confirming whether or not the permission information associated with the received user identification information permits the execution of processes other than the confirmation process. Identification information and terminal identification information are stored, and execution of processes other than the confirmation process is permitted! The management server is configured to transmit the execution permission signal to the terminal device when it is determined that the device is to be called, and the management server is configured to transmit the permission information associated with user identification information relating to a specific user, which is input from an external force. It may further comprise a user information update unit that receives update information for changing or updating the information and updates the permission information stored in the user information storage unit based on the received update information.
[0030] このようにすれば、認証処理部により、端末装置から受信されたユーザ識別情報及 び端末識別情報がユーザ情報記憶部に格納されているカゝ否かが確認されるとともに 、当該ユーザ識別情報と関連付けられた許可情報が確認処理以外の処理の実行を 許可するものであるか否かが確認され、当該ユーザ識別情報及び端末識別情報が 格納され且つ確認処理以外の処理の実行が許可されて ヽる場合にのみ、実行許可 信号が当該端末装置に送信される。  [0030] According to this configuration, the authentication processing unit confirms whether the user identification information received from the terminal device and the terminal identification information are stored in the user information storage unit, and the user It is confirmed whether or not the permission information associated with the identification information permits execution of processes other than the confirmation process, the user identification information and the terminal identification information are stored, and the execution of processes other than the confirmation process is permitted. The execution permission signal is transmitted to the terminal device only when it is received.
[0031] また、外部から入力される、特定のユーザに係るユーザ識別情報と関連付けられた 許可情報を変更,更新するための更新情報がユーザ情報更新部によって受け付け られると、受け付けられた更新情報を基に、ユーザ情報記憶部に格納された許可情 報が更新され、当該許可情報が、確認処理以外の処理の実行を許可するものから許 可しないものに変更されたり、確認処理以外の処理の実行を許可しないもの力 許 可するものに変更される。  [0031] Further, when update information for changing or updating permission information associated with user identification information related to a specific user, which is input from the outside, is received by the user information update unit, the received update information is displayed. Based on this, the permission information stored in the user information storage unit is updated, and the permission information is changed from one that permits the execution of processes other than the confirmation process to one that is not permitted. The power that does not allow execution is changed to something that allows it.
[0032] したがって、例えば、端末装置の使用者や記録媒体に格納されたデータの作成者 力 他の端末装置やデータ通信可能な携帯電話端末などの適宜端末装置を操作し て更新情報を管理サーバに送信したり、前記使用者や作成者から連絡を受けた管 理サーバのオペレータが更新情報を当該管理サーバに入力して、ユーザ情報更新 部により特定のユーザについての更新情報を更新することで、当該特定のユーザに ついて端末装置における確認処理以外の処理の実行を許可したり、不許可にするこ とができ、記録媒体内のデータをより柔軟に管理することができる。具体的には、例え ば、端末装置や記録媒体が第 3者の手に渡った場合などに許可情報を変更して確 認処理以外の処理の実行を不許可にすれば、記録媒体内のデータが第 3者によつ て閲覧されたり、改竄されたり、コピーされるのを有効に防止することができる。 Accordingly, for example, the user of the terminal device or the creator of the data stored in the recording medium. The update information is managed by operating the terminal device as appropriate, such as another terminal device or a mobile phone terminal capable of data communication. Tubes that have been sent to or contacted by the user or creator The operator of the management server inputs update information to the management server and updates the update information for the specific user by the user information update unit, thereby executing processing other than the confirmation processing in the terminal device for the specific user. Can be permitted or not permitted, and the data in the recording medium can be managed more flexibly. Specifically, for example, if the permission information is changed to prohibit the execution of processes other than the confirmation process when the terminal device or recording medium is in the hands of a third party, Data can be effectively prevented from being viewed, altered or copied by a third party.
[0033] また、前記認証処理部は、前記実行許可信号を前記端末装置に送信するに当たり 、前記暗号化 ·復号ィ匕処理で用いられるキーを該実行許可信号とともに送信するよう に構成され、前記データ管理部は、前記管理サーバから前記実行許可信号及びキ 一を受信すると、受信したキーを用いて前記データの暗号ィ匕及び復号ィ匕を行うように 構成されていても良い。  [0033] In addition, the authentication processing unit is configured to transmit a key used in the encryption / decryption processing together with the execution permission signal when transmitting the execution permission signal to the terminal device, When the data management unit receives the execution permission signal and key from the management server, the data management unit may be configured to perform encryption and decryption of the data using the received key.
[0034] このようにすれば、データ管理部により、管理サーバから送信されたキーを用いて データの暗号ィ匕ゃ復号ィ匕が行われるので、当該管理サーバによって管理されていな い(当該管理サーバに接続されて!ヽない)端末装置ではデータの暗号化や復号化を 行うことができず、記録媒体に格納されたデータに係る情報の漏洩を更に有効に防 止することができる。また、管理サーバによって管理された端末装置間ではキーを共 有してどの端末装置力 でも記録媒体内のデータにアクセス可能とすることができる  [0034] According to this configuration, since the data management unit performs data encryption / decryption using the key transmitted from the management server, it is not managed by the management server (the management server). The terminal device cannot be encrypted or decrypted because it is connected to the server, and the leakage of information related to the data stored in the recording medium can be more effectively prevented. In addition, the terminal devices managed by the management server can share the key and access data in the recording medium with any terminal device power.
[0035] また、前記データ管理部は、前記管理サーバから受信したキーと、前記データ毎に 設定された固有のデータ識別情報とをキーとして前記データの暗号化及び復号化を 行うように構成されていても良い。このようにすれば、上記と同様の効果を得ることが できる他、記録媒体に格納されたデータをより強固に保護することができる。 [0035] Further, the data management unit is configured to encrypt and decrypt the data using the key received from the management server and the unique data identification information set for each data as a key. May be. In this way, the same effects as described above can be obtained, and the data stored in the recording medium can be more securely protected.
[0036] また、前記認証処理部は、前記実行許可信号を前記端末装置に送信するに当たり 、前記ユーザ情報記憶部に格納されたユーザ識別情報及び端末識別情報を該実行 許可信号とともに送信するように構成され、前記端末装置は、前記管理サーバから送 信されるユーザ識別情報及び端末識別情報を記憶するキー情報記憶部を更に備え 、前記データ管理部は、前記管理サーバから前記実行許可信号,ユーザ識別情報 及び端末識別情報を受信すると、受信したユーザ識別情報及び端末識別情報を関 連付けて前記キー情報記憶部に格納し、更に、前記データを暗号化して格納する際 には、該端末装置の端末識別情報を暗号キーとして暗号化し、暗号化したデータに 、該端末装置を利用するユーザのユーザ識別情報を含ませて格納する一方、前記 記録媒体に格納されたデータを読み出して復号化する際には、該データに含まれた ユーザ識別情報を基に、該ユーザ識別情報と関連付けられて前記キー情報記憶部 に格納された端末識別情報を認識し、認識した端末識別情報を復号キーとして前記 データを復号化するように構成されて 、ても良 、。 [0036] Further, when transmitting the execution permission signal to the terminal device, the authentication processing unit transmits the user identification information and the terminal identification information stored in the user information storage unit together with the execution permission signal. The terminal device further includes a key information storage unit that stores user identification information and terminal identification information transmitted from the management server, and the data management unit receives the execution permission signal, the user from the management server, Identification information When the terminal identification information is received, the received user identification information and terminal identification information are associated and stored in the key information storage unit, and when the data is encrypted and stored, the terminal of the terminal device is stored. The identification information is encrypted as an encryption key, and the encrypted data is stored including the user identification information of the user who uses the terminal device, while the data stored in the recording medium is read and decrypted. Recognizes the terminal identification information associated with the user identification information and stored in the key information storage unit based on the user identification information included in the data, and uses the recognized terminal identification information as a decryption key. It may be configured to decrypt.
[0037] このようにすれば、認証処理部によって実行許可信号が端末装置に送信されるとき に、ユーザ情報記憶部に格納されたユーザ識別情報及び端末識別情報が併せて送 信され、送信されたユーザ識別情報及び端末識別情報は、データ管理部により受信 された後、関連付けてキー情報記憶部に格納される。  According to this configuration, when the execution permission signal is transmitted to the terminal device by the authentication processing unit, the user identification information and the terminal identification information stored in the user information storage unit are also transmitted and transmitted. The user identification information and the terminal identification information received by the data management unit are stored in the key information storage unit in association with each other.
[0038] そして、暗号化'復号化処理において、データ管理部は、データを暗号化して格納 する場合、当該端末装置の端末識別情報を暗号キーとして暗号ィ匕し、暗号化したデ ータに、当該端末装置を利用するユーザのユーザ識別情報を含ませて格納する。一 方、記録媒体に格納されたデータを読み出して復号化する場合、当該データに含ま れたユーザ識別情報を基に、当該ユーザ識別情報と関連付けられてキー情報記憶 部に格納された端末識別情報を認識し、認識した端末識別情報を復号キーとしてデ 一タを復号化する。  In the encryption / decryption process, when data is encrypted and stored, the data management unit encrypts the terminal identification information of the terminal device as an encryption key and stores the encrypted data in the encrypted data. The user identification information of the user who uses the terminal device is included and stored. On the other hand, when the data stored in the recording medium is read and decrypted, the terminal identification information stored in the key information storage unit is associated with the user identification information based on the user identification information included in the data. And decrypt the data using the recognized terminal identification information as the decryption key.
[0039] このように、ユーザが利用している端末装置の端末識別情報を用いてデータを暗号 化し、管理サーバから送信されたユーザ識別情報及び端末識別情報 (キー情報)を 用いて暗号ィ匕データを復号ィ匕することで、上記と同様、当該管理サーバによって管 理されて ヽな ヽ(当該管理サーバに接続されて!ヽな ヽ)端末装置でデータの暗号ィ匕 や復号ィ匕が行われるのを防止し、記録媒体に格納されたデータに係る情報の漏洩を 更に有効に防止することができる。また、上記と同様、管理サーバによって管理され た端末装置間ではキーを共有してどの端末装置力 でも記録媒体内のデータにァク セス可能とすることができる。  [0039] In this way, data is encrypted using the terminal identification information of the terminal device used by the user, and encrypted using the user identification information and terminal identification information (key information) transmitted from the management server. By decrypting the data, as described above, the data managed by the management server (connected to the management server! It is possible to prevent the leakage of information related to the data stored in the recording medium. Similarly to the above, it is possible to share the key between the terminal devices managed by the management server so that the data in the recording medium can be accessed by any terminal device.
[0040] また、前記管理サーバは、前記認証処理部における処理につ!、てのログ情報を生 成するサーバ側ログ情報生成部と、前記サーバ側ログ情報生成部によって生成され たログ情報を記憶するログ情報記憶部とを更に備えていたり、前記端末装置は、前 記データ管理部における処理にっ 、てのログ情報を生成し、生成したログ情報を前 記管理サーバに送信する端末側ログ情報生成部を更に備え、前記管理サーバは、 前記ログ情報を記憶するログ情報記憶部と、前記端末側ログ情報生成部から送信さ れたログ情報を受信して、受信したログ情報を前記ログ情報記憶部に格納するログ 情報受付部とを更に備えていても良い。 [0040] Further, the management server generates log information for the processing in the authentication processing unit. A server-side log information generation unit, and a log information storage unit that stores the log information generated by the server-side log information generation unit, or the terminal device performs processing in the data management unit. And a terminal-side log information generating unit that generates the log information and transmits the generated log information to the management server, wherein the management server stores the log information; A log information receiving unit that receives the log information transmitted from the terminal-side log information generation unit and stores the received log information in the log information storage unit may be further provided.
[0041] このようにすれば、管理サーバのログ情報記憶部に格納されたログ情報を解析する ことで、例えば、端末装置がいつ確認処理を行った力、いつ復号化データ生成処理 を行った力 どのようなデータが復号化されたか、どのような情報が漏洩した恐れがあ るかなどを把握するのに役立てることができる。  [0041] By doing this, by analyzing the log information stored in the log information storage unit of the management server, for example, when the terminal device performed the confirmation processing, when the decrypted data generation processing was performed This can be used to understand what data was decrypted and what information might be leaked.
[0042] 尚、前記記録媒体としては、例えば、可搬性のない内蔵型のハードディスクや、可 搬性のある USBメモリ,メモリーカード, FD, MO, CD, DVD及び外付型のハード ディスクなどを挙げることができる力 これらに限定されるものではない。また、内蔵型 のハードディスクには、端末装置自体に設けられているものだけでなぐファイルサー バに設けられているものも含まれる。  [0042] Examples of the recording medium include a non-portable built-in hard disk, a portable USB memory, a memory card, FD, MO, CD, DVD, and an external hard disk. The force that can be used is not limited to these. In addition, the built-in hard disk includes those provided in the file server in addition to those provided in the terminal device itself.
発明の効果  The invention's effect
[0043] 以上のように、本発明に係る端末装置によれば、暗号ィ匕されたデータが自動的に 復号化され、編集後のデータが自動的に暗号ィ匕されるので、データの復号化や暗号 化を容易に且つ煩わしい操作を伴うことなく行うことができる。また、記録媒体内のデ ータが暗号化されているので、当該データに係る情報が漏洩するのを防止することが できる。また、本発明に係るデータ管理システムによれば、端末装置を利用するユー ザが利用条件を満たして 、るか否かを適宜確認して 、るので、記録媒体に格納され たデータへのアクセスを管理して情報漏洩をより確実に防止することができる。また、 ユーザ識別情報及び端末識別情報を基に認証を行って!/、るので、端末装置の不正 使用をより確実に防止することができ、記録媒体に格納されたデータの安全性を更に 高めることができる。  [0043] As described above, according to the terminal device of the present invention, the encrypted data is automatically decrypted, and the edited data is automatically encrypted. And encryption can be performed easily and without complicated operations. Further, since the data in the recording medium is encrypted, it is possible to prevent information related to the data from leaking. In addition, according to the data management system of the present invention, the user who uses the terminal device appropriately checks whether or not the usage conditions are satisfied, and therefore, the access to the data stored in the recording medium is possible. Information leakage can be prevented more reliably. In addition, since authentication is performed based on user identification information and terminal identification information! /, Unauthorized use of the terminal device can be prevented more reliably, and the safety of the data stored in the recording medium can be further improved. be able to.
図面の簡単な説明 [図 1]本発明の一実施形態に係るデータ管理システムの概略構成を示したブロック図 である。 Brief Description of Drawings FIG. 1 is a block diagram showing a schematic configuration of a data management system according to an embodiment of the present invention.
[図 2]本実施形態の管理サーバの概略構成を示したブロック図である。  FIG. 2 is a block diagram showing a schematic configuration of a management server of the present embodiment.
[図 3]本実施形態の端末装置の概略構成を示したブロック図である。  FIG. 3 is a block diagram showing a schematic configuration of a terminal device according to the present embodiment.
[図 4]本実施形態のユーザ情報記憶部に格納されるデータを示したデータテーブル である。  FIG. 4 is a data table showing data stored in the user information storage unit of the present embodiment.
[図 5]本実施形態の記録媒体に格納されるデータを説明するための説明図である。  FIG. 5 is an explanatory diagram for explaining data stored in the recording medium of the present embodiment.
[図 6]本実施形態の暗号化'復号ィ匕処理における一連の処理を示したフローチャート である。 FIG. 6 is a flowchart showing a series of processes in the encryption / decryption process of the present embodiment.
[図 7]本実施形態における確認処理などを説明するためのフローチャートである。  FIG. 7 is a flowchart for explaining confirmation processing and the like in the present embodiment.
[図 8]本実施形態における確認処理などを説明するためのフローチャートである。 FIG. 8 is a flowchart for explaining confirmation processing and the like in the present embodiment.
[図 9]本発明の他の実施形態に係る端末装置の概略構成を示したブロック図である。 FIG. 9 is a block diagram showing a schematic configuration of a terminal apparatus according to another embodiment of the present invention.
[図 10]本発明の他の実施形態に係る暗号化'復号化処理における一連の処理を示 したフローチャートである。 FIG. 10 is a flowchart showing a series of processing in encryption / decryption processing according to another embodiment of the present invention.
符号の説明 Explanation of symbols
1 データ管理システム  1 Data management system
5 インターネット  5 Internet
6 端末装置  6 Terminal equipment
7 管理サーバ  7 Management server
8 ファイルサーバ  8 File server
11 ユーザ情報記憶部  11 User information storage
12 ユーザ情報登録部  12 User information registration department
13 ユーザ情報更新部  13 User information update section
14 媒体情報記憶部  14 Media information storage
15 媒体情報登録部  15 Media Information Registration Department
16 認証処理部  16 Authentication processing part
17 ログ情報生成部  17 Log information generator
18 ログ情報受付部 19 ログ情報記憶部 18 Log information reception 19 Log information storage
21 データ記憶部  21 Data storage
24 編集処理部  24 Editing processing section
25 媒体情報記憶部  25 Media information storage
26 データ入出力部  26 Data input / output section
27 データ管理部  27 Data Management Department
28 ログ情報生成部  28 Log information generator
23, 33 ドライブ装置  23, 33 Drive device
8a, 22, 31, 32 記録媒体  8a, 22, 31, 32 Recording media
発明を実施するための最良の形態  BEST MODE FOR CARRYING OUT THE INVENTION
[0046] 以下、本発明の具体的な実施形態について、添付図面に基づき説明する。尚、図 1は、本発明の一実施形態に係るデータ管理システムの概略構成を示したブロック図 であり、図 2は、本実施形態に係る管理サーバの概略構成を示したブロック図であり、 図 3は、本実施形態に係る端末装置の概略構成を示したブロック図である。  Hereinafter, specific embodiments of the present invention will be described with reference to the accompanying drawings. FIG. 1 is a block diagram showing a schematic configuration of a data management system according to an embodiment of the present invention. FIG. 2 is a block diagram showing a schematic configuration of a management server according to the embodiment. FIG. 3 is a block diagram showing a schematic configuration of the terminal device according to the present embodiment.
[0047] 図 1乃至図 3に示すように、本例のデータ管理システム 1は、複数台の端末装置 6と 、各端末装置 6を管理する管理サーバ 7と、データが格納されるファイルサーバ 8とが 、インターネット 5を介し相互に接続されて構成される。  As shown in FIGS. 1 to 3, the data management system 1 of this example includes a plurality of terminal devices 6, a management server 7 that manages each terminal device 6, and a file server 8 that stores data. And are connected to each other via the Internet 5.
[0048] 前記管理サーバ 7は、図 2に示すように、ユーザ情報記憶部 11,ユーザ情報登録 部 12,ユーザ情報更新部 13,媒体情報記憶部 14,媒体情報登録部 15,認証処理 部 16,ログ情報生成部 17,ログ情報受付部 18,ログ情報記憶部 19及び通信インタ 一フェース 20などを備え、通信インターフェース 20を介してインターネット 5に接続し ている。  As shown in FIG. 2, the management server 7 includes a user information storage unit 11, a user information registration unit 12, a user information update unit 13, a medium information storage unit 14, a medium information registration unit 15, an authentication processing unit 16. , A log information generation unit 17, a log information reception unit 18, a log information storage unit 19, a communication interface 20, and the like, and is connected to the Internet 5 through the communication interface 20.
[0049] 前記ユーザ情報記憶部 11には、ユーザ毎に設定され、当該ユーザを識別するた めのユーザ ID及びパスワード (ユーザ識別情報)と、端末装置 6の固有情報 (例えば 、 CPU番号ゃノヽードディスク番号など)に基づいた端末 ID (端末識別情報)であって 、前記ユーザによって利用される少なくとも 1台の端末装置 6に関する端末 IDと、端 末装置 6における暗号化'復号ィ匕処理及び復号ィ匕データ生成処理の実行を許可す る力否かに関する許可情報とが関連付けられて格納される(図 4参照)。 [0050] 前記ユーザ情報登録部 12は、前記ユーザ ID,パスワード,端末 ID及び許可情報 をユーザ情報記憶部 11に格納 (登録)する処理を行う。具体的には、例えば、管理 サーバ 7に接続された各端末装置 6とそれぞれ通信を行い、各端末装置 6からユー ザ ID,パスワード及び端末 IDを受信して、受信したユーザ ID,パスワード及び端末 I Dと前記許可情報とをユーザ情報記憶部 11に格納する。 [0049] In the user information storage unit 11, a user ID and password (user identification information) that are set for each user and identify the user, and unique information of the terminal device 6 (for example, the CPU number and the number) Terminal ID (terminal identification information) based on at least one terminal device 6 used by the user, and encryption / decryption processing and decryption in the terminal device 6 It is stored in association with permission information regarding whether or not it is permitted to execute the key data generation process (see FIG. 4). [0050] The user information registration unit 12 stores (registers) the user ID, password, terminal ID, and permission information in the user information storage unit 11. Specifically, for example, it communicates with each terminal device 6 connected to the management server 7, receives the user ID, password and terminal ID from each terminal device 6, and receives the received user ID, password and terminal. The ID and the permission information are stored in the user information storage unit 11.
[0051] 尚、前記許可情報は、当初、実行許可に設定される。また、ユーザ情報登録部 12 は、各端末装置 6との通信時に、当該管理サーバ 7について予め設定されたコミュ- ティ IDを各端末装置 6に送信する。また、ユーザ IDなどを登録するに当たっては、当 該管理サーバ 7のオペレータがユーザ情報登録部 12を介して上記登録情報をユー ザ情報記憶部 11に入力するようにしても良 、。  Note that the permission information is initially set to execute permission. Further, the user information registration unit 12 transmits a community ID set in advance for the management server 7 to each terminal device 6 when communicating with each terminal device 6. When registering a user ID or the like, the operator of the management server 7 may input the registration information to the user information storage unit 11 via the user information registration unit 12.
[0052] 前記ユーザ情報更新部 13は、外部から入力される、特定のユーザに係るユーザ I Dと関連付けられた前記許可情報を変更,更新するための更新情報を受け付けて、 受け付けた更新情報を基に、ユーザ情報記憶部 11に格納された許可情報を更新す る。  [0052] The user information update unit 13 receives update information for changing or updating the permission information associated with a user ID related to a specific user, which is input from the outside, and based on the received update information. In addition, the permission information stored in the user information storage unit 11 is updated.
[0053] 前記媒体情報記憶部 14には、各端末装置 6に接続されている記録媒体 22や、各 端末装置 6に接続される記録媒体 31, 32、ファイルサーバ 8に設けられている記録 媒体 8a、即ち、各端末装置 6によって利用されるすべての記録媒体 8a, 22, 31, 32 の固有情報に基づいた媒体 ID (媒体識別情報)が格納される。  [0053] The medium information storage unit 14 includes a recording medium 22 connected to each terminal device 6, recording media 31, 32 connected to each terminal device 6, and a recording medium provided in the file server 8. 8a, that is, a medium ID (medium identification information) based on the unique information of all the recording media 8a, 22, 31, 32 used by each terminal device 6 is stored.
[0054] 前記媒体情報登録部 15は、前記媒体 IDを媒体情報記憶部 14に格納 (登録)する 処理を行う。具体的には、例えば、各端末装置 6若しくは特定の端末装置 6と通信を 行い、端末装置 6から前記記録媒体 8a, 22, 31, 32の媒体 IDを受信して、受信した 媒体 IDを媒体情報記憶部 14に格納する。尚、媒体 IDを登録するに当たっては、当 該管理サーバ 7のオペレータが媒体情報登録部 15を介して媒体情報記憶部 14に 入力するようにしても良い。また、ファイルサーバ 8の記録媒体 8aについては、その媒 体 IDを前記特定の端末装置 6から受信して登録する他、管理サーバ 7とファイルサ ーバ 8との間で通信を行って登録するようにしても良い。  The medium information registration unit 15 performs a process of storing (registering) the medium ID in the medium information storage unit 14. Specifically, for example, it communicates with each terminal device 6 or a specific terminal device 6, receives the medium ID of the recording medium 8a, 22, 31, 32 from the terminal device 6, and uses the received medium ID as the medium. Store in the information storage unit 14. When registering the medium ID, the operator of the management server 7 may input the medium ID into the medium information storage unit 14 via the medium information registration unit 15. In addition, the recording medium 8a of the file server 8 is registered by receiving the medium ID from the specific terminal device 6 and communicating between the management server 7 and the file server 8. You may do it.
[0055] 前記認証処理部 16は、端末装置 6から送信されるユーザ ID,パスワード,コミュ二 ティ ID及び端末 IDを受信して、受信したユーザ ID,パスワード及び端末 IDがユーザ 情報記憶部 11に格納されて 、るか否かを確認する処理と、受信したコミュニティ IDが 当該管理サーバ 7につ 、て予め設定されたコミュニティ IDと一致して 、る力否かを確 認する処理と、受信したユーザ IDと関連付けられた許可情報が暗号化'復号ィ匕処理 及び復号ィヒデータ生成処理の実行を許可するものであるカゝ否かを確認する処理と、 受信したユーザ ID, ノ スワード及び端末 IDが格納され、受信したコミュニティ IDがー 致し、且つ暗号化'復号化処理及び復号化データ生成処理の実行が許可されてい ると判断した場合に、実行許可信号、及び媒体情報記憶部 14に格納された媒体 ID を当該端末装置 6に送信する処理とを行う。 [0055] The authentication processing unit 16 receives the user ID, password, community ID, and terminal ID transmitted from the terminal device 6, and the received user ID, password, and terminal ID are the user. The process of confirming whether or not it is stored in the information storage unit 11 and whether or not the received community ID matches the community ID set in advance for the management server 7 is confirmed. A process for confirming whether the permission information associated with the received user ID is permitted to execute the encryption / decryption process and the decryption data generation process, and the received user ID, If it is determined that the received community ID matches and the execution of the encryption / decryption process and the decrypted data generation process is permitted, the execution permission signal and the medium information are stored. Processing to transmit the medium ID stored in the storage unit 14 to the terminal device 6 is performed.
[0056] 前記ログ情報生成部 17は、前記認証処理部 16における処理に係るログ情報を生 成して、生成したログ情報を前記ログ情報記憶部 19に格納し、前記ログ情報受付部 18は、端末装置 6から送信されるログ情報を受信して、受信したログ情報を前記ログ 情報記憶部 19に格納する。  [0056] The log information generation unit 17 generates log information related to the processing in the authentication processing unit 16, stores the generated log information in the log information storage unit 19, and the log information reception unit 18 The log information transmitted from the terminal device 6 is received, and the received log information is stored in the log information storage unit 19.
[0057] 前記ファイルサーバ 8は、図 1に示すように、例えば、磁気ディスクなどの記録媒体 8 aを備え、この記録媒体 8aにデータを格納するように構成される。この記録媒体 8a〖こ は、例えば、文書,音声,画像,コンピュータ 'プログラムなどに係るデータであって、 前記コミュニティ IDと、例えば、データ生成時に端末装置 6のオペレーティングシステ ムによって設定された固有のデータ ID (データ識別情報)とを暗号キーとして暗号ィ匕 されたデータが格納される。  As shown in FIG. 1, the file server 8 includes a recording medium 8a such as a magnetic disk, for example, and is configured to store data in the recording medium 8a. This recording medium 8a is, for example, data relating to a document, sound, image, computer program, etc., and is unique to the community ID and set by the operating system of the terminal device 6 at the time of data generation, for example. Data encrypted using the data ID (data identification information) as an encryption key is stored.
[0058] 前記端末装置 6は、図 3に示すように、データ記憶部 21,編集処理部 24,媒体情 報記憶部 25,データ入出力部 26,データ管理部 27,ログ情報生成部 28,通信イン ターフェース 29及び入出力インターフェース 30などを備え、通信インターフェース 29 を介してインターネット 5に接続している。  As shown in FIG. 3, the terminal device 6 includes a data storage unit 21, an edit processing unit 24, a medium information storage unit 25, a data input / output unit 26, a data management unit 27, a log information generation unit 28, A communication interface 29 and an input / output interface 30 are provided, and the communication interface 29 is connected to the Internet 5.
[0059] 前記データ記憶部 21は、例えば、磁気ディスクなどの記録媒体 22と、この記録媒 体 22に対してデータを読み書きするドライブ装置 23とから構成される。前記記録媒 体 22には、暗号化されたデータ(暗号ィ匕データ)が格納される領域と、復号化された データ (復号化データ)が格納される領域とが形成されており、図 5に示すように、暗 号ィ匕データが暗号ィ匕データフォルダ (第 1フォルダ)に、復号化データが復号化デー タフオルダ (第 2フォルダ)に分類されて格納される。尚、前記暗号化データフォルダ 2 la内には、前記記録媒体 8aと同様、例えば、文書,音声,画像,コンピュータ 'プロ グラムなどに係るデータであって、前記コミュニティ ID及びデータ IDを暗号キーとして 暗号ィ匕されたデータが格納される。 The data storage unit 21 includes, for example, a recording medium 22 such as a magnetic disk, and a drive device 23 that reads / writes data from / to the recording medium 22. The recording medium 22 has an area for storing encrypted data (encrypted data) and an area for storing decrypted data (decrypted data). As shown, the encryption key data is classified and stored in the encryption key data folder (first folder), and the decrypted data is classified in the decryption data folder (second folder). The encrypted data folder 2 In la, as with the recording medium 8a, for example, data relating to documents, sounds, images, computer programs, etc., and data encrypted using the community ID and data ID as an encryption key are stored. Is done.
[0060] 尚、暗号化データフォルダ 21a内へのデータの格納は、例えば、次のようにして行 われる。即ち、当該端末装置 6を前記データ記憶部 21やデータ管理部 27などとして 機能させるためのプログラムをインストールした際に、前記暗号ィ匕データフォルダ 21a 及び復号化データフォルダ 21bが生成されるとともに、記録媒体 22に格納されてい るデータ(暗号化されて 、な 、データ)が暗号化されて、暗号化されて 、な 、データ が暗号ィ匕されたデータで置き換えられ、置き換えられたデータ(暗号化されたデータ )が暗号ィ匕データフォルダ 21a内に格納される。また、データの暗号ィ匕に当たっては 、適宜指定したデータのみを暗号化するようにしても良 、。  Note that data is stored in the encrypted data folder 21a as follows, for example. That is, when a program for causing the terminal device 6 to function as the data storage unit 21 and the data management unit 27 is installed, the encrypted data folder 21a and the decrypted data folder 21b are generated and the recording medium 22 The data (encrypted, unencrypted) stored in is encrypted and encrypted, and the data is replaced with the encrypted data, and the replaced data (encrypted Data) is stored in the encryption key data folder 21a. In addition, when encrypting data, it is possible to encrypt only the designated data.
[0061] 前記入出力インターフェース 30には、例えば、 USBメモリ,メモリーカード, FD, M O, CD, DVD及び外付型のハードディスクといった記録媒体 31, 32が接続可能に 構成される。前記記録媒体 31は、入出力インターフェース 30に直接接続され、前記 記録媒体 32は、これに対してデータを読み書きする適宜ドライブ装置 33を介して接 続される。尚、前記記録媒体 31, 32には、前記記録媒体 8a, 22と同様、例えば、文 書,音声,画像,コンピュータ 'プログラムなどに係るデータであって、前記コミュ -テ ィ ID及びデータ IDを暗号キーとして暗号ィ匕されたデータが格納されている。  [0061] The input / output interface 30 is configured to be connectable with recording media 31, 32 such as a USB memory, a memory card, FD, MO, CD, DVD, and an external hard disk. The recording medium 31 is directly connected to the input / output interface 30, and the recording medium 32 is connected to this via an appropriate drive device 33 for reading and writing data. The recording media 31 and 32 are similar to the recording media 8a and 22, for example, data relating to documents, sounds, images, computer programs, etc., and the community ID and data ID are stored in the recording media 31 and 32, respectively. The encrypted data is stored as the encryption key.
[0062] 前記編集処理部 24は、各種アプリケーションプログラムに従って、端末装置 6に接 続されている記録媒体 22や、端末装置 6に接続される記録媒体 31, 32、ファイルサ ーバ 8に設けられて 、る記録媒体 8aに格納されたデータの編集などを行う。具体的 には、オペレーティングシステムの読出命令を介して記録媒体 8a, 22, 31, 32から データを読み出す読出処理と、読み出したデータを編集する編集処理と、編集され たデータを、オペレーティングシステムの書込命令を介して記録媒体 8a, 22, 31, 3 2に書き込む書込処理とを実行する。尚、記録媒体 22, 32については、ドライブ装置 23, 33によりデータを読み出し、また、データを書き込む。  [0062] The edit processing unit 24 is provided in the recording medium 22 connected to the terminal device 6, the recording media 31, 32 connected to the terminal device 6, and the file server 8 according to various application programs. Thus, the data stored in the recording medium 8a is edited. Specifically, a read process for reading data from the recording media 8a, 22, 31, and 32 through an read command of the operating system, an edit process for editing the read data, and the edited data are written to the operating system. And write processing to write to the recording media 8a, 22, 31, 3 2 through the embedded command. For the recording media 22 and 32, data is read and written by the drive devices 23 and 33.
[0063] 前記媒体情報記憶部 25には、管理サーバ 7から送信される媒体 IDが格納される。  [0063] The medium information storage unit 25 stores a medium ID transmitted from the management server 7.
[0064] 前記データ入出力部 26は、外部から入力されるデータを受け付けて記録媒体 8a, 22, 31, 32【こ格糸内したり、記録媒体 8a, 22, 31, 32【こ格糸内されたデータを外咅 こ 出力する(例えば、インターネット 5を介して他の端末装置 6に送信したり、適宜記録 媒体にコピーするなど)処理を行う。 [0064] The data input / output unit 26 receives data input from the outside and receives the recording medium 8a, 22, 31, 32 [Inside the storage thread or recording media 8a, 22, 31, 32 [Outside output of the data stored in this storage thread (for example, to other terminal devices 6 via the Internet 5) Send or copy to a recording medium as appropriate).
[0065] 前記データ管理部 27は、以下に説明する 3つの処理、即ち、暗号化'復号化処理 ,復号化データ生成処理及び確認処理を実行する。  The data management unit 27 executes three processes described below, that is, an encryption / decryption process, a decrypted data generation process, and a confirmation process.
[0066] 前記暗号化 '復号化処理では、前記編集処理部 24における処理を監視し、当該編 集処理部 24が前記読出処理を実行する際には、当該編集処理部 24に代わり、読み 出すべき暗号ィ匕データを記録媒体 8a, 22, 31, 32から読み出し、読み出したデータ を復号化して当該編集処理部 24に提供する一方、当該編集処理部 24が前記書込 処理を実行する際には、当該編集処理部 24に代わり、編集後のデータを暗号ィ匕して 記録媒体 8a, 22, 31, 32に格納する。尚、暗号ィ匕データを読み出し又は編集後の データを暗号ィ匕して格納するに当たっては、対象となる記録媒体 8a, 22, 31, 32の 媒体 IDが媒体情報記憶部 25に格納されて ヽるか否かを確認して、格納されて ヽると 判断した場合に、暗号ィ匕データを読み出し又は編集後のデータを暗号ィ匕して格納す る。  [0066] In the encryption 'decryption process, the process in the editing processing unit 24 is monitored, and when the editing processing unit 24 executes the reading process, it reads out instead of the editing processing unit 24. Data to be read from the recording media 8a, 22, 31, 32, and the read data is decrypted and provided to the editing processing unit 24, while the editing processing unit 24 executes the writing process. Instead of the editing processing unit 24, the edited data is encrypted and stored in the recording media 8a, 22, 31, 32. In addition, when the encrypted data is read or the data after editing is encrypted and stored, the medium ID of the target recording medium 8a, 22, 31, 32 is stored in the medium information storage unit 25. If it is determined whether or not it is stored, the encrypted data is read or the edited data is encrypted and stored.
[0067] 具体的には、図 6に示すように、まず、編集処理部 24における処理の監視により、 当該編集処理部 24が前記読出処理又は書込処理を実行するか否かを確認する (ス テツプ Sl)。これは、例えば、オペレーティングシステムの読出命令又は書込命令を フックした力どうかで判断することができる。  Specifically, as shown in FIG. 6, first, by monitoring the processing in the editing processing unit 24, it is confirmed whether or not the editing processing unit 24 executes the reading process or the writing process ( Step Sl). This can be determined, for example, by the force that hooks the read or write command of the operating system.
[0068] そして、ステップ S1で編集処理部 24が前記読出処理又は書込処理を実行すると 判断した場合には、読出対象又は書込対象となる記録媒体 8a, 22, 31, 32の媒体 I Dを認識して (ステップ S2)、認識した媒体 IDが媒体情報記憶部 25に格納されてい るか否かを確認する (ステップ S3)。  [0068] When the editing processing unit 24 determines in step S1 to execute the reading process or the writing process, the medium ID of the recording medium 8a, 22, 31, 32 to be read or written is set. Recognize (step S2) and confirm whether or not the recognized medium ID is stored in the medium information storage unit 25 (step S3).
[0069] ステップ S3で格納されていると判断した場合には、編集処理部 24が読出処理又は 書込処理のどちらを実行するのかを確認する (ステップ S4)。これは、例えば、ステツ プ S1でオペレーティングシステムの読出命令又は書込命令のどちらをフックしたかを 確認することで、どちらの処理を実行するのかを把握することができる。  [0069] When it is determined that the data is stored in step S3, it is confirmed whether the editing processing unit 24 executes the reading process or the writing process (step S4). For example, it is possible to grasp which process is executed by confirming which one of the read instruction and the write instruction of the operating system is hooked in step S1.
[0070] ステップ S4で読出処理を実行すると判断した場合には、前記コミュニティ IDと、読 み出すべき暗号ィ匕データのデータ IDとをキー情報として認識した後 (ステップ S5)、 読み出すべき暗号ィ匕データを記録媒体 8a, 22, 31, 32から読み出し、読み出した 暗号ィ匕データを、前記認識したコミュニティ ID及びデータ IDを復号キーとして復号ィ匕 しながら一時ファイルに書き込む (ステップ S6)。尚、前記編集処理部 24は、この一 時ファイルに書き込まれたデータを参照して前記編集処理を可能にする。 [0070] If it is determined in step S4 that read processing is to be executed, the community ID and the read After recognizing the data ID of the encrypted data to be extracted as key information (step S5), the encrypted data to be read is read from the recording media 8a, 22, 31, 32, and the read encrypted data is The recognized community ID and data ID are written into the temporary file while being decrypted as a decryption key (step S6). The edit processing unit 24 refers to the data written in the temporary file and enables the edit processing.
[0071] 一方、ステップ S4で書込処理を実行すると判断した場合には、前記コミュニティ ID と、書き込むべき編集後のデータのデータ IDとをキー情報として認識した後 (ステツ プ S7)、認識したコミュニティ ID及びデータ IDを暗号キーとして編集後のデータを暗 号化して記録媒体 8a, 22, 31, 32に格納する。  [0071] On the other hand, if it is determined in step S4 that the writing process is to be executed, the community ID and the data ID of the edited data to be written are recognized as key information (step S7) and then recognized. The edited data is encrypted using the community ID and data ID as encryption keys and stored in recording media 8a, 22, 31, 32.
[0072] また、ステップ S3で格納されて 、な 、と判断した場合には、エラーメッセージを当該 端末装置 6のディスプレイに表示する (ステップ S 9)。  [0072] If it is determined that it is stored in step S3, an error message is displayed on the display of the terminal device 6 (step S9).
[0073] 前記復号化データ生成処理では、外部から入力される、前記暗号化データフオル ダ 21a内の特定の暗号ィ匕データを復号ィ匕するための信号を受け付け、受け付けた信 号に対応する暗号化データを復号化して新たなデータを生成し、生成した復号化デ ータを前記復号ィ匕データフォルダ 2 lb内に格納する。  [0073] In the decrypted data generation process, an externally input signal for decrypting specific encrypted data in the encrypted data folder 21a is received, and an encryption corresponding to the received signal is received. The decrypted data is decrypted to generate new data, and the generated decrypted data is stored in the decrypted data folder 2 lb.
[0074] 前記確認処理では、前記暗号化 '復号化処理を実行するか否か及び前記復号ィ匕 データ生成処理を実行可能にする力否かを確認すベぐユーザ ID,パスワード,コミ ュ-ティ ID及び端末 IDを管理サーバ 7に送信し、当該管理サーバ 7から送信される 実行許可信号及び媒体 IDを受信して、受信した媒体 IDを媒体情報記憶部 25に格 納する。  [0074] In the confirmation process, it is necessary to confirm whether or not the encryption 'decryption process is executed and whether or not it is possible to execute the decryption data generation process. The ID and terminal ID are transmitted to the management server 7, the execution permission signal and the medium ID transmitted from the management server 7 are received, and the received medium ID is stored in the medium information storage unit 25.
[0075] また、前記データ管理部 27は、前記確認処理を定期的又は不定期的 (例えば、端 末装置 6の起動時や所定時刻になったときなど)に行うように構成され、前記実行許 可信号及び媒体 IDを管理サーバ 7から受信すると、前記暗号化 '復号化処理を実行 し且つ前記復号ィヒデータ生成処理を実行可能にするように構成される。  [0075] Further, the data management unit 27 is configured to perform the confirmation processing periodically or irregularly (for example, when the terminal device 6 is activated or when a predetermined time comes), and the execution is performed. When the permission signal and the medium ID are received from the management server 7, the encryption / decryption process is executed and the decryption data generation process is made executable.
[0076] 前記ログ情報生成部 28は、前記データ管理部 27における処理 (例えば、復号化デ ータ生成処理や確認処理)及びデータ入出力部 26における処理に係るログ情報を 生成し、生成したログ情報を管理サーバ 7に送信する処理を行う。  [0076] The log information generation unit 28 generates and generates log information related to processing in the data management unit 27 (for example, decrypted data generation processing and confirmation processing) and processing in the data input / output unit 26. Processing to send log information to the management server 7 is performed.
[0077] 以上のように構成された本例のデータ管理システム 1によれば、各端末装置 6では 、これをそれぞれ利用するユーザによって、記録媒体 8a, 22, 31, 32 (記録媒体 22 につ 、ては暗号ィ匕データフォルダ 21a)に格納されたデータの編集作業が適宜行わ れる。このとき、編集処理部 24における処理を監視するデータ管理部 27が、当該編 集処理部 24によって読出処理が実行されることを認識すると、まず、読出対象となる 記録媒体 8a, 22, 31, 32の媒体 IDが媒体情報記憶部 25に格納されているか否か を確認して、格納されていると判断した場合に、当該編集処理部 24に代わり、読み 出すべき暗号ィ匕データを記録媒体 8a, 22, 31, 32から読み出し、読み出したデータ を復号化して当該編集処理部 24に提供する。一方、データ管理部 27は、編集処理 部 24によって書込処理が実行されることを認識したときには、まず、書込対象となる 記録媒体 8a, 22, 31, 32の媒体 IDが媒体情報記憶部 25に格納されているか否か を確認して、格納されていると判断した場合に、当該編集処理部 24に代わり、編集 後のデータを暗号ィ匕して記録媒体 8a, 22, 31, 32に格納する。尚、データの復号化 及び暗号ィ匕は、コミュニティ ID及びデータ IDをキーとして行われる。 [0077] According to the data management system 1 of the present example configured as described above, each terminal device 6 Then, the user who uses each of them appropriately edits the data stored in the recording media 8a, 22, 31, 32 (for the recording media 22, the encrypted data folder 21a). At this time, when the data management unit 27 that monitors the processing in the editing processing unit 24 recognizes that the reading processing is executed by the editing processing unit 24, first, the recording medium 8a, 22, 31, to be read is read. If it is determined whether or not 32 medium IDs are stored in the medium information storage unit 25 and it is determined that they are stored, the encrypted data to be read is stored in the recording medium instead of the editing processing unit 24. 8a, 22, 31 and 32 are read, and the read data is decrypted and provided to the editing processing unit 24. On the other hand, when the data management unit 27 recognizes that the writing processing is executed by the editing processing unit 24, first, the medium ID of the recording medium 8a, 22, 31, 32 to be written is stored in the medium information storage unit. If it is determined whether the data is stored in the storage medium 25 and if it is determined that the data is stored, the edited data is encrypted instead of the editing processing unit 24 and the recording medium 8a, 22, 31, 32 To store. Data decryption and encryption are performed using the community ID and data ID as keys.
[0078] このようにして、データ管理部 27の暗号化'復号ィ匕処理により、編集処理部 24によ つて読み出されるデータが復号化され、編集処理部 24によって書き込まれるデータ が暗号ィ匕される。これにより、ユーザは、何ら特別な操作を行うことなくデータの暗号 化や復号ィ匕を行うことができる。  In this manner, the data read by the editing processing unit 24 is decrypted by the encryption / decryption processing of the data management unit 27, and the data written by the editing processing unit 24 is encrypted. The As a result, the user can perform data encryption and decryption without any special operation.
[0079] また、ユーザが、例えば、外部から新たなデータを取り込んで記録媒体 8a, 22, 31 , 32に格納する際には、外部力 端末装置 6に入力される新たなデータがデータ入 出力部 26により受け付けられて記録媒体 8a, 22, 31, 32 (記録媒体 22については 暗号ィ匕データフォルダ 21a)に格納される。  [0079] Further, when a user takes in new data from the outside and stores it in the recording media 8a, 22, 31, 32, for example, new data input to the external power terminal device 6 is input / output. The data is received by the unit 26 and stored in the recording media 8a, 22, 31, 32 (for the recording medium 22, the encrypted data folder 21a).
[0080] また、ユーザが、例えば、記録媒体 22の暗号ィ匕データフォルダ 21a内に格納され たデータを、管理サーバ 7に接続された端末装置 6以外の端末装置(図示せず)に送 信する際には、外部力 端末装置 6に入力される、暗号ィ匕データフォルダ 21a内の特 定の暗号ィ匕データを復号ィ匕するための信号がデータ管理部 27によって受け付けら れ、受け付けられた信号に対応する暗号化データが復号化されて新たなデータが生 成され、生成された復号化データが復号化データフォルダ 2 lb内に格納される。そし て、このようにして復号ィ匕されたデータがデータ入出力部 26により前記端末装置(図 示せず)に送信される。当該データの受信者は、復号化データを受信しているので、 何の不都合もなく当該データに係る情報を認識することができる。この他、ユーザは、 データ入出力部 26による制御の下、記録媒体 8a, 22, 31, 32に格納されたデータ を他の記録媒体 8a, 22, 31, 32にコピーしたり、他の端末装置 6に送信することがで きる。 [0080] Further, for example, the user transmits data stored in the encrypted data folder 21a of the recording medium 22 to a terminal device (not shown) other than the terminal device 6 connected to the management server 7. In this case, a signal for decrypting specific encrypted data in the encrypted data folder 21a input to the external terminal device 6 is received by the data management unit 27, and the received signal is received. The encrypted data corresponding to is decrypted to generate new data, and the generated decrypted data is stored in the decrypted data folder 2 lb. Then, the data decoded in this way is transmitted by the data input / output unit 26 to the terminal device (FIG. (Not shown). Since the receiver of the data has received the decrypted data, the information related to the data can be recognized without any inconvenience. In addition, the user can copy the data stored in the recording media 8a, 22, 31, 32 to the other recording media 8a, 22, 31, 32 or other terminals under the control of the data input / output unit 26. Can be sent to device 6.
[0081] また、データ管理部 27によって定期的又は不定期的に前記確認処理が実行され、 前記暗号化 '復号化処理の実行などが管理される。具体的には、図 7及び図 8に示 すような一連の処理が実行される。  [0081] Further, the data management unit 27 executes the confirmation process regularly or irregularly, and manages the execution of the encryption and decryption processes. Specifically, a series of processes as shown in FIGS. 7 and 8 are executed.
[0082] 即ち、まず、ユーザ ID及びパスワードの入力画面が端末装置 6のディスプレイに表 示される (ステップ Sl l)。この後、ユーザによって端末装置 6に入力されるユーザ ID 及びパスワードが受け付けられ、当該端末装置 6が接続された管理サーバ 7につい て予め設定されたコミュニティ IDが認識され、当該端末装置 6の端末 IDが生成され、 受け付けられたユーザ ID及びパスワード、認識されたコミュニティ ID、生成された端 末 IDが管理サーバ 7に送信される (ステップ S12)。  That is, first, a user ID and password input screen is displayed on the display of the terminal device 6 (step Sl 1). Thereafter, the user ID and password input to the terminal device 6 by the user are accepted, the community ID set in advance for the management server 7 to which the terminal device 6 is connected is recognized, and the terminal ID of the terminal device 6 is recognized. Is generated, and the received user ID and password, recognized community ID, and generated terminal ID are transmitted to the management server 7 (step S12).
[0083] 送信されたユーザ ID,パスワード,コミュニティ ID及び端末 IDは、管理サーバ 7の 認証処理部 16によって受信され (ステップ S13)、受信されたユーザ ID,パスワード 及び端末 IDがユーザ情報記憶部 11に格納されて ヽるカゝ否かが確認されるとともに、 受信されたコミュニティ IDが当該管理サーバ 7について予め設定されたコミュニティ I Dと一致して!/、るか否かが確認される(ステップ S 14)。  [0083] The transmitted user ID, password, community ID, and terminal ID are received by the authentication processing unit 16 of the management server 7 (step S13), and the received user ID, password, and terminal ID are stored in the user information storage unit 11 And whether the received community ID matches the community ID set in advance for the management server 7 or not is checked (step S 14).
[0084] ステップ S14で、ユーザ ID,パスワード及び端末 IDが格納されており且つコミュ二 ティ IDがー致していると判断されると、次に、当該ユーザ IDと関連付けられてユーザ 情報記憶部 11に格納された許可情報(当該ユーザ IDに係るユーザにっ 、ての許可 情報)が暗号化'復号ィ匕処理及び復号ィ匕データ生成処理の実行を許可するものであ るか否かが確認される(ステップ S 15)。  [0084] If it is determined in step S14 that the user ID, password, and terminal ID are stored and the community ID is correct, then the user information storage unit 11 is associated with the user ID. Confirm whether or not the permission information (permission information for the user associated with the user ID) stored in the field permits the execution of encryption / decryption data processing and decryption data generation processing (Step S15).
[0085] ステップ S 15で、前記暗号化 ·復号化処理及び復号化データ生成処理の実行が許 可されていると判断されると、実行許可信号、及び媒体情報記憶部 14に格納された 媒体 IDが当該端末装置 6に送信される (ステップ S 16)。 If it is determined in step S 15 that execution of the encryption / decryption process and the decrypted data generation process is permitted, the execution permission signal and the medium stored in the medium information storage unit 14 The ID is transmitted to the terminal device 6 (step S16).
[0086] 一方、ステップ S 14で、ユーザ ID,パスワード及び端末 IDが格納されて!ヽな 、と判 断されたり、コミュニティ IDがー致していないと判断された場合、及びステップ S 15で 、前記暗号化 ·復号化処理及び復号化データ生成処理の実行が許可されて ヽな ヽ と判断された場合には、エラー信号が生成されて当該端末装置 6に送信される (ステ ップ S17)。 [0086] On the other hand, in step S14, it is determined that the user ID, password, and terminal ID are stored. Or if it is determined that the community ID is not correct, and it is determined in step S15 that the execution of the encryption / decryption process and the decrypted data generation process is permitted. In this case, an error signal is generated and transmitted to the terminal device 6 (step S17).
[0087] ステップ S 16で送信された実行許可信号及び媒体 ID又はステップ S 17で送信され たエラー信号は、端末装置 6のデータ管理部 27によって受信され (ステップ S18)、 実行許可信号及び媒体 ID又はエラー信号のどちらが受信されたのかが確認される( ステップ S 19)。  [0087] The execution permission signal and medium ID transmitted in step S16 or the error signal transmitted in step S17 is received by the data management unit 27 of the terminal device 6 (step S18), and the execution permission signal and medium ID are received. Alternatively, it is confirmed which of the error signals has been received (step S19).
[0088] ステップ S 19で実行許可信号及び媒体 IDが受信されたと判断された場合には、受 信された媒体 IDが媒体情報記憶部 25に格納され (ステップ S20)、ついで、復号ィ匕 データフォルダ 21b内のデータが消去され (ステップ S21)、この後、前記暗号化'復 号ィ匕処理が実行されるとともに、復号化データ生成処理が実行可能な状態とされ (ス テツプ S22)、一連の処理が終了する。  [0088] If it is determined in step S19 that the execution permission signal and the medium ID have been received, the received medium ID is stored in the medium information storage unit 25 (step S20), and then the decryption data folder The data in 21b is erased (step S21) .After that, the encryption / decryption process is executed, and the decrypted data generation process is enabled (step S22). The process ends.
[0089] 一方、ステップ S19で、エラー信号が受信されたと判断された場合には、復号化デ 一タフオルダ 21b内のデータが消去され (ステップ S23)、一連の処理が終了する。こ の場合、前記暗号化'復号ィ匕処理が実行されていないので、編集処理部 24が記録 媒体 8a, 22, 31, 32に格納された暗号ィ匕データを読み出す際に当該暗号ィ匕データ が復号化されず、ユーザはデータ編集などを行うことができな 、。  On the other hand, if it is determined in step S19 that an error signal has been received, the data in the decryption data folder 21b is erased (step S23), and the series of processing ends. In this case, since the encryption / decryption process has not been executed, when the edit processing unit 24 reads the encrypted data stored in the recording media 8a, 22, 31, 32, the encrypted data Is not decrypted and the user cannot edit the data.
[0090] 尚、端末装置 6と管理サーバ 7との間の通信時においては、端末装置 6から管理サ ーバ 7に送信する情報や、管理サーバ 7から端末装置 6に送信する情報が、当該端 末装置 6の端末 IDにより暗号化及び復号化される。  [0090] It should be noted that at the time of communication between the terminal device 6 and the management server 7, information transmitted from the terminal device 6 to the management server 7 and information transmitted from the management server 7 to the terminal device 6 are Encrypted and decrypted by the terminal ID of the terminal device 6.
[0091] また、端末装置 6のログ情報生成部 28によって、データ管理部 27における復号ィ匕 データ生成処理及び確認処理、並びにデータ入出力部 26における処理に係るログ 情報が生成され、生成されたログ情報は管理サーバ 7に送信され、送信されたログ情 報は、当該管理サーバ 7のログ情報受付部 18により受け付けられてログ情報記憶部 19に格納される。また、管理サーバ 7のログ情報生成部 17によって、認証処理部 16 における処理に係るログ情報が生成され、生成されたログ情報はログ情報記憶部 19 に格納される。 [0092] 斯くして、本例のデータ管理システム 1によれば、編集処理部 24が記録媒体 8a, 2 2, 31, 32からデータを読み出したり、記録媒体 8a, 22, 31, 32に書き込む際に、 データ管理部 27によって、暗号化されたデータが自動的に復号化されたり、編集後 のデータが自動的に暗号ィ匕されるので、データの復号化や暗号化を容易に且つ煩 わしい操作を伴うことなく行うことができる。また、記録媒体 8a, 22, 31, 32内のデー タが暗号ィ匕されているので、当該データが外部に流出したり、当該記録媒体 8a, 22 , 31, 32が第 3者の手に渡ったとしてもデータの内容を第 3者が認識することはでき ず、当該データに係る情報が外部に漏れることはない。 In addition, the log information generation unit 28 of the terminal device 6 generates and generates log information related to the decryption data generation processing and confirmation processing in the data management unit 27 and the processing in the data input / output unit 26 The log information is transmitted to the management server 7, and the transmitted log information is received by the log information receiving unit 18 of the management server 7 and stored in the log information storage unit 19. Further, the log information generation unit 17 of the management server 7 generates log information related to the processing in the authentication processing unit 16, and the generated log information is stored in the log information storage unit 19. Thus, according to the data management system 1 of the present example, the editing processing unit 24 reads data from the recording media 8a, 2 2, 31, 32, and writes data to the recording media 8a, 22, 31, 32. At this time, since the encrypted data is automatically decrypted by the data management unit 27 and the edited data is automatically encrypted, it is easy and troublesome to decrypt and encrypt the data. This can be done without any troublesome operations. In addition, since the data in the recording media 8a, 22, 31, 32 is encrypted, the data leaks to the outside or the recording media 8a, 22, 31, 31, 32 are in the hands of third parties. Even if it is passed, the contents of the data cannot be recognized by a third party, and the information related to the data will not leak to the outside.
[0093] また、データ管理部 27が確認処理を定期的又は不定期的に行うことにより、端末装 置 6を利用するユーザが利用条件を満たしている力否かを確認することができるので 、記録媒体 8a, 22, 31, 32に格納されたデータへのアクセスを管理サーバ 7により 管理して情報漏洩をより確実に防止することができる。また、ユーザ ID及びパスヮー ドだけでなぐ端末装置 6毎に異なる端末 IDを基に認証を行っているので、端末装置 6の不正使用をより確実に防止することができ、記録媒体 8a, 22, 31, 32に格納され たデータの安全性を更に高めることができる。  [0093] In addition, since the data management unit 27 performs the confirmation process regularly or irregularly, it is possible to confirm whether or not the user using the terminal device 6 satisfies the usage conditions. Access to the data stored in the recording media 8a, 22, 31, 32 can be managed by the management server 7 to prevent information leakage more reliably. In addition, since authentication is performed based on a different terminal ID for each terminal device 6 that includes only the user ID and password, unauthorized use of the terminal device 6 can be prevented more reliably, and the recording media 8a, 22, The safety of the data stored in 31 and 32 can be further increased.
[0094] また、対象となる記録媒体 8a, 22, 31 , 32の媒体 IDが媒体識別情報記憶部 25に 格納されている場合にのみ、データ管理部 27によって、データが記録媒体 8a, 22, 31 , 32から読み出され、記録媒体 8a, 22, 31, 32に格納されるので、データを読み 出したり、書き込む記録媒体 8a, 22, 31, 32を管理,制限することができ、重要な情 報が外部に持ち出されたり、不要なデータが持ち込まれるのを防止してセキュリティ を高めることができる。  [0094] In addition, only when the medium IDs of the target recording media 8a, 22, 31, 32 are stored in the medium identification information storage unit 25, the data management unit 27 stores the data in the recording media 8a, 22, 31 and 32, and stored in recording media 8a, 22, 31, and 32. Therefore, it is possible to manage and restrict the recording media 8a, 22, 31, and 32 for reading and writing data. Security can be improved by preventing information from being taken outside and unnecessary data from being brought in.
[0095] また、ユーザ情報更新部 13によって、ユーザ情報記憶部 11に格納された許可情 報を更新可能に構成したので、例えば、端末装置 6の使用者や記録媒体 8a, 22, 3 1, 32に格納されたデータの作成者が、他の端末装置 6やデータ通信可能な携帯電 話端末などの適宜端末装置を操作して更新情報を管理サーバ 7に送信したり、前記 使用者や作成者力 連絡を受けた管理サーバ 7のオペレータが更新情報を当該管 理サーバ 7に入力することで、ユーザ情報更新部 13により特定のユーザについての 更新情報を更新し、当該特定のユーザについて端末装置 6における確認処理以外 の処理の実行を許可したり、不許可にすることができ、記録媒体 8a, 22, 31, 32内 のデータをより柔軟に管理することができる。したがって、例えば、端末装置 6や記録 媒体 8a, 22, 31, 32が第 3者の手に渡った場合などに許可情報を変更して確認処 理以外の処理の実行を不許可にすれば、記録媒体 8a, 22, 31, 32内のデータが第 3者によって閲覧されたり、改竄されたり、コピーされるのを有効に防止することができ る。 In addition, since the permission information stored in the user information storage unit 11 can be updated by the user information update unit 13, for example, the user of the terminal device 6 and the recording media 8a, 22, 3 1, The creator of the data stored in 32 sends the update information to the management server 7 by operating the terminal device as appropriate, such as another terminal device 6 or a mobile phone terminal capable of data communication. When the operator of the management server 7 that received the notification inputs the update information to the management server 7, the user information update unit 13 updates the update information for the specific user, and the terminal device for the specific user Other than the confirmation process in 6 The execution of this process can be permitted or not permitted, and the data in the recording media 8a, 22, 31, 32 can be managed more flexibly. Therefore, for example, if the terminal device 6 or the recording media 8a, 22, 31, 32 is in the hands of a third party, the permission information is changed to prohibit the execution of processes other than the confirmation process. It is possible to effectively prevent the data in the recording media 8a, 22, 31, 32 from being viewed, altered or copied by a third party.
[0096] また、データ管理部 27により、管理サーバ 7から送信されたコミュニティ ID、及び読 出対象又は書込対象となるデータのデータ IDをキーとして暗号ィ匕及び復号ィ匕が行 われるので、当該管理サーバ 7によって管理されていない(当該管理サーバ 7に接続 されて 、な 、)端末装置 6ではデータの暗号ィ匕ゃ復号ィ匕を行うことができず、記録媒 体 8a, 22, 31, 32に格納された情報の漏洩を更に有効に防止することができる。ま た、管理サーバ 7によって管理された端末装置 6間ではキー (コミュニティ ID)を共有 してどの端末装置 6からでも記録媒体 8a, 22, 31, 32内のデータにアクセス可能と することができる。  [0096] Further, since the data management unit 27 performs encryption and decryption using the community ID transmitted from the management server 7 and the data ID of the data to be read or written as keys, The terminal device 6 that is not managed by the management server 7 (when connected to the management server 7) cannot perform data encryption / decryption, and the recording media 8a, 22, 31 , 32 can be more effectively prevented from leaking information stored in it. In addition, the terminal device 6 managed by the management server 7 can share the key (community ID) and access the data in the recording media 8a, 22, 31, 32 from any terminal device 6. .
[0097] また、データ管理部 27の復号化データ生成処理により復号化データを生成するこ とができるので、ユーザが暗号ィ匕データを外部に持ち出す際に好都合である。また、 暗号ィ匕データは暗号ィ匕データフォルダ 21a内に、復号ィ匕データは復号ィ匕データフォ ルダ 21b内に格納されるので、暗号ィ匕されているデータ力、復号ィ匕されているデータ かを容易に判別することができる。更に、ユーザが特定の操作を行わない限り、復号 化データは生成されないので、当該端末装置 6や記録媒体 8a, 22, 31, 32が第 3者 の手に渡ったり、記録媒体 8a, 22, 31, 32内のデータが外部に流出するようなこと があっても、情報の流出を最小限に抑えることができる。  Further, since the decrypted data can be generated by the decrypted data generation process of the data management unit 27, it is convenient when the user takes out the encrypted data to the outside. Also, since the encryption key data is stored in the encryption key data folder 21a and the decryption key data is stored in the decryption key data folder 21b, the encrypted data power and the decrypted data are stored. Can be easily determined. Further, since the decrypted data is not generated unless the user performs a specific operation, the terminal device 6 and the recording media 8a, 22, 31, 32 are transferred to a third party, or the recording media 8a, 22, Even if the data in 31 and 32 is leaked to the outside, the leakage of information can be minimized.
[0098] また、データ管理部 27が確認処理の実行時に復号ィ匕データフォルダ 21b内の復 号化データを自動的(強制的)に消去するようにしたので、このことによつても、情報 の流出をより確実に防止することができる。  [0098] In addition, since the data management unit 27 automatically (forcibly) erases the decrypted data in the decrypted data folder 21b when the confirmation process is executed, this also causes the information to be stored. Outflow can be prevented more reliably.
[0099] また、認証処理部 16やデータ管理部 27、データ入出力部 26における処理に係る ログ情報がログ情報記憶部 19に格納されるように構成したので、当該ログ情報記憶 部 19に格納されたログ情報を解析することで、例えば、端末装置 6がいつ確認処理 を行った力 いつ復号ィ匕データ生成処理を行った力、どのようなデータが復号化され た力、どのような情報が漏洩した恐れがあるかなどを把握するのに役立てることができ る。 [0099] Further, since the log information related to the processing in the authentication processing unit 16, the data management unit 27, and the data input / output unit 26 is configured to be stored in the log information storage unit 19, it is stored in the log information storage unit 19. By analyzing the recorded log information, for example, when the terminal device 6 This can be used to understand when the decryption data generation process was performed, what data was decrypted, what information might have been leaked, and so on.
[0100] 以上、本発明の一実施形態について説明したが、本発明の採り得る具体的な態様 は、何らこれに限定されるものではない。  [0100] Although one embodiment of the present invention has been described above, specific embodiments that the present invention can take are not limited to this.
[0101] 上例では、暗号ィ匕及び復号ィ匕するためのキーとしてコミュニティ ID及びデータ IDを 用いたが、これに限られるものではなぐコミュニティ ID及び端末 IDをキーとして用い るようにしても良い。  [0101] In the above example, the community ID and the data ID are used as keys for encryption and decryption. good.
[0102] この場合、端末装置 6は、図 9に示すように、キー情報記憶部 34を更に備え、このキ 一情報記憶部 34には、前記管理サーバ 7から送信されるキー情報であって、ユーザ IDと端末 IDとが関連付けられて格納される。  [0102] In this case, as shown in FIG. 9, the terminal device 6 further includes a key information storage unit 34. The key information storage unit 34 stores key information transmitted from the management server 7. The user ID and the terminal ID are stored in association with each other.
[0103] また、前記認証処理部 16は、上記ステップ S16で、ユーザ情報記憶部 11に格納さ れたユーザ ID及び端末 IDをキー情報として端末装置 6に送信するように構成され、 前記データ管理部 27は、上記ステップ S20で、管理サーバ 7から受信したユーザ ID 及び端末 IDを相互に関連付けて前記キー情報記憶部 34に格納するように構成され る。  [0103] Further, in step S16, the authentication processing unit 16 is configured to transmit the user ID and terminal ID stored in the user information storage unit 11 to the terminal device 6 as key information, and the data management The unit 27 is configured to store the user ID and the terminal ID received from the management server 7 in the key information storage unit 34 in association with each other in step S20.
[0104] そして、データ管理部 27は、図 10に示すような一連の処理を行って暗号化'復号 化処理を実行する。即ち、まず、編集処理部 24における処理の監視により、当該編 集処理部 24が前記読出処理又は書込処理を実行するか否かを確認し (ステップ S3 1)、実行すると判断した場合には、読出対象又は書込対象となる記録媒体 8a, 22, 31, 32の媒体 IDを認識して (ステップ S32)、認識した媒体 IDが媒体情報記憶部 25 に格納されて 、るか否かを確認する (ステップ S33)。  Then, the data management unit 27 performs a series of processes as shown in FIG. 10 to execute an encryption / decryption process. That is, first, by monitoring the process in the edit processing unit 24, it is confirmed whether or not the edit processing unit 24 executes the reading process or the writing process (step S31). The medium ID of the recording medium 8a, 22, 31, 32 to be read or written is recognized (step S32), and whether or not the recognized medium ID is stored in the medium information storage unit 25 is checked. Confirm (step S33).
[0105] ステップ S33で格納されていると判断した場合には、編集処理部 24が読出処理又 は書込処理のどちらを実行するのかを確認し (ステップ S34)、読出処理を実行すると 判断した場合には、読み出すべき暗号ィ匕データを記録媒体 8a, 22, 31, 32から読 み出した後 (ステップ S35)、読み出したデータのヘッド部分に組み込まれたユーザ I Dを認識するとともに、認識したユーザ IDを基に、当該ユーザ IDと関連付けられてキ 一情報記憶部 34に格納された端末 IDを認識し、更に、前記コミュニティ IDを認識し( ステップ S36)、認識した端末 ID及びコミュニティ IDを復号キーとして前記読み出し たデータを復号ィ匕しながら一時ファイルに書き込む (ステップ S37)。尚、前記編集処 理部 24は、この一時ファイルに書き込まれたデータを参照して前記編集処理を可能 にする。 [0105] If it is determined that the data is stored in step S33, the editing processing unit 24 checks whether the reading process or the writing process is executed (step S34), and determines that the reading process is executed. In this case, after the encrypted data to be read is read from the recording media 8a, 22, 31, 32 (step S35), the user ID incorporated in the head portion of the read data is recognized and recognized. Based on the user ID, the terminal ID associated with the user ID and stored in the key information storage unit 34 is recognized, and further the community ID is recognized ( In step S36), the read data is decrypted and written to a temporary file using the recognized terminal ID and community ID as a decryption key (step S37). The editing processing unit 24 refers to the data written in the temporary file and enables the editing process.
[0106] 一方、ステップ S34で書込処理を実行すると判断した場合には、当該端末装置 6の 端末 ID及びコミュ-ティ IDを認識するとともに、当該端末装置 6を利用するユーザの ユーザ IDを認識した後 (ステップ S 38)、認識した端末 ID及びコミュニティ IDを暗号 キーとして編集後のデータを暗号ィ匕するとともに、当該データのヘッダ部分に、前記 認識したユーザ IDを組み込んで記録媒体 8a, 22, 31, 32に格納する(ステップ S39 On the other hand, if it is determined in step S34 that the writing process is to be executed, the terminal ID and community ID of the terminal device 6 are recognized, and the user ID of the user who uses the terminal device 6 is recognized. (Step S38), the edited data is encrypted using the recognized terminal ID and community ID as an encryption key, and the recognized user ID is incorporated into the header portion of the data to record media 8a, 22 , 31, 32 (Step S39
) o ) o
[0107] また、ステップ S33で格納されて 、な 、と判断した場合には、エラーメッセージを当 該端末装置 6のディスプレイに表示する (ステップ S40)。  [0107] If it is determined that it is stored in step S33, an error message is displayed on the display of the terminal device 6 (step S40).
[0108] このようにしても、上記と同様、当該管理サーバ 7によって管理されていない端末装 置 6でデータの暗号ィ匕ゃ復号ィ匕が行われるのを防止し、記録媒体 8a, 22, 31, 32 に格納されたデータに係る情報の漏洩を更に有効に防止することができる。また、上 記と同様、管理サーバ 7によって管理された端末装置 6間ではキーを共有してどの端 末装置 6からでも記録媒体 8a, 22, 31, 32内のデータにアクセス可能とすることがで きる。  [0108] Even in this way, similarly to the above, it is possible to prevent the terminal device 6 that is not managed by the management server 7 from performing encryption or decryption of the data, and the recording media 8a, 22, It is possible to more effectively prevent the leakage of information related to the data stored in 31 and 32. Similarly to the above, the terminal device 6 managed by the management server 7 can share the key so that the data in the recording media 8a, 22, 31, 32 can be accessed from any terminal device 6. it can.
[0109] また、上例では、データ管理部 27が、ステップ S2やステップ S32で、読出対象又は 書込対象となる記録媒体 8a, 22, 31, 32の媒体 IDを認識し、ステップ S3やステップ S33で、認識した媒体 IDが媒体情報記憶部 25に格納されて ヽるか否かを確認する ようにした力 これに限られるものではなぐこれらの処理を省略するようにしても良い  [0109] In the above example, the data management unit 27 recognizes the medium ID of the recording medium 8a, 22, 31, 32 to be read or written in step S2 or step S32, and performs step S3 or step S32. In S33, the power to confirm whether or not the recognized medium ID is stored in the medium information storage unit 25 is not limited to this, and these processes may be omitted.
[0110] また、上例では、暗号ィ匕及び復号ィ匕するためのキーとして、コミュニティ ID及びデ ータ IDや、コミュニティ ID及び端末 IDを用いた力 コミュニティ IDだけを用いるように したり、端末 IDだけを用いるようにしても良い。 [0110] Also, in the above example, only the community ID and data ID, or the power community ID using the community ID and terminal ID may be used as the keys for encryption and decryption. Only the terminal ID may be used.
[0111] また、編集処理部 24が記録媒体 31, 32に格納された、暗号ィ匕されていないデータ も読出可能にするには、管理サーバ 7及び端末装置 6を次のように構成すると良い。 即ち、管理サーバ 7の認証処理部 16は、上記ステップ 16で実行許可信号とともに媒 体 IDやキー情報を送信する際に、予め適宜登録された、暗号化されていないデータ が格納された記録媒体 31, 32の媒体 ID、及びこの記録媒体 31, 32に格納された データを読み出す際に使用する読出専用キーを端末装置 6に送信する。一方、端末 装置 6のデータ管理部 27は、上記ステップ S20で媒体 IDやキー情報を格納する際 に、管理サーバ 7から受信した、暗号化されていないデータが格納された記録媒体 3 1, 32の媒体 ID、及びこの記録媒体 31, 32に格納されたデータを読み出す際に使 用する読出専用キーを適宜記憶部内に格納する。また、データ管理部 27は、編集 処理部 24が読出処理又は書込処理を実行すると判断し、読出対象又は書込対象と なる記録媒体 31, 32の媒体 IDを認識した際に、その媒体 IDが、暗号化されていな いデータが格納された記録媒体 31, 32の媒体 IDと一致していると判断すると、読み 出すべきデータを記録媒体 31, 32から読み出した後、読み出したデータを前記読出 専用キーにより変換しながら一時ファイルに書き込む。尚、前記読出専用キーは、暗 号ィ匕されていないデータが暗号ィ匕されることなく変換するためのキーである。 [0111] Further, in order to enable the edit processing unit 24 to read the unencrypted data stored in the recording media 31 and 32, the management server 7 and the terminal device 6 may be configured as follows. . That is, when the authentication processing unit 16 of the management server 7 transmits the medium ID and the key information together with the execution permission signal in the above step 16, the recording medium that stores unencrypted data that is registered in advance as appropriate is stored. 31 and 32 medium IDs and a read-only key used when reading data stored in the recording media 31 and 32 are transmitted to the terminal device 6. On the other hand, the data management unit 27 of the terminal device 6 stores the recording medium 3 1, 32 storing the unencrypted data received from the management server 7 when storing the medium ID and key information in step S20. The read-only key used when reading the data stored in the recording medium 31 and 32 and the data stored in the recording media 31 and 32 is appropriately stored in the storage unit. In addition, when the data management unit 27 determines that the editing processing unit 24 executes the reading process or the writing process and recognizes the medium ID of the recording medium 31 or 32 to be read or written, the data ID However, if it is determined that it matches the medium ID of the recording media 31 and 32 in which the unencrypted data is stored, after the data to be read is read from the recording media 31 and 32, the read data is Write to temporary file while converting with read-only key. The read-only key is a key for converting data that has not been encrypted without being encrypted.
[0112] また、データ管理部 27は、前記確認処理を行う際に、外部から入力される特定の 信号を受信すると、前記管理サーバ 7との間で通信 (認証)を行わず、この入力信号 に対応した時間、前記暗号化 '復号化処理を実行し且つ復号化データ生成処理を 実行可能な状態にするように構成されていても良い。このようにすれば、端末装置 6 をオフラインで使用するときに都合が良い。  [0112] In addition, when the data management unit 27 receives a specific signal input from the outside during the confirmation process, the data management unit 27 does not perform communication (authentication) with the management server 7, and the input signal The encryption / decryption process may be executed and the decrypted data generation process may be executed for a time corresponding to This is convenient when the terminal device 6 is used offline.
[0113] また、前記確認処理において、復号ィ匕データフォルダ 21b内のデータを消去する 時期は、上例のように、媒体 IDの格納後やエラー信号の受信後に実行するのではな く、確認処理の開始後すぐに行うようにしても良 ヽ。  [0113] In the confirmation process, the time when the data in the decryption key data folder 21b is deleted is not executed after the medium ID is stored or the error signal is received as in the above example. You can do it right after the start.
[0114] また、暗号ィ匕データと復号ィ匕データとをより明確に区別可能にするために、暗号ィ匕 データと復号ィ匕データとでアイコンの表示を異ならせるようにしても良い。  [0114] Further, in order to make it possible to more clearly distinguish the encryption key data and the decryption key data, the icons may be displayed differently for the encryption key data and the decryption key data.
[0115] また、端末装置 6は、必ずしも管理サーバ 7によって管理する必要はなぐ管理サー ノ 7とオフラインに設けても良い。但し、この場合、媒体識別情報記憶部 25やキー情 報記憶部 34に格納されたデータをユーザが適宜更新する必要がある。  [0115] Further, the terminal device 6 may be provided offline with the management server 7 that does not necessarily need to be managed by the management server 7. However, in this case, the user needs to update the data stored in the medium identification information storage unit 25 and the key information storage unit 34 as appropriate.
産業上の利用可能性 以上詳述したように、本発明は、ユーザを煩わせることなぐデータの暗号化ゃ復号 化を行うことができるとともに、情報の漏洩をより確実に防止することができる端末装 置、及びこれを備えたデータ管理システムとして好適である。 Industrial applicability As described above in detail, the present invention is capable of performing data encryption and decryption without bothering the user, and a terminal device that can more reliably prevent information leakage, and It is suitable as a data management system provided.

Claims

請求の範囲 The scope of the claims
[1] データを記憶する記録媒体が接続される端末装置であって、前記記録媒体に格納 されたデータを読み出す読出処理、読み出したデータを編集する編集処理、及び編 集したデータを前記記録媒体に書き込む書込処理を行う編集処理部を備えた端末 装置において、  [1] A terminal device to which a recording medium for storing data is connected, the reading process for reading data stored in the recording medium, the editing process for editing the read data, and the edited data for the recording medium In a terminal device provided with an editing processing unit for performing a writing process to write to
前記編集処理部における処理を監視し、該編集処理部が前記書込処理を実行す る際には、該編集処理部に代わり、編集後のデータを暗号化して前記記録媒体に格 納する一方、該編集処理部が前記読出処理を実行する際には、該編集処理部に代 わり、読み出すべき暗号化データを前記記録媒体から読み出し、読み出したデータ を復号化して該編集処理部に提供する暗号化 '復号化処理を行うデータ管理部を更 に備えてなることを特徴とする端末装置。  When the processing in the editing processing unit is monitored and the editing processing unit executes the writing process, the edited data is encrypted and stored in the recording medium instead of the editing processing unit. When the editing processing unit executes the reading processing, instead of the editing processing unit, the encrypted data to be read is read from the recording medium, and the read data is decrypted and provided to the editing processing unit. Encryption 'Terminal device further comprising a data management unit for performing decryption processing.
[2] 接続される前記記録媒体の固有情報に基づいた媒体識別情報を記憶する端末側 媒体識別情報記憶部を更に備え、  [2] a terminal-side medium identification information storage unit that stores medium identification information based on the unique information of the connected recording medium;
前記データ管理部は、前記データを前記記録媒体から読み出し又は前記記録媒 体に格納するに当たり、対象となる記録媒体の媒体識別情報が前記端末側媒体識 別情報記憶部に格納されて 、るか否かを確認して、格納されて 、ると判断した場合 に、前記データを暗号化して格納し又は前記データを読み出して復号化するように 構成されてなることを特徴とする請求項 1記載の端末装置。  When the data management unit reads the data from the recording medium or stores the data in the recording medium, whether the medium identification information of the target recording medium is stored in the terminal-side medium identification information storage unit. 2. The apparatus according to claim 1, wherein the data is encrypted and stored or the data is read and decrypted when it is determined that the data has been stored. Terminal equipment.
[3] 前記記録媒体には、暗号ィ匕されたデータが第 1フォルダに、復号化されたデータが 第 2フォルダに分類されて格納され、  [3] In the recording medium, the encrypted data is stored in the first folder, and the decrypted data is stored in the second folder.
前記データ管理部は、外部力 入力される、前記第 1フォルダ内の特定の暗号ィ匕 データを復号ィ匕するための信号を受け付けると、受け付けた信号に対応する暗号ィ匕 データを復号化して新たなデータを生成し、生成した復号ィ匕データを前記第 2フオル ダ内に格納する復号化データ生成処理を更に行うように構成されてなることを特徴と する請求項 1記載の端末装置。  When the data management unit receives a signal for decrypting the specific encryption key data in the first folder, which is input from an external force, the data management unit decrypts the encryption key data corresponding to the received signal. 2. The terminal device according to claim 1, wherein the terminal device is configured to further perform a decoded data generation process of generating new data and storing the generated decoded key data in the second folder.
[4] 前記データ管理部は、前記端末装置の固有情報に基づいた端末識別情報をキー として前記データの暗号ィ匕及び復号ィ匕を行うように構成されてなることを特徴とする 請求項 1記載の端末装置。 4. The data management unit is configured to perform encryption and decryption of the data using terminal identification information based on unique information of the terminal device as a key. The terminal device described.
[5] 前記請求項 1記載の複数の端末装置と、前記各端末装置を管理する管理サーバと が電気通信回線を介して接続されたデータ管理システムであって、 [5] A data management system in which the plurality of terminal devices according to claim 1 and a management server that manages each terminal device are connected via an electric communication line,
前記管理サーバは、  The management server
ユーザ毎に設定され、該ユーザを識別するためのユーザ識別情報と、前記端末装 置の固有情報に基づいた端末識別情報であって、前記ユーザによって利用される少 なくとも 1台の端末装置に関する端末識別情報とを関連付けて記憶するユーザ情報 前記端末装置から送信されるユーザ識別情報及び端末識別情報を受信すると、受 信したユーザ識別情報及び端末識別情報が前記ユーザ情報記憶部に格納されて User identification information set for each user and identifying the user, and terminal identification information based on the unique information of the terminal device, which relates to at least one terminal device used by the user User information stored in association with terminal identification information When user identification information and terminal identification information transmitted from the terminal device are received, the received user identification information and terminal identification information are stored in the user information storage unit.
Vヽるカゝ否かを確認し、格納されて ヽると判断した場合に実行許可信号を該端末装置 に送信する認証処理部とを備え、 An authentication processing unit that confirms whether or not the V is valid and transmits an execution permission signal to the terminal device when it is determined that the device is stored.
前記端末装置のデータ管理部は、  The data management unit of the terminal device
前記暗号化'復号ィ匕処理を実行する力否かを確認する処理であって、外部から入 力される前記ユーザ識別情報を受け付けるとともに、該端末装置の前記端末識別情 報を生成して、受け付けたユーザ識別情報及び生成した端末識別情報を前記管理 サーバに送信し、該管理サーノから送信される前記実行許可信号を受信する確認 処理を定期的又は不定期的に行い、該確認処理において前記実行許可信号を受 信した場合に、次に前記確認処理を行うまでの間、前記暗号化 '復号化処理を実行 するように構成されてなることを特徴とするデータ管理システム。  A process for confirming whether or not the encryption / decryption process is executed, accepting the user identification information input from the outside, and generating the terminal identification information of the terminal device; The received user identification information and the generated terminal identification information are transmitted to the management server, and the confirmation process for receiving the execution permission signal transmitted from the management sano is performed periodically or irregularly. A data management system configured to execute the encryption / decryption process until the next confirmation process is performed when an execution permission signal is received.
[6] 前記請求項 2記載の複数の端末装置と、前記各端末装置を管理する管理サーバと が電気通信回線を介して接続されたデータ管理システムであって、  [6] A data management system in which the plurality of terminal devices according to claim 2 and a management server that manages each terminal device are connected via an electric communication line,
前記管理サーバは、  The management server
ユーザ毎に設定され、該ユーザを識別するためのユーザ識別情報と、前記端末装 置の固有情報に基づいた端末識別情報であって、前記ユーザによって利用される少 なくとも 1台の端末装置に関する端末識別情報とを関連付けて記憶するユーザ情報 前記端末装置から送信されるユーザ識別情報及び端末識別情報を受信すると、受 信したユーザ識別情報及び端末識別情報が前記ユーザ情報記憶部に格納されて ヽるカゝ否かを確認し、格納されて ヽると判断した場合に実行許可信号を該端末装置 に送信する認証処理部とを備え、 User identification information set for each user and identifying the user, and terminal identification information based on the unique information of the terminal device, which relates to at least one terminal device used by the user User information stored in association with terminal identification information When user identification information and terminal identification information transmitted from the terminal device are received, the received user identification information and terminal identification information are stored in the user information storage unit. An authentication processing unit that confirms whether or not the message is stored, and transmits an execution permission signal to the terminal device when it is determined that it is stored.
前記端末装置のデータ管理部は、  The data management unit of the terminal device
前記暗号化'復号ィ匕処理を実行する力否かを確認する処理であって、外部から入 力される前記ユーザ識別情報を受け付けるとともに、該端末装置の前記端末識別情 報を生成して、受け付けたユーザ識別情報及び生成した端末識別情報を前記管理 サーバに送信し、該管理サーノから送信される前記実行許可信号を受信する確認 処理を定期的又は不定期的に行い、該確認処理において前記実行許可信号を受 信した場合に、次に前記確認処理を行うまでの間、前記暗号化 '復号化処理を実行 するように構成されてなることを特徴とするデータ管理システム。  A process for confirming whether or not the encryption / decryption process is executed, accepting the user identification information input from the outside, and generating the terminal identification information of the terminal device; The received user identification information and the generated terminal identification information are transmitted to the management server, and the confirmation process for receiving the execution permission signal transmitted from the management sano is performed periodically or irregularly. A data management system configured to execute the encryption / decryption process until the next confirmation process is performed when an execution permission signal is received.
[7] 前記管理サーバは、前記各端末装置に接続される記録媒体の媒体識別情報を記 憶するサーバ側媒体識別情報記憶部を更に備え、  [7] The management server further includes a server-side medium identification information storage unit that stores medium identification information of a recording medium connected to each terminal device,
前記認証処理部は、前記実行許可信号を前記端末装置に送信するに当たり、前 記サーバ側媒体識別情報記憶部に格納された媒体識別情報を該実行許可信号とと もに送信するように構成され、  The authentication processing unit is configured to transmit the medium identification information stored in the server-side medium identification information storage unit together with the execution permission signal when transmitting the execution permission signal to the terminal device. ,
前記データ管理部は、前記管理サーバから前記実行許可信号及び媒体識別情報 を受信すると、受信した媒体識別情報を前記端末側媒体識別情報記憶部に格納す るように構成されてなることを特徴とする請求項 6記載のデータ管理システム。  The data management unit is configured to store the received medium identification information in the terminal-side medium identification information storage unit when receiving the execution permission signal and the medium identification information from the management server. The data management system according to claim 6.
[8] 前記請求項 3記載の複数の端末装置と、前記各端末装置を管理する管理サーバと が電気通信回線を介して接続されたデータ管理システムであって、 [8] A data management system in which the plurality of terminal devices according to claim 3 and a management server that manages each terminal device are connected via an electric communication line,
前記管理サーバは、  The management server
ユーザ毎に設定され、該ユーザを識別するためのユーザ識別情報と、前記端末装 置の固有情報に基づいた端末識別情報であって、前記ユーザによって利用される少 なくとも 1台の端末装置に関する端末識別情報とを関連付けて記憶するユーザ情報
Figure imgf000031_0001
User identification information set for each user and identifying the user, and terminal identification information based on the unique information of the terminal device, which relates to at least one terminal device used by the user User information stored in association with terminal identification information
Figure imgf000031_0001
前記端末装置から送信されるユーザ識別情報及び端末識別情報を受信すると、受 信したユーザ識別情報及び端末識別情報が前記ユーザ情報記憶部に格納されて When the user identification information and the terminal identification information transmitted from the terminal device are received, the received user identification information and the terminal identification information are stored in the user information storage unit.
Vヽるカゝ否かを確認し、格納されて ヽると判断した場合に実行許可信号を該端末装置 に送信する認証処理部とを備え、 The terminal device confirms whether or not V is valid and if it is determined that it is stored, an execution permission signal is sent to the terminal device. And an authentication processing unit to transmit to
前記端末装置のデータ管理部は、  The data management unit of the terminal device
前記暗号化'復号化処理及び復号化データ生成処理を実行するか否かを確認す る処理であって、外部から入力される前記ユーザ識別情報を受け付けるとともに、該 端末装置の前記端末識別情報を生成して、受け付けたユーザ識別情報及び生成し た端末識別情報を前記管理サーバに送信し、該管理サーバから送信される前記実 行許可信号を受信する確認処理を定期的又は不定期的に行い、該確認処理におい て前記実行許可信号を受信した場合に、次に前記確認処理を行うまでの間、前記暗 号化'復号化処理及び復号化データ生成処理を実行するように構成されてなることを 特徴とするデータ管理システム。  A process for confirming whether or not to execute the encryption / decryption process and the decrypted data generation process, accepting the user identification information input from the outside, and determining the terminal identification information of the terminal device Generate and accept the received user identification information and the generated terminal identification information to the management server, and perform a confirmation process periodically or irregularly to receive the execution permission signal transmitted from the management server. When the execution permission signal is received in the confirmation process, the encryption / decryption process and the decoded data generation process are performed until the next confirmation process is performed. A data management system characterized by this.
[9] 前記データ管理部は、前記確認処理の実行時に前記第 2フォルダ内の復号化デ ータを消去するように構成されてなることを特徴とする請求項 8記載のデータ管理シ ステム。  9. The data management system according to claim 8, wherein the data management unit is configured to delete the decrypted data in the second folder when the confirmation process is executed.
[10] 前記ユーザ情報記憶部には、前記端末装置における前記確認処理以外の処理の 実行を許可するか否かに関する許可情報が前記ユーザ識別情報と関連付けられて 更に格納され、  [10] In the user information storage unit, permission information related to whether or not to allow execution of processing other than the confirmation processing in the terminal device is further stored in association with the user identification information,
前記認証処理部は、前記端末装置から前記ユーザ識別情報及び端末識別情報を 受信すると、受信したユーザ識別情報及び端末識別情報を基に前記ユーザ情報記 憶部に格納されたデータを参照して、該ユーザ識別情報及び端末識別情報が格納 されているカゝ否かを確認するとともに、受信したユーザ識別情報と関連付けられた許 可情報が前記確認処理以外の処理の実行を許可するものであるか否かを確認し、 該ユーザ識別情報及び端末識別情報が格納され且つ前記確認処理以外の処理の 実行が許可されていると判断した場合に前記実行許可信号を該端末装置に送信す るように構成され、  When the authentication processing unit receives the user identification information and terminal identification information from the terminal device, the authentication processing unit refers to data stored in the user information storage unit based on the received user identification information and terminal identification information, Confirm whether the user identification information and the terminal identification information are stored, and whether the permission information associated with the received user identification information permits execution of processes other than the confirmation process. If the user identification information and the terminal identification information are stored and it is determined that execution of processing other than the confirmation processing is permitted, the execution permission signal is transmitted to the terminal device. Configured,
前記管理サーバは、外部から入力される、特定のユーザに係るユーザ識別情報と 関連付けられた前記許可情報を変更,更新するための更新情報を受け付け、受け付 けた更新情報を基に、前記ユーザ情報記憶部に格納された許可情報を更新するュ 一ザ情報更新部を更に備えてなることを特徴とする請求項 5乃至 9記載のいずれか のデータ管理システム。 The management server receives update information for changing or updating the permission information associated with user identification information related to a specific user, which is input from the outside, and based on the received update information, the user information 10. The user information update unit for updating the permission information stored in the storage unit, further comprising: Data management system.
[11] 前記認証処理部は、前記実行許可信号を前記端末装置に送信するに当たり、前 記暗号化 ·復号化処理で用 ヽられるキーを該実行許可信号とともに送信するように構 成され、  [11] The authentication processing unit is configured to transmit a key used in the encryption / decryption process together with the execution permission signal when transmitting the execution permission signal to the terminal device,
前記データ管理部は、前記管理サーバから前記実行許可信号及びキーを受信す ると、受信したキーを用いて前記データの暗号ィ匕及び復号ィ匕を行うように構成されて なることを特徴とする請求項 5乃至 9記載のいずれかのデータ管理システム。  When the data management unit receives the execution permission signal and the key from the management server, the data management unit is configured to perform encryption and decryption of the data using the received key. The data management system according to any one of claims 5 to 9.
[12] 前記データ管理部は、前記管理サーバから受信したキーと、前記データ毎に設定 された固有のデータ識別情報とをキーとして前記データの暗号ィ匕及び復号ィ匕を行う ように構成されてなることを特徴とする請求項 11記載のデータ管理システム。 [12] The data management unit is configured to perform encryption and decryption of the data using a key received from the management server and unique data identification information set for each data as a key. The data management system according to claim 11, wherein
[13] 前記認証処理部は、前記実行許可信号を前記端末装置に送信するに当たり、前 記ユーザ情報記憶部に格納されたユーザ識別情報及び端末識別情報を該実行許 可信号とともに送信するように構成され、 [13] When transmitting the execution permission signal to the terminal device, the authentication processing unit transmits the user identification information and the terminal identification information stored in the user information storage unit together with the execution permission signal. Configured,
前記端末装置は、前記管理サーバから送信されるユーザ識別情報及び端末識別 情報を記憶するキー情報記憶部を更に備え、  The terminal device further includes a key information storage unit that stores user identification information and terminal identification information transmitted from the management server,
前記データ管理部は、前記管理サーバから前記実行許可信号,ユーザ識別情報 及び端末識別情報を受信すると、受信したユーザ識別情報及び端末識別情報を関 連付けて前記キー情報記憶部に格納し、更に、前記データを暗号化して格納する際 には、該端末装置の端末識別情報を暗号キーとして暗号化し、暗号化したデータに 、該端末装置を利用するユーザのユーザ識別情報を含ませて格納する一方、前記 記録媒体に格納されたデータを読み出して復号化する際には、該データに含まれた ユーザ識別情報を基に、該ユーザ識別情報と関連付けられて前記キー情報記憶部 に格納された端末識別情報を認識し、認識した端末識別情報を復号キーとして前記 データを復号化するように構成されてなることを特徴とする請求項 5乃至 9記載の ヽ ずれかのデータ管理システム。  When the data management unit receives the execution permission signal, user identification information, and terminal identification information from the management server, the data management unit associates the received user identification information and terminal identification information with each other and stores them in the key information storage unit. When the data is encrypted and stored, the terminal identification information of the terminal device is encrypted as an encryption key, and the encrypted data is stored including the user identification information of the user who uses the terminal device. On the other hand, when the data stored in the recording medium is read and decrypted, it is stored in the key information storage unit in association with the user identification information based on the user identification information included in the data. 10. The terminal according to claim 5, wherein the terminal identification information is recognized, and the data is decrypted using the recognized terminal identification information as a decryption key. Kano data management systems.
[14] 前記管理サーバは、前記認証処理部における処理についてのログ情報を生成する サーバ側ログ情報生成部と、 [14] The management server generates a log information about processing in the authentication processing unit, a server-side log information generation unit,
前記サーバ側ログ情報生成部によって生成されたログ情報を記憶するログ情報記 憶部とを更に備えてなることを特徴とする請求項 5乃至 9記載のいずれかのデータ管 理システム。 Log information storage for storing log information generated by the server-side log information generation unit The data management system according to claim 5, further comprising a storage unit.
[15] 前記端末装置は、前記データ管理部における処理についてのログ情報を生成し、 生成したログ情報を前記管理サーバに送信する端末側ログ情報生成部を更に備え、 前記管理サーバは、前記ログ情報を記憶するログ情報記憶部と、  [15] The terminal device further includes a terminal-side log information generation unit that generates log information about processing in the data management unit, and transmits the generated log information to the management server. The management server includes the log server A log information storage unit for storing information;
前記端末側ログ情報生成部から送信されたログ情報を受信して、受信したログ情報 を前記ログ情報記憶部に格納するログ情報受付部とを更に備えてなることを特徴とす る請求項 5乃至 9記載のいずれかのデータ管理システム。  6. A log information receiving unit that receives log information transmitted from the terminal-side log information generating unit and stores the received log information in the log information storage unit. The data management system according to any one of Items 9 to 9.
[16] 前記端末装置は、前記データ管理部における処理についてのログ情報を生成し、 生成したログ情報を前記管理サーバに送信する端末側ログ情報生成部を更に備え、 前記管理サーバは、前記端末側ログ情報生成部から送信されたログ情報を受信し て、受信したログ情報を前記ログ情報記憶部に格納するログ情報受付部を更に備え てなることを特徴とする請求項 14記載のデータ管理システム。 [16] The terminal device further includes a terminal-side log information generation unit that generates log information about processing in the data management unit, and transmits the generated log information to the management server, and the management server includes the terminal 15. The data management according to claim 14, further comprising a log information receiving unit that receives the log information transmitted from the side log information generation unit and stores the received log information in the log information storage unit. system.
PCT/JP2007/060855 2006-06-09 2007-05-29 Terminal device and data managing system using the same WO2007142072A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
JP2008520503A JPWO2007142072A1 (en) 2006-06-09 2007-05-29 Terminal apparatus and data management system provided with the same

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
JP2006-160538 2006-06-09
JP2006160538 2006-06-09

Publications (1)

Publication Number Publication Date
WO2007142072A1 true WO2007142072A1 (en) 2007-12-13

Family

ID=38801330

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2007/060855 WO2007142072A1 (en) 2006-06-09 2007-05-29 Terminal device and data managing system using the same

Country Status (2)

Country Link
JP (1) JPWO2007142072A1 (en)
WO (1) WO2007142072A1 (en)

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2009193495A (en) * 2008-02-18 2009-08-27 Hitachi Software Eng Co Ltd Data removal control system
WO2010038763A1 (en) * 2008-10-01 2010-04-08 株式会社Icon Information management system, terminal unit, server device and program
JP2011150693A (en) * 2009-12-22 2011-08-04 Tani Electronics Corp Information management system, information management method and apparatus, and encryption method and program
JP2011227843A (en) * 2010-04-23 2011-11-10 Nippon Telegr & Teleph Corp <Ntt> Authentication system, authentication method, and program
JP2014150424A (en) * 2013-02-01 2014-08-21 Ricoh Co Ltd Electronic information utilization device, electronic information utilization system, program, and control method
CN112425119A (en) * 2018-12-11 2021-02-26 松下电器(美国)知识产权公司 Control method, server, program, and data structure
CN114531230A (en) * 2021-12-31 2022-05-24 华能信息技术有限公司 Data leakage prevention system and method based on industrial Internet

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH11149414A (en) * 1997-09-12 1999-06-02 Hitachi Software Eng Co Ltd Method for preserving data, its system and storage medium for data preservation processing
JP2003242035A (en) * 2002-02-20 2003-08-29 Xelo Inc Security system for electronic document, security management plug-in program, and security management method
JP2005063399A (en) * 2003-07-30 2005-03-10 Mieko Tsuyusaki File/key/data management system
JP2005301510A (en) * 2004-04-08 2005-10-27 Ricoh Co Ltd Information processor, operation permission/non-permission information generating method, operation permission/non-permission information generating program, and recording medium
JP2006040032A (en) * 2004-07-28 2006-02-09 Denso Corp Information processor and program
JP2006085305A (en) * 2004-09-14 2006-03-30 Ricoh Co Ltd Multimedia data playback device and multimedia data playback method

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH11149414A (en) * 1997-09-12 1999-06-02 Hitachi Software Eng Co Ltd Method for preserving data, its system and storage medium for data preservation processing
JP2003242035A (en) * 2002-02-20 2003-08-29 Xelo Inc Security system for electronic document, security management plug-in program, and security management method
JP2005063399A (en) * 2003-07-30 2005-03-10 Mieko Tsuyusaki File/key/data management system
JP2005301510A (en) * 2004-04-08 2005-10-27 Ricoh Co Ltd Information processor, operation permission/non-permission information generating method, operation permission/non-permission information generating program, and recording medium
JP2006040032A (en) * 2004-07-28 2006-02-09 Denso Corp Information processor and program
JP2006085305A (en) * 2004-09-14 2006-03-30 Ricoh Co Ltd Multimedia data playback device and multimedia data playback method

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2009193495A (en) * 2008-02-18 2009-08-27 Hitachi Software Eng Co Ltd Data removal control system
WO2010038763A1 (en) * 2008-10-01 2010-04-08 株式会社Icon Information management system, terminal unit, server device and program
JP2011150693A (en) * 2009-12-22 2011-08-04 Tani Electronics Corp Information management system, information management method and apparatus, and encryption method and program
JP2011227843A (en) * 2010-04-23 2011-11-10 Nippon Telegr & Teleph Corp <Ntt> Authentication system, authentication method, and program
JP2014150424A (en) * 2013-02-01 2014-08-21 Ricoh Co Ltd Electronic information utilization device, electronic information utilization system, program, and control method
CN112425119A (en) * 2018-12-11 2021-02-26 松下电器(美国)知识产权公司 Control method, server, program, and data structure
CN114531230A (en) * 2021-12-31 2022-05-24 华能信息技术有限公司 Data leakage prevention system and method based on industrial Internet
CN114531230B (en) * 2021-12-31 2024-01-23 华能信息技术有限公司 Data leakage prevention system and method based on industrial Internet

Also Published As

Publication number Publication date
JPWO2007142072A1 (en) 2009-10-22

Similar Documents

Publication Publication Date Title
JP4060271B2 (en) Content processing apparatus and content protection program
JP4687703B2 (en) RECORDING SYSTEM, INFORMATION PROCESSING DEVICE, STORAGE DEVICE, RECORDING METHOD, AND PROGRAM
TW514844B (en) Data processing system, storage device, data processing method and program providing media
JP4907880B2 (en) Portable information terminal and data protection method
JP3779837B2 (en) Computer and program recording medium
US20110110516A1 (en) Content receiver, content reproducer, management server, content use system, content use method, method of write-out from content receiver, method of possible viewing time management on content reproducer, method of time limit fixation in management server, and program
JP4662138B2 (en) Information leakage prevention method and system
JPWO2004109972A1 (en) User terminal for license reception
JP2004139433A (en) Terminal, recording medium to be used in terminal, contents management system, and its management server
WO2007142072A1 (en) Terminal device and data managing system using the same
JP2008009631A (en) Storage device and storage method
US8234718B2 (en) Method and apparatus for forbidding use of digital content against copy control information
US7853787B2 (en) Peripheral device for programmable logic controller
JP2008005408A (en) Recorded data processing apparatus
JP4791193B2 (en) Information processing apparatus, portable terminal apparatus, and information processing execution control method
US20050071662A1 (en) Method of managing file structure in memory card and its related technology
JP2007188445A (en) Information leakage prevention system and information leakage prevention method
JP5631251B2 (en) Information leakage prevention method
JP2014197374A (en) Portable storage medium, system including portable storage medium and data restoration method of portable storage medium
CN100472391C (en) License information management apparatus and license information management method
KR100695665B1 (en) Apparatus and method for accessing material using an entity locked secure registry
JP2002149061A (en) Rental contents distribution system and method therefor
JP2008147946A (en) Authentication method, authentication system, and external recording medium
JP2009177368A (en) Potable electronic device
JPWO2009063552A1 (en) ARCHIVE SYSTEM CONTROL PROGRAM, ARCHIVE SYSTEM, MANAGEMENT DEVICE, AND CONTROL METHOD

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 07744289

Country of ref document: EP

Kind code of ref document: A1

WWE Wipo information: entry into national phase

Ref document number: 2008520503

Country of ref document: JP

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 07744289

Country of ref document: EP

Kind code of ref document: A1