WO2006018874A1 - 管理サービス装置、バックアップサービス装置、通信端末装置及び記憶媒体 - Google Patents
管理サービス装置、バックアップサービス装置、通信端末装置及び記憶媒体 Download PDFInfo
- Publication number
- WO2006018874A1 WO2006018874A1 PCT/JP2004/011883 JP2004011883W WO2006018874A1 WO 2006018874 A1 WO2006018874 A1 WO 2006018874A1 JP 2004011883 W JP2004011883 W JP 2004011883W WO 2006018874 A1 WO2006018874 A1 WO 2006018874A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- storage medium
- data
- public key
- unit
- communication terminal
- Prior art date
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6209—Protecting access to data via a platform, e.g. using keys or access control rules to a single file or object, e.g. in a secure envelope, encrypted and accessed using a key, or with access control rules appended to the object itself
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/07—Responding to the occurrence of a fault, e.g. fault tolerance
- G06F11/14—Error detection or correction of the data by redundancy in operation
- G06F11/1402—Saving, restoring, recovering or retrying
- G06F11/1446—Point-in-time backing up or restoration of persistent data
- G06F11/1458—Management of the backup or restore process
- G06F11/1464—Management of the backup or restore process for networked environments
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/34—User authentication involving the use of external additional devices, e.g. dongles or smart cards
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/88—Detecting or preventing theft or loss
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/07—Responding to the occurrence of a fault, e.g. fault tolerance
- G06F11/14—Error detection or correction of the data by redundancy in operation
- G06F11/1402—Saving, restoring, recovering or retrying
- G06F11/1446—Point-in-time backing up or restoration of persistent data
- G06F11/1458—Management of the backup or restore process
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/07—Responding to the occurrence of a fault, e.g. fault tolerance
- G06F11/14—Error detection or correction of the data by redundancy in operation
- G06F11/1402—Saving, restoring, recovering or retrying
- G06F11/1446—Point-in-time backing up or restoration of persistent data
- G06F11/1458—Management of the backup or restore process
- G06F11/1469—Backup restoration techniques
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2103—Challenge-response
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2129—Authenticate client device independently of the user
Definitions
- Management service device Backup service device, communication terminal device, and storage medium
- the present invention realizes invalidation of authentication by an existing storage medium attached to a communication terminal such as a mobile phone via a communication network and registration for enabling authentication by a new storage medium Regarding technology.
- the present invention relates to a technology for realizing backup of data stored in a storage medium attached to a communication terminal via a communication network and restoration of the backed up data to the storage medium.
- it relates to technology that realizes encryption and decryption of data to be backed up, digital signature and verification of data to be backed up.
- IC cards are increasingly used for credit cards, point cards, etc. to store user authentication means and service data.
- the IC card can store a large amount of data, the damage caused by losing it is very large.
- a technique for performing backup and recovery (recovery) of data stored in preparation for the loss of the IC card is disclosed (for example, Patent Document 1).
- Patent Document 1 Japanese Patent Laid-Open No. 2001-155078
- Patent Document 2 Japanese Patent Laid-Open No. 2003-319460
- Patent Document 2 the cellular phone data to be backed up is stored in the backup server in plain text or in an encrypted state.
- Patent Document 2 does not describe a specific encryption method.
- the encryption key used for encryption and decryption is stored in the memory of the PC.
- the PC requires additional software and hardware to manage the encryption key.
- mobile phone users who want to back up their data by signing up need to pay extra costs.
- the present invention has been made in order to solve such problems, and authentication invalidation and new registration via a communication network of a storage medium such as an IC card or a mobile phone, and a storage medium are provided.
- Backup the stored data to the server via the communication network restore the backup data to the storage medium, encrypt the backup data and digital signature, decrypt the backup data to be restored, and verify the signature It is intended to provide an apparatus and method for performing.
- the management service device uses the following means.
- the management service device is connected to the second storage medium and receives the data processing request regarding the first storage medium from the communication terminal device via the communication network.
- An authentication unit that authenticates whether the second storage medium connected to the communication terminal device is valid when a request for data processing related to the first storage medium is received from the terminal device; It was decided.
- the management service device further includes a public key of the first storage medium and a public key of the second storage medium
- the receiving unit receives a request for invalidation of the first storage medium from the communication terminal device, and the authentication unit properly stores the second storage medium connected to the communication terminal device.
- the database deletes the stored public key of the first storage medium.
- the management service device further includes a database for storing the public key of the first storage medium and the public key of the second storage medium, and the receiving unit invalidates the first storage medium from the communication terminal device.
- the authentication unit authenticates that the second storage medium connected to the communication terminal device is a valid storage medium
- the database stores the public key of the first storage medium stored in the database. Is deleted, but the public key of the second storage medium is not deleted.
- the management service device further includes a database that stores the public key of the second storage medium, and a certificate issuing unit that issues a certificate that proves the validity of the public key of the second storage medium.
- the receiving unit receives a request for registration of the third storage medium, which is a new storage medium, and the public key of the third storage medium from the communication terminal device, and the authentication unit is connected to the communication terminal device.
- the certificate issuing unit issues a certificate certifying the validity of the public key of the third storage medium received by the receiving unit, and the database receives it.
- the public key of the third storage medium received by the department and the certificate certifying the validity of the public key of the third storage medium issued by the certificate issuing part are stored.
- the management service device includes: a public key of the first storage medium; a certificate proving the validity of the public key of the first storage medium; a public key of the second storage medium; and a second storage medium.
- a database for storing a certificate for certifying the validity of the public key the database comprising a certificate for certifying the validity of the public key of the first storage medium, the public key of the first storage medium, and a second It was decided to register the public key of the storage medium and a certificate that proves the validity of the public key of the second storage medium.
- the management service device includes a database that stores a public key of a storage medium and a certificate that proves the validity of the public key, and the database includes the validity of a public key of a plurality of storage media and a plurality of public keys.
- the authentication unit authenticates whether the storage medium is valid by using at least four public keys belonging to the group, and authenticates whether the storage medium is valid. If the storage medium is authenticated as a It was decided that it was a storage medium belonging to.
- the backup service device receives data stored in the first storage medium and a request to store the data as backup data from the communication terminal device connected to the first storage medium via the communication network.
- a receiving unit that receives a request for transmission of backup data from the communication terminal device connected to the second storage medium via the communication network, and a communication terminal device that connects the receiving unit to the first storage medium.
- Authentication of whether or not the second storage medium connected to the communication terminal device is valid when a request for transmission of backup data is received from the communication terminal device connected to the second storage medium The authentication unit to be performed and the data stored in the first storage medium received by the reception unit when the authentication unit authenticates the first storage medium connected to the communication terminal device as a valid storage medium.
- the backup unit stored as backup data and the authentication unit authenticate the second storage medium connected to the communication terminal device as a valid storage medium the backup data stored in the backup unit is stored in the first storage medium.
- a transmission unit that transmits to the communication terminal device connected to the second storage medium via the communication network.
- the backup data is encrypted using the public key of the second storage medium by the communication terminal device connected to the first storage medium.
- the backup data is digitally signed by the communication terminal device connected to the first storage medium using the private key of the first storage medium.
- the communication terminal device includes a first storage medium storing a first public key, a first secret key corresponding to the first public key, and data, a second public key, and a second public key.
- the second secret key corresponding to the public key and the second storage medium that stores the data ⁇ Any connection ⁇ 1 and the first storage medium strength
- the first public key and the first secret key And writing the first public key and the first secret key to the first storage medium, and the second public key and the second secret key from the second storage medium.
- a key access unit for reading and writing the second public key and the second secret key to the second storage medium, reading data from the first storage medium, and data to the first storage medium Write, read data from the second storage medium, and write data to the second storage medium.
- a data access unit that writes data, a first public key and a first secret key that the key access unit reads from the first storage medium, and a key access unit that reads from the second storage medium
- a storage unit that stores the second public key and the second secret key, a transmission unit that transmits data, and a reception unit that receives data are provided.
- the communication terminal device further includes an encryption part that encrypts data using the second public key, and the first storage medium stores the second public key of the second storage medium.
- the key access unit reads out the second public key from the first storage medium and stores it in the storage unit, the data access unit reads out data from the first storage medium, and the key sign unit stores it.
- the data access unit encrypts the data read from the first storage medium using the second public key stored in the storage unit, and the transmission unit transmits the data encrypted by the ⁇ ⁇ ⁇ part. .
- the communication terminal device further includes a decryption unit that decrypts the data encrypted using the second secret key, the reception unit receives the encrypted data, and the key access unit is the second access unit.
- the second secret key is read from the storage medium and stored in the storage unit, and the decryption unit decrypts the encrypted data received by the reception unit using the second secret key stored in the storage unit.
- the data access unit writes the data decrypted by the decryption unit to the second storage medium.
- the communication terminal device further includes an electronic signature unit for electronically signing data using the first secret key, and the key access unit reads the first secret key from the first storage medium and stores it in the storage unit.
- the data access unit reads data from the first storage medium, and the electronic signature unit uses the first secret key stored in the storage unit to read data from the first storage medium.
- An electronic signature is given to the transmitter, and the transmission unit transmits the data digitally signed by the electronic signature unit.
- the communication terminal device further includes a verification unit that verifies the digitally signed data using the first public key, and the second storage medium uses the first public key of the first storage medium.
- the receiving unit receives the digitally signed data
- the key access unit reads the first public key from the second storage medium and stores it in the storage unit
- the verification unit receives the data. We decided to verify the digitally signed data using the first public key stored in the storage unit.
- the storage medium includes an input / output unit that inputs data from outside and outputs data to the outside, a key generation unit that generates a secret key and a public key corresponding to the secret key, and a public key Using day
- An encryption unit for encrypting data, a decryption unit for decrypting data encrypted using a private key, a signature unit for digitally signing data using a private key, and an electronic signature using a public key We decided to provide a processing unit that is at least one of the verification unit that verifies the data.
- the storage medium further includes a user authentication unit that authenticates whether or not the user of the storage medium is valid, and the user authentication unit has authenticated the user as a valid user. In this case, the operation of the processing unit included in the storage medium is executed.
- the storage medium cannot read the secret key from the outside.
- the management service device when the first storage medium is lost, receives the first storage medium from the communication terminal device connected to the second storage medium via the communication network.
- the second storage medium is authenticated by connecting to the communication terminal device, and the validity of the second storage medium is confirmed, the database power is based on the authority of the second storage medium.
- the first storage medium can be invalidated.
- Embodiment 1 when one of the two storage media possessed by the user is lost, the storage media is invalidated to the management service device via the Internet based on the authority of the other storage media.
- An embodiment will be described in which the public key of the lost storage medium is deleted by requesting, and the lost storage medium cannot be used.
- the management service device is requested to register a new storage medium via the Internet to register the new storage medium public key and its certificate.
- a form is demonstrated.
- X.509 the standard specification of public key certificates regulated by the International Telecommunication Union (ITU) is used for the certificate. Therefore, the certificate that proves the validity of the public key shall include the public key.
- FIG. 1 is a diagram showing a configuration of a key management system in the first embodiment.
- the key management system is connected to the communication terminal device 120 that requests service provision via the communication network, which is the Internet 140, and the public key corresponding to the private key and the private key.
- the management service device 130 performs authentication of any one of 10 a and the storage medium 1 10 ⁇ , and the Internet 140 connects the management service device 130 and the communication terminal device 120.
- the storage medium 1 10 a and the storage medium 1 10 ⁇ are non-volatile storage media used by users, and examples thereof include a non-volatile memory medium and an external hard disk drive.
- the storage medium 1 10 is used by being attached to the communication terminal device 120, and the storage medium 1 10 ⁇ is reserved.
- the normally used storage medium 110 may be referred to as positive, and the storage medium 110 having the spare as the auxiliary may be described as secondary.
- the storage medium 1 10 ⁇ and the storage medium 1 10 may be collectively referred to simply as the storage medium 1 10.
- the communication terminal device 120 includes a communication unit 121 that communicates with the management service device 130 via the Internet 140, a read from the storage medium 120 ⁇ or the storage medium 1 10 ⁇ , and a storage medium.
- input unit 124 for receiving operation input from user user
- a display unit 125 for displaying information on the mobile phone and a control unit 126 for controlling the information are shown.
- a preferred example is a mobile phone terminal.
- the communication unit 121 includes a transmission unit 121 1 that transmits data to the management service device 130 and a reception unit 1212 that receives data from the management service device 130.
- the access unit 122 includes a key access unit 1221 that writes a public key and a secret key to the storage medium 110, and reads a public key and a secret key from the storage medium 110, and a storage medium 110.
- the management service device 130 communicates with the communication terminal device 120 via the Internet 140, the public key unique to the storage medium 110, and the validity of the public key including the public key.
- Certificate database (DB) 132 that manages certificates that prove the authenticity and public key
- the storage unit that stores the public key using the certificate of 1 1 authenticates the authentication unit 133 for authenticating the 10, the certificate issuing unit 134 for issuing a new certificate, and the control unit 135 for controlling these. And consists of
- the communication unit 131 includes a transmission unit 1311 that transmits data to the communication terminal device 120 and a reception unit 1312 that receives data from the communication terminal device 120.
- the storage medium 1 10 a and the storage medium 1 10 ⁇ are respectively connected to the communication terminal device, and the public key corresponding to the private key and the private key and the validity of the public key are proved.
- the word “ ⁇ , ⁇ ” means storage media and storage media.
- the certificate DB 132 includes a user list describing the correspondence between the user who owns the storage medium 110, the public key certificate stored in the storage medium 110, and the revoked public key. Remember the revocation list that contains your certificate.
- the management service device 130 includes a public key of the first storage medium 1 10a, a certificate proving the validity of the public key of the first storage medium 1 10a, and a second storage medium 1 10 ⁇
- the second storage medium 1 10 is provided with a certificate database 132 for storing a certificate proving the validity of the public key of ⁇
- the certificate database 132 is stored in the first storage medium 1 10.
- FIG. 3 shows an example of the user list.
- the user ID is an ID that uniquely identifies the user throughout the system.
- the certificate (primary) is a public key certificate stored in the positive storage medium owned by the user.
- the certificate (secondary) is stored in the secondary storage medium ⁇ owned by the user. This is a public key certificate.
- a public key certificate contains the public key itself as its element. In FIG. 3, for example, is a positive storage medium of user ⁇ 1 10
- the public key certificate that a stores and records, ⁇ is the secondary storage medium of user ⁇ 1 10
- the communication terminal device 120 of the key management system uses the Internet to determine whether or not the other storage media 110 has the Internet.
- a method of making the lost storage medium unusable by deleting the public key of the lost storage medium by requesting the management service device 130 to invalidate the storage medium via 140 will be described.
- the target of authentication is a storage medium, but the final purpose of authentication is to confirm the legitimacy of the user who owns the storage medium. Confirming the legitimacy of this is equivalent to confirming the legitimacy of the user who owns it.
- the receiving unit 1312 relates to the first storage medium 100 through the communication network which is the Internet 140 from the communication terminal device 120 connected to the second storage medium 1 10 j3. Receive a data processing request.
- the authentication unit 133 connects the second storage medium 1 connected to the communication terminal device 120. 10 Authenticates whether ⁇ is valid.
- the certificate database 132 stores the public key of the first storage medium 1 10a and the public key of the second storage medium 1 10.
- the reception unit 1312 receives a request for invalidation of the first storage medium 110a from the communication terminal device 120, and the authentication unit 133 receives the second storage medium 110b connected to the communication terminal device 120. Is authenticated as a legitimate storage medium, the certificate database 132 deletes the stored public key of the first storage medium 1 10 ⁇ .
- the user requests invalidation of the storage medium 110 from the input unit 124 of the communication terminal device 120.
- Step S501 The communication terminal device 120 transmits a request to invalidate the storage medium to the management service device 130, and the management service device 130 is connected to the communication terminal device 120.
- the storage medium 110 is authenticated (the authentication method will be described later), and it is determined whether or not the authentication is successful (step S502). If it is not determined to be successful (No in step S502), the invalidation cannot be continued and the process ends. If it is determined that the management is successful (if yes in step S502), the management service device 130 determines whether the storage medium 110 authenticated in step S502 is a positive storage medium 110 (step S503). .
- step S 503 If it is a positive storage medium 1 10 a (if yes in step S 503), that is, if the secondary storage medium 1 10 j3 is lost, the management service device 130 uses the user of the certificate DB 132 Add the certificate ( ⁇ IJ) of the user who owns the positive storage medium 1 10 a in the list to the revocation list (Step S504), and release the secondary storage medium included in the certificate (secondary) The key is deleted (step S505).
- step S 502 If the storage medium authenticated in step S 502 is not the positive storage medium 1 10 ⁇ (in the case of No in step S 503), that is, if the storage medium that has been lost is the positive storage medium 1 10, the management service device 130 Adds the certificate of the user who possesses the secondary storage medium 1 10 ⁇ listed in the certificate DB13 2 user list to the revocation list (step S506) and includes it in the certificate (correct)
- the public key included in the certificate (secondary) is entered as the public key included in the certificate (primary) (Step S507). Thereafter, the public key included in the certificate (secondary) is deleted (step S505).
- the management service device 130 When a user requests a service from the communication terminal device 120 to the management service device 130 via the Internet 140, the management service device 130 authenticates the storage medium connected to the communication terminal device 120, and stores it. By authenticating the medium, the service is provided after confirming that the user who owns the medium is valid.
- the management service device 130 uses a PKI (Public Key Infrastructure) mechanism that uses a public key and a secret key stored in the storage medium 110, and stores the information connected to the communication terminal device 120.
- the medium 110 is authenticated (step S401).
- the management service device 130 determines whether the authentication is successful (step S402). If the management service device 130 determines that it has not succeeded (No in step S402), the management service device 130 confirms that the authentication has failed because the validity of the storage medium 110 has not been confirmed via the communication terminal device 120. user (Step S403), and the process ends.
- PKI Public Key Infrastructure
- the management service device 130 refers to the revocation list of the certificate DB 132 and revocation status of the public key certificate stored in the storage medium 110. (Step S404), and it is determined whether the public key certificate is revoked (step S405). If it is revoked (yes in step S405), the management service device 130 indicates that the authentication has failed due to the revocation of the public key certificate via the communication terminal device 120. (Step S403), and the process ends.
- the management service device 130 If it has not been revoked (No in step S405), the management service device 130 refers to the user list in the certificate DB 132 and determines the user ID of the user corresponding to the public key certificate that has not been revoked. Acquire it (step S406). Thereafter, the management service device 130 notifies the user via the communication terminal device 120 that the validity of the user who owns the storage medium has been confirmed by authentication (step S407).
- the user ID is obtained from the user list of the certificate DB 132 in step S506, but the information of the issuer (Subject) possessed by the certificate specified by X.509 is used as the user ID. May be.
- the communication terminal device 120 transmits the public key certificate (the certificate includes the public key) stored in the connected storage medium 110 to the management service device 130 (step S2 101).
- the management service device 130 verifies the validity of the public key certificate received from the communication terminal device 120 (step S2102). The verification of validity is determined by whether or not the public key certificate is digitally signed by the management service device. If it is not determined to be valid (No in step S2102), it is determined that the certificate is invalid and the processing is terminated. If it is determined to be valid (yes in step S2102), the management service device 130 generates a random number (step S2103), and uses the public key extracted from the certificate to generate the random number. (Step S2104).
- the management service device 130 transmits the encoded random number to the communication terminal device 120 (step S2105).
- the communication terminal device 120 that has received the encrypted random number from the management service device 130 is connected to the storage medium.
- the encrypted random number is decrypted and transmitted to the management service device 130 (step S2106).
- the management service device 130 that has received the decrypted random number from the communication terminal device 120 compares the previously generated random number with the received decrypted random number, and determines whether or not they match (step S2107). . If they match, it is a legitimate storage medium 110 and authentication is successful (step S2108). If they do not match, it is determined that the storage medium 110 is invalid, authentication fails, and the process ends.
- the communication terminal device 120 of the key management system uses the Internet 140 0 based on the authority of the secondary storage medium 1 10 ⁇ .
- the management service device 130 to invalidate the positive storage medium 110a
- the public key of the lost positive storage medium 110a is deleted, and the lost positive storage medium 110a cannot be used.
- the method by which the storage medium 110 ⁇ of ⁇ IJ cannot be invalidated will be described.
- the receiving unit 1312 from the second storage medium 110 beta and connected to have that communication terminal device 120, first data on the storage medium 110 alpha via a communication network is the Internet 140 Receive a request for processing.
- the authentication unit 133 connects the second storage medium 110 ⁇ connected to the communication terminal device 120. Authenticates whether or not is valid.
- the certificate database 132 stores the public key of the first storage medium 110a and the public key of the second storage medium 110.
- the receiving unit 1312 receives a request for invalidation of the first storage medium 110a from the communication terminal device 120, and the authentication unit 133 validates the second storage medium 110 ⁇ connected to the communication terminal device 120.
- the certificate database 132 deletes the stored public key of the first storage medium 110, but does not delete the public key of the second storage medium 110 ⁇ .
- the malicious third party can detect the positive storage medium 110a that has been picked up. It is also possible to invalidate the secondary storage medium 110 ⁇ or register a new storage medium illegally using a network (a method for registering a new storage medium will be described later). So the user If the positive storage medium 1 10 ⁇ is lost, the secondary storage medium 1 10 can invalidate the positive storage medium 1 10 a, but the positive storage medium 1 10 a is the secondary storage medium 1 10. A specific method in which ⁇ cannot be invalidated will be described with reference to the flowchart shown in FIG.
- a user or a malicious third party requests invalidation of the storage medium from the input unit 124 of the communication terminal device 120 (step S701).
- the communication terminal device 120 transmits a request to invalidate the storage medium to the management service device 130, and the management service device 130 connects to the management service device 130 using the method shown in FIG.
- the storage medium 110 is authenticated, and it is determined whether the storage medium 110 is valid (step S702). If it is determined not to be valid (No in step S702), the invalidation cannot be continued and the process ends. If it is determined to be valid (if yes in step S702), the management service device 130 determines whether the storage medium authenticated in step S702 is a positive storage medium 110 (step S702). S 703).
- step S702 If the storage medium authenticated in step S702 is the positive storage medium 1 10 a (if yes in step S703), the positive storage medium 1 10 a will not continue to invalidate the secondary storage medium 1 10. If not, the process ends. If the storage medium used for authentication in step S702 is not a positive storage medium 1 10a (No in step S703), the management service device 130 is described in the user list of the certificate DB 132. Add the certificate (primary) of the user who owns the secondary storage medium 1 10 to the revocation list (step S704), delete the public key included in the certificate (primary), and then delete the certificate (secondary). The public key included is described as the public key included in the certificate (primary) (step S705), and then the public key included in the certificate (secondary) is deleted (step S706).
- the receiving unit 1312 performs data processing on the first storage medium 1 10 through the communication network, which is the Internet 140, from the communication terminal device 120 connected to the second storage medium 110. Receive a request.
- the authentication unit 133 connects the second storage medium 1 connected to the communication terminal device 120. 10 Authenticates whether ⁇ is valid.
- the certificate database 132 is stored in the second storage medium 1 10 ⁇ .
- the receiving unit 1312 receives from the communication terminal device 120 a request for registration of the third storage medium, which is a new storage medium, and the public key of the third storage medium, and the authentication unit 133 receives the communication terminal device.
- the certificate issuing unit 134 authenticates the public key of the third storage medium received by the receiving unit 1312.
- the certificate database 132 stores the validity of the public key of the third storage medium received by the receiving unit 1312 and the public key of the third storage medium issued by the certificate issuing unit 134. And a certificate that proves
- the newly purchased storage medium can be used in place of the lost storage medium 110 or storage medium 110/3.
- a specific method of registration in the management service device will be described with reference to the flowchart shown in FIG. In the following description, it is assumed that the positive storage medium 110 has been lost, and the newly purchased storage medium is registered as the storage medium 110 ⁇ .
- the user stores the generated public key and secret key in the storage medium 110 ⁇ (step S601).
- the public key and private key can be generated using a user's PC, for example.
- the user inputs a request for new registration of the storage medium 110 ⁇ from the input unit 124 of the communication terminal device 120 (step S602), and attaches the storage medium 110 ⁇ to the communication terminal device 120 (step S603).
- the communication terminal device 120 reads the public key stored in the storage medium 110 ⁇ into the storage unit 123 (step S604).
- the user removes the storage medium 110 ⁇ from the communication terminal apparatus 120, and attaches the storage medium 110 to the communication terminal apparatus 120 (step S605).
- the management service device 130 performs authentication using the method shown in FIG.
- step S606 determines whether or not the authentication is successful. If it is not determined to be successful (No in step S606), the registration of the storage medium 110 ⁇ cannot be continued, and the process ends. If it is determined that the communication has succeeded (in the case of step S606yes), the communication terminal apparatus 120 transmits the public key of the storage medium 110 ⁇ stored in the storage unit 123 to the management service apparatus 130 (step S607).
- the certificate issuing unit 134 of the management service device 130 creates a public key certificate for the storage medium 110 ⁇ (step S608).
- the management service device 130 stores the public key certificate of the storage medium 110 ⁇ created by the certificate issuing unit 134 as a certificate (secondary) in the user list of the certificate DB 132 (step S609).
- Management service device 130 certificate The certificate of the public key of the storage medium 1 10 ⁇ created by the issuing unit 134 is transmitted to the communication terminal device 120 (step S610).
- the communication terminal device 120 stores the certificate received from the management service device 130 in the storage unit 123 (step S61 1).
- the user removes the storage medium 1 10 ⁇ 3 from the communication terminal apparatus 120 and attaches the storage medium 1 10 ⁇ to the communication terminal apparatus 120 (step S612).
- the communication terminal device 120 writes the certificate stored in the storage unit 123 to the storage medium 110 ⁇ via the key access unit 1221 (step S613).
- the power of invalidating the storage medium and registering a new storage medium may be performed simultaneously.
- the execution order of the invalidation of the storage medium and the registration of the new storage medium may be performed first.
- the management service apparatus 130 receives an Internet connection from the communication terminal apparatus 120 connected to the second storage medium 1 10 ⁇ .
- the request for invalidation of the first storage medium 1 10 ⁇ is received via the communication network 140, and the second storage medium 1 10 ⁇ connected to the communication terminal device 120 is authenticated, If the validity is confirmed, the first storage medium 1 10 is deleted from the certificate database 132 based on the authority of the second storage medium 1 10 ⁇ , and the first storage medium 1 10 ⁇ is deleted.
- the body 1 10 can be disabled. As a result, the lost storage medium can be invalidated via the communication network which is the Internet 140.
- the management service apparatus 130 receives an Internet connection from the communication terminal apparatus 120 connected to the second storage medium 110b.
- the request for invalidation of the first storage medium 1 10 ⁇ is received via the communication network 140, and the second storage medium 1 10 ⁇ connected to the communication terminal device 120 is authenticated, If the validity is confirmed, the first storage medium 1 10 is deleted from the certificate database 132 based on the authority of the second storage medium 1 10 ⁇ , and the first storage medium 1 10 ⁇ is deleted.
- the ability to invalidate the body 1 10 a Based on the authority of the first storage medium 1 10 a, the second storage medium 1 10 cannot be invalidated.
- the management service device 130 receives the third storage medium ⁇ from the communication terminal device 120 connected to the second storage medium 110 ⁇ via the communication network that is the Internet 140.
- the second storage medium 1 10 connected to the communication terminal device 120 is authenticated, and the second storage medium 1 10 ⁇ is received. If it is confirmed that it is a legitimate storage medium, it issues a certificate that proves the validity of the public key of the third storage medium ⁇ based on its authority, and issues the public key and certificate of the third storage medium ⁇ .
- the management service device 130 includes a certificate that proves the validity of the public key of the first storage medium 110a and the public key of the first storage medium 110.
- the first storage medium 1 10 is stored in the certificate database 132 that stores the public key of the second storage medium 1 10 ⁇ and the certificate that verifies the validity of the public key of the second storage medium 1 10 ⁇ .
- Public key of a and first storage medium 1 10 Certificate proving the validity of public key of a, second storage medium 1 10 Public key of 10 ⁇ and second storage medium 1 10 ⁇ It is possible to register with a certificate that proves the validity of the key. This makes it possible to manage two storage media owned by one user at a time.
- the user has two storage media, and the user is authenticated by using the public key 'private key of one of these two storage media.
- the storage media reissue process can be performed online when the media is lost or stolen. Also, by invalidating a lost or stolen storage medium, it is possible to prevent third parties from using the lost storage medium illegally.
- the secondary storage medium can be used to disable the primary storage medium and the new storage medium can be registered, and the secondary storage medium can be used to disable the secondary storage medium and register the new storage medium. In the case where it is not possible to perform this operation, it is possible to prevent a third party who has illegally acquired the primary storage medium from invalidating the secondary storage medium and registering a new storage medium.
- Embodiment 2 In Embodiment 2 described below, data stored in a storage medium is received via the Internet, stored in a knock-up service device as backup data, and if the storage medium is lost, another storage An embodiment in which backup data is transmitted to a medium and restored will be described.
- FIG. 9 is a diagram showing a configuration of the key management system in the second embodiment.
- the configuration of the key management system according to the second embodiment is the same as the configuration of the key management system according to the first embodiment, but the data stored in the storage medium 110 is received via the Internet 140 and stored as backup data.
- a backup service device 710 is provided.
- the backup service device 710 includes a communication unit 711 that performs communication via the Internet 140, a backup unit 712 that stores data stored in the storage medium 110 transmitted from the communication terminal device 120, and the like. And a control unit 713 that controls the storage medium 110 and an authentication unit 714 that stores the public key using the public key certificate and authenticates the storage medium 110.
- Communication unit 711 includes transmission unit 7111 that transmits data to communication terminal device 120 or management service device 130, and reception unit 7112 that receives data from communication terminal device 120 or management service device 130.
- communication terminal apparatus 120 includes a timer unit 127 that starts a specified program at a specified time. It has a function of transmitting data in the storage medium to the backup service device 710.
- the backup program may be built in the communication terminal device 120 from the beginning, or may be stored in the storage medium 110.
- the receiving unit 7112 is connected to the first storage medium 110 ⁇ . Data stored in the first storage medium 110a and a request to store the data as backup data are received from the subsequent communication terminal device 120 via the communication network which is the Internet 140. In addition, the receiving unit 7112 receives a request for transmission of knock-up data from the communication terminal device 120 connected to the second storage medium 110 via the communication network which is the Internet 140.
- the authentication unit 714 performs communication. Authentication is performed as to whether or not the first storage medium 110a connected to the terminal device 120 is valid.
- the authentication unit 714 When the receiving unit 7112 receives a request for transmission of backup data from the communication terminal device 120 connected to the second storage medium 110 ⁇ , the authentication unit 714 is connected to the second terminal connected to the communication terminal device 120. Authentication is performed to determine whether or not the storage medium 110 j3 is valid. When the authentication unit 714 authenticates the first storage medium 110a connected to the communication terminal device 120 as a valid storage medium, the knock-up unit 712 receives the reception unit 7112. Data stored in the first storage medium 110a is stored as backup data. When the authentication unit 714 authenticates the second storage medium 110 ⁇ connected to the communication terminal device 120 as a valid storage medium, the transmission unit 7111 stores the backup data stored in the backup unit 712. Is transmitted to the communication terminal device 120 connected to the second storage medium 110 ⁇ via the communication network which is the Internet 140.
- the timer unit 127 of the communication terminal device 120 starts a backup program (step S801).
- the backup program started from the timer unit 127 reads the data to be backed up from the storage medium 110a (step S802).
- the data to be backed up may be, for example, only the difference from the previous backup or the entire data.
- the backup program started from the timer unit 127 transmits a backup request to the backup service device 710 (step S803).
- the backup service device 710 authenticates the storage medium 110a via the communication terminal device 120 (the authentication method will be described later), and determines whether the authentication has succeeded. Judgment is made (step S804). If it is not determined to be successful (No in step S804), the backup can be continued, but the process ends. If it is determined that the data is successful (yes in step S804), the backup program started from the timer unit 127 transmits the data to be backed up to the backup service device 710 (step S805).
- the backup service device 710 uses a public key infrastructure stored in the storage medium 110 and uses a public key infrastructure (PKI) mechanism to store the storage medium 1 10 connected to the communication terminal device 120. Is authenticated (step S901), and it is determined whether the authentication is successful (step S902). If it is not determined that the authentication is successful (No in step S902), the user is notified that the authentication has failed, and the process is terminated (step S903). If the backup service device 710 determines that it has succeeded (if yes in step S 902), the backup service device 710 checks the revocation status of the public key certificate stored in the storage medium 110 in the management service device 130, and the user ID. The acquisition is requested (step S904).
- PKI public key infrastructure
- the management service device 130 refers to the revocation list of the certificate DB 132, acquires the revocation status of the certificate (step S905), and determines whether or not the certificate has been revoked (step S906). If it expires, the user is notified and the process is terminated (step S903). If it has not been revoked, the management service device 130 refers to the user list in the certificate DB 132 and obtains the user ID for the user corresponding to the certificate (step S907). The management service device 130 transmits the user ID to the backup service device 710 (step S908). The knock-up service device 710 notifies the user of successful authentication (step S909).
- the method shown in FIG. 6 is used to authenticate the storage medium using the PKI mechanism in the specific authentication method performed by the backup service device 710 shown in FIG. Is the same.
- a specific method for restoring the data backed up in the backup service device 710 to the storage medium 1 10 ⁇ due to the loss of the storage medium 1 10a is shown in the flowchart shown in FIG. I will explain.
- the user requests the backup service device 710 to restore the backup data from the input unit 124 of the communication terminal device 120 (step S 1001).
- the backup service device 710 authenticates the storage medium 1 10 ⁇ connected to the communication terminal device 120 using the method shown in FIG. 11, and determines whether or not the authentication is successful (step S 1002). If it is determined that the user has succeeded (No in step S1002), the user is notified of the fact and the process is terminated.
- the backup service device 710 transmits backup data to the communication terminal device 120 (step S 1003).
- the communication terminal device 120 writes data in the storage medium 1 10/3 (step S 1004).
- the backup service device 710 includes the first storage medium 1 10 and the first storage medium 1 via the communication network which is the Internet 140 from the communication terminal device 120 connected to one person.
- 10 ⁇ receives the request for backup of the data stored in ⁇ , authenticates the first storage medium 110 connected to the communication terminal device 120, and uses the first storage medium 1 10a. When it is confirmed that the storage medium is valid, the data stored in the first storage medium 110 a received from the communication terminal device 120 can be stored. Thereby, it is possible to backup the data stored in the storage medium 110a to the backup service device 710.
- the backup service device 710 transmits backup data from the communication terminal device 120 connected to the second storage medium 1 10 i3 via the communication network, which is the Internet 140.
- the communication network which is the Internet 140.
- second storage medium 1 10 ⁇ connected to communication terminal apparatus 120 is authenticated, and second storage medium 1 10
- the backup data stored in the backup service device 710 can be transmitted to the communication terminal device 120.
- the backup data of the backup service device 710 can be restored to the storage medium 1 10 ⁇ .
- the data is restored to the second storage medium 110.
- the strength of authentication can be increased compared to the case where authentication is performed using a word.
- Embodiment 2 described above when authenticating a storage medium using the PKI mechanism, the public key stored in the storage medium and its certificate are transmitted to the backup service device.
- Embodiment 3 described below describes an embodiment in which the backup service device stores the public key from the beginning, and as a result, verification of the validity of the public key certificate is not required. To do.
- FIG. 13 is a diagram showing a configuration of the key management system in the third embodiment.
- the configuration of the key management system in the third embodiment is the same as the configuration of the key management system in the second embodiment. Although the management service device 130 actually exists, it is not shown here.
- the configuration of backup service device 710 in the third embodiment is a public key that stores the public key stored in storage medium 110 in addition to the configuration of backup service device 710 in the second embodiment.
- a DB 715 and an authentication unit 716 that authenticates the storage medium 110 using a public key are provided.
- the storage medium 110a and the storage medium 110 ⁇ each store only a unique secret key.
- the public key DB 715 stores a user list describing the correspondence between user IDs and public keys.
- FIG. 15 shows an example of a user list of the public key DB715.
- the user ID is an ID that uniquely identifies the user throughout the system.
- the public key (primary) is the public key of the primary storage medium 110a owned by the user
- the public key (secondary) is the public key of the secondary storage medium 110 ⁇ owned by the user.
- ⁇ ⁇ is the public storage medium of user ⁇ .
- Open key ⁇ ⁇ ⁇ represents the public key of the secondary storage medium of user ⁇ .
- Communication terminal device 120 transmits the user ID of the user who owns storage medium 110 to backup service device 710 (step S1401). ).
- the backup service device 710 checks whether the user ID received from the communication terminal device 120 exists in the user list of the public key DB 715 (step S 1402). If it does not exist (No in step S 1402), the backup service device 710 notifies the user that the authentication has failed and ends the processing (step S 1403).
- the backup service device 710 If it exists (if yes in step S 1402), the backup service device 710 generates a random number and transmits it to the communication terminal device 120 (step S1404). Communication terminal apparatus 120 encrypts the random number received from backup service apparatus 710 using the private key stored in storage medium 110 and transmits it to backup service apparatus 710 (step S1405). The backup service device 710 acquires the public key (primary) and the public key (secondary) corresponding to the user ID received in step S1402 from the public key DB 715 (step S1406). The backup service device 710 decrypts each encrypted random number received from the communication terminal device 120 using the acquired public key (primary) and public key (secondary) (step S1407).
- the backup service device compares the random number generated in step S 1404 with each of the two decrypted random numbers (step S 1408). (Step S1409). If the generated random number and the decrypted two random numbers do not match (No in step S 1409), the backup service device notifies the user that the authentication has failed and ends the processing ( Step S1403). If the generated random number matches the power of the two decoded random numbers (yes in step S1409), the backup service device 710 notifies the user that the authentication was successful (step S141 0). .
- the backup service device 710 authenticates the storage medium 110 by storing the public key of the storage medium 110 owned by the user
- the management service device 130 Verification of the public key certificate is not required.
- Embodiment 4 In the second embodiment and the third embodiment described above, the data stored in the storage medium is backed up to the backup service device in plain text.
- Embodiment 4 described below as shown in FIG. 17, the public key stored in the secondary storage medium is written in the positive storage medium ⁇ , and the data stored in the storage medium is stored using the public key.
- a description will be given of an embodiment in which a backup data is backed up to a backup service apparatus via a network and then the backup data is decrypted and restored to another storage medium.
- the configuration of the key management system in the fourth embodiment is the same as the configuration of the key management system in the second embodiment or the third embodiment.
- communication terminal apparatus 120 uses the public key of the second storage medium stored in the first storage medium in addition to the configuration in the second embodiment.
- An encryption unit 1281 for encrypting the target data and a decryption unit 1282 for decrypting the backup data using the secret key stored in the second storage medium are provided.
- first access medium 110 ⁇ in which key access unit 1221 stores a first public key, a first secret key corresponding to the first public key, and data. And the second storage medium 110 storing the second public key, the second secret key corresponding to the second public key, and the data, and the first storage medium 110 ⁇
- the first public key and the first private key are read out and the first public key and the first private key are written into the first storage medium 110 ⁇ , and the second storage is performed.
- the data access unit 1222 reads data from the first storage medium 110, writes data to the first storage medium 110, and reads data from the second storage medium 110 j3. Write data to media 110.
- the transmission unit 1211 transmits data, and the reception unit 1212 receives data.
- Communication terminal apparatus 120 further includes an encryption unit 1281 that encrypts data using the second public key.
- the first storage medium 110 stores the second public key of the second storage medium 110/3, and the key access unit 1221 reads the second public key of the first storage medium 110
- the data access unit 1222 reads the first storage medium 1 10 ⁇ force data
- the encryption unit 1281 uses the second public key to read the data read by the data access unit 1222 from the first storage medium 1 10
- the transmission unit 1211 transmits the data that the encryption unit 1281 receives.
- Communication terminal apparatus 120 further includes a decryption unit 1282 that decrypts data encrypted using the second secret key.
- the reception unit 1212 receives the encrypted data
- the key access unit 1221 reads the second storage medium 1 10/3 force, the second secret key
- the decryption unit 1282 receives the encrypted data received by the reception unit 1212.
- the data access unit 1222 writes the data decrypted by the decryption unit 1282 to the second storage medium 1 10 using the second secret key.
- the reception unit 71 12 receives the first storage medium 110 from the communication terminal device 120 connected to the first storage medium 1 10 ⁇ via the communication network that is the Internet 140.
- the data stored by a and the request to store the data as backup data are received.
- the authentication unit 714 authenticates whether or not the first storage medium 1 10 ⁇ connected to the communication terminal device 120 is valid.
- the knock-up unit 712 is received by the reception unit 71 12 Data stored in the first storage medium 1 10 ⁇ is stored as backup data.
- the backup data is encrypted using the public key of the second storage medium 1 10 by the communication terminal device 120 connected to the first storage medium 1 10 a.
- receiving unit 71 12 sends a request for transmission of backup data from communication terminal device 120 connected to second storage medium 1 10 ⁇ via the communication network which is the Internet 140. Receive.
- the authentication unit 714 is connected to the communication terminal device 120. Authenticates whether the second storage medium 1 10 is valid. Authentication unit 714 is connected to communication terminal device 120
- the transmission unit 7111 transmits the backup data stored in the backup unit 712 to the communication terminal connected to the second storage medium 110. Transmit to device 120 via the communication network, which is the Internet 140.
- the communication terminal device 120 stores the secret of the second storage medium 110 ⁇ . Decrypt using the key.
- a specific method for encrypting the data stored in the storage medium 110 and backing it up to the backup service device 710 will be described with reference to the flowchart shown in FIG.
- the timer unit 127 of the communication terminal device 120 activates the backup program (step S 1601).
- Backup program power Storage medium The data to be backed up in 110 is read (step S1602).
- Backup program power Storage medium 110 Storage medium 110 Data stored is encrypted using the public key of the storage medium 110 ⁇ (step S 1603).
- Backup Program Power A backup request is transmitted to the backup service device 710 via the Internet 140 (step S 1 604).
- the backup service device 710 that has received the backup request from the communication terminal device 120 authenticates the storage medium 110a connected to the communication terminal device using the method shown in FIG. 11 or FIG. 16, and the authentication is successful.
- step S 1605 It is determined whether or not (step S 1605). If it is determined that the operation has not succeeded (No in step S1605), the backup cannot be continued and the process is terminated. If it is determined that the backup is successful (if yes in step S 1605), the backup program transmits the encrypted backup data to the backup service device 710 via the Internet 140 (step S 1606).
- the user needs to restore the backup data from the input unit 124 of the communication terminal device 120.
- a request is input (step S1701).
- the backup service device 710 authenticates the storage medium 110 connected to the communication terminal device 120 using the method shown in FIG. 11 or FIG. 16, and determines whether or not the authentication is successful (step S 1702). If it is not determined to be successful (No in step S1702), the restoration cannot be continued and the process ends. If it is determined that the service is successful (step S1702: yes), the backup service device 710 transmits the backup data to the communication terminal device 120 via the Internet 140 (step S1703).
- the communication terminal device 120 that has received the backup data from the backup service device 710 decrypts the backup data using the secret key of the storage medium 110 ⁇ (step S1704).
- the communication terminal device 120 restores the decrypted data to the storage medium 110/3 (step S1705).
- data is encrypted using the public key of the storage medium 110 ⁇ when backing up.
- a temporary common key unique to the backup is generated, and the data to be backed up is generated using this, and the common key is further stored in the storage medium 110 ⁇ .
- the temporary common key is decrypted using the secret key of the storage medium 110, the backup data is decrypted using the decrypted common key, and written to the storage medium 110. It becomes.
- communication terminal apparatus 120 has first storage medium 110 storing a first public key, a first secret key corresponding to the first public key, and data.
- the key access unit 1221 is connected to one of the second storage medium 110 storing the second secret key and data corresponding to the second public key and the second public key. Read out the first public key and the first secret key and writes the first public key and the first secret key to the first storage medium 110.
- the data access unit 1222 reads data from the first storage medium 110, writes data to the first storage medium 110, and reads data from the second storage medium 110 ⁇ .
- communication terminal apparatus 120 further includes signature section 1281 for encrypting data using the second public key, and first storage medium 110 Since a stores the second public key of the second storage medium 110, the key access unit 1221 reads the second public key from the first storage medium 110, and the data access unit 1222 reads the data from the first storage medium 110, and the key 1281 encrypts the data read out by the data access unit 1222 using the second public key.
- the transmission unit 121 1 can transmit the data obtained by the encryption unit 1281.
- communication terminal apparatus 120 further includes decryption unit 1282 that decrypts the data encoded using the second secret key, so that reception unit 1212 has The key access unit 1221 reads the second secret key from the second storage medium 1 10, and the decryption unit 1282 receives the encrypted data received by the reception unit 1212.
- the data access unit 1222 can write the data decrypted by the decryption unit 1282 to the second storage medium 1 10 ⁇ using the second secret key.
- the communication terminal device 120 reads the connected first storage medium 1 1 ⁇ ⁇ force, reads the second public key, and connects the first storage medium 1 10.
- Read data of ⁇ force, first storage medium using read second public key 1 10 Encrypt read data of ⁇ force and send encrypted data to backup service device that stores backup data can do.
- the second storage medium 1 10 ⁇ is stored. It can be easily decrypted using the second secret key.
- the communication terminal device 120 uses the second public key stored in the second storage medium 1 10 ⁇ from the backup service device 710 storing the backup data.
- the first storage medium 1 10a that has been transferred is received, the second storage medium 1 10 ⁇ force that is connected, the second secret key is read, and the received backup data is read.
- the second storage medium 1 10 ⁇ is decrypted by using the second secret key, and the decrypted backup data of the first storage medium 1 10 a is stored in the connected second storage medium 1 10 ⁇ it can.
- the decrypted backup data stored in the up service device 710 is decrypted and stored in the second storage medium 110, whereby the lost data can be easily recovered.
- the backed up data is stored in the secret of the storage medium 110 ⁇ .
- Data other than the storage medium that stores the key cannot be decrypted, and it is possible to prevent data from being viewed illegally on the Internet 140, the backup service device 710, or the like.
- the data stored in the storage medium is encrypted and backed up.
- Embodiment 5 described below as shown in FIG. 21, the public key stored in the secondary storage medium is written to the primary storage medium, and the public key stored in the primary storage medium is stored in the secondary storage. After writing to the medium, the data stored in the storage medium is digitally signed together with the encryption, backed up to the backup service device via the network, and then the signature of the backup data is verified. An embodiment in which the data is restored to another storage medium after decryption will be described.
- the configuration of the key management system in the fifth embodiment is the same as the configuration of the key management system in the second embodiment or the third embodiment.
- communication terminal apparatus 120 uses a secret key stored in first storage medium 110 a in addition to the configuration in Embodiment 2, and stores data to be backed up.
- key access unit 1221 stores the first public key, the first secret key corresponding to the first public key, and the data stored in the first storage medium 110
- the second storage key 110/3 storing the second public key and the second secret key corresponding to the second public key and the data is connected to the first storage medium 110.
- Medium 110 ⁇ force Reading of second public key and second secret key
- the second public key and the second secret key are written to the second storage medium 1 10.
- the data access unit 1222 reads data from the first storage medium 1 10 ⁇ , writes data to the first storage medium 1 10 ⁇ , reads data from the second storage medium 1 10 ⁇ , and second data. Write data to the storage medium 1 10.
- the transmission unit 121 1 transmits data, and the reception unit 1212 receives data.
- the communication terminal device 120 further includes an electronic signature unit 1291 for electronically signing data using the first secret key, and the key access unit 1221 uses the first storage medium 1 10 for the first time.
- the private key is read, the data access unit 1222 reads the data from the first storage medium 110, and the electronic signature unit 1291 uses the first private key to make the data access unit 1222 the first storage medium 1 10
- the digital signature is applied to the data read from a, and the transmission unit 1211 transmits the data digitally signed by the electronic signature unit 1291.
- the communication terminal device 120 further includes a verification unit 1292 for verifying data digitally signed using the first public key, and the second storage medium 1 10 is the first storage medium 1. 10
- the first public key of ⁇ is stored, the receiving unit 1212 receives the digitally signed data, and the key access unit 1221 reads the first public key from the second storage medium 1 10 and verifies it.
- the unit 1292 verifies the data received by the receiving unit 1212 and received with the first public key.
- the receiving unit 7112 stores the first storage medium 1 10 ⁇ from the communication terminal device 120 connected to the first storage medium 1 10 ⁇ via the communication network which is the Internet 140. Data to be received and a request to store the data as backup data.
- the authentication unit 714 authenticates whether or not the first storage medium 110 connected to the communication terminal device 120 is valid.
- the backup unit 712 receives the first storage medium received by the reception unit 71 12. Storage media 1 10 Store memorized data as backup data.
- the backup data is digitally signed by the communication terminal device 120 connected to the first storage medium 1 10 ⁇ using the private key of the first storage medium 1 10 ⁇ .
- the receiving unit 7112 makes a request for transmission of backup data from the communication terminal device 120 connected to the second storage medium 1 10 j3 via the communication network which is the Internet 140. Receive.
- the authentication unit 714 is connected to the communication terminal device 120.
- Storage medium 1 10 Authenticates whether ⁇ is valid.
- the transmission unit 71 11 is stored in the backup unit 712. The backup data is transmitted to the communication terminal device 120 connected to the second storage medium 1 10/3 via the communication network which is the Internet 140.
- the communication terminal apparatus 120 uses the first storage medium 1 10 Verify using a's public key.
- the timer unit 127 of the communication terminal device 120 starts a backup program (step S 1901).
- Backup program force Storage medium 1 10 Reads data to be backed up from ⁇ force (step S 1902).
- Backup program power The data to be backed up is encrypted using the public key of the storage medium 1 10 ⁇ stored in the storage medium 1 10 ⁇ (step S 1903).
- Backup program power Storage medium 1 10 a stores the electronic signature on the backup target using the private key of storage medium 1 10 a (step S 1904).
- Backup Program Power A backup request is transmitted to the backup service device 710 via the Internet 140 (step S 1905).
- the backup service device 710 authenticates the storage medium 1 10 ⁇ connected to the communication terminal device 120 using the method of FIG. 11 or FIG.
- step S 1 906 determines whether or not the authentication is successful. If it is not judged successful (No in step SI 906), the backup cannot be continued and the process is terminated. If the backup program determines that it has succeeded (if yes in step S 1906), the backup program sends the data to be backed up with the digital signature to the backup service device 710 via the Internet 140. Transmit (step S 1 907).
- Storage media 1 10a A specific example in which backup data that has been encrypted and digitally signed by backup service device 710 cannot be used because it has been lost, etc., is decrypted by verifying the electronic signature and restored to storage medium 1 10 ⁇ The method will be described with reference to the flowchart shown in FIG. 24.
- the user inputs a restore request from the input unit 124 of the communication terminal device 120 (step S 2001).
- the communication terminal device 120 transmits a restore request to the backup service device 710 via the Internet 140, and the backup service device 710 uses the method shown in FIG. 11 or FIG.
- the storage medium 1 10 ⁇ to be connected is authenticated, and it is determined whether or not the authentication is successful (step S 2002).
- step S2002 If it is not determined to be successful (No in step S2002), the restoration cannot be continued and the process is terminated.
- knock-up service device 710 transmits backup data to communication terminal device 120 (step S2003).
- the communication terminal device 120 that has received the backup data from the backup service device 710 verifies the electronic signature using the public key of the storage medium 1 10 a (step S 2004), and whether or not the signature is valid. (Step S 2005). As a result of the verification, if it is not determined that the data has been properly created (No in step S 2005), the backup data has been tampered with or generated illegally. Without processing, the process is terminated.
- communication terminal device 120 decrypts the backup data using the secret key of storage medium 1 10 ⁇ (step S 2006).
- the communication terminal device 120 writes the decrypted backup data to the storage medium 110 ⁇ (step S 2007).
- communication terminal apparatus 120 has first storage medium 110 storing a first public key, a first secret key corresponding to the first public key, and data. It is connected to one of the second storage media 110/3, which stores the second secret key and data corresponding to the second public key and the second public key, and has key access.
- the unit 1221 reads the first public key and the first private key from the first storage medium 110 and writes the first public key and the first private key to the first storage medium 110.
- the second storage medium 110 ⁇ force reads the second public key and the second secret key, and reads the second public key and the second secret key to the second storage medium 110.
- the data access unit 1222 reads the data from the first storage medium 110, writes the data to the first storage medium 110, and writes the data to the second storage medium 110 ⁇ .
- Data reading and data writing to the second storage medium 110 j3 the transmission unit 1211 can transmit the data, and the reception unit 1212 can receive the data.
- communication terminal apparatus 120 further includes electronic signature unit 1291 for electronically signing data using the first secret key, so that key access unit 1221 has the first
- the first secret key is read out from the storage medium 110 ⁇
- the data access unit 1222 reads the data from the first storage medium 110 a
- the electronic signature unit 1291 uses the first secret key to access the data access unit.
- 1222 performs electronic signature on the data read out by the first storage medium 110 ⁇
- the transmission unit 1211 can transmit the data digitally signed by the electronic signature unit 1291.
- communication terminal apparatus 120 further includes verification unit 1292 for verifying the electronic signature data using the first public key, so that second storage medium 110 is provided.
- verification unit 1292 stores the first public key of the first storage medium 110 ⁇
- the receiving unit 1212 receives the electronically signed data
- the key access unit 1221 receives the second storage medium 110
- the verification unit 1292 can verify the digitally signed data received by the reception unit 1212 using the first public key.
- communication terminal apparatus 120 reads the first secret key from connected first storage medium 110, and from connected first storage medium 110. Data is read out, the read-out first private key is used to digitally sign the data read out from the first storage medium 110, and the digitally signed data is stored in the backup data storage. It can be transmitted to the up service device 710.
- the communication terminal device 120 receives the first secret key stored in the first storage medium 110a from the backup service device 710 that stores the knock-up data.
- the first storage medium that receives the backup data digitally signed using the first storage medium reads the first public key from the connected first storage medium 110, and uses the read first public key for the electronic signature
- the signature of the backup data of 110 ⁇ is verified, and the verified backup data of the first storage medium 110 can be stored in the connected second storage medium 110.
- the data is generated from the backup service device 710 by signing the data using the private key of the storage medium 110a and backed up. This means that the user is possessed, and data tampering on the communication network that is the Internet 140 or the backup service device 710 can be prevented.
- the storage medium stores a public key and a secret key generated externally in advance, and the communication terminal device reads the public key and the secret key from the storage medium. I was using it.
- the storage medium has a function for generating a public key and a private key, a function for performing encryption and decryption, and a function for performing electronic signature and verification, and a private key is received from the outside. An embodiment in the case where it is not necessary to read will be described.
- FIG. 25 is a diagram showing a configuration of the storage medium 110 according to the sixth embodiment.
- the storage medium 110 includes an input / output unit 111 that inputs and outputs data from the outside, a key generation unit 112 that generates a secret key and a public key corresponding to the secret key, and a public key.
- the decryption unit 114 to decrypt the data using the private key, and the signature part to digitally sign the data using the private key 115 includes a processing unit that is at least one of the verification unit 116 that verifies data digitally signed using a public key.
- the storage medium 110 has an area that cannot be read from the outside, and stores the secret key therein. That is, an external device or the like cannot read the secret key from the storage medium 110. Les.
- communication terminal apparatus 120 when decrypting an electronic signature using a private key, reads the private key from storage medium 110 and obtains the private key. Used decryption and digital signature.
- key generation unit 112 of storage medium 110 generates a secret key and a public key.
- the encryption unit 113 encrypts the data using the public key, and when decrypting the encrypted data, the encryption unit 113 decrypts the data.
- 114 decrypts the data encrypted using the secret key.
- the signature unit 115 performs digital signature on the data using the private key, and when the storage medium 110 verifies the digital signature of the data.
- the verification unit 116 verifies the data that has been digitally signed using the public key.
- the private key is stored in an area that cannot be read from the outside, and the public key is stored in an area that can be read from the outside.
- the communication terminal device 120 writes data to the storage medium 110 when the operation using the secret key is necessary without taking out the secret key generated by the storage medium 110 from the storage medium 110.
- encryption or decryption is performed inside the storage medium 110, and the communication terminal device 120 reads out the result.
- step S1904 of FIG. 23 the backup program uses the private key stored in the storage medium 110a to sign the data to be backed up.
- the processing is as shown in the flowchart in FIG.
- the backup program started from the timer unit 127 in the communication terminal device 120 creates a hash value of the data to be backed up (step S2401).
- the backup program requests a signature from the storage medium 110 using the created hash value as an argument (step S2402).
- the storage medium 110 performs electronic signature using the stored secret key, and the backup program reads the result (step S2403).
- the secret key must be released from the storage medium 110 to the outside.
- the storage medium 110 corresponds to the input of data from the outside by the input / output unit 111 and the output of the data to the outside, and the secret key and secret key from the key generation unit 112.
- the public key is generated and the data is encrypted and decrypted using the public key by the key 113
- Data decryption using the private key by the part 114, digital signature on the data using the private key by the signature part 115, and verification of the data by the electronic signature using the public key by the verification part 116 It is possible to execute at least one of the following.
- the storage medium 110 can prevent leakage of the secret key by preventing the secret key from being read from the outside.
- the storage medium 110 has a function of generating a public key and a secret key, a function of performing decryption and decryption, and a function of performing digital signature and verification, and an external
- the private key will not always leave the storage medium, and the integrity and confidentiality of the data can be improved.
- users do not need to hold PCs or other devices for key generation and management.
- Embodiment 6 described above has a function for a storage medium to generate a public key and a private key, a function to perform encryption and decryption, and a function to perform digital signature and verification, and reads the private key from the outside.
- the storage medium 110 when it is not necessary to output the data, in the seventh embodiment, in addition to the sixth embodiment described above, the storage medium 110 includes a data write / read, a public key and a secret key.
- the user who requested them is authenticated, and these are executed only when the user is confirmed to be valid. Will be described.
- FIG. 27 is a diagram showing a configuration of the storage medium 110 according to the seventh embodiment.
- the storage medium in the seventh embodiment further includes a user authentication unit 117 that authenticates whether or not the user of the storage medium is valid.
- the user authentication unit 117 authenticates the user as a valid user, the operation of the processing unit provided in the storage medium 110 is executed.
- the storage medium 110 executes the data writing and reading, the generation of the public key and the private key, the encryption and decryption, the electronic signature and the verification before executing them. Requests the user who requested authentication to enter authentication information.
- the authentication information may be, for example, a PIN (Personal Identification Number) or a feature amount of a fingerprint, but is not particularly limited here.
- Storage medium 110 stores Only when the authentication information matches the authentication information input by the user from the input unit 124 of the communication terminal device 120, the storage medium 110 executes the above-described function.
- the authentication information may be explicitly input by the user each time the function of the storage medium 110 is used, and depending on conditions such as a certain time or a certain number of times, the communication terminal
- the data may be stored in the storage unit 123 of the device 120, and the communication terminal device 120 may automatically pass it to the storage medium 110 once the user inputs it.
- the storage medium 110 further includes the user authentication unit 117 that authenticates whether or not the user of the storage medium 110 is authentic, thereby enabling user authentication.
- the unit 117 authenticates the user as a valid user, the operation of the processing unit included in the storage medium 110 can be executed.
- the security can be further improved. For example, even if the secondary storage medium 110 ⁇ that is normally used is not stolen, the third party cannot use it, so the secondary storage medium 110 ⁇ is used to replace the positive storage medium 110 a. Unauthorized use such as invalidation can be prevented.
- one user has two storage media 110 to prepare for loss.
- the number of storage media held by one user in the certificate DB 132 is set to two or more M, and M is held by N or less M.
- the management service device 130 includes a certificate database 132 that stores the public key of the storage medium 110 and a certificate that proves the validity of the public key, and the certificate database 132 discloses a plurality of storage media 110.
- a key and a certificate that proves the validity of a plurality of public keys are stored as a gnole, and the authentication unit 133 determines whether the storage medium 110 is valid using at least one public key belonging to the gnole.
- the storage medium 110 is authenticated as a storage medium belonging to a group.
- the certificate DB 132 of the management service device 130 holds two or more certificates for one user ID. Assuming that multiple users possess the storage medium 110 corresponding to these certificates as shown in FIG. 29, the “user” represented by the “user ID” is a virtual user. It is considered to be a gnorape sharing the same user ID.
- the user authentication operation in this embodiment is the same as in FIG. In FIG. 28, three users use a storage medium 110 corresponding to certificates, ⁇ , and ⁇ ⁇ ⁇ ⁇ , respectively.
- the backup device is accessed (step SI 101 to step SI 103).
- the backup service device 710 requests the management service device 130 to check the revocation status and obtain the user ID (step S1104). At this time, the certificate by the user, ⁇
- Y is sent from the backup service device 710 to the management service device 130
- the management service device 130 returns authentication failure or a user ID as a result of authentication (step S1105 or step S1108). At this time, the user ID “A” is returned to the backup service device for any user. If the certificate does not contain information that identifies the individual, the backup service device cannot identify the person other than the person who has the certificate. Anonymity can be ensured while performing authentication using the mechanism.
- the public key cannot be shared even if the public key is used as in the fourth embodiment, so that the public key is used when backing up to the backup service device. You cannot use the method of ⁇ using the. However, the same thing can be realized by having a public key and a private key for encryption that are shared by the group separately from the public and private keys used for authentication. The same applies to the signature in the fifth embodiment.
- the management service device 130 includes the certificate database 132 that stores the public key of the storage medium 110 and the certificate that proves the validity of the public key, and the certificate database 132. Stores a group of public keys of a plurality of storage media 110 and certificates that verify the validity of the plurality of public keys, and the authentication unit 133 uses at least one public key belonging to the group.
- the storage medium 110 is authenticated as to whether it is valid and the storage medium 110 is authenticated as a valid storage medium, the storage medium 110 is grouped. It can be authenticated that the storage medium belongs to.
- the key management system supports the first storage medium storing the certificate of the first public key corresponding to the first secret key and the first secret key, and the second secret key and the second secret key. Yes
- the second storage medium that stores the certificate for the second public key, the function to generate the first public key certificate and the second public key certificate, and the validity of the certificate Function and
- the first public key certificate and the second public key certificate are stored in pairs, and the first public key or the second public key is used to generate the electronic key generated using the corresponding private key.
- a management service device with the function of authenticating the user who is the owner of the first and second storage media by checking the validity of the signature, and the first or second storage medium are installed. Shi
- a terminal device having a function of authenticating a user who is the owner of the storage medium and a function of communicating with the management service device via the communication means may be provided.
- the management service device receives the invalidation request for the first storage medium by the user after authenticating the user using the second public key, the first public key If the authentication request for the first storage medium is subsequently received and authentication fails, or after the user is authenticated using the first public key, the second storage from the user The authentication may be failed when a request for revocation of the medium is received, the second public key is revoked, and an authentication request for the second storage medium is subsequently received.
- the management service stores these public keys in pairs, using the first public key as a positive public key and the second public key as a secondary public key, and uses the second storage medium as a copy.
- the first storage medium invalidation request is accepted only after user authentication and the second storage medium is invalidated by the user after user authentication is performed using the first storage medium. This request may not be accepted.
- the management service device authenticates the user using the second storage medium, and Receives the registration request for the third storage medium that stores the third public key and the third private key corresponding to the third public key, and receives the public key corresponding to the third private key from the user Generate a third public key certificate, store the received third public key as a pair with the second public key certificate and the third public key certificate, and Authentication may be successful if a public key certificate is sent to the user and thereafter a request for authentication using the third public key is received.
- a backup service device may be provided that receives and stores data from a user authenticated by the management service device, and transmits the data to the user when requested by the user later. ,.
- the first storage medium stores the second public key, and the data stored in the first storage medium is encrypted using the second public key stored in the first storage medium. Sent to the backup service device above, the backup service device stores the encrypted data, and the encrypted data that was later restored to the second storage medium must be decrypted using the second secret key. Therefore.
- the second storage medium stores the first public key, and uses the first secret key stored in the first storage medium to sign the data stored in the first storage medium.
- the signed data that has been sent to the backup service device, stored, and later restored to the second storage medium may be verified using the first public key.
- the first storage medium and the second storage medium have a function of generating a public key / private key pair, a function of encryption / decryption using the secret key, and a secret key can be taken out from the outside. Even if you have a function to prevent it, you can have it.
- the first storage medium and the second storage medium store or retrieve data, or generate a public / private key pair or encrypt using the private key. * When there is a request for decryption It is also possible to have a function to perform user authentication and store or retrieve data only when authentication is successful, or to generate a public / private key pair or perform encryption / decryption using the private key. Les.
- the public key certificate of the storage medium corresponding to one user managed by the management service device is an arbitrary number of two or more, and the plurality of storage media is equal to or less than the number of storage media. If an arbitrary number of users own one or more, the management service device can be regarded as one user and the user can use the service anonymously.
- FIG. 30 is a diagram illustrating a hardware configuration when the communication terminal device, the management service device, and the backup service device of the key management system described in the first to eighth embodiments are implemented using a computer. is there.
- Communication terminal device 120, management service device 130, and backup service device each include a CPU (Central Processing Unit) 911 that executes a program.
- the CPU911 is connected to the R0M913, RAM914, communication board 915, display device 901, keyboard (KZB) 902, mouse 903, FDD (Flexible Disk Drive) 904, magnetic disk device 920, CDD (Compact Disk) via the node 912. Drive) 905, printer device 906, and scanner device 907.
- CPU Central Processing Unit
- the RAM 914 is an example of a volatile memory.
- the ROM 913, the FDD 904, the CDD 905, and the magnetic disk device 920 are examples of nonvolatile memories. These are examples of the storage unit
- the communication board 915 is connected to a fax machine, telephone, LAN, and the like.
- the communication board 915, K / B902, FDD904, scanner device 907, etc. are examples of the input unit.
- the display device 901 is an example of a display unit.
- the magnetic disk device 920 stores an operating system (OS) 921, a window system 922, a program group 923, and a file group 924.
- the program group 923 is executed by the CPU 911, the OS 921, and the window system 922.
- the program group 923 stores a program for executing each function.
- the program is read and executed by CPU911.
- Each file is stored in the final group 924.
- the arrows in the flowcharts described in the above-described embodiments mainly indicate data input / output, and for the data input / output, the data is the magnetic disk device 920, FD (Flexible Disk), optical disk, CD (Compact Disk), MD (Mini Disk), DVD (Digital Versatile Disk), and other storage media. Alternatively, it is transmitted through a signal line or other transmission medium.
- the communication terminal device 120, the management service device 130, and the backup service device may be realized by firmware stored in the ROM 913. Alternatively, it may be implemented by software alone, hardware alone, a combination of software and hardware, or a combination of firmware.
- the program also depends on other storage media such as a magnetic disk device 920, FD (Flexible Disk), optical disk, CD (Compact Disk), MD (Mini Disk), and DVD (Digital Versatile Disk). It may be stored using a recording device.
- a magnetic disk device 920 FD (Flexible Disk), optical disk, CD (Compact Disk), MD (Mini Disk), and DVD (Digital Versatile Disk). It may be stored using a recording device.
- FIG. 1 is a diagram showing a configuration of a key management system in a first embodiment.
- FIG. 2 is a diagram showing a secret key stored in a primary storage medium and a secondary storage medium and a public key corresponding to the secret key.
- FIG. 3 is a diagram showing an example of a user list stored in a certificate DB in the first embodiment.
- FIG. 4 is a flowchart showing a specific method for invalidating the storage medium in the first embodiment.
- FIG. 5 is a flowchart showing a specific method of authentication in the first embodiment.
- FIG. 6 is a flowchart showing a specific authentication method using the PKI mechanism in the first embodiment.
- FIG. 7 When the primary storage medium in the first embodiment is lost, the secondary storage medium can invalidate the primary storage medium, but the primary storage medium invalidates the secondary storage medium. It is a flowchart showing a specific method that cannot be performed.
- FIG. 8 is a flowchart showing a specific method for registering a new storage medium in the management service device in the first embodiment.
- FIG. 9 is a diagram showing a configuration of a key management system in the second embodiment.
- FIG. 10 is a flowchart showing a specific method for backing up data in a storage medium in the second embodiment. 11] This is a flowchart showing a specific method of authentication performed by the backup service device in the second embodiment.
- FIG. 12 is a flowchart showing a specific method for restoring data backed up in the backup service device in the second embodiment to a storage medium.
- FIG. 13 A diagram showing a configuration of a key management system according to the third embodiment.
- FIG. 15 An example of a user list stored in the public key DB in the third embodiment.
- FIG. 16 is a flowchart showing an authentication method in the third embodiment.
- FIG. 17 is a diagram of writing the public key stored in the secondary storage medium in the fourth embodiment to the positive storage medium.
- FIG. 18 A diagram showing a configuration of a key management system according to the fourth embodiment.
- FIG. 19 A flowchart showing a specific method for encrypting data stored in the storage medium in Embodiment 4 and backing it up to a backup service device.
- FIG. 20 is a flowchart showing a specific method for decrypting the encrypted backup data of the backup service device and restoring it to the storage medium.
- FIG. 21 A diagram in which the public key stored in the secondary storage medium in the fifth embodiment is written in the primary storage medium, and the public key stored in the primary storage medium is written in the secondary storage medium.
- FIG. 22 A diagram showing a configuration of a key management system in the fifth embodiment.
- G. 23 is a flowchart showing a specific method for performing an electronic signature and a signature on the data stored in the storage medium in the fifth embodiment and backing up to the backup service device.
- FIG. 24 is a flowchart showing a specific method for verifying the electronic signature of the backup data that has been encrypted and electronically signed by the backup service device in the fifth embodiment, decrypting it, and restoring it to the storage medium.
- FIG. 25] is a diagram showing a configuration of a storage medium in the sixth embodiment.
- FIG. 26 is a flowchart showing a signature for data to be backed up in the sixth embodiment.
- FIG. 27 shows a structure of a storage medium in the seventh embodiment.
- FIG. 28 is a diagram showing an example of a user list stored in the certificate DB in the eighth embodiment.
- FIG. 29 is a diagram showing a use form when a plurality of users possess the storage medium in the eighth embodiment.
- FIG. 30 is a diagram illustrating a hardware configuration when the communication terminal device, the management service device, and the backup service device in each embodiment are realized using a computer. Explanation of symbols
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Quality & Reliability (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Storage Device Security (AREA)
Abstract
Description
Claims
Priority Applications (4)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US11/660,105 US20080260156A1 (en) | 2004-08-19 | 2004-08-19 | Management Service Device, Backup Service Device, Communication Terminal Device, and Storage Medium |
PCT/JP2004/011883 WO2006018874A1 (ja) | 2004-08-19 | 2004-08-19 | 管理サービス装置、バックアップサービス装置、通信端末装置及び記憶媒体 |
CN200480043612.3A CN1989493A (zh) | 2004-08-19 | 2004-08-19 | 管理服务装置、备份服务装置、通信终端装置和存储介质 |
EP04771844A EP1783614A4 (en) | 2004-08-19 | 2004-08-19 | ADMINISTRATION SERVICE SETUP, BACKUP SERVICE SETUP, COMMUNICATION TERMINAL AND STORAGE MEDIUM |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
PCT/JP2004/011883 WO2006018874A1 (ja) | 2004-08-19 | 2004-08-19 | 管理サービス装置、バックアップサービス装置、通信端末装置及び記憶媒体 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2006018874A1 true WO2006018874A1 (ja) | 2006-02-23 |
Family
ID=35907271
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/JP2004/011883 WO2006018874A1 (ja) | 2004-08-19 | 2004-08-19 | 管理サービス装置、バックアップサービス装置、通信端末装置及び記憶媒体 |
Country Status (4)
Country | Link |
---|---|
US (1) | US20080260156A1 (ja) |
EP (1) | EP1783614A4 (ja) |
CN (1) | CN1989493A (ja) |
WO (1) | WO2006018874A1 (ja) |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR101054821B1 (ko) | 2006-07-14 | 2011-08-05 | 엘지전자 주식회사 | Ota 데이터의 백업을 지원하는 이동통신단말기의 초기화방법 및 이동통신단말기 |
US8051471B2 (en) * | 2006-10-30 | 2011-11-01 | Fuji Xerox Co., Ltd. | Information processing device, information processing system, computer data signal, computer readable medium, and information processing method |
CN101727603B (zh) * | 2008-10-14 | 2013-05-08 | 索尼株式会社 | 信息处理装置、用于切换密码的方法以及程序 |
WO2015041139A1 (ja) * | 2013-09-19 | 2015-03-26 | ソニー株式会社 | 情報処理装置、情報処理方法及びコンピュータプログラム |
Families Citing this family (27)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8156339B2 (en) * | 2004-07-21 | 2012-04-10 | Sanyo Electric Co., Ltd. | Method for transmission/reception of contents usage right information in encrypted form, and device thereof |
US8042172B1 (en) * | 2006-02-02 | 2011-10-18 | Emc Corporation | Remote access architecture enabling a client to perform an operation |
GB2438452B (en) * | 2006-05-24 | 2010-12-15 | Nokia Corp | Portable telecommunications apparatus |
US20080016127A1 (en) * | 2006-06-30 | 2008-01-17 | Microsoft Corporation | Utilizing software for backing up and recovering data |
JP2008054090A (ja) * | 2006-08-25 | 2008-03-06 | Matsushita Electric Ind Co Ltd | 制御装置 |
JP4356775B2 (ja) * | 2007-06-11 | 2009-11-04 | コニカミノルタビジネステクノロジーズ株式会社 | 画像形成装置、画像形成装置における使用および使用量管理方法、および画像形成システム |
JP4564044B2 (ja) | 2007-12-27 | 2010-10-20 | 株式会社日立製作所 | 電子機器サービス・システム |
US8781528B2 (en) * | 2007-12-31 | 2014-07-15 | The Invention Science Fund I, Llc | Automatic mobile device backup |
US8631217B2 (en) * | 2008-02-26 | 2014-01-14 | International Business Machines Corporation | Apparatus, system, and method for virtual machine backup |
US8869252B2 (en) * | 2008-05-19 | 2014-10-21 | Nokia Corporation | Methods, apparatuses, and computer program products for bootstrapping device and user authentication |
TW201121280A (en) * | 2009-12-10 | 2011-06-16 | Mao-Cong Lin | Network security verification method and device and handheld electronic device verification method. |
US9667626B2 (en) | 2010-01-27 | 2017-05-30 | Keypasco Ab | Network authentication method and device for implementing the same |
KR101320618B1 (ko) * | 2010-12-21 | 2013-10-23 | 주식회사 케이티 | 스마트키 관리 방법 및 장치 |
US20140189362A1 (en) * | 2011-08-31 | 2014-07-03 | Thomson Licensing | Method for a secured backup and restore of configuration data of an end-user device, and device using the method |
EP2680487B1 (en) * | 2012-06-29 | 2019-04-10 | Orange | Secured cloud data storage, distribution and restoration among multiple devices of a user |
JP5967822B2 (ja) | 2012-10-12 | 2016-08-10 | ルネサスエレクトロニクス株式会社 | 車載通信システム及び装置 |
CN103546555A (zh) * | 2013-10-21 | 2014-01-29 | 张力军 | 用于移动终端的数据管理方法及其*** |
CN104699559B (zh) * | 2013-12-04 | 2019-03-26 | 腾讯科技(深圳)有限公司 | 分布式数据备份方法和*** |
JP2017092722A (ja) * | 2015-11-11 | 2017-05-25 | 直人 ▲高▼野 | ファイルの送受信システム |
US11190504B1 (en) * | 2017-05-17 | 2021-11-30 | Amazon Technologies, Inc. | Certificate-based service authorization |
US10437524B2 (en) | 2017-10-12 | 2019-10-08 | Nxp B.V. | PUF based boot-loading for data recovery on secure flash devices |
JP6603970B2 (ja) * | 2018-03-20 | 2019-11-13 | 本田技研工業株式会社 | 電子キー管理装置、電子キー管理システム、電子キー管理方法、およびプログラム |
JP6952661B2 (ja) * | 2018-08-30 | 2021-10-20 | 株式会社東芝 | 情報処理装置、通信機器、情報処理システム、情報処理方法、および情報処理プログラム |
JP6941132B2 (ja) * | 2019-03-26 | 2021-09-29 | 本田技研工業株式会社 | 入力情報管理システム |
US11146389B2 (en) * | 2019-09-04 | 2021-10-12 | Dell Products L.P. | Method and apparatus for ensuring integrity of keys in a secure enterprise key manager solution |
US11822686B2 (en) * | 2021-08-31 | 2023-11-21 | Mastercard International Incorporated | Systems and methods for use in securing backup data files |
US11528130B1 (en) * | 2022-06-04 | 2022-12-13 | Uab 360 It | Stateless system to protect data |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2000268137A (ja) * | 1999-03-16 | 2000-09-29 | Hitachi Ltd | 記録媒体バックアップ方法及びその実施装置 |
JP2002245427A (ja) * | 2001-02-20 | 2002-08-30 | Toshiba Corp | Icカード、icカード端末装置およびicカード複製方法 |
JP2003233775A (ja) * | 2002-02-08 | 2003-08-22 | Hitachi Ltd | Icカード情報管理装置 |
JP2004220175A (ja) * | 2003-01-10 | 2004-08-05 | Seiko Epson Corp | 情報カード、情報カード用装着装置、情報カード装置、情報カード処理装置及び情報カード処理方法 |
Family Cites Families (17)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
UA41387C2 (uk) * | 1994-01-13 | 2001-09-17 | Сертко, Інк | Спосіб установлення вірогідного перевірюваного зв'язку, спосіб захищеного зв'язку, спосіб оновлення мікропрограмного забезпечення, спосіб здійснення шифрованого зв'язку та спосіб надання перевіреному на справжність пристрою права на проведення електронної транзакції |
USH1794H (en) * | 1994-02-08 | 1999-04-06 | At&T Corp. | Secure money transfer techniques using hierarchical arrangement of smart cards |
IL111151A (en) * | 1994-10-03 | 1998-09-24 | News Datacom Ltd | Secure access systems |
US5629508A (en) * | 1994-12-02 | 1997-05-13 | American Card Technology, Inc. | Dual smart card access control electronic data storage and retrieval system and methods |
US6112985A (en) * | 1996-03-07 | 2000-09-05 | Siemens Aktiengesellschaft | License-card-controlled chip card system |
US6513117B2 (en) * | 1998-03-04 | 2003-01-28 | Gemstar Development Corporation | Certificate handling for digital rights management system |
US20020124176A1 (en) * | 1998-12-14 | 2002-09-05 | Michael Epstein | Biometric identification mechanism that preserves the integrity of the biometric information |
US6574733B1 (en) * | 1999-01-25 | 2003-06-03 | Entrust Technologies Limited | Centralized secure backup system and method |
JP4054535B2 (ja) * | 2001-01-19 | 2008-02-27 | 株式会社日立製作所 | Icカード・サービス提供方法、カード端末機、及びicカード |
JPWO2002080447A1 (ja) * | 2001-03-29 | 2004-07-22 | ソニー株式会社 | 情報処理装置 |
JP2003016397A (ja) * | 2001-04-23 | 2003-01-17 | Sony Corp | データ処理システム、メモリデバイス、データ処理装置、およびデータ処理方法、並びにプログラム |
US7165718B2 (en) * | 2002-01-16 | 2007-01-23 | Pathway Enterprises, Inc. | Identification of an individual using a multiple purpose card |
US7165154B2 (en) * | 2002-03-18 | 2007-01-16 | Net Integration Technologies Inc. | System and method for data backup |
GB2396707B (en) * | 2002-10-17 | 2004-11-24 | Vodafone Plc | Facilitating and authenticating transactions |
JP2004234632A (ja) * | 2003-01-06 | 2004-08-19 | Sony Corp | 認証システム、認証サーバ、認証方法、認証プログラム、端末、認証要求方法、認証要求プログラム、及び記憶媒体 |
US20070226793A1 (en) * | 2004-05-28 | 2007-09-27 | Matsushita Electric Industrial Co., Ltd. | Parent-Child Card Authentication System |
US20050283662A1 (en) * | 2004-06-21 | 2005-12-22 | Li Yi Q | Secure data backup and recovery |
-
2004
- 2004-08-19 CN CN200480043612.3A patent/CN1989493A/zh active Pending
- 2004-08-19 US US11/660,105 patent/US20080260156A1/en not_active Abandoned
- 2004-08-19 EP EP04771844A patent/EP1783614A4/en not_active Withdrawn
- 2004-08-19 WO PCT/JP2004/011883 patent/WO2006018874A1/ja active Application Filing
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2000268137A (ja) * | 1999-03-16 | 2000-09-29 | Hitachi Ltd | 記録媒体バックアップ方法及びその実施装置 |
JP2002245427A (ja) * | 2001-02-20 | 2002-08-30 | Toshiba Corp | Icカード、icカード端末装置およびicカード複製方法 |
JP2003233775A (ja) * | 2002-02-08 | 2003-08-22 | Hitachi Ltd | Icカード情報管理装置 |
JP2004220175A (ja) * | 2003-01-10 | 2004-08-05 | Seiko Epson Corp | 情報カード、情報カード用装着装置、情報カード装置、情報カード処理装置及び情報カード処理方法 |
Non-Patent Citations (2)
Title |
---|
NAKAYAMA T.: "UNIX no Dogubako 21 SSH.", UNIX MAGAZINE., vol. 18, no. 7, 1 July 2003 (2003-07-01), pages 87 - 101, XP002995007 * |
See also references of EP1783614A4 * |
Cited By (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR101054821B1 (ko) | 2006-07-14 | 2011-08-05 | 엘지전자 주식회사 | Ota 데이터의 백업을 지원하는 이동통신단말기의 초기화방법 및 이동통신단말기 |
US8060061B2 (en) | 2006-07-14 | 2011-11-15 | Lg Electronics Inc. | Mobile communication terminal and method for initializing the mobile communication terminal using an over-the-air (OTA) data backup |
US8051471B2 (en) * | 2006-10-30 | 2011-11-01 | Fuji Xerox Co., Ltd. | Information processing device, information processing system, computer data signal, computer readable medium, and information processing method |
CN101727603B (zh) * | 2008-10-14 | 2013-05-08 | 索尼株式会社 | 信息处理装置、用于切换密码的方法以及程序 |
WO2015041139A1 (ja) * | 2013-09-19 | 2015-03-26 | ソニー株式会社 | 情報処理装置、情報処理方法及びコンピュータプログラム |
JPWO2015041139A1 (ja) * | 2013-09-19 | 2017-03-02 | ソニー株式会社 | 情報処理装置、情報処理方法及びコンピュータプログラム |
US10587607B2 (en) | 2013-09-19 | 2020-03-10 | Sony Corporation | Information processing apparatus and information processing method for public key scheme based user authentication |
Also Published As
Publication number | Publication date |
---|---|
EP1783614A1 (en) | 2007-05-09 |
CN1989493A (zh) | 2007-06-27 |
US20080260156A1 (en) | 2008-10-23 |
EP1783614A4 (en) | 2009-03-25 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2006018874A1 (ja) | 管理サービス装置、バックアップサービス装置、通信端末装置及び記憶媒体 | |
US6938157B2 (en) | Distributed information system and protocol for affixing electronic signatures and authenticating documents | |
CN100401669C (zh) | 用于数据供应、交易和电子投票的方法和*** | |
JP5423088B2 (ja) | 集積回路、暗号通信装置、暗号通信システム、情報処理方法、及び暗号通信方法 | |
TWI267280B (en) | Method for encryption backup and method for decryption restoration | |
US7243238B2 (en) | Person authentication system, person authentication method, information processing apparatus, and program providing medium | |
US7484246B2 (en) | Content distribution system, content distribution method, information processing apparatus, and program providing medium | |
KR101863953B1 (ko) | 전자 서명 서비스 시스템 및 방법 | |
US8499147B2 (en) | Account management system, root-account management apparatus, derived-account management apparatus, and program | |
US7287158B2 (en) | Person authentication system, person authentication method, information processing apparatus, and program providing medium | |
CN101395625A (zh) | 身份盗用的缓解 | |
US11128604B2 (en) | Anonymous communication system and method for subscribing to said communication system | |
US20040250076A1 (en) | Personal authentication device and system and method thereof | |
KR19990022451A (ko) | 다단계 디지털 서명 방법 및 시스템 | |
CN111475836B (zh) | 一种基于联盟区块链的档案管理方法及装置 | |
SE502424C2 (sv) | Metod och anordning vid certifikathanteringssystem | |
KR20010052105A (ko) | 생체 측정 데이터를 이용한 암호키 발생 | |
EP3031001A1 (en) | Secure data storage | |
JP7114078B2 (ja) | 電子認証方法及びプログラム | |
WO2022004854A1 (ja) | 利用者端末、認証者端末、登録者端末、管理システムおよびプログラム | |
JP2018133739A (ja) | 秘密鍵複製システム、端末および秘密鍵複製方法 | |
JP2007110175A (ja) | 管理サービス装置、バックアップサービス装置、通信端末装置及び記憶媒体 | |
EP0808535A1 (en) | Electronic negotiable documents | |
JP4058035B2 (ja) | 公開鍵基盤システム及び公開鍵基盤方法 | |
JP2003224554A (ja) | 通信接続システム、方法、プログラム及び電子投票システム |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AK | Designated states |
Kind code of ref document: A1 Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BW BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE EG ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NA NI NO NZ OM PG PH PL PT RO RU SC SD SE SG SK SL SY TJ TM TN TR TT TZ UA UG US UZ VC VN YU ZA ZM ZW |
|
AL | Designated countries for regional patents |
Kind code of ref document: A1 Designated state(s): BW GH GM KE LS MW MZ NA SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IT LU MC NL PL PT RO SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
WWE | Wipo information: entry into national phase |
Ref document number: 200480043612.3 Country of ref document: CN |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2004771844 Country of ref document: EP |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
WWP | Wipo information: published in national office |
Ref document number: 2004771844 Country of ref document: EP |
|
WWE | Wipo information: entry into national phase |
Ref document number: 11660105 Country of ref document: US |
|
NENP | Non-entry into the national phase |
Ref country code: JP |