JP2002009762A - Information processing system, information processing method, information processing apparatus, and program providing medium - Google Patents

Abstract

(57) [Problem] To provide an information processing system capable of reducing the possibility of leakage of confidential information and enabling data transfer to a rental PC and data editing. SOLUTION: When uploading an environment in which a user previously encrypts data such as an environment used on his / her PC or a file to be used on a business trip with an encryption key based on a password, and further transmits the data to a server via a network. Then, the mutual authentication between the PC and the server is executed, and the upload is performed on condition that the authentication is successful. Further, when transmitting encrypted data from the server to the rental PC, the server performs mutual authentication between the server and the rental PC, and then downloads the data. In the server, management is performed by a rental PC management database in which identifiers of rental PCs are associated with pointers to reservation data, download or upload data.

Description

DETAILED DESCRIPTION OF THE INVENTION

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to an information processing system, an information processing method, an information processing apparatus, and a program providing medium, and more particularly to an environment used by a user in an information processing apparatus such as a personal computer (PC). When data is used in another device, encryption processing of transfer data and authentication processing between transfer devices are executed, and the rental PC can be safely and safely removed, that is, by eliminating the possibility of information leakage to a third party. The present invention relates to an information processing system, an information processing method, an information processing apparatus, and a program providing medium that provide a usable environment.

[0002]

2. Description of the Related Art In recent years, personal computers (PCs)
However, those that have become smaller, lighter, and portable have become popular. For example, in order to carry out work using a PC even on a business trip, it is increasing that a notebook PC is brought to the business trip. In addition, for users who do not bring their own PCs, some hotels, conference halls, and the like lend PCs owned by the conference halls to users so that the PCs can be used freely.

[0003]

The PC lending system allows the user to execute various data processing on the lending PC. However, if you rent a PC rented at a hotel or conference hall and use it,
Environments such as key settings and shortcut settings in C are default or used by previous users, and are often not familiar and easy to use.

Further, some users have rushed to a hotel, a conference hall, or the like, for example, by revising or printing materials immediately before a presentation at a conference, such as by using data used at a workplace before a business trip. In some cases, it is desired to perform processing using a so-called rental PC. However, since the borrowed PC does not contain its own data, necessary data (files) must be brought to the PC by itself.

[0005] In addition, it is not known whether the borrowed PC is safe or not. For example, data used by the user is stored in secret on a recording medium inaccessible to the user, and the user returns the PC. It is very difficult for the user to confirm whether or not the user's data stored in the recording medium will be stolen after that. Unnecessarily using a rental PC increases the risk of leaking confidential information to a third party.
If the data handled above is highly confidential information, use of the rental PC is hesitant.

The present invention solves various problems in a rental PC (rental PC) which is assumed to be used by an unspecified user as described above, and is easy to use by a user.
It is another object of the present invention to provide an information processing apparatus and an information processing method capable of reducing a fear of information leakage. Specifically, the user securely transmits in advance the data such as the environment used by his / her PC and the file to be used to the server via the network, and then uses the rental PC to securely transmit the data from the server. An object is to provide an information processing system, an information processing method, an information processing device, and a program providing medium having a system for extracting data.

[0007]

SUMMARY OF THE INVENTION A first aspect of the present invention is as follows.
In an information processing system including a plurality of information processing apparatuses connectable to a server having data storage means, the plurality of information processing apparatuses include a rental information processing apparatus lent to an unspecified number of persons, and the rental information processing apparatus includes Each of the plurality of information processing devices connectable to the server includes a mutual authentication process with the server, an encryption key generation process based on a user input password, and a data encryption process and a decryption process based on the generated encryption key. A cryptographic processing unit that performs encryption by a cryptographic key generated based on a password input to the information processing device, on condition that the mutual authentication process between the information processing device connectable to the server and the server is successful. Uploading the uploaded data to the server, storing the uploaded encrypted data in a data storage unit of the server, Serial condition the success of the mutual authentication process between rental information processing apparatus and the server, to download the uploaded encrypted data stored in the data storage means of the server to the rental information processing apparatus,
An information processing system for generating an encryption key based on the same password as the password in the rental information processing apparatus, and executing a download data decryption process based on the generated encryption key; It is in.

Further, in one embodiment of the information processing system of the present invention, the server performs a process of downloading the encrypted encrypted data stored in the data storing means to the rental information processing apparatus, and performs a process of downloading the encrypted encrypted data to the rental information processing apparatus. The automatic download process is executed before the use start time based on the use start time information of the rental information processing device received from the transmission source information processing device.

Further, in one embodiment of the information processing system of the present invention, the server has a rental information processing device management database, and the rental information processing device management database has an identifier of the rental information processing device and rental information. The data from the server to the rental information processing apparatus, including the identifier of the information processing apparatus of the use request source of the processing apparatus, the use start time, the use end time, and the pointer information of the encrypted data stored in the data storage means. At the time of transmission, it is characterized in that corresponding data is extracted from the data storage means and transmitted according to the pointer information.

Further, in one embodiment of the information processing system of the present invention, the server has a rental information processing device management database, and the rental information processing device management database has an identifier of the rental information processing device and rental information. As the identifier of the information processing device of the use request source of the processing device, and the pointer information of the encrypted data stored in the data storage device, the information is stored in the storage device of the data received from the information processing device of the use request source of the rental information processing device. A request for use of the rental information processing apparatus or the rental information processing apparatus, including pointer information and pointer information in a storage unit of data received as return data from the rental information processing apparatus, extracting data according to the respective pointer information. Data transmission to the original information processing device Characterized in that it is configured to perform.

Further, in one embodiment of the information processing system of the present invention, the server has a configuration in which mutual authentication processing between the plurality of information processing apparatuses connectable to the server is performed by a public key method. A revocation list signed by the key issuing organization, or a list of valid information processing devices whose private keys are not exposed, with the list of identifiers of the information processing devices to which the secret key of the information processing device has been exposed. A registration list signed by a key issuing organization, and the identifier received from the information processing device is not recorded in the revocation list, or is recorded in the registration list. It is configured to perform a mutual authentication process by executing any confirmation that That.

Further, in one embodiment of the information processing system of the present invention, the data to be encrypted with an encryption key generated based on a password input to the information processing apparatus and uploaded to the server include data to be edited and data to be used. Encrypted data that includes environment setting data and is encrypted with the encryption key is linked data of editing target data and use environment setting data.

Further, in one embodiment of the information processing system of the present invention, the information processing apparatus generates the rental information processing apparatus based on a password input to the rental information processing apparatus on condition that the mutual authentication processing between the rental information processing apparatus and the server is successful. Uploading the data encrypted with the encrypted encryption key to the server, storing the uploaded encrypted data in a data storage unit of the server, and subjecting the information processing apparatus and the server to a successful mutual authentication process, The upload encrypted data stored in the data storage unit of the server is downloaded to the information processing device, and the information processing device generates an encryption key based on the same password as the password, and generates an encryption key based on the generated encryption key. And a structure for executing a download data decryption process.

Further, in one embodiment of the information processing system of the present invention, the rental information processing device executes an upload process of the encrypted data to the server, and on condition that the upload process ends.
The rental information processing apparatus is characterized by having a configuration for executing a process of deleting data stored in a storage medium.

Further, in one embodiment of the information processing system according to the present invention, the rental information processing apparatus includes a data processing apparatus for setting up a connection to the server.
It is characterized by having a configuration for starting an upload process.

Further, a second aspect of the present invention is an information processing method in an information processing system including a plurality of information processing apparatuses including a rental information processing apparatus rented to an unspecified number connectable to a server having data storage means. Performing a mutual authentication process between the information processing device connectable to the server and the server; and a cryptographic key generated based on a password input to the information processing device on condition that the authentication process succeeds. Uploading the encrypted data to the server, storing the uploaded encrypted data in a data storage unit of the server, and performing a mutual authentication process between the rental information processing apparatus and the server; The condition stored in the data storage means of the server is conditional on the success of the authentication process. Downloading the encrypted encrypted data to the rental information processing apparatus; and generating a cryptographic key based on the same password as the password in the rental information processing apparatus; Executing a decoding process.

Further, in one embodiment of the information processing method of the present invention, in the information processing method, the server performs download processing of the upload encrypted data stored in the data storage means to the rental information processing apparatus. The automatic download process is performed before the use start time based on the use start time information of the rental information processing device received from the transmission source information processing device of the encrypted data.

Further, in one embodiment of the information processing method according to the present invention, the server includes an identifier of the rental information processing apparatus, an identifier of the information processing apparatus requesting use of the rental information processing apparatus, use start time, and use end. A rental information processing device management database including a time and pointer information of the encrypted data stored in the data storage means, and when transmitting data from a server to the rental information processing device, the data is stored in accordance with the pointer information. It is characterized in that corresponding data is extracted from the storage means and transmitted.

Further, in one embodiment of the information processing method of the present invention, the server includes an identifier of the rental information processing apparatus, an identifier of the information processing apparatus that has requested use of the rental information processing apparatus, and the data storage unit. The pointer information of the data received from the information processing apparatus requesting use of the rental information processing apparatus and the pointer information of the data received as return data from the rental information processing apparatus are stored as pointer information of the encrypted data stored in the rental information processing apparatus. Means for managing the rental information processing apparatus including pointer information in the means, wherein the server extracts data in accordance with the respective pointer information, and the rental information processing apparatus or the information processing apparatus of a use request source of the rental information processing apparatus. The data transmission is performed for

Further, in one embodiment of the information processing method of the present invention, the server performs a mutual authentication process between the plurality of information processing devices connectable to the server by a public key method, and The list of identifiers of the information processing device with the secret key exposed is copied to the revocation list signed by the key issuing organization, or the list of valid information processing devices without the secret key of the information processing device exposed to the key issuing organization. Signed registration list, and that the identifier received from the information processing device is not recorded in the revocation list or that the identifier is recorded in the registration list A mutual authentication process is performed by executing one of the confirmation processes.

Further, in one embodiment of the information processing method according to the present invention, the data to be encrypted by an encryption key generated based on the password input to the information processing device and the data to be uploaded to the server are included in the data to be edited. And the use environment setting data, wherein the encrypted data to be encrypted with the encryption key is linked data of edit target data and use environment setting data.

Further, in one embodiment of the information processing method according to the present invention, a step of executing a mutual authentication process between the rental information processing apparatus and the server; Uploading the data encrypted by the encryption key generated based on the input password to the server; storing the upload encrypted data in a data storage unit of the server; Executing the mutual authentication process of the above, and, on condition of successful authentication, downloading the upload encrypted data stored in the data storage means of the server to the information processing device. Generate an encryption key based on the same password as
Executing decryption processing of download data based on the generated encryption key.

Further, in one embodiment of the information processing method according to the present invention, the rental information processing device executes an upload process of the encrypted data to the server and, on condition that the upload process is completed, the rental information device. The present invention is characterized in that a process of erasing data stored in a storage medium of the processing device is executed.

Further, in one embodiment of the information processing method according to the present invention, the rental information processing apparatus is provided with a data processing method for the server on condition that the rental information processing apparatus is connected to a rental information processing apparatus dog for setting connection with the server. An upload process is started.

Furthermore, a third aspect of the present invention has a communication unit connectable to a server, and performs mutual authentication processing, encryption key generation processing based on a user input password, and data encryption based on the generated encryption key. Encryption processing means for performing encryption processing and decryption processing, storing the input password, erasing the stored password by turning off the power supply, and storing means;
An information processing apparatus comprising: a control unit that performs comparison between an input password and a password stored in the storage unit and enables data access only when the password matches each other.

Further, in one embodiment of the information processing apparatus of the present invention, the information processing apparatus has a configuration for executing upload processing to the server of data encrypted with an encryption key generated based on a password input to the information processing apparatus. The information processing apparatus is characterized in that, on condition that the upload processing is completed, a processing of deleting data stored in a storage medium of the information processing apparatus is executed.

Further, in one embodiment of the information processing apparatus according to the present invention, control is performed such that data copy processing to a removable storage medium stored in the information processing apparatus can be executed on condition that authentication processing with the server is successful. Characterized by having control means for executing

A fourth aspect of the present invention is a data processing system comprising a plurality of information processing apparatuses including an unspecified number of rental information processing apparatuses which can be connected to a server having data storage means. A program providing medium for providing a computer program to be executed on a computer system, wherein the computer program executes a mutual authentication process between an information processing device connectable to the server and the server, Uploading data encrypted with an encryption key generated based on a password input to the information processing device to the server, on condition that the authentication process is successful; and storing the upload encrypted data in a data storage unit of the server. Storing, and the rental information processing device Executing a mutual authentication process between the servers; and, on condition that the authentication process is successful, downloading the upload encrypted data stored in the data storage unit of the server to the rental information processing apparatus. In the rental information processing device,
Generating an encryption key based on the same password as the password, and executing download data decryption processing based on the generated encryption key.

[0029]

In the present invention, data such as the environment used by the user in advance on his / her PC or files to be used on a business trip is securely transmitted to the server via the network, and the rental PC transmits the data to the server in advance. By downloading and using the data, it is possible to process necessary files in the same environment as usual. In addition, the server authenticates the PC at the time of downloading, so that data is not sent to a PC that may be illegal such as stealing user information,
Transfer data is encrypted using an encryption key generated based on a password known to the user, so that even if anyone other than the user who generated this password steals the data, the data cannot be decrypted. Eliminates the risk of leaks.

The program providing medium according to the fourth aspect of the present invention is, for example, a medium for providing a computer program in a computer-readable format to a general-purpose computer system capable of executing various program codes. It is. The form of the medium is not particularly limited, such as a recording medium such as a CD, an FD, and an MO, and a transmission medium such as a network.

Such a program providing medium defines a structural or functional cooperative relationship between the computer program and the providing medium for realizing a predetermined computer program function on a computer system. Things. In other words, by installing the computer program into the computer system via the providing medium, a cooperative operation is exerted on the computer system, and the same operation and effect as the other aspects of the present invention can be obtained. You can do it.

Still other objects, features and advantages of the present invention are:
It will become apparent from the following more detailed description based on the embodiments of the present invention and the accompanying drawings.

[0033]

DESCRIPTION OF THE PREFERRED EMBODIMENTS First, an environment to which an information processing system, an information processing apparatus and an information processing method of the present invention are applied will be described with reference to FIG.

In FIG. 1, a user 101 performs various data processing, such as creating documents such as conference materials, using a user PC 102 dedicated to the user in the company. The user 101 sets his or her use environment such as various key settings, shortcut settings, and macro settings on the dedicated user PC 102 to the environment that is most user-friendly. In addition, the generated documents and the like include highly confidential documents.

The user 101 rents a document or the like edited by using the user PC 102 at a business trip destination such as a business trip, etc.
Continue editing, adding and modifying above. In such a case, a conventional processing mode generally stores a document on a disk, brings in the disk, and downloads and edits the document from the disk on a rental PC. As described above, downloading data by such means has problems in setting the use environment and in terms of data security.

In the information processing system, the information processing apparatus and the information processing method of the present invention, as shown in FIG. The user uploads the environment and the environment, accesses the external server 110 using the rental PC 103 at a business trip, and downloads and uses the previously uploaded file and environment. Prior to uploading and downloading data, etc., security is ensured by executing authentication processing.

The processing executed in the information processing system, the information processing apparatus and the information processing method of the present invention is centered on the data upload, download and authentication processing to the external server as described above. Less than,
The details of each process and the details of the information processing device will be described.

FIG. 2 is a diagram showing an example of the configuration of an embodiment of an information processing apparatus (for example, a PC: personal computer) according to the configuration of the present invention. Various programs such as an OS and an application are stored in a hard disk 205 or a ROM 203 as a recording medium built in the computer.
Can be recorded in advance. Alternatively, the program may be a floppy disk, a CD-ROM
(Compact Disc Read Only Memory), MO (Magneto opti
cal) Removable recording medium 2 such as disk, DVD (Digital Versatile Disc), magnetic disk, semiconductor memory, etc.
11 can be temporarily or permanently stored (recorded). Such a removable recording medium 211
Can be provided as so-called package software.

The program may be installed in the computer from the removable recording medium 211 as described above, may be wirelessly transferred from a download site to the computer via, for example, an artificial satellite for digital satellite broadcasting, or may be connected to a LAN (Local Area Network). The program can be transferred to a computer via a network such as an Area Network (Internet) or the Internet by wire, and the computer can receive the transferred program by the communication unit 208 and install the program on the built-in hard disk 205. The ROM 203 and the hard disk 205 are used to store secret data (key) for certifying the validity of the computer. These are used, for example, in a mutual authentication process between a server and a PC. The mutual authentication process will be described later in detail.

The computer has a CPU (Central Process).
ing Unit) 202. In the CPU 202,
An input / output interface 210 is connected via a bus 201, and the CPU 202
When a user inputs an instruction through the input unit 207 including a keyboard, a mouse, and the like through the ROM 10, the ROM (Read Only)
Memory) 203 executes the program stored therein. In addition, the CPU 202 reads a program stored in the hard disk 205, a program transferred from a satellite or a network, received by the communication unit 208 and installed in the hard disk 205, or read from the removable recording medium 211 mounted in the drive 209. The program installed on the hard disk 205 is stored in a RAM (Random Access Memory) 204.
And run it. Thereby, the CPU 202
Various programs, such as a document creation process according to a document creation application, are executed. CPU 202
Further, if necessary, for example,
The LCD (Liquid
Output unit 20 including a Crystal Display) and speakers
6, output from the communication unit 208, and further, various output controls such as recording on a recording medium such as the hard disk 205.

The information processing apparatus having the configuration shown in FIG.
User PC as the user's dedicated PC described in 1.
For example, the present invention can be applied as a rental PC held in a hotel, a conference hall, or the like and lent to a user, or as the server shown in FIG.

Further, in addition to the system configuration of FIG.
, A security chip 301 may be provided. The security chip 301 is connected between PCs or P
At the time of mutual authentication between C and the server, storage of secret data (key) for certifying the validity of the computer, processing for generating information for certifying validity, encryption / decryption processing of transfer data or stored data This is processing means for performing such operations. The security chip 301 is, for example, a one-chip LSI (Lar
ge Scale Integrated Circuit), and bus 210
Encrypt or decrypt the data provided via
Output to the bus 210. The security chip 3
01 is not limited to a one-chip LSI, but can also be realized by a configuration combining various software or hardware. However, by mounting as an LSI chip, it is possible to improve the processing speed and increase the resistance to external access to information to be kept secret.

Next, referring to FIG. 4, the user uses a PC (user PC) that he or she normally uses and files that he or she wants to use on a business trip (these files are collectively referred to as data). The upload process for transferring data from the PC to the server will be described. The processing flow of FIG.
Is a process executed between the user PC 102 and the server 110 shown in FIG.

For example, when a user inputs a command for performing data upload processing to server 110 to user PC 102, the processing is started. Note that a user ID, which is identification information of a user who uses the server 110, is registered in the server 110 in advance. Further, the user ID registered in the server 110 is also stored in the user PC 102.

In step S401, the user inputs a password to the user PC 102.

In step S402, the user PC1
02 generates an encryption key for encrypting / decrypting data based on the input password. A method of generating an encryption key from a password includes, for example, dividing the password into m-byte units (where m is the length of an encryption key used in an encryption algorithm for encrypting / decrypting data) and taking an exclusive OR operation. Any method may be used. It is sufficient that the data encryption key is generated based on the password configuration data.

In step S403, in response to the user's instruction, the user PC 102 converts the data that the user wants to transfer to the server 110, for example, the data including the document data to be edited on the rental server at the business trip destination, using the encryption key generated in step S402. And encrypt it. In addition,
This encrypted data includes, for example, key setting data and shortcut setting data as a user PC usage environment, in addition to a document file that the user wants to use on a business trip.
This includes macro setting data. These environment setting data are stored in an environment setting file, and encryption processing is performed on data obtained by combining the document files to be used in the environment setting file with an encryption key generated based on the password described above. I do.

By transferring the data including the usage environment setting file in this manner, it is possible to easily set the same environment as that used by the user PC in the rental PC 103. Therefore, the user can use the rental PC
At 103, document editing can be performed in the same environment as the usage environment of the user PC 102. Any algorithm can be used for the encryption processing algorithm of the combined data of the use environment setting data and the document file to be edited. For example, DES (Da
ta Encryption Standard) can be used.

Next, in step S404, the user PC 102 establishes a communication path to the server 110, and the user PC 102 and the server 110 implement a mutual authentication protocol for confirming each other's validity.

As an example of the mutual authentication protocol, ISO /
Those using common key cryptography represented by IEC 9798-2, I
One using public key cryptography represented by SO / IEC 9798-3, one using a cryptographic check function represented by ISO / IEC 9798-4, and the like.

FIG. 5 shows one of the methods for mutual authentication and encryption key sharing using a cryptographic check function used in this embodiment.

In FIG. 5, a user PC [B] stores a unique device ID: ID_B and a secret key: DK_B. The server [A] has a device ID of each PC,
A table of secret keys corresponding to each device ID is stored.

First, the user PC generates a random number R_B,
It is sent to the server together with ID_B. The symbol || in FIG. 5 represents concatenation.

Next, the server generates random numbers: R_A, S_A, and together with R_A, S_A, ID_A, MAC (DK_B, R_A).
A || R_B || S_A) is sent to the user PC. ID_A is identification information indicating a server, and is represented by MAC (DK_B, R_A |
| R_B || S_A) is DK_B as a key and R_A || R_B || S_A as data for the cryptographic check function.
Represents input. The cryptographic check function uses ISO /
As shown in IEC 9797, it can be configured using the FIPS 46-2 Data Encryption Standard (DES). The key: DK_B used at this time is stored in the stored table from the user P.
A search is performed using the device ID unique to C: ID_B as a search key.

The user PC itself calculates the MAC (DK_B, R_A || R_B || S_A) using the received data, and checks whether or not this matches the received one. If they match, the server recognizes the server as valid and continues the process. If they do not match, the server determines that the server is invalid and stops the process.

Next, the user PC generates a random number: S_B,
This and the MAC (DK_B, R_B || R_A || S_B) are sent to the server. The server also uses the received data to
Calculate AC (DK_B, R_B || R_A || S_B) and confirm whether it matches the received one. If they match, the user PC is recognized as valid and the process is continued, but if they do not match, the user PC is determined to be invalid and the process is stopped.

Finally, when both sides are MAC (DK_B, S_A ||
S_B) is calculated, and this is used as a session key in the session and as an encryption key of the exchanged messages that need to be encrypted.

By performing the mutual authentication processing as described above, the server and the user PC can check each other's validity and can safely share the session key. With the key as the key, the server and the user PC transfer
It is possible to encrypt the data with S or the like and transmit it safely.

FIG. 6 shows an example in which an authentication technique using public key encryption is applied to this embodiment. In FIG. 6, the server
[A] and the user PC [B] each have their own identification information ID, their own public key certificate, and a revocation list or registration list. As shown in FIG. 7, the public key certificate has a center (key issuing organization) for the ID of the entity and the public key.
Is the signed data.

The revocation list is also called an unauthorized person list or a blacklist. As shown in FIG.
Although the secret key of the device (PC) has been exposed,
D is listed and digitally signed by the center (key issuing organization) together with a monotonically increasing version number.

On the other hand, the registration list is also called a valid person list or a registered list, and is shown in FIG.
As shown in (1), the IDs of the devices that are reliable at the time (the secrets are not disclosed) are listed, and the digital signature of the center (key issuing organization) is given along with the monotonically increasing version number.

In FIG. 6, the user PC has a random number: R_B
And send it to the server. The server generates random numbers: K_A and R_A, and multiplies G_K_A, which is a system common point (base point), on the elliptic curve E to obtain V_A
A is calculated, and a public key certificate: Cert_A, R_A, R_B, V_A is sent to the user PC together with a signature applied to the data R_A || R_B || V_A using the private key: PriKey_A.

The user PC checks the validity of the server's public key certificate and the validity of the signature created by the server. If the user has stored the revocation list, the other party's ID is not listed on the revocation list, and if the user has stored the registration list, the other party's ID is included in the registration list. Check that it is registered. If the above confirmation cannot be performed normally, the user PC determines that the server is an unauthorized person and ends the process. If the above confirmation is successful, the user PC
Generates a random number: K_B, performs the same calculation as performed by the server, and generates public key certificates Cert_B, R_B, R_A, V
_B and the data, R_B || R_A || V_B, are sent to the server.

The server performs the same inspection as that performed by the user PC on the received data, and continues processing only when all the inspections have been completed normally.

Thereafter, the server multiplies K_A and V_B by the user PC and K_B and V_A by the user PC on the elliptic curve E to obtain a session key K_S. The method of using the session key is the same as in the case of FIG. 5 described above. The method of multiplication on elliptic curves and the generation and inspection of digital signatures are currently being standardized by IEEE P1363, and details are described in the draft.

Using such a common key system or a public key system, mutual authentication is performed between the user PC 102 and the server 11. The process proceeds to step S405 shown in FIG. 4 on condition that the mutual authentication is established. If the mutual authentication is not successful, no further processing is performed.

In FIG. 4, if the mutual authentication between the user PC 102 and the server 110 is completed successfully, the process proceeds to step S405, in which the user PC 102 transmits the user ID and the encrypted data to be transferred to the server 110, for example, a document to be edited. Step S4: File data and usage environment data
In step 02, data encrypted with the encryption key generated based on the password is transferred.

In step S406, the server 110 stores the transferred user ID and data on a recording medium. Through the above processing, data obtained by encrypting the data of the user PC 102, for example, the document file data to be edited and the usage environment data with the encryption key generated based on the password unique to the user, can be uploaded to the server 110.

Next, with reference to FIG. 10, a download process for transferring data stored in the server 110 to a PC borrowed by a user at a hotel, a conference hall, or the like, that is, a rental PC 103 will be described.

For example, when a user rents a rental P
This process is started by renting C103 and inputting a download execution request command to the rental PC 103 together with the user ID registered in the server 110.

In step S1001, rental P
C103 establishes a communication path to server 110, and rental PC 103 and server 110 implement a mutual authentication protocol for confirming the validity of each other. The mutual authentication protocol is the same as that in step S404 in FIG.
Can be used.

If the mutual authentication is not successful and ends in step S1001, the subsequent processing is not performed. If the mutual authentication is completed successfully, the process proceeds to step S1002, where the rental PC transmits the user ID to the server. It is preferable that the user ID is transmitted after being encrypted with the session key generated by the mutual authentication protocol shown in FIG. 5 or FIG.

In step S1003, the server 110 uses the user ID as a search key to retrieve user data from a recording medium accessible from the server 110, ie, the user PC in the data upload process described with reference to FIG.
The uploaded data is read from the PC 102 and transmitted to the rental PC 103. The data here is data encrypted based on the user password as described in the processing flow of FIG. In addition, an encryption process based on a session key generated by the mutual authentication protocol shown in FIG. 5 or FIG. 6 may be further executed and transmitted.

Next, in step S1004, the rental PC
103 stores the transferred data in its own recording medium. Next, in step S1005, the user
Enter the password in C103.

In step S1006, the rental PC 10
3 generates a key for decrypting data based on the input password. Specifically, step S4 in FIG.
02, a method similar to the method performed by the user PC 102 is used.

In step S1007, the rental PC 10
Numeral 3 decrypts the user data using the key generated as described above, that is, the key generated by the same method as in step S402 in the processing flow of FIG. 4, and stores the data in a recording medium such as a hard disk. This data includes, for example, key setting data, shortcut setting data, macro setting data, and the like as the usage environment of the user PC, in addition to the document file that the user wants to use. Therefore, the user can use the rental PC 10
3 can be used.

When the user ends use of the rental PC 103, the user inputs a use end command as a command for notifying the rental PC 103 of the use. By inputting the use end command, the rental PC 103 deletes all of the user's environment and used files from its own recording medium so that the user data is not leaked to the outside. In other words, the rental PC 103 incorporates in advance a program for executing a process of deleting the document file, the usage environment data, and its update data, which are the data downloaded from the server 110 by the user, based on a specific use end command.

Prior to performing the data deletion process, the rental PC 103 may transfer files edited during a business trip from the rental PC 103 to the server 110, and may later transfer the file to the user's own user PC 102. For this purpose, the upload process shown in FIG. 4 and the download process shown in FIG. 10 may be performed by exchanging the user PC and the rental PC. These more detailed aspects will be described later.

[Processing Mode Including Reservation Information] Next, as a second embodiment, a mode in which a user makes a reservation for using a rental PC and executes processing based on the reservation information will be described. The user can reserve in advance from time to time to use the rental PC anywhere, so that the download process for the rental PC 103 can be performed halfway.

In the second embodiment, the basic configuration is the same as that of FIG.
Data transfer processing is executed between the rental PCs 103.

FIG. 11 shows a user PC in the second embodiment.
5 shows a data upload processing flow from the server 102 to the server 110. The server 110 has a server 11 in advance.
A user ID, which is identification information of a user who uses 0, is registered. Further, the user ID registered in the server 110 is also stored in the user PC 102.

In step S1101 of FIG. 11, the user inputs a password to the user PC 102,
Further, from when to when (for example, ABC
The user inputs reservation information indicating that a rental PC (such as a hotel or an XX conference hall) is to be used. For example, 8 of 2000
For reservations for use from August 8 to August 10, [2000
[0808: 20000810] is input.

The following steps S1102 to S1104 are the same as steps S402 to S404 in FIG. That is, an encryption key generation process based on the input password, an encryption process of the data to be edited and the environment data using the encryption key,
The mutual authentication process is performed between the user PC 102 and the server 110 according to the mutual authentication protocol described with reference to FIGS.

If the mutual authentication process in step S1104 ends successfully, the user PC 102 transfers the user ID, reservation information, and data to the server 110 in step S1105. Next, step S1106
Then, the server 110 stores the information on the recording medium and ends the upload process.

Next, FIG. 12 and FIG. 13 show the procedure of the download processing and the data decryption processing of the user data transferred to the server 110 in this manner.

FIG. 12 shows a rental PC from the server 110.
FIG. 13 shows a data download process for the client 103;
Shows data decryption processing in the rental PC 103. 12 is started by a command from the server 110 based on the reservation information, for example. Alternatively, the rental PC 1 is provided by the server 110 or a user's agent (for example, a person in charge of a conference hall).
03 based on the reservation information entered in the rental PC 1
03 may be started.

That is, depending on the size of the data to be downloaded and the capacity of the communication path, it may be expected that a long time is required for downloading. Even in such a case, the user must rent the PC in advance so that the download is completed at the time when the user starts using the PC.
A feature of the second embodiment is that the processing can be downloaded without operating. Of course, even if the data size is small and the capacity of the communication path is large, some time is absolutely required for downloading and also time for mutual authentication between the rental PC and the server is required.
In order to avoid this, it is preferable that the download process be completed before the start of use by the user.

Further, as will be described later with reference to the flowchart of FIG. 13, in the decryption processing of the download data by the rental PC in the second embodiment, access to the server is unnecessary, and the processing is performed even when the rental PC 103 is completely stand-alone. Can be performed. This means that the user can rent PC1
Immediately after borrowing the 03, it means that the rental PC 103 can be taken out anywhere and where there is no network facility, and the merit for the user is further increased.

Step S1 of the download process shown in FIG.
201 to S1204 correspond to step S1001 in FIG.
To S1004. In step S1201, the rental PC 103 establishes a communication path to the server 110, and the rental PC 103 and the server 110 implement a mutual authentication protocol for confirming their validity.

If the mutual authentication is not completed successfully in step S1201, the subsequent processing is not performed. If the mutual authentication is completed successfully, the process advances to step S1202, and the rental PC transmits the user ID to the server. It is preferable that the user ID is transmitted after being encrypted with the session key generated by the mutual authentication protocol shown in FIG. 5 or FIG. However, if the processing of FIG. 12 is started by an instruction from the server 110 based on the reservation information, the server 110 already knows the user ID, and thus the rental PC 103 in step S1202.
The transfer of the user ID from the server to the server 110 may be omitted.

In step S1203, the server 110 uses the user ID as a search key to retrieve user data from a recording medium accessible from the server 110, ie, the user P in the data upload process described with reference to FIG.
The data uploaded from C102 to server 110 is read and transmitted to rental PC 103. The data here is data encrypted based on the user password as described in the processing flow of FIG. In addition, an encryption process based on a session key generated by the mutual authentication protocol shown in FIG. 5 or FIG. 6 may be further executed and transmitted.

Next, in step S1204, the rental PC
103 stores the transferred data in its own recording medium.

The process shown in FIG. 12, that is, the process of downloading the encrypted data from the server 110 to the rental PC 103 is performed by the server 110 based on the reservation information.
, Or an execution command based on the reservation information input to the rental PC 103 by the server 110 or an agent of the user (for example, a staff member of a conference hall) before the user starts using the rental PC.

The process shown in FIG. 13 is performed when the user starts using the rental PC. The processing in steps S1301 to S1303 is the same as the processing in steps S1005 to S1007 in FIG. That is, in step S1301, the user enters the rental PC 10
Enter the password in 3.

In step S1302, the rental PC 10
3 generates a key for decrypting data based on the input password. Specifically, step S in FIG.
In step 1202, a key is generated by the same method as performed by the user PC 102.

In step S1303, the rental PC 10
Numeral 3 decrypts the user data using the key generated as described above, that is, the key generated by the same method as in step S1002 in the processing flow of FIG. 12, and stores this in a recording medium such as a hard disk. This data includes, in addition to the document file that the user wants to use, for example, the user PC
Key setting data, shortcut setting data, macro setting data, and the like as a usage environment of the application. Therefore, the user rents the usual environment and necessary files
It can be used in C103.

When the user ends the use of the rental PC 103, the user inputs a use end command as a command for notifying the rental PC 103 of the fact, and the user's environment and the used file are deleted from the rental PC 103.
103 deletes all the data from its own recording medium so as not to leak user data to the outside. That is, the rental PC 103 incorporates, based on a specific use end command, a setting for executing a program for executing a process of deleting a document file, which is data downloaded from the server 110 by the user, use environment data, and its update data. ing.

Before performing the data deletion process, the rental PC 103 may transfer a file edited during a business trip from the rental PC 103 to the server 110, and may later transfer the file to the user's own user PC 102. For this purpose, the upload process shown in FIG. 4 and the download process shown in FIG. 10 may be performed by exchanging the user PC and the rental PC.

[Management of Rental PC by Server] In the above-described embodiment, the server receives data uploaded from the user PC and further transmits data accompanying download processing executed on the rental PC. Further, a configuration in which the server executes the management of the rental PC to enhance the security will be described as a third embodiment.

A process between the user PC and the server and the rental PC in the third embodiment will be described with reference to FIGS. In this embodiment, the basic configurations of the user PC, the server, and the rental PC are the same as those shown in FIG.

FIG. 14 is a processing sequence diagram showing a general data flow between the user PC, the server, and the rental PC. FIG. 15 and subsequent drawings show processing sequence diagrams showing details of each processing. . First, the general processing sequence of FIG. 14 will be described. The user PC transmits the reservation data of the rental PC to the server, and transmits the data to be edited and the setting environment data to the server by executing the encryption using the encryption key based on the password as in the above-described embodiment. . Next, the server downloads the edit target data and the setting environment data to the rental PC according to the request from the rental PC or the setting of the reservation data from the user PC.

Thereafter, the rental PC decrypts the downloaded data and executes processing such as editing the data.
Thereafter, the data edited and updated on the rental PC is encrypted by an encryption key based on a password, and is uploaded to the server. This upload process will be referred to as return upload.

Thereafter, the user PC accesses the server, executes processing such as mutual authentication, and returns and uploads the data uploaded from the rental PC and stored in the server to the user PC. This download is called a return download.

The details of each process will be described below. First, a data upload process from the user PC to the server will be described with reference to FIG. As shown in FIG. 15, first, a user accesses a server from a user PC and inputs a user ID as user identification information. It is assumed that the user ID is registered in the server in advance, similarly to the above-described embodiment.

The server is a rental PC with a user ID.
When the reservation request is received, a mutual authentication process is executed according to, for example, the mutual authentication protocol described above with reference to FIGS. If the authentication is successful, proceed to the following process. Next, the user PC enters the rental P
The user inputs the reservation instruction of C and transmits the reservation data to the server. The reservation data includes designation data of a hotel, a conference hall, etc. using the rental PC, and a use period of the rental PC.

The server searches the rental PC management database registered in the database accessible by the server, and determines whether or not the rental PC can be lent according to a user's reservation request. The rental PC management database has, for example, data items as shown in FIG. First, a PC-ID as an identifier of a rental PC managed by the server, a conference room as a location of a PC having the PC-ID, or a rental PC belonging to a hotel or the like, and a reservation number as reservation data of the rental PC. , User PC-ID, use start time, use end time. The use start time and use end time are recorded based on the reservation data from the user PC, and indicate the scheduled use time.

Further, in the rental PC management data, a pointer to data transmitted from the user PC to the rental PC and a pointer to return data are recorded.
This is the address data in the data storage means of the data uploaded from the user PC to the server,
The upload data from the user PC is extracted by searching the storage database based on the pointer. Note that the data here includes both editing target data setting environment data as described in the previous embodiment. However, if the environment setting data is unnecessary, only the data to be edited may be used. The pointer to the return data indicates the storage destination address of the data storage unit of the server when the data edited and updated on the rental PC is uploaded to the server.

The server sends a rental P from the user PC based on the rental PC management database shown in FIG.
A response to the C reservation, a data download request from the rental PC, and a data download (return download) request from the user PC are executed.

Returning to FIG. 15, the description of the reservation processing of the rental PC from the user PC to the server will be continued. The server determines whether or not the rental PC can be rented based on the user's reservation request based on the rental PC management database, and sets a reservation number if reservation is possible,
The reservation number and the rental time are set in the rental PC management database in FIG. 16, and the set reservation number is transmitted to the user PC together with the reservation confirmation response.

After receiving the reservation confirmation response, the user PC encrypts the file to be transmitted with the encryption key generated using the password and transmits it to the server. The transmission data may be transmitted after being encrypted with a session key generated at the time of mutual authentication. Upon receiving the encrypted data, the server stores the encrypted data in the database and registers a pointer as a storage destination address in the rental PC management database.

Next, a process of downloading data from a server executed by the rental PC will be described with reference to FIG.

The processing in FIG. 17 is performed when the server is a rental PC.
The automatic execution is performed on the rental PC registered based on the use start time of the rental PC registered in the management database. For example, 1 of the set use start time
By setting the time before the download processing start time in the server, the data download processing from the server to the rental PC is started one hour before the use start time set by the user.

The processing procedure of FIG. 17 will be described. First, a download request is executed for a rental PC set in the PC management database based on the use start time registered in the rental PC management database of the server. Thereafter, a mutual authentication process (for example, the protocol shown in FIGS. 5 and 6) is performed between the server and the rental PC, and when the authentication is successful, the server issues a reservation number recorded in the rental PC management database to the rental PC. , And encrypted data (data encrypted with a password). When the data download is completed and the encrypted data is stored in a recording medium such as a hard disk, the rental PC executes a download confirmation response to the server, and the download process ends.

The data downloaded by the rental PC is decrypted by a user using an encryption key based on a password and used. Furthermore, when executing the return upload described below, the user returns the data stored in a storage medium such as a hard disk of the edited data rental PC in which the data is encrypted with the encryption key based on the password.

Next, a process of transmitting data edited on the rental PC to the server, that is, a return upload process, will be described with reference to FIG. In this embodiment, the return upload process is performed when the rental PC is a specific rental PC set at a hotel or a conference hall.
Triggered on condition that it is connected to a dog. In this embodiment, when the rental process for the user is completed, all the rental PCs are installed in the rental PC dog connected to the server, and the data edited and updated by the user is uploaded to the server. After the upload process, a process of deleting user data on the storage medium is executed. The rental PC stores a processing program that executes these processes when triggered by being connected to the rental PC dog.

The return upload processing procedure will be described with reference to FIG. First, when the rental PC is returned from the user and connected to the server in the rental PC dog, a return upload request is transmitted from the rental PC to the server. When the server receives the request, a mutual authentication process (for example, the protocol shown in FIGS. 5 and 6) is executed between the server and the rental PC. If the authentication is successful, the data to be uploaded is uploaded from the rental PC to the server. Note that the data in this case is data that has been encrypted based on the password.

When the upload process is completed, the rental PC executes a process of deleting the user data remaining in the storage medium of the rental PC. By this erasing process, when a new rental PC is lent, no data of the past user remains on the storage medium, and leakage of confidential information is prevented.

The processing sequence in FIG. 18 may be determined on the rental PC side as to whether or not there is user data to be returned and uploaded, and may be executed only when the user data is detected. In such a setting, for example, if the user moves all the edited data and the like to another storage medium such as a dedicated carry-in disk and erases the data from the hard disk in the rental PC, it is necessary to perform the return upload. Since there is no processing, the processing of FIG. 18 is not executed.

Next, referring to FIG.
The return download processing sequence for C will be described. The user accesses the server from his own dedicated user PC and makes a return download request. When the server receives the request, for example, the mutual authentication process according to the above-described protocol of FIGS.

When the mutual authentication succeeds, the user PC transmits the reservation number to the server. The server that has received the reservation number extracts data corresponding to the reservation number from the rental PC management database shown in FIG. 16 described above. At this time, the server uses the reservation number as a search key in FIG.
The database of No. 6 is checked, and if the ID sent from the user PC and the user PC-ID of the database do not match, the process is terminated. Further, pointer information of return data in the extracted data is obtained, a storage pointer of the return uploaded data is extracted, and the return uploaded data is taken out according to the pointer and transmitted to the user PC. The data is data that the user has encrypted with an encryption key based on a password on the rental PC.

Upon receiving the data, the user PC executes a decryption process using an encryption key based on the password as necessary.
Get decrypted data.

In this way, the data to be edited by the user is stored in both the user PC and the rental PC.
Processing such as editing can be executed safely without leaking to others. Although the description of each process is omitted, the data transferred between the PC and the server is
If necessary, encryption and transmission using a session key generated at the time of mutual authentication are performed, and the receiving side performs processing for decryption with the session key, thereby further maintaining security during communication.

As described above, in the third embodiment, the rental PC is managed in the server, the rental PC is returned, the server is connected to the server, and the user data is returned and uploaded. Is performed, it is possible to reduce the risk of data leakage to a third party.

Note that the rental PC requests a user password when the power is turned on, and stores the input password in the RAM.
The password is input when the user file is called, a password verification process is performed, and only when the passwords match, control is performed to open the file.
The configuration password is deleted from M. The control means for permitting the password comparison processing and file access, etc. is specifically constituted by a CPU or the like which executes the comparison processing and access permission program stored in the memory.

With this configuration, the rental PC
If the file is closed even if another person uses the PC when the power is turned on, the other person cannot see the file. When finally returning the rental PC, the data is encrypted using the encryption key based on the password and then returned.

In the rental PC, the downloaded data is recorded on the hard disk while being encrypted, and the user uses (calls) the file.
The decrypted data may sometimes be decrypted based on the password input by the user and developed and used in the RAM, so that the decrypted data does not remain in the RAM when the file is closed or when the power is turned off. At this time, if there is a change such as editing during use of the data, when the user closes the file, the file is encrypted based on the password and replaced with the file on the hard disk.

Further, the user edit data written on the recording medium such as the hard disk of the rental PC is decrypted, and when the user is editing, the data is brought into the disc brought in by a third party with the aim of the user. The rental PC may be configured to have no removable recording medium interface so that unauthorized copying is not possible.

Alternatively, the rental PC has an interface of a removable recording medium, and is configured to register in advance in the server that the rental PC is a rental PC permitting data copying to the removable recording medium. Is the user ID for the server
The server may be configured to execute an authentication process based on the transmission of the data, confirm that the server is a rental PC that permits the data copy, and execute the data copy to the removable recording medium only when the authentication is successful. That is, when an instruction to execute a data copy process for a removable storage medium such as an FD stored in the rental PC is input, the CPU calls the control program, executes the authentication process with the server, and succeeds in the authentication process. May be executed under the condition that the control to execute the copy is executed. As described above, the data copy processing execution condition in the rental PC is based on the confirmation processing, thereby preventing data leakage to a third party.

The present invention has been described in detail with reference to the specific embodiments. However, it is obvious that those skilled in the art can modify or substitute the embodiment without departing from the scope of the present invention. That is, the present invention has been disclosed by way of example, and should not be construed as limiting. In order to determine the gist of the present invention, the claims described at the beginning should be considered.

[0130]

As described above, in the information processing system, the information processing method, and the information processing apparatus according to the present invention, for example, the environment or the business Data such as a file to be used earlier can be safely transmitted to a server via a network. By downloading the data previously transmitted to the server to the rental PC and using it, the user can process necessary files in the same environment as usual.

In addition, the server authenticates the PC at the time of downloading, so that data is not sent to the PC which may be illicit such as stealing the user's information. Since the data is encrypted based on the data, it is impossible to decrypt the data even if a person other than the user steals the data, thereby eliminating the danger of data leakage. Of course, when the user finishes using the rental PC, the user's data is erased so as not to leak outside. In addition, since it is possible to reserve the use of the rental PC, before the user starts using the rental PC, processing of a portion that requires a connection to the server and takes a long time, such as data transfer, is completed. The user can rent out the rental PC and immediately use his environment and his files at any place.

Further, according to the rental PC management system configuration of the server, the data processed by the rental PC is returned and uploaded to the server under the condition of mutual authentication, and further downloaded to the user PC under the condition of mutual authentication. It is possible to use it, and it is possible to safely perform processing such as data editing on both the rental PC and the user PC under high security management.

[Brief description of the drawings]

FIG. 1 is a diagram showing a system concept to which an information processing system of the present invention is applied.

FIG. 2 is a diagram illustrating a configuration (example 1) of an information processing apparatus according to the present invention.

FIG. 3 is a diagram showing a configuration (example 2) of the information processing apparatus of the present invention.

FIG. 4 is a user PC in the information processing system of the present invention.
It is a figure which shows the processing flow of data upload from a server to a server.

FIG. 5 is a diagram showing a processing sequence of an authentication process (common key method) applicable to a key acquisition process in the information processing system of the present invention.

FIG. 6 is a diagram showing a processing sequence of an authentication process (public key method) applicable to a key acquisition process in the information processing system of the present invention.

FIG. 7 is a diagram showing a configuration of a public key certificate used for authentication processing applicable to key acquisition processing in the information processing system of the present invention.

FIG. 8 is a diagram showing a configuration of a revocation list in the information processing system of the present invention.

FIG. 9 is a diagram showing a configuration of a registration list in the information processing system of the present invention.

FIG. 10 is a diagram showing a processing flow of data download from a server to a rental PC in the information processing system of the present invention.

FIG. 11 shows a user P in the information processing system of the present invention.
It is a figure showing the processing flow of the data upload accompanying reservation information from C to the server.

FIG. 12 is a diagram showing a processing flow of data download accompanied with reservation information from a server to a rental PC in the information processing system of the present invention.

FIG. 13 is a diagram showing a data decryption processing flow after downloading data with reservation information from a server to a rental PC in the information processing system of the present invention.

FIG. 14 is a diagram showing a data communication sequence between a PC and a server in a configuration where the server of the present invention executes rental PC management.

FIG. 15 is a diagram showing a data upload processing sequence from a user PC to the server in a configuration in which the server of the present invention executes rental PC management.

FIG. 16 is a diagram showing a rental PC management database configuration in a configuration in which the server of the present invention executes rental PC management.

FIG. 17 is a diagram showing a data download processing sequence from a server to a rental PC in a configuration in which the server of the present invention executes rental PC management.

FIG. 18 is a diagram showing a return upload processing sequence of data from the rental PC to the server in a configuration in which the server of the present invention executes rental PC management.

FIG. 19 is a diagram showing a return download processing sequence of data from the server to the user PC in a configuration in which the server of the present invention executes rental PC management.

[Explanation of symbols]

 102 User PC 103 Rental PC 110 Server 201 Bus 202 CPU 203 ROM 204 RAM 205 Hard disk 206 Output unit 207 Input unit 208 Communication unit 209 Drive 210 Input / output interface 211 Removable recording medium 301 Security chip

──────────────────────────────────────────────────続 き Continued on the front page (51) Int.Cl. ⁷ Identification symbol FI Theme coat ゛ (Reference) G09C 1/00 660 H04L 9/00 673A H04L 9/08 601D

Claims (22)

[Claims] 1. An information processing system comprising a plurality of information processing devices connectable to a server having data storage means, wherein the plurality of information processing devices include a rental information processing device lent to an unspecified number of people, Each of the plurality of information processing devices connectable to the server including the rental information processing device includes a mutual authentication process with the server, an encryption key generation process based on a user input password, and a data encryption process based on the generated encryption key. And encryption processing means for executing a decryption process, and is generated based on a password input to the information processing device on condition that the mutual authentication process between the information processing device connectable to the server and the server is successful. Uploading the data encrypted by the encryption key to the server, and storing the upload encrypted data in the server Means for downloading the encrypted encrypted data stored in the data storage means of the server to the rental information processing apparatus, provided that the mutual authentication processing between the rental information processing apparatus and the server is successful. In the rental information processing device, an encryption key is generated based on the same password as the password, and based on the generated encryption key,
An information processing system having a configuration for executing download data decryption processing. 2. The server according to claim 1, further comprising: a server that downloads the encrypted encrypted data stored in the data storage unit to the rental information processing apparatus from a source information processing apparatus that transmits the encrypted data. 2. The information processing system according to claim 1, wherein the automatic download process is executed before the use start time based on the use start time information. 3. The server has a rental information processing device management database, wherein the rental information processing device management database has an identifier of the rental information processing device and an identifier of the information processing device that has requested the use of the rental information processing device. , Use start time, use end time, and pointer information of the encrypted data stored in the data storage means, and when transmitting data from the server to the rental information processing apparatus, the data storage means 2. The information processing system according to claim 1, wherein the correspondence data is extracted from the data and transmitted. 4. The server has a rental information processing device management database, wherein the rental information processing device management database has an identifier of the rental information processing device and an identifier of an information processing device that has requested use of the rental information processing device. And, as pointer information of the encrypted data stored in the data storage unit, pointer information in the storage unit of data received from the information processing device requesting use of the rental information processing device, and return data from the rental information processing device. And a configuration for extracting data according to the respective pointer information and transmitting data to the rental information processing apparatus or to the information processing apparatus that has requested use of the rental information processing apparatus. 2. The method according to claim 1, wherein Information processing system. 5. The information processing apparatus according to claim 1, wherein the server performs a mutual authentication process between the plurality of information processing apparatuses connectable to the server using a public key method, and wherein a secret key of the information processing apparatus is exposed. A revocation list signed by the key issuing organization or a revocation list signed by the key issuing organization with a list of legitimate information processing devices to which the secret key of the information processing apparatus is not exposed. List, the identifier received from the information processing device is not recorded in the revocation list, or performs any confirmation that is recorded in the registration list The information processing system according to claim 1, wherein the mutual authentication processing is performed by using the information processing system. 6. The data to be encrypted with an encryption key generated based on a password input to the information processing apparatus and uploaded to the server includes data to be edited and use environment setting data, and is encrypted with the encryption key. 2. The information processing system according to claim 1, wherein the encrypted data to be encrypted is concatenated data of the edit target data and the use environment setting data. 7. The information processing system further includes an encryption key generated based on a password input to the rental information processing apparatus, on condition that the mutual authentication processing between the rental information processing apparatus and the server is successful. Uploading the encrypted data to the server, storing the uploaded encrypted data in a data storage unit of the server, and storing the data in the server on condition that the mutual authentication process between the information processing device and the server is successful. Downloading the upload encrypted data stored in the means to the information processing device, generating an encryption key based on the same password as the password in the information processing device, and performing download / download based on the generated encryption key. 2. The information processing apparatus according to claim 1, further comprising a configuration for executing a data decoding process. System. 8. The rental information processing device executes an upload process of encrypted data to the server, and deletes data stored in a storage medium of the rental information processing device on condition that the upload process ends. The information processing system according to claim 7, wherein the information processing system has a configuration for performing the following. 9. The rental information processing apparatus has a configuration in which data upload processing to the server is started on condition that the rental information processing apparatus is connected to a rental information processing apparatus dog that performs connection setting with the server. The information processing system according to claim 7, wherein: 10. An information processing method in an information processing system comprising a plurality of information processing devices including rental information processing devices lent to an unspecified number of people connectable to a server having data storage means, wherein information connectable to the server is provided. Executing a mutual authentication process between a processing device and the server; and, on condition that the authentication process is successful, data encrypted with an encryption key generated based on a password input to the information processing device to the server. Uploading, storing the upload encrypted data in a data storage unit of a server, performing a mutual authentication process between the rental information processing device and the server, and subjecting the authentication process to success, Upload encrypted data stored in the data storage means of the server; Downloading to the rental information processing device; and generating a cryptographic key based on the same password as the password in the rental information processing device, and executing a download data decryption process based on the generated cryptographic key. An information processing method, comprising: 11. The information processing method, wherein the server performs a process of downloading the encrypted upload data stored in the data storage unit to the rental information processing apparatus from a source information processing apparatus of the encrypted data. 11. The information processing method according to claim 10, wherein the automatic download processing is executed before the use start time based on the received use start time information of the rental information processing apparatus. 12. The information processing method, wherein the server includes an identifier of the rental information processing apparatus, an identifier of an information processing apparatus that has issued a request for use of the rental information processing apparatus, a use start time, a use end time, and the data storage. And a rental information processing device management database including pointer information of the encrypted data stored in the means. When data is transmitted from the server to the rental information processing device, corresponding data is stored from the data storage unit in accordance with the pointer information. The information processing method according to claim 10, wherein the information is extracted and transmitted. 13. The information processing method, wherein the server comprises: an identifier of a rental information processing apparatus; an identifier of an information processing apparatus that has requested use of the rental information processing apparatus; and encrypted data stored in the data storage means. As pointer information, pointer information in the storage unit of data received from the information processing device that has requested use of the rental information processing device, and pointer information in the storage unit of data received as return data from the rental information processing device, The server has a rental information processing device management database, and the server extracts data according to the respective pointer information and executes data transmission to the rental information processing device or the information processing device that has requested use of the rental information processing device. 11. The information processing according to claim 10, wherein Law. 14. The information processing method, wherein the server performs a mutual authentication process between the plurality of information processing devices connectable to the server using a public key method, and the information in which a secret key of the information processing device is exposed. The revocation list signed by the key issuing organization or the revocation list of legitimate information processing devices to which the secret key of the information processing device is not exposed is registered in the registration list signed by the key issuing organization. A registration list, and the identifier received from the information processing device is not recorded in the revocation list, or a confirmation process of recording in the registration list. 11. The information processing method according to claim 10, wherein the mutual authentication processing is performed by performing the processing. 15. The data to be encrypted with an encryption key generated based on a password input to the information processing apparatus, the data to be uploaded to the server include data to be edited and use environment setting data, 2. The encrypted data to be encrypted according to (1) is concatenated data of data to be edited and use environment setting data.
0. The information processing method according to 0. 16. The information processing method further includes the step of: performing a mutual authentication process between the rental information processing apparatus and the server; and subjecting the password input to the rental information processing apparatus to a condition that authentication is successful. Uploading the data encrypted with the encryption key generated based on the encryption key to the server; storing the upload encrypted data in a data storage unit of the server; and performing a mutual authentication process between the information processing apparatus and the server. And downloading the encrypted encrypted data stored in the data storage means of the server to the information processing device, on condition that the authentication is successful. And generating an encryption key based on the generated encryption key. The information processing method according to claim 10, characterized in that it comprises the steps of executing decryption processing of load data, the. 17. In the information processing method, further, the rental information processing device executes a process of uploading encrypted data to the server, and stores the rental information processing device on condition that the upload process ends. 17. A process for erasing data stored in a medium.
An information processing method according to claim 1. 18. The rental information processing apparatus starts data upload processing to the server on condition that the rental information processing apparatus is connected to a rental information processing apparatus dog that performs connection setting with the server. 17. The information processing method according to item 16. 19. A cipher having a communication unit connectable to a server, for performing mutual authentication processing, encryption key generation processing based on a user input password, and data encryption processing and decryption processing based on the generated encryption key. Processing means, storing the input password, erasing the stored password when the power is turned off, executing the storage means, comparing the input password with the password stored in the storage means, and performing data access only when the passwords match. An information processing apparatus comprising: a control unit that enables the information processing; 20. The information processing apparatus according to claim 1, further comprising a step of executing upload processing of data encrypted by an encryption key generated based on a password input to said information processing apparatus to said server. 20. The information processing apparatus according to claim 19, wherein the information processing apparatus is configured to execute a deletion process of data stored in a storage medium of the information processing apparatus on condition that the processing is terminated. 21. The information processing apparatus further comprising a control for executing a control for enabling a data copy process for a removable storage medium stored in the information processing device to be executed on condition that the authentication process with the server is successful. 20. The information processing apparatus according to claim 19, further comprising means. 22. A computer which causes a computer system to execute data processing in an information processing system including a plurality of information processing apparatuses including a rental information processing apparatus lent to an unspecified number of persons connectable to a server having data storage means. A program providing medium for providing a program, wherein the computer program executes a mutual authentication process between the information processing device connectable to the server and the server; and on condition that the authentication process is successful. Uploading data encrypted with an encryption key generated based on a password input to the information processing device to the server; storing the upload encrypted data in a data storage unit of the server; Mutual authentication between the device and the server Executing the management process; and, on condition that the authentication process is successful, downloading the upload encrypted data stored in the data storage unit of the server to the rental information processing device. Generating an encryption key based on the same password as the password, and executing decryption processing of the download data based on the generated encryption key.