WO2022209065A1 - 記録媒体の真正性を判定する方法、及び記録媒体 - Google Patents
記録媒体の真正性を判定する方法、及び記録媒体 Download PDFInfo
- Publication number
- WO2022209065A1 WO2022209065A1 PCT/JP2021/047588 JP2021047588W WO2022209065A1 WO 2022209065 A1 WO2022209065 A1 WO 2022209065A1 JP 2021047588 W JP2021047588 W JP 2021047588W WO 2022209065 A1 WO2022209065 A1 WO 2022209065A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- recording medium
- controller
- data
- memory card
- authentication
- Prior art date
Links
- 238000000034 method Methods 0.000 title claims abstract description 83
- 238000004422 calculation algorithm Methods 0.000 claims abstract description 16
- 238000004364 calculation method Methods 0.000 claims abstract description 10
- 238000003384 imaging method Methods 0.000 claims abstract description 10
- 230000008569 process Effects 0.000 claims description 36
- 230000006870 function Effects 0.000 claims description 27
- 230000004044 response Effects 0.000 claims description 9
- 230000007704 transition Effects 0.000 claims description 5
- 238000004519 manufacturing process Methods 0.000 claims 2
- 238000004891 communication Methods 0.000 description 24
- 238000010586 diagram Methods 0.000 description 9
- 238000005070 sampling Methods 0.000 description 6
- 230000005540 biological transmission Effects 0.000 description 4
- 238000004590 computer program Methods 0.000 description 3
- 238000005516 engineering process Methods 0.000 description 3
- 230000007246 mechanism Effects 0.000 description 3
- 238000010295 mobile communication Methods 0.000 description 3
- 239000000470 constituent Substances 0.000 description 2
- 239000000284 extract Substances 0.000 description 2
- 206010024796 Logorrhoea Diseases 0.000 description 1
- 238000013473 artificial intelligence Methods 0.000 description 1
- 238000007689 inspection Methods 0.000 description 1
- 238000012423 maintenance Methods 0.000 description 1
- 239000013307 optical fiber Substances 0.000 description 1
- 230000000737 periodic effect Effects 0.000 description 1
- 238000004080 punching Methods 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/44—Program or device authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6209—Protecting access to data via a platform, e.g. using keys or access control rules to a single file or object, e.g. in a secure envelope, encrypted and accessed using a key, or with access control rules appended to the object itself
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F3/00—Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
- G06F3/14—Digital output to display device ; Cooperation and interconnection of the display device with other functional units
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06T—IMAGE DATA PROCESSING OR GENERATION, IN GENERAL
- G06T1/00—General purpose image data processing
- G06T1/60—Memory management
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06T—IMAGE DATA PROCESSING OR GENERATION, IN GENERAL
- G06T9/00—Image coding
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2141—Access rights, e.g. capability lists, access control lists, access tables, access matrices
Definitions
- the present disclosure relates to a method and recording medium for determining the authenticity of a recording medium.
- Patent Literature 1 discloses a technique for improving security related to authentication for accessing a device using an authentication server. However, there is still the possibility that a malicious third party may illegally access the device via the communication network and steal information.
- the purpose of this disclosure is to provide offline authentication technology for confirming the authenticity of an object even when it is not connected to a communication network.
- the method of the present disclosure is a method of determining the authenticity of a second recording medium attached to a second device using a first device attached to the first recording medium.
- the first device has a first imaging device and a first display device
- the second device has a second imaging device and a second display device.
- Each of the first recording medium and the second recording medium includes a flash memory having a user area in which data can be rewritten by a user and a non-user area in which data cannot be rewritten by a user; Alternatively, it has a controller that controls reading.
- first identification information and first algorithm data defining a calculation method are recorded in advance.
- the controller of the first recording medium causes the first display device to display the first image pattern in which the predetermined first variable value is one-dimensionally or two-dimensionally encoded. After displaying the first image pattern, the controller causes the first imaging device to capture the one-dimensional or two-dimensional second image pattern displayed on the second display device of the second device. Further, the controller decodes the first code data from the imaged second image pattern, performs calculation using the first identification information and the first variable value using the first algorithm data, and obtains the first code data as the calculation result. Output the result data. The controller determines that the second recording medium is authentic when the decoded first code data matches the output first result data.
- a recording medium of the present disclosure is a first recording medium and is a recording medium including a controller that executes the above-described determination method.
- FIG. 4 is a diagram showing a procedure for updating a machine tool control program using an SD memory card;
- Flowchart showing the procedure of authentication processing Flowchart showing procedures for two-way authentication processing 4 is a flow chart showing a procedure of simple authentication mode setting processing in a machine tool control system; Flowchart showing procedure for generating simple authentication data when power is off Flowchart showing procedure for simple authentication processing at power-on
- FIG. 1 is a block diagram showing the hardware configuration of the offline authentication system 1.
- the offline authentication system 1 is used, for example, to authenticate equipment normally used offline, such as factory equipment, industrial machinery, and infrastructure equipment installed in a factory 10 .
- the reason for using the device offline is to prevent a malicious third party from entering via the communication network 80 and hijacking the device or stealing the data of the device. That is, to protect devices from cyber security threats.
- a device that is normally used offline is hereinafter referred to as an “offline device”.
- Equipment is usually used offline to maintain high security, so whether or not the recording medium attached to such equipment is a recording medium that is originally expected to be used. I need to check for legitimacy or authenticity.
- the recording medium itself is provided with a mechanism for performing such authentication, thereby making it possible to confirm the authenticity of the recording medium.
- Such a mechanism is specifically as follows.
- a plurality of removable recording media that are assumed to be used in the factory 10 are prepared. All such recording media are provided with a flash memory having a "user area” in which data can be rewritten by the user and a "non-user area” in which the data cannot be rewritten by the user.
- the non-user area the same identification information and algorithm data defining the calculation method are recorded in advance.
- the identification information is called an "initial registration ID (IID)" and the algorithm data is called a "one-way function". Since it is necessary to record necessary information and the like in the non-user area in advance, each recording medium is manufactured for the purpose of, for example, a business operator performing authentication according to the present disclosure.
- the authentication terminal 2 to which the SD memory card A is attached uses the initial registration ID and the one-way function recorded on the SD memory card A to access another SD memory card B authenticate the authenticity of
- a controller which is an arithmetic circuit provided in the SD memory card, performs necessary processing and displays a QR code (registered trademark; hereinafter the same) on the display of the authentication terminal 2 or the like. Display and authenticate.
- QR code is a matrix-type two-dimensional code in which data having a predetermined data length or less is represented by an image pattern.
- the authenticity of the SD memory card B attached to the management system 4 or the machine tool control system 6 is confirmed using the authentication terminal 2 to which the SD memory card A is attached, for example in the factory 10.
- the authentication terminal 2 can be, for example, a mobile computer such as a smart phone, tablet PC, or notebook PC.
- an SD memory card and a QR code are mainly used, and offline authentication (local authentication) within the factory 10 is realized.
- the SD memory card B is initially attached to the control device 6a of the machine tool control system 6.
- the control device 6a is a computer system, such as a PC, for controlling the machine tool 6b, and has an SD memory card slot (not shown) for inserting an SD memory card B therein.
- the machine tool 6b is provided with various sensors 7a and 7b.
- the sensor 7a is, for example, a camera having an image sensor, and the sensor 7b is an accuracy sensor that detects the rotation angle of a motor (not shown) of the machine tool 6b.
- sensor data of various sensors 7a and 7b collected along with the operation of the machine tool 6b are recorded.
- Such an SD memory card B is removed from the control device 6a, carried by a person, and attached to the PC of the management system 4 (hereinafter referred to as "management PC 4").
- the management PC 4 determines whether or not the SD memory card B is the SD memory card that is originally supposed to be used, that is, the authenticity of the SD memory card B. gender is unknown. Therefore, in this embodiment, the authenticity of the SD memory card B is confirmed by the authentication process using the QR code Qa displayed on the display of the authentication terminal 2.
- FIG. At this time, the SD memory card A of the authentication terminal 2 may be further authenticated using the QR code Qb displayed on the display of the management PC 4 . This makes it possible to perform stricter authentication. A detailed procedure of the authentication process will be described later.
- SD memory card A transmits a command notifying that access to SD memory card B is permitted to the SD memory card of management PC 4 via authentication terminal 2. Output to B.
- the controller of SD memory card B permits data reading and/or data writing from the flash memory in SD memory card B.
- the management PC 4 is connected to the communication network 80 and can communicate with the cloud server 90 . Since the authenticity of the SD memory card B is confirmed and access to the flash memory in the SD memory card B is permitted, the management PC 4 reads out the sensor data 70 recorded in the SD memory card B, and accesses the communication network 80. to the cloud server 90 via. Cloud server 90 analyzes sensor data 70 to generate motion program 72 more adapted to machine tool control system 6 . The cloud server 90 transmits the operating program 72 to the management PC 4 via the communication network 80 . Since the management PC 4 is permitted to access the SD memory card B, the operation program 72 is recorded on the SD memory card B. FIG. After that, the SD memory card B is removed from the management PC 4 and mounted on the control device 6a of the machine tool control system 6 again.
- authentication processing using the QR code Qc is performed between the authentication terminal 2 and the control device 6a, and the authenticity of the SD memory card B is confirmed.
- the control device 6a can read the operation program 72 and update the operation program up to now.
- FIG. 2 shows a hardware configuration common to the authentication terminal 2 and the management PC 4. Also, FIG. 3 shows the hardware configuration of the control device 6a. The difference between FIG. 2 and FIG. 3 is that the communication circuit present in the configuration of FIG. 2 is not present in the control device 6a of FIG. Other configurations are the same. Please refer to FIG. 2 below.
- the authentication terminal 2 and the management PC 4 have a processing circuit 22, a communication circuit 24, an SD memory card interface device (SD-I/F device) 26, a display 28, a camera 30, and a memory 32. ing.
- SD-I/F device is abbreviated as "I/F device” below.
- the processing circuit 22 is a semiconductor integrated circuit called a CPU (Central Processing Unit).
- the processing circuit 22 issues commands to the SD memory card A or B or receives data from the SD memory card A or B via the I/F device 26 .
- Processing circuitry 22 can also communicate with other components. Although the drawing shows that the processing circuit 22 is directly connected to each component, it may be connected via an internal bus, for example.
- the communication circuit 24 performs wired or wireless communication with the outside to exchange information.
- wired communication include a wired LAN based on the Ethernet (Ethernet: registered trademark) standard, or a connection using an optical fiber cable.
- wireless communication include wireless connection with an external device via a base station or the like, or direct wireless connection with an external device.
- wireless connections with external devices via base stations include wireless LANs compatible with IEEE 802.11 that wirelessly communicate with Wi-Fi (registered trademark) routers, and third-generation mobile communication systems (commonly known as 3G). , 4th generation mobile communication system (commonly known as 4G), 5th generation mobile communication system (commonly known as 5G), IEEE 802.16 compatible WiMax (registered trademark), or LPWA (Low Power Wide Area), etc. .
- the I/F device 26 is an SD memory card slot into which the SD memory card A or B is loaded, connection terminals inside the slot, and various circuits for communicating with the SD memory card A or B. Details of the configuration of the I/F device 26 will be described later with reference to FIG.
- the display 28 is a display device that displays characters, images, and the like. In this embodiment, display 28 is used to display the QR code.
- the camera 30 is a well-known imaging device capable of shooting moving images or still images.
- the camera 30 is used to photograph the QR code displayed on the display of the other party's device.
- the memory 32 stores computer programs executed by the processing circuit 22 .
- memory 32 encompasses RAM and ROM.
- a computer program stored in the ROM is read by the processing circuit 22 and developed in the RAM. This allows the processing circuit 22 to execute the computer program.
- the control device 6 a has a processing circuit 62 , an SD memory card interface device (SD-I/F device) 66 , a display 68 , a camera 70 and a memory 72 .
- SD-I/F device is also abbreviated as "I/F device” below.
- FIG. 4 shows the detailed configuration of the I/F devices 26 and 66 and the SD memory cards A and B.
- the I/F devices 26 and 66 are called “host devices”, and the SD memory cards A and B are also called “slave devices”.
- the I/F device 26 and the SD memory card A will be described as an example.
- the I/F device 26 has a controller 106 , a host device I/F 105 , a clock generator 201 , a register 202 and a sampling clock generator 203 .
- the host device I/F 105 has a transmission section 105T that implements a transmission function and a reception section 105R that implements a reception function.
- the SD memory card A has a slave device I/F 124, a controller 125, a register 221, and a flash memory 222.
- the slave device I/F 124 also has a transmitting section 124T that implements a transmitting function and a receiving section 124R that implements a receiving function.
- the clock generator 201 of the I/F device 26 outputs the basic clock signal tclk onto the CLK line 111 .
- the basic clock signal is transmitted to the SD memory card A via the host device I/F 105 and used as a clock signal when the SD memory card A operates.
- the clock generator 201 also outputs the basic clock signal to the sampling clock generator 203 .
- the basic clock signal received by the sampling clock generator 203 is written as "SDCLK" for convenience.
- the sampling clock generator 203 receives the basic clock signal SDCLK from the clock generator 201, receives the selection signal from the controller 106, and outputs a sampling clock signal.
- the sampling clock signal is a clock signal used when determining the so-called punching timing.
- Data transmission/reception between the host device 100 and the slave device 120 is performed using the transmitter 105T and receiver 105R of the host device I/F 105 and the transmitter 124T and receiver 124R of the slave device I/F 124. performed, but not explicitly stated below. It is simply assumed that communication is performed between the controller 106 of the I/F device 26 and the controller 125 of the SD memory card A. FIG.
- FIG. 5 is a diagram for explaining the configuration of the recording areas of SD memory cards A and B.
- the recording areas of SD memory cards A and B have a normal area or user area 110 and a secure area or non-user area 120 .
- the user area 110 is an area in which data can be rewritten by the user.
- a random number generation program 110a is a program that generates random numbers using a well-known algorithm. A random number is an example of a predetermined variable value.
- the QR code generation program 110b is a program that generates a QR code indicating data from predetermined data.
- the QR code decoding program 110c is a program for decoding the QR code photographed using the camera 30 or 70 and extracting data. These programs are executed by the controllers 125 of the SD memory cards A and B. FIG. Methods for generating and decoding QR codes are well known.
- QR code generation program 110b and the QR code decoding program 110c do not need to be separate programs, and one program may perform both QR code generation and decoding.
- the random number generation program 110a, the QR code generation program 110b, and the QR code decoding program 110c may be recorded in the non-user area 120.
- the non-user area 120 is an area in which data cannot be rewritten by the user.
- identification information (IID) 120a and a one-way function 120b are recorded in advance.
- the identification information (IID) 120a is information common to SD memory cards A and B, in other words, the same information.
- the one-way function 120b specifies a calculation method for calculating an output value from a given input value.
- one example of the one-way function 120b is SHA-256, which is a cryptographic hash function.
- SHA-256 is a hash function that generates a hash value (output value) with a hash length of 256 bits from an input value with a word length of 32 bits.
- Counter 120c is also shown in FIG.
- the counter 120c is used in a simple authentication mode which will be explained later. If the simple authentication mode is not used, it is not essential to provide the counter 120c.
- SD memory card A stores "one-way function F” and SD memory card B stores "one-way function G". This is because the one-way functions F and G must be the same for the authentication to be established, but it cannot be assumed that they are the same when explaining the process of the authentication process.
- FIG. 6 is a diagram showing the procedure for updating the machine tool control program using the SD memory card B.
- FIG. 6 is formally a flowchart, it should be noted that it shows the procedure of operations performed by the offline authentication system 1 as a whole, and is not a process executed by a specific CPU or the like.
- SD memory card is abbreviated as “SD card” in the drawings.
- QR code authentication is performed between the authentication terminal 2 having the SD memory card A and the management PC 4 having the SD memory card B.
- QR code authentication is either one-way authentication or two-way authentication.
- step S2 if the authentication succeeds, then the controller 125 of SD memory card B sets SD memory card B as accessible. "Access" encompasses reading data and writing data. However, if the SD memory card B has no restrictions on data reading, only writing to the SD memory card B may be set.
- step S3 the management PC 4 uploads sensor data to the cloud server 90 and also requests an operation program.
- the management PC 4 downloads the operating program from the cloud server 90 in step S4, and saves the operating program in the SD memory card B in step S5.
- step S6 the manager of the factory 10 removes the SD card B from the management system and inserts it into the machine tool control system 6.
- the authentication processing for confirming the authenticity of the SD memory card B is performed between the authentication terminal 2 and the machine tool control system 6, and the authenticity is confirmed.
- the machine tool control system 6 can read and execute the updated motion program. It should be noted that it is possible to tune the operation program based on the unique sensor data of the machine tool 6b and generate an update program by using so-called artificial intelligence.
- FIG. 7 is a flowchart showing the procedure of authentication processing.
- the left side of FIG. 7 shows, in principle, the processing procedure of the controller 125 of the SD memory card A attached to the authentication terminal 2, and the right side, in principle, attached to the management PC 4 or the machine tool control system 6.
- a processing procedure of the controller 125 of the SD memory card B is shown.
- part of the processing on the left side of FIG. 7 may be processed by the CPU 22 of the management PC 4 or machine tool control system 6, and part of the processing on the right side of FIG. 7 is processed by the CPU 22 of the authentication terminal 2. In some cases.
- FIG. 7 is a flowchart showing the procedure of authentication processing.
- the left side of FIG. 7 shows, in principle, the processing procedure of the controller 125 of the SD memory card A attached to the authentication terminal 2, and the right side, in principle, attached to the management PC 4 or the machine tool control system 6.
- a processing procedure of the controller 125 of the SD memory card B is shown.
- FIG. 7 shows a "one-way authentication” processing procedure in which the controller 125 of the SD memory card A confirms the authenticity of the SD memory card B attached to the management PC 4 or the machine tool control system 6. .
- the "two-way authentication” processing procedure in which the controller 125 of the SD memory card B additionally confirms the authenticity of the SD memory card A is shown in FIG. explain.
- the controller 125 of the SD memory card A executes the random number generation program 110a to generate the random number RN1. Then, in step S104, the controller 125 executes the QR code generation program 110b to QR code the random number RN1. In step S ⁇ b>106 , the controller 125 transmits the QR code image pattern data to the authentication terminal 2 and causes the display 28 of the authentication terminal 2 to display the QR code.
- the QR code displayed on the display 28 of the authentication terminal 2 is hereinafter referred to as "QR code 1".
- the user of the authentication terminal 2 moves the display 28 displaying the QR code 1 to the management PC 4 so that it is within the field of view of the camera 30 provided on the management PC 4. turn. Thereafter, processing by the controller 125 of the SD memory card B attached to the management PC 4 is started.
- step S202 the controller 125 of the SD memory card B acquires the result of reading the QR code 1 using the camera 30 to the PC 4 for management.
- step S204 the controller 125 decodes the QR code 1 using the QR code decoding program 110c and extracts the code data.
- Code data represents the random number RN1 generated by the controller 125 of the SD memory card A.
- the controller 125 combines the identification information IID stored in the non-user area 120 with the extracted RN1 in step S206, and substitutes it into the one-way function G in step S208 to generate the value G(IID, RN1). .
- the controller 125 converts the value G (IID, RN1) into a QR code using the QR code generation program 110b, and in step S210, the image pattern data of the QR code (hereinafter referred to as "QR code 2"). to the management PC 4.
- the management PC 4 causes the display 28 to display the QR code 2 .
- step S108 the controller 125 of the SD memory card A acquires the result of reading the QR code 2 using the camera 30 on the authentication terminal 2.
- step S110 the controller 125 decodes the QR code 2 and extracts the code data.
- Code data represents the value G(IID, RN1).
- step S112 the controller 125 combines the identification information IID stored in the non-user area 120 with the random number RN1 generated in step S102, substitutes it for the one-way function F in step S114, and obtains the value F( IID, RN1).
- step S116 determines that the authentication has succeeded. After that, the process proceeds to step S118.
- Processing "A" shown in FIG. 7 is processing for two-way authentication, which will be described later.
- step S118 the controller 125 issues an access permission command and transmits it to the management PC 4.
- the controller 125 of the SD memory card B transitions the flash memory 222 of the SD card B to an accessible state in step S214.
- the controller 125 of the SD memory card B can write the data received from the authentication terminal 2, the server 90, etc. into the flash memory 222 (step S216).
- "access” may include reading as well as writing.
- SD memory card B can be confirmed even when offline. Since SD memory card B can be accessed only when SD memory card B is authenticated as a legitimate recording medium, the data recorded on SD memory card B may be stolen or the SD may be stolen by a malicious third party. Data will not be illegally written into the memory card B.
- FIG. 8 is a flow chart showing the procedure of two-way authentication processing. The procedure in FIG. 8 is continued from "A" in the processing of the authentication terminal 2 in FIG. The description of the left and right processing procedures conforms to FIG.
- the process shown in FIG. 8 for two-way authentication corresponds to the process in which the controller 125 of SD memory card A and the controller 125 of SD memory card B are exchanged in the one-way authentication of FIG.
- step S120 the controller 125 of the SD memory card A attached to the authentication terminal 2 issues a command instructing the start of two-way authentication and transmits it to the management PC 4.
- step S220 in response to receiving the command, the controller 125 of the SD memory card B generates a random number RN2 using the random number generation program 110a. Then, in step S222, the controller 125 executes the QR code generation program 110b to QR code the random number RN1. In step S224, the controller 125 transmits the image pattern data of the QR code to the management PC 4, and causes the display 28 of the management PC 4 to display the QR code ("QR code 3").
- step S122 to S132 executed by the controller 125 of the SD memory card A is the same as the processing from steps S202 to S212 in FIG. be.
- step S132 the processing from steps S226 to S234 of the controller 125 of the SD memory card B in the management PC 4 is performed from step S108 to step S108 in FIG. This is the same as the processing of S116. Therefore, description of these processes is omitted.
- steps S214 and S216 are common to FIGS. However, in the case of step S214 in FIG. 8, the controller 125 of the SD memory card A does not issue an access permission command, and the controller 125 of the SD memory card B makes a transition to an accessible state by itself.
- an SD memory card B is attached to the machine tool control system 6, and that the control device 6a reads the operation program in the SD memory card B and controls the machine tool 6b.
- the power of the machine tool control system 6 is turned off, and then turned on when the work is started.
- the authentication terminal 2 is used to authenticate the authenticity of the SD memory card B attached to the machine tool control system 6 . It is assumed that the controller 6a can control the machine tool 6b using the operation program only after its authenticity is confirmed.
- FIG. 9 is a flow chart showing the procedure for setting the simple authentication mode in the machine tool control system.
- the use of the simple authentication mode is not set from the beginning. Therefore, the setting is requested as a declaration of intention to use the simple authentication mode.
- step S240 the controller 125 of the SD memory card B attached to the control device 6a of the machine tool control system 6 performs QR code authentication processing with the authentication terminal 2 and confirms successful authentication.
- step S242 the setting for setting/cancelling the simple authentication mode is accepted based on the user's operation input. As a result, the simple authentication information is saved during the unmounting process in step S246.
- the "simple authentication information" is represented as the sum of, for example, a random number generated when the simple authentication information is generated and the counter value of the SD memory card counter 120c (FIG. 5) at that time. information.
- Simple authentication information may be generated by various calculation methods such as difference, product, exclusive OR, etc. instead of the sum, or only the counter value may be used. At least the counter value should be included.
- the counter 120c (FIG. 5) is managed in the non-user area 120 of the SD memory card, and its counter value increases when writing to the SD memory card occurs. This counter value is only counted up and cannot be counted down, cleared, or externally rewritten arbitrarily by the user. Note that the count-up is an example, and only the count-down may be performed. In short, it suffices if a counter that counts in one direction is provided.
- the simple authentication information will be deleted and will not be saved until the next simple authentication mode is set.
- step S244 unmount processing of the SD memory card B is performed, for example, at the timing when the power of the machine tool control system 6 is turned off.
- the "unmounting process” is a process of canceling the recognition of the SD memory card B that has been attached to and recognized by the control device 6a, and is performed to prevent corruption of data in the SD memory card. Simple authentication information is recorded at the time of unmount processing. Once unmounted, the control device 6a does not write data to the SD memory card B until it is mounted again. The processing when the power is turned off will be described with reference to FIG.
- FIG. 10 is a flowchart showing the procedure for generating simple authentication data when the power is turned off.
- the processing in FIG. 10 is an example assuming that it is performed between the control device 6a of the machine tool control system 6 and the SD memory card B inserted in the control device 6a.
- the operation of the processing circuit 62 of the control device 6a is shown on the left side, and the operation of the controller 125 of the SD memory card B is shown on the right side.
- the processing circuit 62 of the control device 6a issues a simple authentication information recording command and transmits it to the SD memory card B in step S140.
- the simple authentication information recording command is a command requesting that the SD memory card B generate and record simple authentication information.
- the controller 125 of the SD memory card B transmits the generated simple authentication information to the control device 6a.
- the controller 125 of the SD memory card B uses the random number generation program 110a to generate a random number RNX.
- the controller 125 reads the counter value CX of the counter 120c from the non-user area 120.
- the controller 125 saves the generated random number RNX and counter value CX in the non-user area 120.
- the controller 125 transmits the stored random number RNX and counter value CX to the control device 6a as a response to the recording command.
- step S142 the processing circuit 62 of the control device 6a stores the received random number RNX and counter value CX in the memory 72, for example, as simple authentication information.
- the simple authentication information stored in the SD memory card B matches the simple authentication information stored in the memory 72 of the control device 6a.
- FIG. 11 is a flowchart showing the procedure of simple authentication processing at power-on. The processing in FIG. 11 is also an example assuming that it is performed between the control device 6a of the machine tool control system 6 and the SD memory card B inserted in the control device 6a.
- the processing circuit 62 When the user turns on the power, the processing circuit 62 energizes the SD memory card B and powers on the SD memory card B in step S150.
- a power-on detector (not shown) provided in the SD memory card B detects power-on in step S260.
- step S152 the processing circuit 62 sends the SD memory card B a storage initialization instruction. At the same time, the processing circuit 62 transmits the simple authentication information A held by itself, and further requests transmission of a simple authentication result request command.
- step S262 in response to the simple authentication result request command, the controller 125 of the SD memory card B executes simple authentication processing. Specifically, the controller 125 first reads the simple authentication information B stored in the storage.
- step S264 the controller 125 compares the simple authentication information A and the simple authentication information B. If the simple authentication information A and the simple authentication information B match, the controller 125 determines that the authentication has succeeded. On the other hand, if the simple authentication information A and the simple authentication information B do not match, the controller 125 determines that the authentication has failed.
- step S266 the controller 125 notifies the control device 6a of the simple authentication result as a response to the simple authentication result request command. If the authentication succeeds, in step S268 the controller 125 transitions the SD memory card B to a data writable state.
- step S154 the processing circuit 62 of the control device 6a determines whether or not the simple authentication is successful based on the notification from the SD memory card B. If the authentication succeeds, the process proceeds to step S156; otherwise, the process proceeds to step S158.
- the processing circuit 62 transmits a write command and data to the SD memory card B at a predetermined timing.
- the controller 125 of the SD memory card B writes data to the SD memory card B in step S270, and counts up the counter 120c in step S272.
- the processing circuit 62 of the control device 6a determines that the SD card cannot be accessed in step S158, and waits until the QR code authentication shown in FIG.
- the controller 125 of one SD memory card B maintains the access denied state until the QR code authentication with the authentication terminal succeeds in step S274.
- the manager of the factory 10 can simplify the authentication process while confirming the authenticity of the SD memory card.
- notification of the simple authentication result in steps S266 and S154 is not essential.
- the processing circuit 62 of the control device 6a may transmit a command to write or read arbitrary data to/from the SD memory card B, and try. If a notification is received from the SD memory card B as a response to the command that the data has been written or read, it can be determined that the authentication has succeeded.
- the above description is an example in which the simple authentication process is performed between the control device 6a of the machine tool control system 6 and the SD memory card B inserted in the control device 6a.
- the simple authentication process may be performed between the management PC 4 and the SD memory card B inserted in the management PC 4 .
- FIGS. 10 and 11 may be processing independent of the authentication processing using the authentication terminal described using FIGS. 1 to 9 in this disclosure. Therefore, even if the processing in FIGS. 10 and 11 is cut out, it can be used industrially, and it is not essential to combine it with FIGS. 1 to 9.
- FIG. 10 and 11 is widely applied as a mechanism for verifying that the SD memory card attached to the device before the power is turned off is the same as the SD memory card attached when the device is turned on. It is possible.
- a recording medium is provided with a counter that counts in one direction each time a data write process is executed, a device in which the recording medium is mounted has a storage device, and At the timing when the recording medium is unmounted from the apparatus, the recording medium stores simple authentication information generated from at least the counter value as first authentication information in a non-user area of the recording medium, and the simple authentication information as second authentication information to the device, and the device stores the second authentication information in the storage device.
- the first device transmits the second authentication information stored in the storage device to the recording medium, and the controller of the recording medium compares the first authentication information stored in the non-user area with the second authentication information received from the second device, and determines that the second recording medium is authentic if they match.
- the controller of the recording medium compares the first authentication information stored in the non-user area with the second authentication information received from the second device, and determines that the second recording medium is authentic if they match.
- the authenticity of the SD memory card B is confirmed using the authentication terminal 2 in the factory 10, but this is only an example.
- a business may use the process of the present disclosure for the purpose of authenticating a user who has paid a particular contract or fee. More specifically, the company ships the SD memory card only to the user who paid for the music concert.
- the SD memory card records a random number generation program 110a, QR code generation and decoding programs 110b and 110c, identification information 120a, and a one-way function 120b shown in FIG. It is also assumed that the non-user area 120 stores seat information indicating the position of the seats in the concert venue.
- the user attaches the SD memory card to his/her own terminal, such as a smart phone, and heads for the concert venue.
- his/her own terminal such as a smart phone
- an attendant having the authentication terminal 2 authenticates the authenticity of the SD memory card.
- the user can access his seat information from the SD memory card and display its location on the smartphone screen. In this way, the possession of a valid SD memory card is used to authenticate the user who is the owner of the card, and by reading the user's unique information, the information is presented only to a specific user. can be done.
- Flash memory devices such as compact flash (registered trademark) and memory stick (registered trademark) can be used as recording media according to other standards.
- the present disclosure can be applied to a system for confirming the authenticity of removable recording media such as SD cards offline.
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Computer Hardware Design (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Multimedia (AREA)
- Human Computer Interaction (AREA)
- Storage Device Security (AREA)
Abstract
Description
そのような機器には、通常、サイバーセキュリティが確保されている。サイバーセキュリティとは、情報の安全管理のために必要な措置、及び、情報システム及び情報通信ネットワークの安全性及び信頼性の確保のために必要な措置が講じられ、その状態が維持管理されていることを言う。例えば特許文献1は、認証サーバを用いて機器にアクセスするための認証に関するセキュリティを向上させる技術を開示する。
しかしながら、それでもなお、悪意のある第三者が通信ネットワークを介して機器に不正にアクセスし、情報を窃取するおそれは存在する。
図1は、オフライン認証システム1のハードウェア構成を示すブロック図である。オフライン認証システム1は、例えば工場10内に設置された、工場機器・産業機械・インフラ設備などの通常オフラインで利用されている機器を認証するために利用される。機器をオフラインで利用する理由は、通信ネットワーク80を介して外部から悪意のある第三者が侵入し、機器が乗っ取られたり、機器のデータを窃取されたりしないようにするためである。すなわちサイバーセキュリティ上の脅威から機器を守るためである。以下、通常オフラインで利用されている機器を、「オフライン機器」と呼ぶ。
次に、オフライン認証システム1における認証処理の手順を説明する。先に図1を参照しながら簡単に説明したように、以下では、SDメモリカードBを利用して工作機械制御システム6の動作プログラムを更新する際の処理を例示して説明する。
図7は、認証処理の手順を示すフローチャートである。図7の左側には、原則として認証端末2に装着されたSDメモリカードAのコントローラ125の処理の手順が示され、右側には、原則として管理用PC4または工作機械制御システム6に装着されたSDメモリカードBのコントローラ125の処理の手順が示されている。ここで、図7の左側の一部の処理は管理用PC4または工作機械制御システム6のCPU22によって処理される場合もあり、図7右側の一部の処理は認証端末2のCPU22によって処理される場合もある。なお、図7は、SDメモリカードAのコントローラ125が、管理用PC4または工作機械制御システム6に装着されたSDメモリカードBの真正性を確認する「片方向認証」の処理手順を示している。「片方向認証」の処理の後、さらに、SDメモリカードBのコントローラ125がSDメモリカードAの真正性を追加で確認する「双方向認証」の処理手順は図8に示されており、後に説明する。
上述の説明では、工場10内で認証端末2を用いてSDメモリカードBの真正性を確認したが、これは一例に過ぎない。他に、例えば事業者が、特定の契約や料金の支払いを行ったユーザを認証する目的で本開示の処理を利用してもよい。より具体的には、事業者が、音楽コンサートの入金を行ったユーザにのみ、SDメモリカードを発送する。SDメモリカードには、図5に示す乱数生成プログラム110a、QRコード生成及びデコードプログラム110b及び110c、識別情報120a、及び一方向性関数120bが記録されている。また、非ユーザ領域120にはコンサート会場の座席の位置を示す座席情報が格納されているとする。ユーザは、そのSDメモリカードを自身の端末、例えばスマートフォン、に装着してコンサート会場に向かう。コンサート会場では、認証端末2を有する係員がSDメモリカードの真正性を認証する。真正性が確認されると、そのユーザはSDメモリカードから、自身の座席情報にアクセスしてスマートフォンの画面にその位置を表示することができる。このように、正当なSDメモリカードを所有していることを利用して、その所有者であるユーザを認証し、ユーザの固有の情報を読み出すことで、特定のユーザのみに情報を提示することができる。
2 認証端末
4 管理システム(管理用PC)
6 工作機械制御システム
6a 制御機器
6b 工作機械
22、62 処理回路(CPU)
24 通信回路
26、66 SD-インタフェース(I/F)装置
28、68 ディスプレイ
30、70 カメラ
32、72 メモリ
110 ユーザ領域
110a 乱数生成プログラム
110b QRコード生成プログラム
110c QRコードデコードプログラム
120 非ユーザ領域
120a 識別情報
120b 一方向性関数
120c カウンタ
Claims (15)
- 第1記録媒体が装着された第1装置を用いて、第2装置に装着された第2記録媒体の真正性を判定する方法であって、
前記第1装置は、第1撮像装置及び第1表示装置を有し、
前記第2装置は、第2撮像装置及び第2表示装置を有し、
前記第1記録媒体及び前記第2記録媒体の各々は、
ユーザがデータを書き換え可能なユーザ領域、及びユーザがデータを書き換え不可能な非ユーザ領域を有するフラッシュメモリと、
前記フラッシュメモリへのデータの書き込みおよび/または読み出しを制御するコントローラと
を有し、かつ、
前記第1記録媒体の前記非ユーザ領域には、第1識別情報、及び、演算方法を規定する第1アルゴリズムデータが予め記録されており、
前記第1記録媒体のコントローラは、
(a)所定の第1変数値が1次元状または2次元状に符号化された第1画像パターンを前記第1表示装置に表示させ、
(b)前記第1画像パターンの表示後に、前記第2装置の前記第2表示装置に表示された1次元状または2次元状の第2画像パターンを、前記第1撮像装置を用いて撮像させ、
(c)撮像された前記第2画像パターンから第1コードデータを復号し、
(d)前記第1アルゴリズムデータを利用して前記第1識別情報及び前記第1変数値を用いた演算を行い、演算結果である第1結果データを出力し、
(e)復号された前記第1コードデータと出力された前記第1結果データとが一致した場合、前記第2記録媒体を真正であると判定する、判定方法。 - 前記第2記録媒体が、前記第1識別情報と同じ第2識別情報、及び、前記第1アルゴリズムデータと同じ第2アルゴリズムデータを記憶している場合であって、かつ、
前記第2記録媒体のコントローラが、
(b1)前記第1画像パターンから前記第1変数値を復号し、
(b2)前記第2アルゴリズムデータを利用して前記第2識別情報及び前記第1変数値を用いて演算を行い、
(b3)演算結果である第2結果データから前記第2画像パターンを生成した、場合、
前記ステップ(e)において、前記第1記録媒体のコントローラは前記第2記録媒体を真正であると判定する、請求項1に記載の判定方法。 - 前記ステップ(e)において、前記第1記録媒体のコントローラが前記第2記録媒体を真正であると判定した場合、前記第1記録媒体のコントローラは前記第2端末に、前記第2記録媒体へのアクセス許可のコマンドを送信する、請求項1または2に記載の判定方法。
- 前記アクセス許可のコマンドは、前記第2記媒体へのデータの書き込み許可のコマンドを少なくとも含み、
前記書き込み許可のコマンドの受信後、前記第2記録媒体のコントローラは、前記フラッシュメモリへのデータの書き込みを実行する、請求項3に記載の判定方法。
- (f)前記ステップ(e)において、前記第2記録媒体を真正であると判定した前記第1記録媒体のコントローラは、前記第2端末に双方向認証を実行させるコマンドを送信し、
前記第2記録媒体の前記非ユーザ領域には、第2識別情報、及び、演算方法を規定する第2アルゴリズムデータが予め記録されており、
前記コマンドの受信に応答して、前記第2記録媒体のコントローラは、
(g)所定の第2変数値が1次元状または2次元状に符号化された第3画像パターンを前記第2表示装置に表示させ、
(h)前記第3画像パターンの表示後に前記第1装置の前記第1表示装置に表示された1次元状または2次元状の第4画像パターンを、前記第2撮像装置を用いて撮像させ、
(i)撮像された前記第4画像パターンから第2コードデータを復号し、
(j)前記第2アルゴリズムデータを利用して前記第2識別情報及び前記第2変数値を用いた演算を行い、演算結果である第2結果データを出力し、
(k)前記ステップ(c)において復号された前記第2コードデータと、前記ステップ(l)において出力された前記第2結果データとが一致した場合、前記第1記録媒体を真正であると判定する、請求項1に記載の判定方法。 - 前記ステップ(l)において、前記第2記録媒体のコントローラが前記第1記録媒体を真正であると判定した場合、前記第1記録媒体のコントローラは前記第2端末に、前記第2記録媒体へのアクセス許可のコマンドを送信する、請求項5に記載の判定方法。
- 前記コマンドの受信後、前記第2記録媒体は、前記フラッシュメモリへのデータの書き込みおよび/または読み出しが可能な状態に遷移する、請求項6に記載の判定方法。
- 前記第2記録媒体には、データの書き込み処理が実行される度に一方向にカウントされるカウンタが設けられており、
前記第2装置は記憶装置を有しており、
第2記録媒体が真正であると判定された後、前記第2装置から前記第2記録媒体のマウントが解除されるタイミングにおいて、前記第2記録媒体は少なくとも前記カウンタ値から生成される簡易認証情報を第1認証情報として前記非ユーザ領域に保存し、前記簡易認証情報を第2認証情報として前記第2装置に送信し、
前記第2装置は、前記第2認証情報を前記記憶装置に保存する、請求項1に記載の判定方法。 - 前記第2装置に前記第2記録媒体がマウントされたタイミングで、
前記第2装置は、前記記憶装置に保存されていた前記第2認証情報を前記第2記録媒体に送信し、
前記第2記録媒体のコントローラは、
前記非ユーザ領域に保存していた前記第1認証情報と、前記第2装置から受信した前記第2認証情報とを比較し、一致している場合には前記第2記録媒体を真正であると判定する、請求項8に記載の判定方法。 - 前記第1装置はモバイルコンピュータであり、
前記第2装置は、工作機械または工作機械を制御する制御機器である、請求項1に記載の判定方法。 - 前記第1記録媒体は前記第1装置から取り外し可能なメモリカードであり、
前記第2記録媒体は前記第2装置から取り外し可能なメモリカードである、請求項1に記載の判定方法。 - 前記第1記録媒体及び前記第2記録媒体はSDメモリカードである、請求項11に記載の判定方法。
- 前記第1変数値は、前記第1記録媒体のコントローラによって生成された乱数であり、
前記第1識別情報は、前記第1記録媒体の製造時または使用時に記録された固定値であり、
前記第1アルゴリズムは、一方向性関数である、請求項1に記載の判定方法。 - 前記第2変数値は、前記第2記録媒体のコントローラによって生成された乱数であり、
前記第2識別情報は、前記第2記録媒体の製造時または使用時に記録された固定値であり、
前記第2アルゴリズムは、一方向性関数である、請求項5に記載の判定方法。 - 前記第1記録媒体であって、かつ、請求項1に記載の判定する方法を実行するコントローラを備える記録媒体。
Priority Applications (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP2023510253A JPWO2022209065A1 (ja) | 2021-03-31 | 2021-12-22 | |
CN202180096550.6A CN117099100A (zh) | 2021-03-31 | 2021-12-22 | 判定记录介质的真实性的方法以及记录介质 |
US18/374,743 US20240028674A1 (en) | 2021-03-31 | 2023-09-29 | Method for determining authenticity of recording medium and recording medium |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US202163168767P | 2021-03-31 | 2021-03-31 | |
US63/168,767 | 2021-03-31 |
Related Child Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US18/374,743 Continuation US20240028674A1 (en) | 2021-03-31 | 2023-09-29 | Method for determining authenticity of recording medium and recording medium |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2022209065A1 true WO2022209065A1 (ja) | 2022-10-06 |
Family
ID=83455802
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/JP2021/047588 WO2022209065A1 (ja) | 2021-03-31 | 2021-12-22 | 記録媒体の真正性を判定する方法、及び記録媒体 |
Country Status (4)
Country | Link |
---|---|
US (1) | US20240028674A1 (ja) |
JP (1) | JPWO2022209065A1 (ja) |
CN (1) | CN117099100A (ja) |
WO (1) | WO2022209065A1 (ja) |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2005174514A (ja) * | 2003-12-15 | 2005-06-30 | Matsushita Electric Ind Co Ltd | 情報記録媒体 |
JP2016035751A (ja) * | 2014-08-01 | 2016-03-17 | 国立大学法人 鹿児島大学 | 透かし入り二次元コード、認証システム、認証方法、及びプログラム |
-
2021
- 2021-12-22 JP JP2023510253A patent/JPWO2022209065A1/ja active Pending
- 2021-12-22 CN CN202180096550.6A patent/CN117099100A/zh active Pending
- 2021-12-22 WO PCT/JP2021/047588 patent/WO2022209065A1/ja active Application Filing
-
2023
- 2023-09-29 US US18/374,743 patent/US20240028674A1/en active Pending
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2005174514A (ja) * | 2003-12-15 | 2005-06-30 | Matsushita Electric Ind Co Ltd | 情報記録媒体 |
JP2016035751A (ja) * | 2014-08-01 | 2016-03-17 | 国立大学法人 鹿児島大学 | 透かし入り二次元コード、認証システム、認証方法、及びプログラム |
Also Published As
Publication number | Publication date |
---|---|
CN117099100A (zh) | 2023-11-21 |
JPWO2022209065A1 (ja) | 2022-10-06 |
US20240028674A1 (en) | 2024-01-25 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11069168B2 (en) | Facial capture managing access to resources by a device | |
US7562385B2 (en) | Systems and methods for dynamic authentication using physical keys | |
CN102045367B (zh) | 实名认证的注册方法及认证服务器 | |
AU2023204649A1 (en) | Method of using one device to unlock another device | |
US20160328895A1 (en) | Controlling physical access to secure areas via client devices in a networked environment | |
US10339366B2 (en) | System and method for facial recognition | |
US20140189119A1 (en) | Controlling Access to Resources on a Network | |
US11366885B2 (en) | Vehicle security system and vehicle security method | |
US20050061875A1 (en) | Method and apparatus for a secure RFID system | |
US20040186880A1 (en) | Management apparatus, terminal apparatus, and management system | |
US11025595B2 (en) | Secure and anonymous data sharing | |
CN103888436A (zh) | 用户认证的方法和装置 | |
CN104469736B (zh) | 一种数据处理方法、服务器及终端 | |
CN107657199B (zh) | 行动装置、验证装置及其验证方法 | |
KR101321875B1 (ko) | 엔에프씨 보안 프린트 시스템 및 방법 | |
WO2022209065A1 (ja) | 記録媒体の真正性を判定する方法、及び記録媒体 | |
KR20200123635A (ko) | 차량의 영상 데이터 접근 제어 장치 및 그 방법 | |
KR20150112655A (ko) | 무선 접속 방식 및 서비스 인증 방법, 인쇄 코드 생성 방법 및 단말 | |
JP7521185B2 (ja) | 決済装置、制御方法、プログラム、及びシステム | |
CN114254300A (zh) | 一种长输管道数据安全采集方法及系统 | |
CN105825247B (zh) | 一种读卡器及数据传输方法 | |
WO2021176814A1 (ja) | 認証システム、通信機器、情報機器及び認証方法 | |
CN115527294B (zh) | 安全芯片的nfc信号车辆解锁方法及安全芯片装置 | |
TWI764616B (zh) | 身分驗證及產品權限獲得方法、用於身分驗證的設備端和用於獲得產品權限的使用端 | |
US20140344920A1 (en) | Method, terminal, and service device for providing data security service |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 21935214 Country of ref document: EP Kind code of ref document: A1 |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2023510253 Country of ref document: JP |
|
WWE | Wipo information: entry into national phase |
Ref document number: 202180096550.6 Country of ref document: CN |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 21935214 Country of ref document: EP Kind code of ref document: A1 |