WO2023119554A1 - Procédé de commande, dispositif de traitement d'informations et programme de commande - Google Patents

Procédé de commande, dispositif de traitement d'informations et programme de commande Download PDF

Info

Publication number
WO2023119554A1
WO2023119554A1 PCT/JP2021/047868 JP2021047868W WO2023119554A1 WO 2023119554 A1 WO2023119554 A1 WO 2023119554A1 JP 2021047868 W JP2021047868 W JP 2021047868W WO 2023119554 A1 WO2023119554 A1 WO 2023119554A1
Authority
WO
WIPO (PCT)
Prior art keywords
key
information
database
server
individual
Prior art date
Application number
PCT/JP2021/047868
Other languages
English (en)
Japanese (ja)
Inventor
雅樹 西垣
Original Assignee
富士通株式会社
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 富士通株式会社 filed Critical 富士通株式会社
Priority to PCT/JP2021/047868 priority Critical patent/WO2023119554A1/fr
Publication of WO2023119554A1 publication Critical patent/WO2023119554A1/fr

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords

Definitions

  • the information 24, 25, 26 and restoring the key information 16 are protected through the database 13 and the database management program 14. Therefore, even if an attacker intrudes into the information processing device 10 or the administrator of the information processing device 10 maliciously leaks information, there is a risk that the key information 16 will be illegally obtained by a third party. descend. As a result, the risk of unauthorized decryption of the encrypted data using the key information 16 is reduced, and data security is improved.
  • the information processing apparatus 10 may acquire package data including the database 13 and the database management program 14 from the source of the request for the key information 16, or may return the package data with the key information 16 stored. good. This enhances the protection of database 13 under the control of the requestor of key information 16 .
  • FIG. 5 is a diagram showing an example of arrangement of key element information in a server device.
  • the clerk server 35 stores individual key position information 141 and an individual key list 144 .
  • the clerk server 36 stores individual key location information 142 and an individual key list 145 .
  • the clerk server 37 stores individual key position information 143 and an individual key list 146 .
  • the key management server 31 also generates individual key lists 144, 145, and 146 based on the three individual keys and the three correct positions calculated above. For example, individual key list 146 contains the individual key for member server 32 in the correct position #6. Individual key list 144 contains the individual key for member server 33 in the correct position #2. Individual key list 145 contains the individual key for member server 34 in the correct position #4.
  • the user definition 136 indicates users who can access the database.
  • the user may be identified by the user name, the server name or role ID of the server device, or the communication address of the server device.
  • the authority definition 137 indicates the type of data manipulation permitted for each user. For example, whether or not data retrieval, data insertion, data update, and data deletion are allowed in the database is defined. Also, stored procedures that can be executed by each user among the registered stored procedures are specified.
  • the data file 132 is a file containing records of relational database tables.
  • Data file 132 is encrypted.
  • the unit of encryption may be coarse granularity, such as the entire data file 132, or fine granularity, such as table units or record units.
  • the management information file 131 and the data file 132 are generated and encrypted using a normal version of the DBMS program whose functions are not restricted.
  • a user definition 136, an authority definition 137, a data structure definition 138 and a procedure definition 139 suitable for realizing the encryption key recovery flow to be described later are set.
  • the normal version of the DBMS program is replaced with the DBMS program 133 .
  • the clerk table 161 and member table 162 are created when the data capsule 130 is generated and are not updated.
  • the encryption key table 163, the individual key position table 164, the individual key table 165, and the duplex key position table 166 are empty when the data capsule 130 is generated. Records are inserted into the individual key position table 164 and the individual key table 165 from the clerk servers 35 , 36 and 37 . Records are inserted from the member servers 32 , 33 , 34 into the encryption key table 163 and the duplicated key position table 166 .
  • the stored procedure 172 indicates individual key position calculation.
  • the stored procedure 172 is called when the stored procedure 171 outputs True.
  • the stored procedure 172 synthesizes the individual key position information contained in the individual key position table 164 and calculates an index indicating the individual key position of each member server. For example, the stored procedure 172 calculates the sum of even numbers times the product of odd numbers for each member server. Stored procedure 172 outputs the calculated individual key position. Note that the logic for calculating the individual key position is hidden in the stored procedure 172 and is not disclosed to the outside.
  • the stored procedure 177 indicates the completion of encryption key communication.
  • the stored procedure 177 is called when a record is inserted into the encryption key table 163 .
  • the stored procedure 177 collates the member table 162 and the encryption key table 163 to determine whether or not the encryption key reading results have been received from all the member servers.
  • the stored procedure 177 outputs True or False indicating the determination result.
  • the key management server 31 specifies the member identifier of the member server 32 and executes the stored procedure 173 .
  • Stored procedure 173 removes extraction failure information from data capsule 130 . This leaves the data capsule 130 with three individual keys corresponding to the member servers 32 , 33 , 34 .
  • the stored procedure 173 marks the individual key corresponding to the member identifier of the member server 32 among the three individual keys. At this time, the individual key is protected from the key management server 31 .
  • the key management server 31 executes the stored procedure 176.
  • the stored procedure 176 inputs the three numerical values collected from the member servers 32 , 33 , 34 into the hash function to calculate the double key position of the member server 32 .
  • the key management server 31 acquires “4” as the duplicate key position of the member server 32 from the stored procedure 176 . At this time, the collected numerical values and logic for synthesizing them are protected from the key management server 31 .
  • the key verification server 38 has a verification information storage section 128 and a key verification section 129 .
  • the verification information storage unit 128 is implemented using the RAM or HDD of the key verification server 38, for example.
  • the key verification unit 129 is implemented using, for example, the CPU, communication interface, and program of the key verification server 38 .
  • a plurality of key verification servers may exist.
  • FIG. 13 is a flow chart showing an example of a procedure for restoring an encryption key.
  • the key management server 31 receives a request for an encryption key from the target member server. At this time, the key management server 31 receives the data capsule 130 from the target member server.
  • the key management server 31 notifies the member servers 32, 33, and 34 of the location of the duplicated key of the target member server.
  • Each of the member servers 32, 33, and 34 extracts the key at the specified duplicate key position from the duplicate key list it owns.
  • the information processing system stores the individual key and duplicate key mixed with the trap key. This makes it difficult for an attacker who does not know the correct location to evade the trap, making the attack easier to detect.
  • the information processing system outputs an alert indicating the possibility of unauthorized access and delays the response of the server device. This makes it difficult for an attacker to access a large number of server devices in a short period of time, ensuring sufficient time to detect an attack and take countermeasures.
  • the fact that the trap key was selected is used to determine whether to invalidate the data encapsulation, improving security.
  • the information processing system distributes fragmentary position information for calculating the correct positions of the individual key and the duplicated key to a plurality of server devices. As a result, the number of server devices that an attacker must intrude to avoid the trap increases, and the time required for the attack increases.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Physics & Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Storage Device Security (AREA)

Abstract

La présente invention supprime l'acquisition illicite d'informations de clé. Un dispositif de traitement d'informations (10) reçoit une demande d'informations de clé (16). Le dispositif de traitement d'informations (10) : sauvegarde des données d'entrée et permet l'exécution d'une procédure (15) ; et utilise une base de données (13), qui est protégée par un programme de gestion de base de données (14) qui limite la lecture de données d'entrée sauvegardées, pour acquérir des éléments d'informations (24, 25, 26) sauvegardés dans la base de données (13) à partir d'un nœud (21, 22, 23). Le dispositif de traitement d'informations (10) restaure les informations de clé (16) dans la base de données (13) en exécutant une procédure (15) sur les éléments d'informations (24, 25, 26) sauvegardés. Le dispositif de traitement d'informations (10) délivre la base de données (13) comprenant les informations de clé (16) en réponse à la demande.
PCT/JP2021/047868 2021-12-23 2021-12-23 Procédé de commande, dispositif de traitement d'informations et programme de commande WO2023119554A1 (fr)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/JP2021/047868 WO2023119554A1 (fr) 2021-12-23 2021-12-23 Procédé de commande, dispositif de traitement d'informations et programme de commande

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/JP2021/047868 WO2023119554A1 (fr) 2021-12-23 2021-12-23 Procédé de commande, dispositif de traitement d'informations et programme de commande

Publications (1)

Publication Number Publication Date
WO2023119554A1 true WO2023119554A1 (fr) 2023-06-29

Family

ID=86901759

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2021/047868 WO2023119554A1 (fr) 2021-12-23 2021-12-23 Procédé de commande, dispositif de traitement d'informations et programme de commande

Country Status (1)

Country Link
WO (1) WO2023119554A1 (fr)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2002111659A (ja) * 2000-10-04 2002-04-12 Nec Software Hokuriku Ltd ファイル暗号化システム、ファイル暗号化用プログラムおよびデータを記録した記録媒体
JP2009211407A (ja) * 2008-03-04 2009-09-17 Nippon Telegr & Teleph Corp <Ntt> 認証情報生成システム、認証情報生成方法、クライアント装置及びプログラム
JP2021136645A (ja) * 2020-02-28 2021-09-13 富士通株式会社 制御方法、制御プログラムおよび情報処理装置

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2002111659A (ja) * 2000-10-04 2002-04-12 Nec Software Hokuriku Ltd ファイル暗号化システム、ファイル暗号化用プログラムおよびデータを記録した記録媒体
JP2009211407A (ja) * 2008-03-04 2009-09-17 Nippon Telegr & Teleph Corp <Ntt> 認証情報生成システム、認証情報生成方法、クライアント装置及びプログラム
JP2021136645A (ja) * 2020-02-28 2021-09-13 富士通株式会社 制御方法、制御プログラムおよび情報処理装置

Similar Documents

Publication Publication Date Title
US20210099287A1 (en) Cryptographic key generation for logically sharded data stores
CA3066678C (fr) Traitement d&#39;interrogations de donnees dans une memoire de donnees logiquement partagee
US20190007204A1 (en) Theft and tamper resistant data protection
JP4398145B2 (ja) 自動データベース暗号化の方法および装置
KR101371608B1 (ko) Dbms 및 데이터베이스에서 암호화 방법
US8769675B2 (en) Clock roll forward detection
AU2002213436A1 (en) Method and apparatus for automatic database encryption
GB2567146A (en) Method and system for secure storage of digital data
CN103731395A (zh) 文件的处理方法及系统
JP2008250369A (ja) 機密データファイルの管理方法、管理システム及びプロキシサーバ
CN104239820A (zh) 一种安全存储设备
CN105740725A (zh) 一种文件保护方法与系统
AU2017440029B2 (en) Cryptographic key generation for logically sharded data stores
KR20100106110A (ko) 시큐어 부트 데이터(Secure Boot Data) 통합 관리 시스템, 시큐어 부트 데이터 통합 관리를 위한 메타데이터 생성 및 검증 방법, 이를 컴퓨터에서 실행시키기 위한 프로그램을 기록한 컴퓨터로 읽을 수 있는기록매체.
JP2008009483A (ja) 情報処理システム、情報処理方法、およびプログラム
JP2006228202A (ja) 機密データの管理方法及び管理システム
WO2023119554A1 (fr) Procédé de commande, dispositif de traitement d&#39;informations et programme de commande
KR101544750B1 (ko) 더미 인증키를 이용한 클라우드 시스템의 보안 장치 및 방법
WO2023112272A1 (fr) Procédé de gestion, dispositif de traitement d&#39;informations et programme de gestion
KR100998596B1 (ko) 분산 자료 통합 백업 시스템
US20130262881A1 (en) Binary Data Store
WO2023132046A1 (fr) Procédé de détermination, dispositif de traitement d&#39;informations et programme de détermination
JP4899196B2 (ja) データ管理システム、端末コンピュータ、管理コンピュータ、データ管理方法及びそのプログラム
WO2023017572A1 (fr) Programme de traitement d&#39;informations, procédé de traitement d&#39;informations et dispositif de traitement d&#39;informations
GB2434887A (en) Access control by encrypting stored data with a key based on a &#34;fingerprint&#34; of the device storing the data

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 21968989

Country of ref document: EP

Kind code of ref document: A1

ENP Entry into the national phase

Ref document number: 2023568933

Country of ref document: JP

Kind code of ref document: A