WO2017013752A1 - サーバ装置、情報管理システム、情報管理方法、及びコンピュータプログラム - Google Patents
サーバ装置、情報管理システム、情報管理方法、及びコンピュータプログラム Download PDFInfo
- Publication number
- WO2017013752A1 WO2017013752A1 PCT/JP2015/070753 JP2015070753W WO2017013752A1 WO 2017013752 A1 WO2017013752 A1 WO 2017013752A1 JP 2015070753 W JP2015070753 W JP 2015070753W WO 2017013752 A1 WO2017013752 A1 WO 2017013752A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- character
- character code
- string
- terminal device
- server device
- Prior art date
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F40/00—Handling natural language data
- G06F40/10—Text processing
- G06F40/12—Use of codes for handling textual entities
- G06F40/126—Character encoding
-
- G—PHYSICS
- G09—EDUCATION; CRYPTOGRAPHY; DISPLAY; ADVERTISING; SEALS
- G09C—CIPHERING OR DECIPHERING APPARATUS FOR CRYPTOGRAPHIC OR OTHER PURPOSES INVOLVING THE NEED FOR SECRECY
- G09C5/00—Ciphering apparatus or methods not provided for in the preceding groups, e.g. involving the concealment or deformation of graphic data such as designs, written or printed messages
Definitions
- the present invention relates to a server device, an information management system, an information management method, and a computer program, and more particularly to a server device, an information management system, an information management method, and a computer program that can safely manage information.
- the personal information is stored as it is in the information management server, and the personal information is transmitted as it is from the information management server to the sales terminal. For this reason, if a malicious hacker accesses the information management server or intercepts communication from the information management server to the sales terminal, personal information easily leaks.
- the present invention has been made to solve the above-described problems, and an object thereof is to provide a server device, an information management system, an information management method, and a computer program capable of safely managing information.
- the server device (20) associates a first character code with a second character code having a different type from the first character code.
- a terminal comprising a storage (22) for storing and a processor (23) and receiving a second character code string corresponding to the first character string stored in the storage device (30) via the network (N)
- a server device (20) connected to the device (10) via the network (N), wherein the processor (23) has a first character corresponding to a second character string included in the first character string.
- the first character code included in the first character code string is converted into the corresponding second character code, thereby the second character code.
- Second sentence corresponding to the character string A code string is generated, and the second character code string corresponding to the first character string including the second character code string corresponding to the second character string is transmitted to the terminal device (10).
- the processor (23) displays a font for displaying characters corresponding to the second character code on the network (N) on the terminal device (10) satisfying a predetermined condition.
- the terminal device (10) satisfies the predetermined condition
- the terminal device (10) displays the first character string using the font transmitted from the server device (20), and
- a character string different from the first character string may be displayed.
- the storage (22) stores the terminal device (10), the second character code, and the font in association with each other, and the processor (23)
- the first character code is converted into the second character code corresponding to the terminal device (10) that has transmitted the first character code string including the first character code, and the terminal device (10 that satisfies the predetermined condition) ) May transmit the font corresponding to the terminal device (10).
- the terminal device (10) may discard the font transmitted from the server device (20) when the predetermined condition is not satisfied.
- the processor (23) converts the first character code included in the first character code string corresponding to the first character string into the corresponding second character code. To generate a second character code string corresponding to the first character string, and store the second character code string corresponding to the first character string in the storage device (30) in the storage device (30). It may be an instruction.
- the second character code is obtained by encrypting the first character code corresponding to each character to generate an encrypted character string, rearranging the encrypted character string in a predetermined order, It may be generated by sequentially assigning a numerical value to each character corresponding to the rearranged encrypted character string.
- the information management system (1) uses the font transmitted from the server device (20) when the server device (10) and the predetermined condition are satisfied. And the terminal device (10) for displaying the first character string and displaying a character string different from the first character string when the predetermined condition is not satisfied.
- An information management method includes a storage (22) that stores a first character code and a second character code that is different from the first character code in association with each other, a processor ( 23), and receives the second character code string corresponding to the first character string stored in the storage device (30) via the network (N) to the terminal device (10).
- a server device (20) connected via the terminal device wherein the processor (23) assigns a first character code string corresponding to a second character string included in the first character string to the terminal device.
- the first character code included in the first character code string is converted into the second character code corresponding to the first character code, so that the first character code corresponding to the second character string is converted.
- Raw 2 character code string And instructing the storage device (30) to transmit the second character code string corresponding to the first character string including the second character code string corresponding to the second character string to the terminal device (10). .
- a computer program includes a storage (22) that stores a first character code and a second character code that is different in type from the first character code, and a processor (23 And the terminal device (10) that receives the second character code string corresponding to the first character string stored in the storage device (30) via the network (N).
- the first character code string corresponding to the second character string included in the first character string is received from the terminal device (10) by the processor (23) included in the server device (20) connected via the terminal device (20).
- the second character code string corresponding to the second character string is generated by converting the first character code included in the first character code string to the corresponding second character code, Said The transmission to the second character code string corresponding to the first character string including the second character code string corresponding to the character string the terminal device (10) is indicated in the storage device (30).
- information management system information management system, information management method, and computer program according to the present invention, information can be managed safely.
- the information management system 1 includes a terminal device 10, a server device 20, and a storage device 30, which are connected so as to be able to communicate with each other via a network N such as the Internet. Yes.
- FIG. 2 is a block diagram illustrating a configuration example of the terminal device.
- the terminal device 10 is installed in, for example, a company that handles customer personal information, and includes a general-purpose personal computer, a tablet computer, a smartphone, or the like. As shown in FIG. 2, the terminal device 10 includes an operation unit 11, a storage unit (storage) 12, a communication unit 13, a display unit 14, and a control unit (processor) 15. Are connected so that they can communicate with each other.
- the operation unit 11 includes, for example, a keyboard and mouse, a touch panel, or the like.
- the operator inputs a login ID (Identifier), a password, and the like through the operation unit 11 and instructs to log in to the server device 20.
- the operator inputs the customer's personal information through the operation unit 11 and instructs the registration of the input personal information.
- This personal information includes a plurality of items such as the customer's name, address, telephone number, facsimile number, and e-mail address.
- the operator inputs one of a plurality of items included in the customer's personal information using the operation unit 11 and instructs to search for personal information including the input item. Then, the operator instructs to log out from the server device 20 using the operation unit 11.
- the storage unit 12 is composed of, for example, a hard disk drive or a flash memory, and stores a standard character code table that is a standard such as a JIS standard character code table.
- the standard character code is a byte representation assigned to each character in order to use the character on the computer.
- the JIS standard character code is a two-byte character code, and is commonly called “double-byte character”. For each character such as English letters, numbers, kanji, hiragana and katakana, “00000” to “ The number 65535 "(decimal) is assigned.
- the “character” in the present application includes all characters such as English letters, numbers, kanji, hiragana, katakana, and symbols.
- the standard character code table may be an ASCII (ASCII: American Standard Code for Information Interchange) code table.
- ASCII code is a 1-byte character code, and is sometimes called a “half-width character”, and a number from “000” to “127” (decimal number) is assigned to each character such as an English letter or a number. ing.
- the storage unit 12 stores a standard font for displaying characters corresponding to the standard character code.
- the communication unit 13 is composed of, for example, a NIC (Network Interface Card) or the like, and transmits the login ID and password input by the operation unit 11 to the server device 20 via the network N. In addition, the communication unit 13 receives a converted font transmitted from the server device 20 via the network N.
- NIC Network Interface Card
- the communication unit 13 transmits a standard character code string corresponding to the character string indicating the customer's personal information input by the operation unit 11 to the server device 20 via the network N. Further, the communication unit 13 receives a notification that the registration of the personal information of the customer is completed from the server device 20 via the network N.
- the communication unit 13 transmits a standard character code string corresponding to the character string indicating the item input by the operation unit 11 to the server device 20 via the network N. Further, the communication unit 13 receives a converted character code string corresponding to a character string indicating personal information transmitted from the storage device 30 via the network N.
- the display unit 14 is composed of, for example, a general-purpose liquid crystal display device, and displays that the registration of the customer's personal information has been completed.
- the display unit 14 displays a character string specified from the converted character code string received by the communication unit 13.
- the control unit 15 includes, for example, a CPU (Central Processing Unit), a ROM (Read Only Memory), a RAM (Random Access Memory), and the like.
- the CPU uses the RAM as a work memory, and appropriately stores a program stored in the ROM. By executing, various operations of the terminal device 10 are controlled.
- control unit 15 In response to the operator instructing the operation unit 11 to log in to the server device 20, the control unit 15 receives the login ID and password input from the operation unit 11 from the communication unit 13 via the network N. By transmitting to the device 20, the server device 20 is logged in. The control unit 15 receives the conversion font corresponding to the login ID and password transmitted to the server device 20 from the server device 20 via the network N by the communication unit 13 and sets them in the RAM or the like.
- the control unit 15 responds to an instruction for registration of customer personal information by the operation unit 11 by the operator during login, and a standard corresponding to a character string indicating the customer personal information input by the operation unit 11 By transmitting the character code string from the communication unit 13 to the server device 20 via the network N, the server device 20 is requested to register the personal information of the customer.
- the control unit 15 responds to the notification that the registration of the customer's personal information transmitted from the server device 20 via the network N has been completed by the communication unit 13 and displays that fact on the display unit 14. To do.
- control unit 15 In response to an instruction from the operator to search for personal information of the customer including the item input by the operation unit 11, the control unit 15 converts the personal information item input by the operation unit 11 into a character string indicating the item. By transmitting the corresponding standard character code string from the communication unit 13 to the server device 20 via the network N, the storage device 20 is requested to search for personal information of the customer including the item input by the operation unit 11.
- the control unit 15 responds that the communication unit 13 has received the converted character code string corresponding to the character string indicating the customer's personal information including the item input by the operation unit 11 from the storage device 30 via the network N. Then, it is determined whether or not the server device 20 is logged in.
- the conversion unit 15 corresponds to each conversion character code included in the conversion character code string received by the communication unit 13 using the conversion font set in the RAM or the like.
- the character to be displayed is displayed on the display unit 14.
- a character string indicating personal information is displayed on the display unit 14.
- control unit 15 determines that the server device 20 is not logged in, the control unit 15 uses the specified font stored in the storage unit 12 to convert each conversion character code included in the conversion character code sequence received by the communication unit 13. Corresponding characters are displayed on the display unit 14. Thereby, a garbled character string is displayed on the display unit 14.
- control unit 15 logs out from the server device 20 and deletes the conversion font set in the RAM or the like.
- FIG. 3 is a block diagram illustrating a configuration example of the server device.
- the server device 20 includes, for example, a general-purpose server computer, and includes a communication unit 21, a storage unit (storage) 22, and a control unit (processor) 23 as shown in FIG. Are connected so that they can communicate with each other.
- the communication unit 21 is composed of, for example, a NIC or the like, and receives a login ID and a password transmitted from the terminal device 10 via the network N. In addition, the communication unit 21 transmits the converted font to the terminal device 10 via the network N.
- the communication unit 21 receives a standard character code string corresponding to a character string indicating personal information of a customer transmitted from the terminal device 10 via the network N.
- the communication unit 21 transmits a converted character code string corresponding to the character string indicating the customer's personal information to the storage device 30 via the network N.
- the communication unit 21 receives a notification that the registration of the personal information of the customer is completed from the storage device 30 via the network N. In addition, the communication unit 21 transmits a notification that the registration of the personal information of the customer is completed to the terminal device 10 via the network N.
- the communication unit 21 receives a standard character code string corresponding to a character string indicating an item of personal information transmitted from the terminal device 10 via the network N. In addition, the communication unit 21 transmits a converted character code string corresponding to a character string indicating an item of personal information to the storage device 30 via the network N.
- the storage unit 22 is composed of, for example, a hard disk drive or the like, and stores a conversion DB (Database) 220.
- FIG. 4 is a diagram illustrating a configuration example of the conversion DB.
- the conversion DB 220 registers a login ID, a password, a conversion table 221 and a conversion font in association with each other.
- FIG. 5 is a diagram illustrating a configuration example of the conversion table.
- the conversion table 221 registers a standard character code and a conversion character code in association with each character.
- the conversion character code is generated using the standard character code table and the encryption key as disclosed in the specification, claims, and drawings of PCT / JP2014 / 52463.
- the specification of PCT / JP2014 / 52463, the claim, and the whole drawing shall be taken into this specification for reference.
- an encrypted character string corresponding to each character is generated.
- the standard character code assigned to each character is Rijndael encrypted using, for example, an encryption key assigned to each terminal device 10 or each company in which the terminal device 10 is installed.
- an encrypted character string corresponding to each character is generated.
- the encryption method is not limited to the line Dahl encryption method, and may be another encryption method.
- asymmetric cryptography public key cryptography
- ECC Elliptic Curve ⁇ Cryptography
- RSA Rivest-Shamir-Adleman
- El Gamal cryptography is preferably applicable to the present invention.
- AES Advanced Encryption Standard
- DES Data Encryption Standard
- the standard character code may be converted according to a method other than encryption or a predetermined algorithm.
- the encryption method applied to each terminal device 10 or each company in which the terminal device 10 is installed may be different.
- the standard character code “00000” is encrypted by the line Dahl encryption method using the encryption key “R28djaowis912jaas0slwodkqod3m010”, and the encrypted character string “ans9ewjdses3aexa” is generated. Also, the encrypted character string “cmrfxqxqpasdkfq3rx” is generated from the standard character code “00001”, the encrypted character string “mxjqwjfxaajrfcjwwrex” is generated from the standard character code “00002”, and the encrypted character string “eiu37sgcvjw4y8” is generated from the standard character code “65535”.
- each character corresponding to the encrypted character string is rearranged by rearranging the generated encrypted character string in alphabetical order.
- the standard character code “65535” The encrypted character string “eiu37sgcvjw4y8” and the encrypted character string “mxjqwjfxaajrfcjwwrex” generated from the standard character code “00002” are rearranged in this order.
- the order of the encrypted character strings can be arbitrarily changed and may be determined in advance, or may be generated using an encryption key according to a predetermined algorithm, for example.
- the conversion table 221 is generated by registering the standard character code and the conversion character code in association with each character.
- the conversion font is for displaying characters corresponding to the conversion character code.
- the CPU uses the RAM as a work memory, and executes various programs of the server device 20 by appropriately executing programs stored in the ROM. To control.
- the control unit 23 determines whether or not the login ID and password received by the communication unit 21 are registered in the change DB 220. If the control unit 23 determines that it is registered, the control unit 23 authenticates the login of the terminal device 10. Then, the control unit 23 transmits the conversion font registered in the change DB 220 in association with the login ID and the password from the communication unit 21 to the terminal device 10 via the network N.
- the control unit 23 forms a standard character code string corresponding to the character string indicating the customer personal information received by the communication unit 21 in response to the terminal device 10 requesting registration of the customer personal information during login.
- the conversion character code corresponding to each standard character code is specified from the conversion table 221, and the conversion character code string corresponding to the character string indicating the customer's personal information is generated.
- the control unit 23 transmits a converted character code string corresponding to the generated character string indicating the personal information of the customer to the storage device 30 via the network N.
- control unit 23 In response to receiving the notification that the registration of the personal information of the customer is completed from the storage device 30 via the network N, the control unit 23 transmits the notification to that effect to the terminal device 10 via the network N. To do.
- the control unit 23 responds that the terminal device 10 has requested a search for the customer's personal information, and each standard constituting a standard character code string corresponding to a character string indicating an item of personal information received by the communication unit 21.
- a conversion character code corresponding to the character code is specified from the conversion table 221, and a conversion character code string corresponding to a character string indicating an item of personal information is generated.
- the control unit 23 transmits a converted character code string corresponding to the character string indicating the generated personal information item from the communication unit 21 to the storage device 30 via the network N.
- FIG. 7 is a block diagram illustrating a configuration example of the storage device.
- the storage device 30 is composed of, for example, a general-purpose server computer, and includes a communication unit 31, a storage unit (storage) 32, and a control unit (processor) 33 as shown in FIG. Are connected so that they can communicate with each other.
- the communication unit 31 is composed of, for example, a NIC or the like, and receives a converted character code string corresponding to a character string indicating customer personal information transmitted from the server device 20 via the network N. In addition, the communication unit 31 transmits a notification that the registration of the personal information of the customer is completed to the server device 20 via the network N.
- the communication unit 31 receives a converted character code string corresponding to a character string indicating an item of personal information transmitted from the server device 20 via the network N. In addition, the communication unit 31 transmits a converted character code string corresponding to a character string indicating the customer's personal information to the terminal device 10 via the network N.
- the storage unit 32 is composed of a hard disk drive, for example, and stores a personal information DB 320.
- the personal information DB 320 registers the converted character code string corresponding to the character string indicating the customer's personal information as it is.
- the control unit 33 includes, for example, a CPU, a ROM, a RAM, and the like, and controls various operations of the storage device 30 by appropriately executing a program stored in the ROM using the RAM as a work memory.
- the control unit 33 responds to the fact that the communication unit 31 has received the converted character code string corresponding to the character string indicating the customer personal information transmitted from the server device 20 via the network N.
- a converted character code string corresponding to a character string indicating information is registered in the personal information DB 320 as it is.
- the control unit 33 responds to the fact that the communication unit 31 has received the converted character code string corresponding to the character string indicating the item of personal information transmitted from the server device 20 via the network N.
- a conversion character code string corresponding to the character string indicating the item is searched from the personal information DB 320.
- the control unit 33 reads from the personal information DB 320 a converted character code string corresponding to the character string indicating the customer personal information including the searched converted character code string.
- the control part 33 transmits the conversion character code string corresponding to the character string which shows the read customer's personal information from the communication part 31 to the terminal device 10 via the network N.
- the control unit 15 of the terminal device 10 receives the login ID and password input from the operation unit 11 from the communication unit 13 to the network N in response to the operator instructing the operation unit 11 to log in to the server device 20. Is transmitted to the server device 20 via.
- the control unit 23 of the server device 20 receives the login ID and password transmitted from the terminal device 10 via the network N by the communication unit 21.
- control unit 23 determines whether or not the login ID and password received by the communication unit 21 are registered in the change DB 220.
- control unit 23 If the control unit 23 determines that it is registered, the control unit 23 authenticates the login of the terminal device 10.
- control unit 23 transmits the conversion font registered in the change DB 220 in association with the login ID and the password from the communication unit 21 to the terminal device 10 via the network N.
- the control unit 15 of the terminal device 10 receives the conversion character code table transmitted from the server device 20 via the network N by the communication unit 13 and sets it in the RAM or the like.
- the information management system 1 starts the personal information registration process in response to the customer's personal information being input by the operator through the operation unit 11 and the registration of the customer's personal information being instructed. .
- FIG 8 to 10 are flowcharts showing an example of the personal information registration process.
- the control unit 15 of the terminal device 10 generates a standard character code string corresponding to the character string indicating the customer's personal information input by the operation unit 11. To the server device 20 via the network N (step S101).
- the control unit 23 of the server device 20 receives the standard character code string corresponding to the character string indicating the customer's personal information transmitted from the terminal device 10 via the network N by the communication unit 21 (step S102).
- control unit 23 specifies the conversion character code corresponding to each standard character code constituting the standard character code string corresponding to the character string indicating the customer personal information received by the communication unit 21 from the conversion table 221. Then, a converted character code string corresponding to the character string indicating the customer's personal information is generated (step S103).
- control part 23 transmits the conversion character code string corresponding to the character string which shows the customer's personal information produced
- control unit 33 of the storage device 30 receives the converted character code string corresponding to the character string indicating the customer's personal information transmitted from the server device 20 via the network N by the communication unit 31. (Step S105).
- control unit 33 registers the converted character code string corresponding to the character string indicating the customer's personal information received by the communication unit 31 as it is in the personal information DB 320 (step S106).
- control part 33 transmits the notification to the effect that registration of a customer's personal information was completed from the communication part 31 via the network N (step S107).
- the control unit 23 of the server device 20 receives the notification that the registration of the customer's personal information transmitted from the storage device 30 via the network N is completed by the communication unit 21 (step S108). Then, as shown in FIG. 10, the control unit 23 transmits a notification that the registration of the personal information of the customer is completed from the communication unit 21 via the network N (step S109).
- the control unit 15 of the terminal device 10 receives the notification that the registration of the customer personal information transmitted from the server device 20 via the network N is completed by the communication unit 21 (step S110).
- control unit 15 displays on the display unit 14 that the registration of the customer's personal information has been completed (step S111), and ends the personal information registration process.
- control unit 15 of the terminal device 10 receives one of the plurality of items included in the customer's personal information in the operation unit 11 by the operator, and stores the customer's personal information including the input item. In response to the search instruction, personal information display processing is started.
- 11 to 13 are flowcharts showing an example of personal information display processing.
- control unit 15 of the terminal device 10 sends a standard character code string corresponding to a character string indicating an item of personal information input from the operation unit 11 from the communication unit 13. It transmits to the server apparatus 20 via the network N (step S201).
- the control unit 23 of the server device 20 receives a standard character code string corresponding to a character string indicating an item of personal information transmitted from the terminal device 10 via the network N (step S202).
- control unit 23 specifies from the conversion table 221 the conversion character code corresponding to each standard character code constituting the standard character code sequence corresponding to the character string indicating the item of personal information received by the communication unit 21. Then, a converted character code string corresponding to the character string indicating the item of personal information is generated (step S203).
- control part 23 transmits the conversion character code string corresponding to the character string which shows the item of the personal information produced
- control unit 33 of the storage device 30 receives the converted character code string corresponding to the character string indicating the item of personal information transmitted from the server device 20 via the network N by the communication unit 31. (Step S205).
- control unit 33 searches the personal information DB 320 for a converted character code string corresponding to the character string indicating the item of personal information received by the communication unit 31 (step S206).
- control unit 33 reads from the personal information DB 320 a converted character code string corresponding to the character string indicating the customer personal information including the converted character code string searched in step S206 (step S207).
- control part 33 transmits the conversion character code string corresponding to the character string which shows the customer's personal information read by step S207 from the communication part 31 to the terminal device 10 via the network N (step S208).
- control unit 15 of the terminal device 10 receives the converted character code string corresponding to the character string indicating the customer's personal information transmitted from the storage device 30 via the network N by the communication unit 13. (Step S209).
- control unit 15 determines whether or not the server device 20 is logged in (step S210).
- control unit 15 determines that the server device 20 is logged in (step S210; Yes)
- the control unit 15 configures the converted character code string received by the communication unit 13 using the conversion font set in the RAM or the like. Characters corresponding to the converted character codes are displayed on the display unit 14 (step S211), and the personal information display process is terminated. As a result, a character string indicating personal information is displayed on the display unit 14.
- control unit 15 determines that the server device 20 is not logged in (step S210; No)
- the control unit 15 configures the converted character code string received by the communication unit 13 using the specified font stored in the storage unit 12.
- the character corresponding to each conversion character code to be displayed is displayed on the display unit 14 (step S212), and the personal information display process is terminated. Thereby, a garbled character string is displayed on the display unit 14.
- the server device 20 stores the specified character code and the converted character code having a different type from the specified character code in association with each other. 22 and a control unit (processor) 23.
- the server device 20 is connected via the network N to the terminal device 10 that receives the converted character code string corresponding to the character string indicating the customer's personal information stored in the storage device 30 via the network N. Yes.
- the control unit 23 responds to the reception of the specified character code string corresponding to the character string indicating the item included in the personal information of the customer from the terminal device 10 and responds to the specified character code included in the specified character code string.
- the conversion character code string corresponding to the character string indicating the item of the personal information is generated by converting into the conversion character code. Then, the control unit 23 stores the transmission to the terminal device 10 of the converted character code string corresponding to the character string indicating the customer personal information including the character string indicating the item of the personal information corresponding to the converted character code string. 30.
- the information management system 1 since the conversion character code sequence including the conversion character code different in type from the specified character code is stored in the storage device 30 instead of the specified character code sequence transmitted by the terminal device 10, the information management system 1 , Customers' personal information can be managed safely. Further, the information management system 1 converts the specified character code string received from the terminal device 10 into a converted character code string and transmits it to the storage device 30, thereby converting the converted character code corresponding to the character string indicating the customer's personal information. The sequence can be transmitted to the terminal device 10.
- control unit 23 transmits a conversion font for displaying a character corresponding to the conversion character code via the network N to the terminal device 10 that satisfies the predetermined condition, that is, is logged into the server device 20.
- the terminal device 10 displays a character string indicating the customer's personal information using the converted font transmitted from the server device 20.
- the terminal device 10 displays a garbled character string different from the character string indicating the customer's personal information.
- the terminal device 10 merely displays the character string corresponding to the converted character code string using the converted font, and does not decode the converted character code string into the specified character code string. For this reason, when the conversion character code string corresponding to the character string indicating the customer's personal information is moved to another environment that does not have the conversion font, the garbled characters different from the character string indicating the customer's personal information A column is displayed. In addition, when an output other than display such as printing of a converted character code string corresponding to a character string indicating customer personal information is performed, a garbled character string different from the character string indicating customer personal information is output.
- the information management system 1 can more safely manage the customer personal information. Moreover, since the information management system 1 does not decode the converted character code string into the specified character code string, the load on the terminal device 10 can be reduced.
- the storage unit 22 stores a conversion DB 220 that registers and registers a login ID and password for authenticating login of the terminal device 10, a conversion table 221, and a conversion font.
- a standard character code and a converted character code are associated with each character and registered. That is, the storage unit 22 registers the terminal device 10, the converted character code, and the converted font in association with each other.
- the control unit 23 converts the standard character code into a conversion character code corresponding to the terminal device 10 that has transmitted the standard character code string including the standard character code. Furthermore, the control unit 23 transmits the converted font corresponding to the terminal device 10 to the terminal device 10 that has logged in.
- the server device 20 converts the standard character code into a different conversion character code for each terminal device 10, that is, for each authority of the operator who can log in. Moreover, the server apparatus 20 can transmit the conversion font corresponding to the conversion character code into which the standard character code which this terminal apparatus 10 transmitted was converted to the terminal device 10 which logged in. Thereby, the information management system 1 can manage a customer's personal information more safely.
- the terminal device 10 discards the converted font transmitted from the server device 20 when the predetermined condition is not satisfied, that is, when the terminal device 10 logs out from the server device 20.
- the information management system 1 can manage customer's personal information more safely.
- control unit 23 converts the standard character code included in the standard character code string corresponding to the character string indicating the customer's personal information into a corresponding conversion character code, thereby converting the character string indicating the customer's personal information into a character string.
- a corresponding conversion character code string is generated.
- the control unit 23 instructs the storage device 30 to store a character string indicating the customer's personal information in the storage device 30.
- the server device 20 stores the prescribed character code string corresponding to the character string indicating the customer's personal information in the storage device 30 in a state of being converted into the converted character code string. For this reason, the information management system 1 can manage customer's personal information more safely.
- the conversion character code is generated by encrypting the standard character code corresponding to each character to generate an encrypted character string, rearranging the encrypted character string in a predetermined order, It is generated by assigning numerical values in order.
- the converted character code is generated by rearranging the standard character codes in a way that is difficult to decipher. For this reason, the information management system 1 can manage customer's personal information more safely.
- the conversion character code corresponding to each authority of the terminal device 10, that is, the operator who can log in is at least one of the encryption key, the encryption method, and the method of rearranging the encrypted character strings for each authority of the operator who can log in. It may be generated by making one different.
- the conversion table 221 and the conversion font are described as being generated in advance.
- the present invention is not limited to this, and the conversion table 221 and the conversion font may be generated every time a standard character code string is received from the terminal device 10.
- the storage unit 22 stores a standard character code table.
- the conversion DB 220 registers a login ID, a password, and an encryption key in association with each other.
- the control unit 23 determines the standard character code assigned to each character in the standard character code table. Using the encryption key stored in the conversion DB 220, for example, the encrypted character string corresponding to each character is generated by performing encryption using the line Dahl encryption method.
- control unit 23 rearranges each character corresponding to the encrypted character string by rearranging the generated encrypted character string in alphabetical order. Subsequently, the control unit 23 reassigns numbers from “00000” to “65535” (decimal numbers) to the characters rearranged according to the alphabetical order of the encrypted character string, and uses this as the converted character code. . Then, the control unit 23 may generate the conversion table 221 by registering the standard character code and the conversion character code in association with each character.
- the conversion font may be generated from the conversion table 221 every time a standard character code string is received from the terminal device 10.
- the conversion table 221 and the conversion font are generated, so that even if the third party knows the encryption key, the conversion character code generation method is not limited. If it is not known, the converted character code string corresponding to the character string indicating the customer's personal information cannot be decoded. Thereby, the information management system 1 can manage a customer's personal information more safely.
- the conversion character code is generated by encrypting the standard character code corresponding to each character to generate an encrypted character string, rearranging the encrypted character string in a predetermined order, and corresponding to the rearranged encrypted character string. It has been described that it is generated by assigning a numerical value to each character in order. However, the present invention is not limited to this. Further, among the characters corresponding to the conversion character code, for example, the numbers “0” to “9” may all be the same symbol. In this way, since it becomes more difficult to guess the character corresponding to the conversion character code, the information management system 1 can more safely manage the customer's personal information.
- the server device 20 and the storage device 30 have been described as separate devices connected via the network N.
- the present invention is not limited to this and is configured as an integrated device. It may be.
- the information managed safely by the information management system 1 is not limited to the customer's personal information, and is arbitrary and may be any information.
- the programs executed by the CPUs of the control units 15, 23, and 33 are stored in advance in a ROM or the like.
- this invention is not limited to this,
- the terminal which concerns on the said embodiment by applying the program for performing the above-mentioned process to the existing general purpose computer, a tablet computer, a smart phone, a server computer, etc. You may make it function as the apparatus 10, the server apparatus 20, and the memory
- the method of providing such a program is arbitrary.
- the program may be stored and distributed on a computer-readable recording medium (flexible disk, CD (Compact Disc) -ROM, DVD (Digital Versatile Disc) -ROM, etc.).
- the program may be stored in a storage on a network such as the Internet and provided by downloading it.
- the above processing is executed by sharing between an OS (Operating System) and an application program, or in cooperation with the OS and the application program, only the application program may be stored in a recording medium or storage. It is also possible to superimpose a program on a carrier wave and distribute it via a network. For example, the program may be posted on a bulletin board (BBS: Bulletin Board System) on the network, and the program may be distributed via the network. Then, this program may be activated and executed in the same manner as other application programs under the control of the OS, so that the above processing can be executed.
- BSS Bulletin Board System
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- General Health & Medical Sciences (AREA)
- Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Bioethics (AREA)
- Software Systems (AREA)
- Databases & Information Systems (AREA)
- Medical Informatics (AREA)
- Computing Systems (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Artificial Intelligence (AREA)
- Audiology, Speech & Language Pathology (AREA)
- Computational Linguistics (AREA)
- Document Processing Apparatus (AREA)
- Storage Device Security (AREA)
Abstract
Description
Claims (9)
- 第1文字コードと、該第1文字コードとは種類が異なる第2文字コードと、を対応付けて記憶するストレージ(22)と、プロセッサ(23)と、を備え、記憶装置(30)に記憶されている第1文字列に対応する第2文字コード列をネットワーク(N)を介して受信する端末装置(10)に該ネットワーク(N)を介して接続されたサーバ装置(20)であって、
前記プロセッサ(23)が、
前記第1文字列に含まれる第2文字列に対応する第1文字コード列を前記端末装置(10)から受信したことに応答して、該第1文字コード列に含まれる該第1文字コードをそれぞれ対応する該第2文字コードに変換することにより、該第2文字列に対応する第2文字コード列を生成し、
前記第2文字列に対応する第2文字コード列を含む前記第1文字列に対応する第2文字コード列の前記端末装置(10)への送信を該記憶装置(30)に指示する、
サーバ装置(20)。 - 前記プロセッサ(23)は、所定の条件を満たす前記端末装置(10)に、前記第2文字コードに対応する文字を表示するためのフォントを前記ネットワーク(N)を介して送信し、
前記端末装置(10)は、前記所定の条件を満たしている場合、前記サーバ装置(20)から送信される前記フォントを用いて、前記第1文字列を表示し、該所定の条件を満たしていない場合、該第1文字列とは異なる文字列を表示する、
請求項1に記載のサーバ装置(20)。 - 前記ストレージ(22)は、前記端末装置(10)と、前記第2文字コードと、前記フォントと、を対応付けて記憶し、
前記プロセッサ(23)は、前記第1文字コードを、該第1文字コードを含む第1文字コード列を送信した前記端末装置(10)に対応する前記第2文字コードに変換し、
前記所定の条件を満たす前記端末装置(10)に、該端末装置(10)に対応する前記フォントを送信する、
請求項2に記載のサーバ装置(20)。 - 前記端末装置(10)は、前記所定の条件を満たさなくなった場合、前記サーバ装置(20)から送信された前記フォントを破棄する、
請求項2に記載のサーバ装置(20)。 - 前記プロセッサ(23)は、
前記第1文字列に対応する第1文字コード列に含まれる前記第1文字コードをそれぞれ対応する前記第2文字コードに変換することにより、前記第1文字列に対応する第2文字コード列を生成し、
前記第1文字列に対応する第2文字コード列の前記記憶装置(30)への記憶を該記憶装置(30)に指示する、
請求項1に記載のサーバ装置(20)。 - 前記第2文字コードは、各文字に対応する第1文字コードをそれぞれ暗号化して暗号文字列を生成し、該暗号文字列を所定の順序で並び替え、該並び替えた暗号文字列に対応する各文字に数値を順番に割り当てていくことにより生成される、
請求項1に記載のサーバ装置(20)。 - 請求項2に記載のサーバ装置(10)と、
前記所定の条件を満たしている場合、前記サーバ装置(20)から送信される前記フォントを用いて、前記第1文字列を表示し、該所定の条件を満たしていない場合、該第1文字列とは異なる文字列を表示する前記端末装置(10)と、
を具備する情報管理システム(1)。 - 第1文字コードと、該第1文字コードとは種類が異なる第2文字コードと、を対応付けて記憶するストレージ(22)と、プロセッサ(23)と、を備え、記憶装置(30)に記憶されている第1文字列に対応する第2文字コード列をネットワーク(N)を介して受信する端末装置(10)に該ネットワーク(N)を介して接続されたサーバ装置(20)による情報管理方法であって、
前記プロセッサ(23)が、
前記第1文字列に含まれる第2文字列に対応する第1文字コード列を前記端末装置(10)から受信したことに応答して、該第1文字コード列に含まれる該第1文字コードをそれぞれ対応する該第2文字コードに変換することにより、該第2文字列に対応する第2文字コード列を生成し、
前記第2文字列に対応する第2文字コード列を含む前記第1文字列に対応する第2文字コード列の前記端末装置(10)への送信を該記憶装置(30)に指示する、
情報管理方法。 - 第1文字コードと、該第1文字コードとは種類が異なる第2文字コードと、を対応付けて記憶するストレージ(22)と、プロセッサ(23)と、を備え、記憶装置(30)に記憶されている第1文字列に対応する第2文字コード列をネットワーク(N)を介して受信する端末装置(10)に該ネットワーク(N)を介して接続されたサーバ装置(20)が備えるプロセッサ(23)に、
前記第1文字列に含まれる第2文字列に対応する第1文字コード列を前記端末装置(10)から受信したことに応答して、該第1文字コード列に含まれる該第1文字コードをそれぞれ対応する該第2文字コードに変換することにより、該第2文字列に対応する第2文字コード列を生成させ、
前記第2文字列に対応する第2文字コード列を含む前記第1文字列に対応する第2文字コード列の前記端末装置(10)への送信を該記憶装置(30)に指示させる、
ためのコンピュータプログラム。
Priority Applications (6)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020177018462A KR102208082B1 (ko) | 2015-07-21 | 2015-07-21 | 서버 장치, 정보관리 시스템, 정보관리 방법 및 컴퓨터 프로그램을 저장한 기록매체 |
EP15898911.1A EP3291125B1 (en) | 2015-07-21 | 2015-07-21 | Server device, information management system, information management method, and computer program |
JP2015556287A JP5956092B1 (ja) | 2015-07-21 | 2015-07-21 | サーバ装置、情報管理システム、情報管理方法、及びコンピュータプログラム |
PCT/JP2015/070753 WO2017013752A1 (ja) | 2015-07-21 | 2015-07-21 | サーバ装置、情報管理システム、情報管理方法、及びコンピュータプログラム |
US15/575,329 US10277585B2 (en) | 2015-07-21 | 2015-07-21 | Server device, information management system, information management method, and computer program |
CN201580078959.XA CN107533617B (zh) | 2015-07-21 | 2015-07-21 | 服务器装置、信息管理系统、信息管理方法以及计算机程序 |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
PCT/JP2015/070753 WO2017013752A1 (ja) | 2015-07-21 | 2015-07-21 | サーバ装置、情報管理システム、情報管理方法、及びコンピュータプログラム |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2017013752A1 true WO2017013752A1 (ja) | 2017-01-26 |
Family
ID=56418689
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/JP2015/070753 WO2017013752A1 (ja) | 2015-07-21 | 2015-07-21 | サーバ装置、情報管理システム、情報管理方法、及びコンピュータプログラム |
Country Status (6)
Country | Link |
---|---|
US (1) | US10277585B2 (ja) |
EP (1) | EP3291125B1 (ja) |
JP (1) | JP5956092B1 (ja) |
KR (1) | KR102208082B1 (ja) |
CN (1) | CN107533617B (ja) |
WO (1) | WO2017013752A1 (ja) |
Families Citing this family (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2018073921A1 (ja) * | 2016-10-19 | 2018-04-26 | A・Tコミュニケーションズ株式会社 | 情報処理装置、情報処理システム、情報処理方法、及びコンピュータプログラム |
KR20190137232A (ko) | 2018-06-01 | 2019-12-11 | 부산가톨릭대학교 산학협력단 | 개인정보 자동암호화 서버 및 이의 접근권한 설정 방법 |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2007272539A (ja) * | 2006-03-31 | 2007-10-18 | Ns Solutions Corp | セキュリティ装置およびアプリケーションサーバシステム |
JP2009294242A (ja) * | 2008-06-02 | 2009-12-17 | Canon Inc | サーバ装置、情報処理装置、データ処理方法、プログラム |
JP2010244123A (ja) * | 2009-04-01 | 2010-10-28 | Nec Corp | 情報持ち出し管理システムおよび方法 |
JP2010257376A (ja) * | 2009-04-28 | 2010-11-11 | Hitachi Software Eng Co Ltd | 機密情報マスキングシステム |
JP2011133991A (ja) * | 2009-12-22 | 2011-07-07 | Nec Corp | 機密データ保護システム、機密データ保護方法、機密データ保護プログラム |
Family Cites Families (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JPH07271777A (ja) * | 1994-03-31 | 1995-10-20 | Fujitsu Ltd | 分散情報処理システムにおける文字コード管理方式 |
JP3689954B2 (ja) * | 1995-03-13 | 2005-08-31 | 富士ゼロックス株式会社 | 異種コード文字列転記装置および電子辞書 |
JP2006106965A (ja) | 2004-10-01 | 2006-04-20 | Edion Corp | 販売管理システム |
US7642937B2 (en) * | 2006-01-09 | 2010-01-05 | Taiwan Semiconductor Manufacturing Co., Ltd. | Character conversion methods and systems |
CN101419589B (zh) * | 2008-12-08 | 2011-01-05 | 北大方正集团有限公司 | 一种计算机文档内容保护的方法和系统 |
CN101996298A (zh) * | 2009-08-14 | 2011-03-30 | 鸿富锦精密工业(深圳)有限公司 | 加密方法及与加密方法相对应的解密方法 |
US8600048B1 (en) * | 2010-06-28 | 2013-12-03 | Voltage Security, Inc. | Format-translating encryption systems |
US20120260108A1 (en) * | 2011-04-11 | 2012-10-11 | Steve Lee | Font encryption and decryption system and method |
JP5467155B1 (ja) * | 2012-06-29 | 2014-04-09 | 株式会社エス・ケイ・ケイ | 文書処理システム、文書処理方法及びプログラム |
-
2015
- 2015-07-21 KR KR1020177018462A patent/KR102208082B1/ko active IP Right Grant
- 2015-07-21 US US15/575,329 patent/US10277585B2/en active Active
- 2015-07-21 WO PCT/JP2015/070753 patent/WO2017013752A1/ja active Application Filing
- 2015-07-21 EP EP15898911.1A patent/EP3291125B1/en not_active Not-in-force
- 2015-07-21 CN CN201580078959.XA patent/CN107533617B/zh not_active Expired - Fee Related
- 2015-07-21 JP JP2015556287A patent/JP5956092B1/ja active Active
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2007272539A (ja) * | 2006-03-31 | 2007-10-18 | Ns Solutions Corp | セキュリティ装置およびアプリケーションサーバシステム |
JP2009294242A (ja) * | 2008-06-02 | 2009-12-17 | Canon Inc | サーバ装置、情報処理装置、データ処理方法、プログラム |
JP2010244123A (ja) * | 2009-04-01 | 2010-10-28 | Nec Corp | 情報持ち出し管理システムおよび方法 |
JP2010257376A (ja) * | 2009-04-28 | 2010-11-11 | Hitachi Software Eng Co Ltd | 機密情報マスキングシステム |
JP2011133991A (ja) * | 2009-12-22 | 2011-07-07 | Nec Corp | 機密データ保護システム、機密データ保護方法、機密データ保護プログラム |
Non-Patent Citations (1)
Title |
---|
See also references of EP3291125A4 * |
Also Published As
Publication number | Publication date |
---|---|
KR20180031624A (ko) | 2018-03-28 |
CN107533617B (zh) | 2021-08-10 |
US20180145962A1 (en) | 2018-05-24 |
JP5956092B1 (ja) | 2016-07-20 |
US10277585B2 (en) | 2019-04-30 |
KR102208082B1 (ko) | 2021-01-26 |
EP3291125B1 (en) | 2022-06-29 |
EP3291125A1 (en) | 2018-03-07 |
CN107533617A (zh) | 2018-01-02 |
EP3291125A4 (en) | 2018-08-22 |
JPWO2017013752A1 (ja) | 2017-07-27 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US10715320B2 (en) | Password generation with key and derivation parameter | |
US9021259B2 (en) | Encrypted database system, client terminal, encrypted database server, natural joining method, and program | |
WO2020233033A1 (zh) | 信息交互方法、装置及存储介质 | |
MXPA04004144A (es) | Comunicacion segura con un teclado o dispositivo relacionado. | |
WO2019114122A1 (zh) | 登录信息的加密方法、装置、电子设备及介质 | |
US10362023B2 (en) | Authentication information encryption server apparatuses, systems non-transitory computer readable mediums and methods for improving password security | |
US11082813B2 (en) | Message-based management service enrollment | |
KR20200123228A (ko) | 자동채움 필드 분류를 위한 시스템 및 방법 | |
JP2016522931A (ja) | パスワードへの攻撃を阻害すること | |
JP5956092B1 (ja) | サーバ装置、情報管理システム、情報管理方法、及びコンピュータプログラム | |
JP2013025361A (ja) | データ管理システム及びデータ管理方法 | |
JP2015176365A (ja) | メッセージ送信装置、メッセージ受信装置、メッセージ送信プログラム、メッセージ受信プログラムおよびメッセージチェック方法 | |
JP2023532976A (ja) | ユーザの身元の検証のための方法およびシステム | |
US11095435B2 (en) | Keystroke dynamics anonimization | |
JP2018061171A (ja) | 暗号化システム、暗号化方法、暗号化装置および暗号化プログラム | |
CN108512657B (zh) | 一种密码生成方法及装置 | |
JP6099489B2 (ja) | 情報処理装置及び情報処理方法及びプログラム | |
JP6144438B1 (ja) | 情報処理装置、情報処理システム、情報処理方法、及びコンピュータプログラム | |
JP5865565B2 (ja) | 文章認識装置、文章認識方法、及びプログラム | |
CN111062047B (zh) | 数据存储方法、系统、设备及存储介质 | |
JP2016038557A (ja) | データ暗号化方法、データ復号方法、データ処理装置 | |
JP2018066979A (ja) | 情報処理装置、情報処理システム、情報処理方法、及びコンピュータプログラム | |
KR101679124B1 (ko) | 2 팩터 또는 2 채널을 이용하는 패스워드 수신 방법 및 장치 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
ENP | Entry into the national phase |
Ref document number: 2015556287 Country of ref document: JP Kind code of ref document: A |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 15898911 Country of ref document: EP Kind code of ref document: A1 |
|
ENP | Entry into the national phase |
Ref document number: 20177018462 Country of ref document: KR Kind code of ref document: A |
|
WWE | Wipo information: entry into national phase |
Ref document number: 15575329 Country of ref document: US |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2015898911 Country of ref document: EP |
|
NENP | Non-entry into the national phase |
Ref country code: DE |