WO2022074757A1 - 制御方法、制御プログラム、および情報処理装置 - Google Patents

制御方法、制御プログラム、および情報処理装置 Download PDF

Info

Publication number
WO2022074757A1
WO2022074757A1 PCT/JP2020/037976 JP2020037976W WO2022074757A1 WO 2022074757 A1 WO2022074757 A1 WO 2022074757A1 JP 2020037976 W JP2020037976 W JP 2020037976W WO 2022074757 A1 WO2022074757 A1 WO 2022074757A1
Authority
WO
WIPO (PCT)
Prior art keywords
business
program
execution
code
procedure
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/JP2020/037976
Other languages
English (en)
French (fr)
Japanese (ja)
Inventor
忠信 角田
大 山本
和明 二村
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Fujitsu Ltd
Original Assignee
Fujitsu Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Fujitsu Ltd filed Critical Fujitsu Ltd
Priority to PCT/JP2020/037976 priority Critical patent/WO2022074757A1/ja
Priority to EP20956705.6A priority patent/EP4227836A4/en
Priority to JP2022555023A priority patent/JPWO2022074757A1/ja
Publication of WO2022074757A1 publication Critical patent/WO2022074757A1/ja
Priority to US18/180,253 priority patent/US20230221987A1/en
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/40Transformation of program code
    • G06F8/54Link editing before load time
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/46Multiprogramming arrangements
    • G06F9/48Program initiating; Program switching, e.g. by interrupt
    • G06F9/4806Task transfer initiation or dispatching
    • G06F9/4843Task transfer initiation or dispatching by program, e.g. task dispatcher, supervisor, operating system
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/12Protecting executable software
    • G06F21/121Restricting unauthorised execution of programs
    • G06F21/125Restricting unauthorised execution of programs by manipulating the program code, e.g. source code, compiled code, interpreted code, machine code
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • G06F21/54Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by adding security routines or objects to programs
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/40Transformation of program code
    • G06F8/41Compilation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/008Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols involving homomorphic encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3271Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response

Definitions

  • the present invention relates to a control method, a control program, and an information processing device.
  • ICT Information and Communication Technology
  • Patent Document 1 techniques related to protecting or controlling document components are known (eg, Patent Document 1).
  • the business execution order may be defined in the business flow.
  • the processing program by adding the calculation code to execute the calculation to the processing program corresponding to the first business is added to the processing program.
  • a first program including the operation code and the operation code is generated, and the operation result obtained based on the execution of the operation is used to encrypt the second program corresponding to the second business to generate encrypted data.
  • the process of transmitting the program of 1 and the encrypted data to the device corresponding to the first business is included.
  • the business flow can be executed with high reliability.
  • groupware equipped with a workflow system that supports the execution of business flows within the company is used.
  • a mechanism called RPA (Robotic Process Automation) that automates work by a software robot is known.
  • RPA Robot Process Automation
  • the execution order of processes may be defined in the business flow. In this case, for example, even if the execution result of the business flow is obtained, it may not be known whether the obtained execution result is surely executed and obtained in a predetermined order.
  • a terminal that executes a business flow is gimmicked by a cyber attack, it may be difficult to detect even if an illegal operation is performed.
  • One example is a replay attack.
  • the replay attack the log output by the terminal that executes the process of the business flow is stored, and the same log is transmitted even though the process is not executed at the time of executing the next process.
  • a result that appears to be operating correctly is output even though the process has not been executed. In this case, it is difficult to detect that the business flow process is not actually executed even by looking at the execution result of the business flow.
  • the result obtained by executing the robot in the previous process is often used by the robot in the next process. Therefore, if the steps of the flow are not executed in order, the desired result may not be obtained.
  • the operation code for executing the operation is added to the program corresponding to the first business, and the first operation is performed.
  • the program is generated.
  • the encrypted data is generated by encrypting the second program corresponding to the second business by using the calculation result obtained based on the execution of the calculation. Then, the first program and the encrypted data generated in this way are transmitted to the device corresponding to the first business.
  • the device that has received the first program and the encrypted data executes the first program, executes the first business, and acquires the calculation result.
  • the encrypted second program cannot be decrypted. Therefore, it is possible to force the execution of the first program before the execution of the second program. Then, when the second business can be executed by executing the second program, it can be guaranteed that the first business has been completed.
  • the embodiment will be described by taking a business flow as an example, but the application target of the embodiment is not limited to the business flow, and it is implemented for other processes for which the order of execution is required to be guaranteed.
  • the morphology may be applied.
  • FIG. 1 is a diagram illustrating the configuration of the control system 100 according to the embodiment.
  • the control system 100 may include, for example, a server 101 and a terminal 102.
  • the server 101 may be, for example, an information processing device such as a server computer, a personal computer, or a mobile computer.
  • the terminal 102 may be an information processing device such as a personal computer, a mobile computer, a tablet terminal, a smartphone, a mobile phone, an inspection device, a manufacturing device, and a management device.
  • the server 101 and the terminal 102 may communicate with each other via a network 105 such as the Internet and a private network.
  • FIG. 2 is a diagram illustrating a functional block configuration of the server 101 according to the embodiment.
  • the server 101 includes, for example, a control unit 201, a storage unit 202, and a communication unit 203.
  • the control unit 201 includes, for example, a generation unit 211, an encryption unit 212, a transmission unit 213, and the like, and may also include other functional units.
  • the storage unit 202 stores information such as business information 400, document 500, processing information 600, and notification destination information 700, which will be described later, for example.
  • the communication unit 203 communicates with another device, for example, according to the instruction of the control unit 201. For example, the communication unit 203 communicates with the terminal 102. The details of each of these units and the details of the information stored in the storage unit 202 will be described later.
  • FIG. 3 is a diagram illustrating a functional block configuration of the terminal 102 according to the embodiment.
  • the terminal 102 includes, for example, a control unit 301, a storage unit 302, a communication unit 303, and a display unit 304.
  • the control unit 301 includes, for example, an execution unit 311 and a transmission unit 312, and may also include other functional units.
  • the storage unit 302 stores information such as encapsulation data described later, for example.
  • the communication unit 303 communicates with another device, for example, according to the instruction of the control unit 301.
  • the communication unit 303 communicates with the server 101 and another terminal 102.
  • the display unit 304 may display information on a display screen, for example. The details of each of these units and the details of the information stored in the storage unit 302 will be described later.
  • FIG. 4 is a diagram illustrating the business information 400 according to the embodiment.
  • a document and a record associated with the business flow are registered.
  • the template data of the document to be processed by the business flow is registered.
  • Documents include, for example, contracts, invoices, requests, applications, and the like.
  • a business flow executed for the document of the record is registered.
  • a business flow including a plurality of processes such as approval and sending of an invoice is registered as a flow of invoice issuance business for the invoice.
  • a business flow including a plurality of processes such as approval processing and sending processing of the purchase request form is registered as the flow of the purchase request for the purchase request form.
  • the business flow of the business information 400 includes information on a person in charge of executing the process, a destination, and the like, in addition to the information indicating the processing contents such as approval and sending executed in each process. You may go out.
  • FIG. 4 shows an example in which processes are divided in a business flow for each person in charge of business.
  • the business flow may be, for example, BPMN (Business Process Model and Notation) data.
  • the business flow may be, for example, BPEL (Business Process Execution Language) data in which the flow is described in XML.
  • FIG. 5 is a diagram illustrating the document 500 according to the embodiment.
  • an invoice template is shown as an example of Document 500.
  • a person in charge of issuing an invoice may apply for a corresponding business flow using the entered document 500 after inputting information on the invoice in the invoice document 500.
  • the person in charge puts information in the destination column (“invoice” column in FIG. 5), the invoice amount column, and the product name, unit price, and quantity column. You may enter it.
  • the control unit 201 of the server 101 imparts the imprint of the person in charge and the approver (for example, the manager and the president) when generating the encapsulation data described later. good.
  • the seal imprint may be, for example, an image stamped with a seal, and in one example, it may be an approver's seal such as a department manager's seal or a president's seal.
  • the control unit 201 of the server 101 may add an electronic signature to the document after the input of the information to the document 500 is completed.
  • FIG. 6 is a diagram illustrating the processing information 600 according to the embodiment.
  • a record associating a process with a procedure that can be executed by a computer for executing the process is registered.
  • a process executed in the process of the business flow of the business information 400 may be registered.
  • a processing program for causing the computer to execute the processing of the record is described.
  • the procedure may be written in a programming language such as Javascript® or may be written in another programming language.
  • the procedure includes, in one example, an RPA robot.
  • a mark may be added to the code that is the target of execution certification.
  • "///// Execution certification target code: Start ////" indicating the start position of the execution certification target code in the procedure corresponding to the approval process and the end of the execution certification target code.
  • the mark "///// Code to be certified for execution: End ////" indicating the position is included. Therefore, the control unit 201 can specify the position of the code to be the execution certification target from the mark in the procedure program.
  • the specification of the position of the code to be the execution certification target is not limited to this, and by setting a predetermined condition for specifying the code corresponding to the execution certification target, the code satisfying the predetermined condition can be specified.
  • the code to be certified for execution can be specified.
  • the data in which the code to be the execution certification target is registered is stored in the storage unit 202 in advance, and the control unit 201 searches the registered code in the procedure to search the code to be the execution certification target. May be specified.
  • the code to be certified for execution may be, for example, the code to be proved to have been executed in the execution of the procedure.
  • the code to be certified for execution may be a code that is required to be completed in order to advance the business flow to the next process.
  • the code for accepting the depression of the approval button may be used as the code for execution certification, and in the example of approval in FIG. 6, marks are written before and after the code for accepting the depression of the approval button.
  • control unit 201 detects, for example, the position of the code to be the execution certification by the mark, and executes an operation for proving the execution of the code to be the execution certification according to the position of the code to be the execution certification.
  • the operation code for executing the operation for proving the execution of the code to be the execution certification may be referred to as the execution certification operation code. Further details on adding the execution certification operation code to the procedure will be described later.
  • the procedure does not have to describe the information of the notification destination to which the data is transmitted after the processing is completed.
  • the control unit 201 may specify the information of the notification destination based on the information regarding the person in charge of the next process of the business flow of the business information 400, the destination, and the like, and write the information in the procedure.
  • FIG. 7 is a diagram illustrating the notification destination information 700 according to the embodiment.
  • the notification destination information 700 for example, the information of the notification destination for notifying the information in the process of the business flow registered in the business information 400 is registered.
  • a record associated with a department name, a job title, a name, and a notification destination is registered in the notification destination information 700.
  • the record registered in the notification destination information 700 may be, for example, information about a person in charge of a process of a business flow and a person in charge of a business partner who sends an execution result of the business flow.
  • the control unit 201 can specify the notification destination to notify the information when the process of the business flow of the business information 400 is completed.
  • the notification destination may be, for example, an e-mail address and a path to a predetermined folder on the network.
  • FIG. 8 is a diagram illustrating an operation flow of an encapsulation data transmission process according to an embodiment.
  • FIG. 9 is a diagram illustrating an approval procedure according to the embodiment.
  • FIG. 9 shows, as an example, an approval program created by Javascript.
  • the program of FIG. 9 is executed, for example, the window 1000 of FIG. 10 is displayed on the browser, and the approver can input the intention of approval by pressing the approval button.
  • control unit 201 of the server 101 may start the operation flow of FIG. 8 when the execution instruction of the encapsulation data transmission process is input.
  • the control unit 201 of the server 101 receives a business execution instruction from the terminal 102 used by the person in charge of the business.
  • the person in charge of the business may connect to the server 101 via the terminal 102, for example, and acquire the template of the document corresponding to the business to be executed registered in the business information 400 from the server 101. Then, the person in charge may send the document in which the information is input to the template of the acquired document to the server 101 via the terminal 102, and input the business execution instruction to the server 101.
  • the control unit 201 of the server 101 receives the input of the business execution instruction, the flow proceeds to S802.
  • control unit 201 of the server 101 assigns an electronic signature to the document included in the received business execution instruction.
  • the electronic signature may be, for example, an e-seal (Electronic seal) issued by the server 101.
  • control unit 201 of the server 101 specifies the business flow corresponding to the received business execution instruction.
  • the control unit 201 may specify the business flow corresponding to the document included in the received business execution instruction from the business information 400.
  • the control unit 201 may read the business flow corresponding to the invoice from the business information 400.
  • control unit 201 assigns a procedure to each process of the read business flow.
  • control unit 201 may specify a procedure corresponding to the processing of each process of the business flow read from the business information 400 from the processing information 600 and assign it to each process.
  • step 1) is an invoice process, and the control unit 201 may assign a procedure corresponding to the invoice process of the process information 600.
  • control unit 201 inputs information to the procedure corresponding to each process.
  • control unit 201 may input the notification destination information into the procedure.
  • a code for specifying a notification destination is described in the procedure of FIG. 9 (for example, (1) of FIG. 9).
  • the control unit 201 may write information indicating the notification destination in, for example, a code for designating the notification destination.
  • the control unit 201 for example, based on the information of the person in charge or the destination set in the process of the business flow, the information of the notification destination corresponding to the person in charge or the destination of the next process is transmitted from the notification destination information 700. You may get it.
  • the control unit 201 can notify the person in charge of the next process of the business flow or the person in charge of the business partner of the information obtained by the process of the process.
  • control unit 201 may acquire the information of the notification destination to the person in charge of the business partner from the input document received in S801.
  • the control unit 201 generates a challenge value for the procedure.
  • the challenge value may be generated for each procedure corresponding to each process, for example. Further, in another example, a challenge value common to a plurality of procedures may be used.
  • the challenge value can be obtained, for example, from a function that outputs a different result each time it is executed. Random functions, shuffle functions, etc. can be used as examples of functions that output different results each time they are executed.
  • the challenge value may be a random number in one example.
  • the control unit 201 generates an execution certification operation code using the challenge value, adds it to the procedure, and generates an additional procedure. Therefore, the additional procedure includes, for example, a procedure processing program and an execution certification operation code.
  • the code from "//--attached by server--//" to "//--end--//” represents the code added to the procedure by the control unit 201. ..
  • the execution certification operation code is, for example, a code for executing an operation for proving the execution of the code to be executed certification.
  • the additional procedure generated by adding the execution certification operation code may be referred to as, for example, the first program and the second program.
  • control unit 201 specifies the position of the code to be executed certification target satisfying a predetermined condition in the procedure, and adds the execution certification operation code to the procedure according to the position of the specified code to be executed certification target. Generate additional procedures.
  • control unit 201 may add an execution certification operation code at the position of the mark indicating the position of the code to be executed certification by replacing the mark. By removing the mark, it is possible to make it difficult to identify where the code to be certified for execution is in the procedure, and it is possible to improve security.
  • FIG. 9 a program that defines the operation contents of operation 1 and operation 2 as an execution certification operation code is described at the beginning of the procedure program ((2) in FIG. 9).
  • an operation code for adding 384 to the variable: calanswer is described as operation 1: cal1.
  • operation 2: cal2 an operation code for multiplying the variable: calanswer by 483 is described.
  • the numerical value: 384 used for the operation of the operation 1: cal1 and the numerical value: 483 used for the operation of the operation 2: cal2 are both challenge values generated for the procedure.
  • a challenge value is generated each time a business flow is executed, and an execution certification operation code that executes an operation using the generated challenge value is added to the procedure.
  • the calculation result obtained based on the execution of the execution certification operation code can be different each time the business flow is executed. As a result, it is possible to deal with replay attacks and the like.
  • control unit 201 may add a different execution certification operation code to the procedure of each process. Thereby, the security strength can be enhanced.
  • control unit 201 may add an execution certification operation code common to the procedures of a plurality of steps.
  • the control unit 201 generates a key using the operation result based on the execution of the operation indicated by the execution certification operation code added to the procedure.
  • the control unit 201 may acquire an operation result by executing at least an execution certification operation code among the additional procedures generated in S807, and may generate a key using the operation result.
  • the control unit 201 may use the calculation result as it is as a key.
  • the control unit 201 may generate a key by a predetermined algorithm using the calculation result.
  • the control unit 201 may acquire the hash value of the calculation result and generate a key using the obtained hash value by a common key cryptographic algorithm such as AES256, RC4, and DES.
  • hash functions such as SHA256, SHA2, and MD5 can be used.
  • control unit 201 executes the encapsulation process using the generated key. Then, in S810, the control unit 201 transmits the encapsulation data obtained in the encapsulation process to the execution terminal of the first step of the business flow, and this operation flow ends.
  • the control unit 201 may acquire, for example, the destination of the execution terminal of the first process of the business flow from the notification destination information 700.
  • control unit 201 may encrypt the procedure of the next process in the business flow by using, for example, the key generated for the procedure of the process. For example, when encryption is executed in this way, a key can be generated using the operation result obtained in the execution of the procedure, and the procedure in the next step can be decrypted using the generated key. ..
  • control unit 201 may encrypt the document by using the key generated for the procedure of the final process. For example, when encryption is executed in this way, a key can be generated using the operation result obtained in the execution of the procedure in the last step, and the document can be decrypted using the generated key. ..
  • the execution certification operation code added to the procedure As described above, when the code to be executed certification is executed in the execution of the procedure, the operation result that succeeds in decoding the procedure in the next step can be obtained. May have been added to.
  • the execution certification operation code added to the procedure is such that if the code to be executed certification is not executed in the execution of the procedure, the operation result that succeeds in decoding the procedure in the next process cannot be obtained. May have been added. Then, for example, it is assumed that the procedure of the next process is successfully decoded by using the operation result obtained by executing the procedure, and the procedure of the next process can be executed. In this case, it can be proved that the code to be executed is surely executed in the procedure in which the operation result is obtained.
  • the execution certification operation code may be added to the procedure so as to sandwich the code to be executed certification in the procedure, for example, as described in the description of the process of S807 described above. That is, for example, the control unit 201 executes the procedure so as to add the front operation code before the position of the code to be certified for execution and to add the rear operation code after the position of the code to be certified for execution. You may add a proof operation code. Further, the operation result in which the procedure of the next step is successfully decoded may be obtained, for example, when the operation of the rear operation code is executed using the primary operation result obtained by the execution of the front operation code.
  • execution certification operation code may be added to the procedure in the form.
  • the execution proof operation code may be added to the procedure so that the operation is executed using the return value of the function included in the code to be the execution proof.
  • the return value can be obtained if the code to be certified for execution is executed in the execution of the procedure, but the return value cannot be obtained unless the code to be certified for execution is executed. Therefore, the calculation result can be different depending on whether or not the code to be certified for execution is executed.
  • FIG. 11 is a diagram illustrating an operation flow of the encapsulation process according to the embodiment. For example, when the control unit 201 of the server 101 proceeds to S809 of the operation flow of FIG. 8, the operation flow of FIG. 11 may be started.
  • the control unit 201 of the server 101 encrypts the document using the key obtained by using the calculation result in S808 for the additional procedure of the final process of the business flow, and generates the byte code of the document.
  • the byte code may be, for example, data in a byte string obtained by encryption, and in one example, it may be represented by ASCII characters.
  • Bytecode may be referred to as encrypted data, for example.
  • the object of encryption may include the electronic signature of the document given in S802. Encryption may be performed, for example, using a common key cryptographic algorithm.
  • control unit 201 of the server 101 associates the byte code of the document with the procedure of the last process as the processing target.
  • the control unit 201 may store the bytecode in the procedure constant as shown in FIG. 9 (6).
  • control unit 201 determines whether or not the process to be processed has a previous process. If the process to be processed has a previous process (YES in S1103), the flow proceeds to S1104.
  • control unit 201 encrypts the procedure to be processed using the key obtained by using the calculation result in S808 for the additional procedure of the previous step.
  • the encryption target may include the bytecode of the procedure located downstream of the procedure to be processed in the business flow and the bytecode of the document. Encryption may be performed, for example, using a common key cryptographic algorithm.
  • control unit 201 associates the byte code obtained in the processing of S1104 with the procedure of the previous step as the processing target, and the flow returns to S1103.
  • control unit 201 may store the bytecode in the constant of the procedure of the previous step to be processed, as shown in FIG. 9 (6).
  • control unit 201 of the server 101 can generate the encapsulated data in which the procedure of the process of the business flow is encrypted according to the execution order of the process.
  • the procedure of the first step of the business flow may be included without being encrypted.
  • FIG. 12 is a diagram illustrating the flow of the encapsulation process according to the embodiment shown in the operation flow of FIG.
  • FIG. 12A exemplifies a business flow including the three processes of steps 1 to 3, and as an operation result based on the execution of the operation shown in the execution certification operation code added to each process.
  • the calculation result 1 to the calculation result 3 are shown.
  • FIG. 12B illustrates the encryption of the document
  • the control unit 201 encrypts the document using the calculation result 3: 678912 of the final step 3 and acquires the byte code of the document.
  • FIG. 12 (c) illustrates the encryption of the procedure 3 of the process 3, which is the final process of the business flow.
  • the control unit 201 adds the bytecode of the document obtained in FIG. 12B to the procedure of step 3, then encrypts it using the calculation result 2:345678 of step 2, and obtains the bytecode of the procedure of step 3. get.
  • the bytecode of the procedure in step 3 may include, for example, the bytecode data of the document of FIG. 12B.
  • FIG. 12 (d) exemplifies the encryption of the procedure 2 of the step 2, which is the step immediately before the step 3.
  • the control unit 201 adds the byte code of the procedure of step 3 encrypted in FIG. 12 (c) to the procedure of step 2, and then encrypts it using the calculation result 1:123456 of step 1 to obtain the procedure of step 2. Get the bytecode.
  • the byte code of the procedure of step 2 may include, for example, the byte code data of the procedure of step 3 of FIG. 12 (c).
  • FIG. 12 (e) illustrates the transmission of encapsulated data.
  • the control unit 201 transmits the encapsulated data obtained by adding the byte code of the procedure of step 2 encrypted in FIG. 12 (d) to the procedure of step 1 to the terminal 102 that executes step 1.
  • the terminal 102 that executes step 1 When the terminal 102 that executes step 1 receives the encapsulation data, it can acquire the calculation result 1:123456 of step 1 by executing the procedure of step 1 of the received encapsulation data. Then, the byte code of the procedure of step 2 can be decoded by using the calculation result 1:123456 to acquire the procedure of step 2. After that, the document can be finally decoded by executing the procedure and repeating the decoding using the operation result obtained by executing the procedure. In addition, if the document is successfully decrypted, it can be guaranteed that the code to be certified for execution is executed in each process of the business flow and the corresponding procedure.
  • FIG. 13 is a diagram illustrating an operation flow of execution processing of a process of a business flow according to an embodiment. For example, when the control unit 301 of the terminal 102 receives the encapsulated data, the operation flow of FIG. 13 may be started.
  • the control unit 301 of the terminal 102 starts executing the procedure included in the received encapsulation data.
  • the control unit 301 of the terminal 102 may execute the work of the process of the work flow corresponding to the procedure.
  • the window 1000 may be displayed on the display screen of the display unit 304 of the terminal 102 to accept the input of the approval instruction, and the approval work may be executed.
  • control unit 301 of the terminal 102 acquires the key using the operation result based on the execution of the execution certification operation code when the procedure is executed.
  • control unit 301 of the terminal 102 decodes the byte code using the key. For example, as shown in FIG. 9 (7), if the same operation result as the operation result used for encryption at the time of generating the byte code is obtained, the data can be correctly decoded.
  • the control unit 301 of the terminal 102 transmits the decoded data to the destination.
  • the decoded data may be written to the procedure in the process of S805 by the server 101, for example.
  • the decoded data may include the procedure of the next process and the remaining bytecode.
  • the decoded data may include a document and a digital signature.
  • FIG. 14 is a diagram illustrating the flow of decoding the encapsulated data according to the embodiment.
  • FIG. 14A exemplifies a business flow including three steps from step 1 to step 3, and as an operation result based on the execution of the operation shown in the execution certification operation code added to each process.
  • the calculation result 1 to the calculation result 3 are shown.
  • FIG. 14 (b) illustrates the decoding of the encapsulated data.
  • the control unit 301 of the terminal 102 that executes the first step 1 of the business flow executes the process of the process 1 by executing the procedure of the step 1. Further, the control unit 301 of the terminal 102 of the step 1 acquires the calculation result 1:123456 of the step 1 by executing the procedure of the step 1. Then, the control unit 301 of the terminal 102 of the step 1 decodes the byte code of the procedure of the step 2 using the calculation result 1:123456 and transmits it to the terminal 102 of the next step 2.
  • FIG. 14 (c) illustrates the execution of step 2.
  • the control unit 301 of the terminal 102 that executes the process 2 receives the procedure of the process 2
  • the control unit 301 of the terminal 102 executes the process of the process 2 by executing the procedure of the process 2.
  • the control unit 301 of the terminal 102 of the step 2 acquires the calculation result 2: 345678 of the step 2 by executing the procedure of the step 2.
  • the control unit 301 of the terminal 102 of the step 2 decodes the byte code of the procedure of the step 3 using the calculation result 2: 345678 and transmits it to the terminal 102 of the next step 3.
  • FIG. 14 (d) illustrates the execution of step 3.
  • the control unit 301 of the terminal 102 that executes the process 3 receives the procedure of the process 3
  • the control unit 301 of the terminal 102 executes the process of the process 3 by executing the procedure of the process 3.
  • the control unit 301 of the terminal 102 of the step 3 acquires the calculation result 3: 678912 of the step 3 by executing the procedure of the step 3.
  • the control unit 301 of the terminal 102 in step 3 decodes the byte code of the document using the calculation result 3: 678912 and acquires the document.
  • FIG. 14 (e) illustrates the transmission of a document.
  • the control unit 301 of the terminal 102 of the process 3 may transmit the transmission data including the acquired document to the destination specified in the process 3 of the business flow.
  • the transmitted data may include an electronic signature for the document.
  • a challenge value is generated each time the business flow is executed, and an execution certification calculation code using the challenge value is added to the process procedure. Therefore, each time the business flow is executed, the operation result obtained based on the execution of the operation shown in the execution certification operation code becomes a different value, and it is possible to deal with a replay attack or the like.
  • FIGS. 13 and 14 of the above-described embodiment describe an example in which the control unit 301 of the terminal 102 executes up to the decoding of the byte code by using the calculation result obtained by executing the procedure. Is not limited to this.
  • the control unit 301 of the terminal 102 bytes the terminal 102 that executes the next step with information (for example, an encryption key) for decoding the operation result or the byte code generated based on the operation result. You may notify with the code. That is, for example, instead of the above-mentioned processing of S1302 to S1304, the control unit 301 may transmit the operation result or information for decoding the byte code generated based on the operation result to the destination together with the byte code.
  • information for example, an encryption key
  • execution certification operation code may be added to the procedure to ensure that the plurality of codes contained in the procedure are executed in a predetermined order.
  • FIG. 15 is a diagram illustrating the addition of an execution proof operation code for certifying the execution order of a plurality of codes in the procedure according to the embodiment.
  • FIG. 15 illustrates an approval procedure.
  • the codes from "//--attached by server--//” to "//--end--//” represent the codes added to the procedure by the control unit 201. ..
  • three operations of operation 1: cal1, operation 2: cal2, and operation 3: cal3 are defined ((1) in FIG. 15).
  • calanswer is first initialized to 0.
  • operation 1 cal1 performs an operation of adding 384 to calanswer.
  • Operation 2 cal2 performs an operation of multiplying calanswer by 483.
  • Operation 3 cal3 performs an operation of dividing 936 from calanswer.
  • the values of 384, 483, and 936 used in these operations may be challenge values.
  • the code to be verified for execution is a function of display processing ((2) of FIG. 15) and a function of approval processing ((3) of FIG. 15).
  • the control unit 201 adds the operation code of the operation 1 before the function of the display processing ((4) in FIG. 15). Further, the control unit 201 adds the operation code of the operation 2 after the function of the display processing and before the function of the approval processing ((5) in FIG. 15). Further, the control unit 201 adds the operation code of the operation 3 after the function of the approval process ((6) in FIG. 15).
  • the control unit 301 of the terminal 102 executes the procedure of FIG. 15, if calanswer: 184536 is obtained as the operation result, the display processing function is executed, and then the approval processing function is executed.
  • I can guarantee that. That is, according to the embodiment, it can be guaranteed that the plurality of codes included in the procedure are executed in a predetermined order. Then, by using the calculation result obtained when a plurality of codes are executed in a desired predetermined order in the procedure for encryption of the document and the procedure of the next process, the above-mentioned business flow processes are executed in order. You can also get the effect of making it.
  • the processes of the business flow are executed and completed in the desired order. We can guarantee that you are there.
  • the above-described embodiment can also be applied to automatic execution of work using RPA, for example, by using an RPA robot as a procedure.
  • the server 101 may provide, for example, a service for generating encapsulated data.
  • the server 101 may, for example, attach an e-seal issued by the server 101 to the data finally retrieved as a result of decryption of a document or the like.
  • the service user can say that if the data to which the e-seal of the server 101 is attached is obtained from the encapsulation data, all the business flows corresponding to the encapsulation data are executed in the specified order. It becomes possible to interpret.
  • the embodiments are not limited to this.
  • the above-mentioned operation flow is an example, and the embodiment is not limited thereto.
  • the operation flow may be executed by changing the order of processing, may include additional processing, or may omit some processing.
  • the above-mentioned processing of S802 may be omitted.
  • control unit 201 may combine other information such as a program of an additional procedure with the operation result and then apply it to a hash function to generate a key. Thereby, the security strength can be enhanced.
  • the operation code for executing the calculation of the numerical value is exemplified as the execution certification operation code, but the embodiment is not limited to this.
  • the operation performed by the execution certification operation code may include other operations such as concatenation of character strings.
  • the operation executed by the execution certification operation code may be performed by using a more complicated operation such as a cryptographic calculation.
  • FIGS. 12 and 14 described above describe an example in which encryption is performed sequentially from the final step of the business flow and the encrypted data is nested and encapsulated, but the embodiment is limited to this. It's not something.
  • the encrypted bytecode and encrypted document in the subsequent step that have already been encrypted are not included in the encryption target. May be good.
  • the calculation result of the execution certification operation code used for decrypting the encrypted data is obtained by executing the processes in the order specified in the business flow, so the execution order of the business should be enforced. Can be done.
  • the target for which the execution timing is controlled in the embodiment is not limited to the procedure of the next process.
  • the embodiment can be used to control the execution timing of any of the downstream procedures. Further, the embodiment can be used to control the execution timing of a plurality of downstream procedures. In this case, for example, the operation result obtained by executing the execution certification operation code added to a certain procedure may be used for encryption of a plurality of downstream procedures.
  • the embodiment can be used to wait for the completion of execution of a plurality of upstream procedures and then control the execution of at least one procedure downstream to start.
  • the plurality of operation results obtained by executing the execution certification operation code added to the plurality of procedures may be used for encryption of at least one procedure downstream of those procedures.
  • control unit 201 of the server 101 operates as, for example, the generation unit 211. Further, in the process of S809, the control unit 201 of the server 101 operates as, for example, the encryption unit 212. In the process of S810, the control unit 201 of the server 101 operates as, for example, the transmission unit 213.
  • control unit 301 of the terminal 102 operates as, for example, the execution unit 311. Further, in the process of S1304, the control unit 301 of the terminal 102 operates as, for example, the transmission unit 312.
  • FIG. 16 is a diagram illustrating a hardware configuration of a computer 1600 for realizing the server 101 and the terminal 102 according to the embodiment.
  • the hardware configuration for realizing the server 101 and the terminal 102 of FIG. 16 includes, for example, a processor 1601, a memory 1602, a storage device 1603, a reading device 1604, a communication interface 1606, and an input / output interface 1607.
  • the processor 1601, the memory 1602, the storage device 1603, the reading device 1604, the communication interface 1606, and the input / output interface 1607 are connected to each other via, for example, the bus 1608.
  • the processor 1601 may be, for example, a single processor, a multiprocessor, or a multicore.
  • the processor 1601 uses the memory 1602 to execute, for example, a program describing the procedure of the above-mentioned operation flow, so that the above-mentioned control unit 201 of the server 101 or a part or all of the functions of the control unit 301 of the terminal 102 can be executed. May be provided.
  • the processor 1601 of the server 101 operates as a generation unit 211, an encryption unit 212, and a transmission unit 213 by reading and executing a program stored in the storage device 1603.
  • the processor 1601 of the terminal 102 operates as, for example, the execution unit 311 and the transmission unit 312 by reading and executing the program stored in the storage device 1603.
  • the memory 1602 is, for example, a semiconductor memory, and may include a RAM area and a ROM area.
  • the storage device 1603 is, for example, a semiconductor memory such as a hard disk or a flash memory, or an external storage device.
  • RAM is an abbreviation for Random Access Memory.
  • ROM is an abbreviation for Read Only Memory.
  • the reading device 1604 accesses the removable storage medium 1605 according to the instructions of the processor 1601.
  • the removable storage medium 1605 is realized by, for example, a semiconductor device, a medium in which information is input / output by magnetic action, a medium in which information is input / output by optical action, and the like.
  • the semiconductor device is, for example, a USB (Universal Serial Bus) memory.
  • the medium to which information is input / output by magnetic action is, for example, a magnetic disk.
  • the medium to which information is input / output by optical action is, for example, a CD-ROM, a DVD, a Blu-ray Disc, or the like (Blu-ray is a registered trademark).
  • CD is an abbreviation for Compact Disc.
  • DVD is an abbreviation for Digital Versatile Disk.
  • the storage unit 202 of the server 101 and the storage unit 302 of the terminal 102 described above include, for example, a memory 1602, a storage device 1603, and a removable storage medium 1605.
  • the storage device 1603 of the server 101 stores business information 400, document 500, processing information 600, and notification destination information 700.
  • the storage device 1603 of the terminal 102 may store, for example, the encapsulated data generated by the server 101.
  • the communication interface 1606 communicates with other devices according to the instructions of the processor 1601.
  • the communication interface 1606 is, for example, an example of the communication unit 203 of the server 101 and the communication unit 303 of the terminal 102 described above.
  • the server 101 may communicate with a device such as a terminal 102 via, for example, the communication interface 1606.
  • the terminal 102 may communicate with a device such as the server 101 and another terminal 102 via the communication interface 1606, for example.
  • the input / output interface 1607 may be, for example, an interface between an input device and an output device.
  • the input device is, for example, a device such as a keyboard, a mouse, or a touch panel that receives an instruction from a user.
  • the output device is, for example, a display device such as a display and an audio device such as a speaker.
  • Each program according to the embodiment is provided to the server 101 and the terminal 102 in the following form, for example. (1) It is pre-installed in the storage device 1603. (2) Provided by the removable storage medium 1605. (3) It is provided from a server such as a program server.
  • the hardware configuration of the computer 1600 for realizing the server 101 and the terminal 102 described with reference to FIG. 16 is an example, and the embodiment is not limited thereto. For example, some of the above configurations may be deleted or new configurations may be added. Further, in another embodiment, for example, even if some or all the functions of the control unit 201 of the server 101 and the control unit 301 of the terminal 102 are implemented as hardware by FPGA, SoC, ASIC, PLD, or the like. good.
  • FPGA is an abbreviation for Field Programmable Gate Array.
  • SoC is an abbreviation for System-on-a-chip.
  • ASIC is an abbreviation for Application Specific Integrated Circuit.
  • PLD is an abbreviation for Programmable Logic Device.
  • Control system 101 Server 102 Terminal 105 Network 201 Control unit 202 Storage unit 203 Communication unit 211 Generation unit 212 Encryption unit 213 Transmission unit 301 Control unit 302 Storage unit 303 Communication unit 304 Display unit 311 Execution unit 312 Transmission unit 400 Business information 500 Document 600 Processing information 700 Notification destination information 1000 Window 1600 Computer 1601 Processor 1602 Memory 1603 Storage device 1604 Reader 1605 Detachable storage medium 1606 Communication interface 1607 Input / output interface 1608 Bus

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computer Hardware Design (AREA)
  • Technology Law (AREA)
  • Multimedia (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
PCT/JP2020/037976 2020-10-07 2020-10-07 制御方法、制御プログラム、および情報処理装置 Ceased WO2022074757A1 (ja)

Priority Applications (4)

Application Number Priority Date Filing Date Title
PCT/JP2020/037976 WO2022074757A1 (ja) 2020-10-07 2020-10-07 制御方法、制御プログラム、および情報処理装置
EP20956705.6A EP4227836A4 (en) 2020-10-07 2020-10-07 Control method, control program, and information processing device
JP2022555023A JPWO2022074757A1 (https=) 2020-10-07 2020-10-07
US18/180,253 US20230221987A1 (en) 2020-10-07 2023-03-08 Control method, non-transitory computer-readable recording medium storing control program, and information processing device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/JP2020/037976 WO2022074757A1 (ja) 2020-10-07 2020-10-07 制御方法、制御プログラム、および情報処理装置

Related Child Applications (1)

Application Number Title Priority Date Filing Date
US18/180,253 Continuation US20230221987A1 (en) 2020-10-07 2023-03-08 Control method, non-transitory computer-readable recording medium storing control program, and information processing device

Publications (1)

Publication Number Publication Date
WO2022074757A1 true WO2022074757A1 (ja) 2022-04-14

Family

ID=81125727

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2020/037976 Ceased WO2022074757A1 (ja) 2020-10-07 2020-10-07 制御方法、制御プログラム、および情報処理装置

Country Status (4)

Country Link
US (1) US20230221987A1 (https=)
EP (1) EP4227836A4 (https=)
JP (1) JPWO2022074757A1 (https=)
WO (1) WO2022074757A1 (https=)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2022123291A1 (en) * 2020-12-08 2022-06-16 Telefonaktiebolaget Lm Ericsson (Publ) Controlling user interface (ui) transitions based on business process model and notation (bpmn) ui flows
JP2024024178A (ja) * 2022-08-09 2024-02-22 株式会社日立製作所 計算機システム及び業務プロセスを表す構造化データの生成方法

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH10124596A (ja) * 1996-10-25 1998-05-15 Hitachi Ltd ワークフロー管理システム
JP2004145618A (ja) * 2002-10-24 2004-05-20 Canon System & Support Inc 情報処理装置および文書認証方法およびプログラムおよび記録媒体
JP2005056418A (ja) 2003-07-31 2005-03-03 Internatl Business Mach Corp <Ibm> ドキュメント・コンポーネント用セキュリティ・コンテナ
JP2007304831A (ja) * 2006-05-11 2007-11-22 Fuji Xerox Co Ltd 承認管理システム
JP2008306406A (ja) * 2007-06-06 2008-12-18 Toshiba Corp コンテンツ配信・閲覧システム、コンテンツ配信装置、コンテンツ閲覧装置及びプログラム
JP2010146426A (ja) * 2008-12-22 2010-07-01 Canon It Solutions Inc 文書管理装置及びその制御方法、文書管理システム、及びプログラム

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7937655B2 (en) * 2000-12-22 2011-05-03 Oracle International Corporation Workflows with associated processes
US20080263366A1 (en) * 2007-04-19 2008-10-23 Microsoft Corporation Self-verifying software to prevent reverse engineering and piracy

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH10124596A (ja) * 1996-10-25 1998-05-15 Hitachi Ltd ワークフロー管理システム
JP2004145618A (ja) * 2002-10-24 2004-05-20 Canon System & Support Inc 情報処理装置および文書認証方法およびプログラムおよび記録媒体
JP2005056418A (ja) 2003-07-31 2005-03-03 Internatl Business Mach Corp <Ibm> ドキュメント・コンポーネント用セキュリティ・コンテナ
JP2007304831A (ja) * 2006-05-11 2007-11-22 Fuji Xerox Co Ltd 承認管理システム
JP2008306406A (ja) * 2007-06-06 2008-12-18 Toshiba Corp コンテンツ配信・閲覧システム、コンテンツ配信装置、コンテンツ閲覧装置及びプログラム
JP2010146426A (ja) * 2008-12-22 2010-07-01 Canon It Solutions Inc 文書管理装置及びその制御方法、文書管理システム、及びプログラム

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See also references of EP4227836A4

Also Published As

Publication number Publication date
EP4227836A4 (en) 2023-11-22
EP4227836A1 (en) 2023-08-16
JPWO2022074757A1 (https=) 2022-04-14
US20230221987A1 (en) 2023-07-13

Similar Documents

Publication Publication Date Title
Prusty Building blockchain projects
EP3229397B1 (en) Method for fulfilling a cryptographic request requiring a value of a private key
CN105103127B (zh) 用于基于编译器的混淆的方法和计算设备
CN108399318B (zh) 可执行文件的生成方法、执行方法及电子设备
JP5337411B2 (ja) 情報秘匿化方法および情報秘匿化装置
CN110264198B (zh) 结合代码标注与交易类型的有条件的收据存储方法和节点
CN114547558B (zh) 授权方法、授权控制方法及装置、设备和介质
CN107908632B (zh) 网站文件处理方法、装置、网站文件处理平台及存储介质
CN114092250A (zh) 区块链中数字资源的创建和验证方法及装置
CN114996666A (zh) 加解密神经网络模型的方法、电子设备及存储介质
WO2020048290A1 (zh) 用于发行证书的系统和方法
US20230221987A1 (en) Control method, non-transitory computer-readable recording medium storing control program, and information processing device
TW201804349A (zh) 隨選碼解密
CN106789058A (zh) 一种代理重加密算法描述及解析方法
JP2004171367A (ja) 回路動作シミュレーション装置、回路動作シミュレーション方法、回路動作シミュレーションプログラム、および回路情報復号化プログラム
CN111598696B (zh) 基于区块链的交易追溯方法和装置
JP6755539B2 (ja) ネットワークに著作物を公開するための方法および装置
WO2020105156A1 (ja) シナリオ生成装置、シナリオ生成方法およびシナリオ生成プログラム
CN108876403A (zh) 用于获取信息的方法、装置和系统
JP2012043242A (ja) 暗号化文書生成装置及び暗号化文書生成プログラム
CN118247093B (zh) 遗嘱存证控制方法、装置、设备、存储介质及产品
CN106650337A (zh) 对安装包中的脚本文件进行处理的方法和装置
CN116680755A (zh) Gpu固件的保护方法、装置、电子设备和存储介质
CN113645239B (zh) 一种应用登录方法、装置、用户终端及存储介质
CN115442027B (zh) Scheme请求校验方法、装置及设备

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 20956705

Country of ref document: EP

Kind code of ref document: A1

ENP Entry into the national phase

Ref document number: 2022555023

Country of ref document: JP

Kind code of ref document: A

NENP Non-entry into the national phase

Ref country code: DE

ENP Entry into the national phase

Ref document number: 2020956705

Country of ref document: EP

Effective date: 20230508