JP2007312128A - Electronic data browsing system, apparatus and program - Google Patents

Abstract

An object of the present invention is to improve the security of electronic data when decrypting encrypted data obtained by encrypting electronic data with an encryption key in accordance with a viewing authority so that the data can be viewed.
Security is improved by a configuration in which a secret key is shared based on a secret sharing method according to a viewing authority. Specifically, the encryption key distribution unit 109 uses the encryption key based on the (k, n) type secret distribution method that can restore the original information from the k pieces of distributed information among the n pieces of distributed information. Generate n distributed keys. Each of the n distributed keys is stored in the distributed key storage unit 103a,. At the time of browsing, the encryption key management unit 107 restores the encryption key from one distributed key received from the user device 300 and k−1 distributed keys read from the distributed key storage unit 103b,. The data decryption unit 112 decrypts the encrypted electronic data corresponding to the browsing information of the encryption key with the restored encryption key.
[Selection] Figure 1

Description

  The present invention relates to an electronic data browsing system, apparatus, and program for browsing electronic data according to browsing authority.

  2. Description of the Related Art Conventionally, as a mechanism for browsing electronic data according to browsing authority, a method of storing electronic data encrypted in advance according to browsing authority in a database is known. According to this method, the encrypted electronic data is read from the database and decrypted according to the viewing authority.

  FIG. 38 is a schematic diagram showing a configuration of a conventional electronic data browsing system, FIG. 39 is a schematic diagram showing a configuration of an encrypted data portion, and FIG. 40 is a schematic diagram showing a configuration of an authentication information portion. The electronic data browsing system includes a database (hereinafter referred to as DB) device 10, a user device 20, and an administrator device 30.

  The DB device 10 includes an encryption key storage unit 11, an encrypted data unit 12, an encryption key management unit 13, and a data decryption unit 14.

  The encryption key storage unit 11 is a storage device that can be read / written from the encryption key management unit 13, and stores the authority level and the encryption key in association with each other. Specifically, the encryption key storage unit 11 stores the encryption key SK1 in association with the authority level 1, stores the encryption key SK2 in association with the authority level 2, and stores the encryption key SK3 in association with the authority level 3. Yes.

  The encrypted data unit 12 is a storage device that can be written from the administrator device 20 and can be read from the data decryption unit 14, and stores a data ID, an authority level, and encrypted data in association with each other. . For example, as shown in FIG. 39, a customer number is stored as the data ID. Since the data ID functions as a search key for searching the encrypted data part 12 in response to an inquiry from a customer, it is not encrypted. The encrypted data includes “last name, first name” encrypted with the authority level 1 encryption key SK1, “address” encrypted with the authority level 2 encryption key SK2, and authority level 3 encryption key SK3. Encrypted “age,..., Mail address, telephone number, mobile phone number” are stored. The authority level 1 is an authority capable of browsing the information of first name and last name. Authority level 2 is an authority that allows browsing of address information in addition to information (first name and last name) that can be browsed in authority level 1. Authority level 3 is an authority that allows browsing of information on age,..., E-mail address, telephone number, and mobile phone number in addition to information (first name, last name, address) that can be browsed at authority levels 1 and 2. That is, the smaller the authority level, the smaller the range of electronic data that can be browsed.

  Such an encrypted data unit 12 is created from the viewpoint that, for example, when the target electronic data is personal information such as customer information, it is better to limit the range that can be browsed according to authority. Yes. This is because the person who can browse the information needs to keep it to the minimum necessary from the viewpoint of protecting the information.

  The administrator device 20 includes an authentication information unit 21, an access setting unit 22, an encryption key management unit 23, an encryption key generation unit 24, a data encryption unit 25, an authentication request unit 26, an authentication verification unit 27, and an access control unit 28. ing. The authentication information unit 21 is a storage device that is set by an operation of the access setting unit 22 by an administrator and stores a user authentication table in which a user ID, a password, and an authority level are associated with each other as shown in FIG. Thus, it can be read from the authentication verification unit 27. This user authentication table indicates that, for example, for a user whose user ID is 001, the password is giaw439ase and the authority level is 1.

  The user device 30 includes a screen display unit 31, a data display request unit 32, and an authentication information input unit 33.

  Such a conventional electronic data browsing system operates as shown in FIG.

  First, in the administrator device 20, as described above, it is assumed that the access setting unit 22 has written the user authentication table in the authentication information unit 21 by the operation of the administrator. Also, the encryption key management unit 23 sends the encryption key generated by the encryption key generation unit 24 to the data encryption unit 25 by the operation of the administrator, and the data encryption unit 25 generates encrypted data using this encryption key. Suppose that In addition, it is assumed that this encrypted data is written in the encrypted data unit 12 of the DB device 10 in association with the authority level and the data ID by the operation of the administrator. Similarly, it is assumed that the encryption key is written in the encryption key storage unit 11 of the DB device 10 in association with the authority level by the operation of the administrator.

  Subsequently, in the user device 30, during display of the screen by the screen display unit 31, the data display request unit 32 transmits an access request for data browsing to the administrator device 20 by the user's operation (ST1). When the administrator device 20 receives the access request, the authentication request unit 26 transmits an authentication request to the user device 30 (ST2). This authentication request is for confirming that the user can browse data and the authority level.

  In the user device 30, the screen display unit 31 displays an authentication screen based on the authentication request (ST3). The screen display unit 31 displays, for example, a user ID and password input screen. In the user device 30, when the user ID and password, which are authenticators, are input by the operation of the authentication information input unit 33 by the user (ST4), these authenticators are transmitted to the administrator device 20 (ST5). ).

  In the administrator device 20, the authentication verification unit 27 verifies the authenticator based on the authentication information unit 21 (ST6), thereby confirming whether the user can browse data and further confirms the authority level. (ST7). The confirmation result is notified to the access control unit 28.

  After the confirmation is completed, in the administrator device 20, the access control unit 28 transmits the authentication result to the user device 30 (ST8). The user device 30 displays the browseable data as a menu together with the authentication result. Here, the display of the browseable data includes at least the authority level, and may further include the data ID. When the data ID is included, for example, in step ST8, the data ID of data that can be browsed by the access control unit 28 may be further transmitted in advance.

  The user device 30 transmits a browsing request to the administrator device by a user operation (ST9). In the administrator device 20, the access control unit 28 transmits a data request corresponding to the browsing request to the DB device 10 (ST10). Here, the data request includes at least the authority level, and may further include a data ID.

  In the DB device 10, when receiving a data request, the data decryption unit 14 searches for the corresponding encrypted data (ST 11), and the encryption key management unit 13 uses the encryption key corresponding to the authority level to the encryption key storage unit 11. (ST12) and is sent to the data decoding unit 14. The data decryption unit 14 decrypts the retrieved encrypted data based on the encryption key (ST13). Thereafter, the DB device transmits the decrypted data to the administrator device 20 (ST14), and the administrator device transmits this data to the user device 30 (ST15). The user device 30 displays the received data (ST16).

  As shown in FIG. 42, the data browsing system as described above omits the encryption key management unit 23, the encryption key generation unit 24, and the data encryption unit 25 of the administrator device 20, and corresponds to the encryption key generation unit 24. The DB device 10 may be modified to include the encryption key generation unit 15 that performs the data encryption unit 16 that corresponds to the data encryption unit 25.

The prior art document information related to this application is as follows.
Miyaji Mitsuko, Kikuchi Hiroaki, “Information Security”, Ohmsha, ISBN 4-274-13284-6, pp. 103-107 Okamoto Tatsuaki and Yamamoto Hiroshi, “Contemporary Cryptography”, Industrial Books, ISBN 4-7828-5353-X, pp. 209-219 A. Shamir: “How to share a secret”, Communications of the ACM, vol.22, no.11, pp.612-613 (Nov. 1979)

  However, the data browsing system as described above normally has no problem, but according to the study of the present inventor, it is considered that the security of the encryption key or the encrypted data is insufficient. For example, when the DB device 10 receives unauthorized access from an internal administrator or an external attacker, the encryption key stored in the DB device 10 may be leaked to the outside. Similarly, when the encryption key is leaked, it is considered highly likely that the encrypted data stored in the DB device 10 is also leaked.

  The present invention has been made in consideration of the above circumstances, and when the encrypted data obtained by encrypting the electronic data with the encryption key is decrypted according to the viewing authority and can be viewed, the security of the encryption key is reduced. An object of the present invention is to provide a data browsing system, apparatus and program that can be improved.

  Another object of the present invention is to provide a data browsing system, apparatus, and program capable of improving the safety of electronic data when electronic data can be browsed according to browsing authority.

  According to a first aspect of the present invention, there is provided electronic data browsing capable of decrypting and outputting encrypted electronic data obtained by encrypting electronic data corresponding to a viewing authority with an encryption key corresponding to the viewing authority. The cipher is based on a (k, n) type secret sharing scheme capable of restoring original secret information from k pieces of shared information among n pieces of shared information in which secret information is distributed. A distributed key generating unit that generates n distributed keys from a key, a plurality of distributed key storage units that store the n distributed keys in association with browsing authority information, and user authentication information and browsing authority information. The authority storage means for storing the user authentication information and the user authentication information when the user authentication information is received, the user authentication means for authenticating the user authentication information with reference to the authority storage means, and if the authentication result is valid, the user Sending authentication information When receiving one distributed key from the beginning, the distributed key reads k−1 distributed keys from each distributed key storage unit based on the browsing authority information related to the user authentication information in the authority storage unit A reading means; a cipher key restoring means for restoring the cipher key from the received one distributed key and the read k-1 distributed keys based on a (k, n) -type secret sharing scheme; Electronic data decrypting means for decrypting the encrypted electronic data corresponding to the browsing information of the encryption key with the restored encryption key, and electronic data output means for outputting the decrypted electronic data to the transmission source of the user authentication information And an electronic data browsing system.

  A second invention is an electronic data browsing system capable of outputting electronic data in accordance with browsing authority, and the original secret information is obtained from k pieces of distributed information among n pieces of distributed information in which secret information is distributed. Based on the (k, n) type secret sharing scheme that can restore the data, the distributed data generating means for generating n pieces of distributed data from the electronic data, and the n pieces of distributed data are associated with the viewing authority information, respectively. A plurality of distributed data storage means for storing, an authority storage means for storing user authentication information and browsing authority information in association with each other, and upon receiving user authentication information, the user authentication information is referred to the authority storage means. User authentication means for sending out the authentication result obtained and the viewing authority information related to the user authentication information in the authority storage means, and the authentication result and browsing from the user authentication means When the limit information is received, if the authentication result is valid, the distributed data reading means for reading k pieces of distributed data from each of the distributed data storage means and the read k pieces of distributed data based on the browsing authority information. An electronic data browsing system comprising electronic data restoring means for restoring electronic data and electronic data output means for outputting the restored electronic data based on a (k, n) type secret sharing scheme from data.

  In the first and second inventions, an aggregate of each means is expressed as a “system”, but not limited to this, the aggregate of each means is expressed as “device”, “method”, “program”, or “computer”. It may be expressed as a “readable storage medium”. In the first and second inventions, the aggregate of each means is expressed as a “system”. However, the present invention is not limited to this, and for each apparatus when an arbitrary combination of each means is distributed and arranged in a plurality of apparatuses. Further, it may be expressed as “apparatus”, “method”, “program”, or “computer-readable storage medium”.

(Function)
In the first invention, when the encrypted data obtained by encrypting the electronic data with the encryption key is decrypted according to the viewing authority and can be browsed, the encryption key is distributed by the secret sharing method. The security of the encryption key can be improved.

  In the second invention, when the electronic data can be browsed according to the viewing authority, the security of the electronic data can be improved by the configuration in which the electronic data is distributed by the secret sharing method.

  As described above, according to the present invention, the security of the encryption key can be improved when the encrypted data obtained by encrypting the electronic data with the encryption key is decrypted according to the viewing authority and can be browsed. In addition, when the electronic data can be browsed according to the viewing authority, the safety of the electronic data can be improved.

  Hereinafter, embodiments of the present invention will be described with reference to the drawings. Each of the following devices can be implemented for each device with either a hardware configuration or a combined configuration of hardware resources and software. As the software of the combined configuration, a program that is installed in advance on a computer of a corresponding device from a network or a storage medium and that realizes the function of the corresponding device is used.

(First embodiment)
Next, a first embodiment of the present invention will be described. In the first embodiment, electronic data browsing is possible in which encrypted electronic data obtained by encrypting electronic data corresponding to the viewing authority with an encryption key corresponding to the viewing authority is decrypted with the encryption key corresponding to the viewing authority. In the system, the encryption key is secretly shared to prevent the leakage of the encryption key and to perform data browsing control by browsing authority at the same time.

  FIG. 1 is a schematic diagram showing a configuration of an electronic data browsing system according to the first embodiment of the present invention. In this electronic data browsing system, a database (DB) device 100, an administrator device 200, and a user device 300 are connected to each other via a network.

  Here, the DB device 100 includes an authentication information unit 101, an encrypted data unit 102, distributed key storage units 103a to 103i, an authentication request unit 104, an authentication verification unit 105, an access control unit 106, an encryption key management unit 107, an encryption key. A generation unit 108, an encryption key distribution unit 109, a distribution key management unit 110, a data encryption unit 111, and a data decryption unit 112 are provided.

  The authentication information unit 101 is a storage device that can be written from the administrator device 200 and can be read from the authentication verification unit 105, and stores the user ID, password, and authority level in association with each other. The user ID and password correspond to an authenticator (user authentication information), and the authority level corresponds to browsing authority information.

  The encrypted data unit 102 is a storage device in which encrypted data can be written from the data encryption unit 111 and can be read from the data decryption unit 112, and encrypted data obtained by encrypting electronic data with an encryption key is stored in the encrypted data unit 102. Remember.

  The distributed key storage units 103a to 103i are storage devices that can be read / written from the distributed key management unit 110, and store n distributed keys in association with authority levels. The distributed key storage units 103a to 103i may be distributed and arranged in a plurality of distributed key management devices 120a to 120c provided separately from the DB device 100, as shown in FIG. The distributed key storage units 103a to 103i may be distributed and arranged in the plurality of distributed key management devices 120a to 120c as well in modified examples (FIGS. 5 to 18) described later.

  The authentication request unit 104 has a function of transmitting an authentication request to the user device 300 when receiving an access request from the user device 300.

  When the authentication verification unit 105 receives an authentication code (user ID and password) from the user device 300, the authentication verification unit 105 authenticates the authentication code with reference to the authentication information unit 101 and at least the authentication result to the access control unit 106. It has a function to send.

  The access control unit 106 has a function of transmitting the authentication result and a list of data IDs that can be browsed to the user device 300 when the authentication result received from the authentication verification unit 105 is valid. Here, when the list of data IDs that can be browsed does not receive the authority level together with the authentication result, based on the user ID included in the authentication result, the “authority level in the authentication information unit 101” and “encrypted data part” It may be created with reference to the authority level and data ID in 102. Further, when the authority level is received together with the authentication result, the authority level may be created by referring to the encrypted data unit 102 based on the authority level.

  As shown in FIG. 3, the encryption key management unit 107 stores the encryption key ID indicating the encryption key received from the encryption key generation unit 108 in association with the authority level, and sends the encryption key to the data encryption unit 111. And a function for sending the encryption key to the encryption key distribution unit 109, and when the authentication result of the authenticator is valid, when receiving one distributed key included in the viewing request from the user device 300, the authentication information unit A function of reading k−1 distributed keys from the distributed key storage unit 103 based on the authority level associated with the authenticator in 101, and a (k, n) -type secret sharing scheme from these k distributed keys Based on the above, it has a function to restore the encryption key.

  The encryption key generation unit 108 has a function of generating an encryption key and an encryption key ID corresponding to the authority level, and a function of sending these authority level, encryption key, and encryption key ID to the encryption key management unit 107.

  The encryption key distribution unit 109 is based on a (k, n) type secret distribution scheme that can restore the original secret information from k pieces of distributed information among n pieces of distributed information in which the secret information is distributed. It has a function of generating n distributed keys from the encryption key received from the encryption key management unit 107, and a function of individually writing the generated distributed keys to the distributed key storage units 103a to 103i via the distributed key management unit 110. .

  The distributed key management unit 110 is designated with a function of writing the distributed key received from the encryption key distribution unit 109 to the distributed key storage units 103a to 103i in association with the encryption key ID and authority level received from the encryption key management unit 107. And a function of reading the distributed key from the distributed key storage units 103a to 103i based on the encryption key ID and the authority level.

  The data encryption unit 111 has a function of encrypting electronic data based on the encryption key received from the encryption key management unit 107 and a function of writing the obtained encrypted data into the encrypted data unit 102.

  The data decryption unit 112 has a function of decrypting the encrypted electronic data corresponding to the browsing information of the encryption key using the restored encryption key, and a function of transmitting the decrypted electronic data to the user device 200.

  The administrator device 200 includes an access setting unit 202.

  The access setting unit 202 has a function of setting the user ID, password, and authority level in the authentication information unit 101 in the DB device 100 by the operation of the administrator.

  The user device 300 includes a distributed key storage unit 301, a screen display unit 302, a data display request unit 303, an authentication information input unit 304, and a distributed key management unit 305.

The distributed key storage unit 301 is a storage device that can be read / written from the distributed key management unit 305, and stores the distributed key SK _1,1 , the authority level, and the encryption key ID in association with each other.

  The screen display unit 302 has a function of displaying an authentication request received from the DB device 100 and a function of displaying electronic data received from the DB device 100.

  The data display request unit 303 has a function of transmitting an access request for referring to the DB device 100 to the DB device 100 by a user operation.

  The authentication information input unit 304 has a function of transmitting the input user ID and password to the DB device 100 as an authenticator by a user operation.

The distributed key management unit 305 has a function of writing the distributed key SK _1,1 , authority level, and encryption key ID received from the DB device 100 in association with each other into the distributed key storage unit 301, and data in the list by user operation. And a function for transmitting a browse request including the ID and the distributed key SK _1,1 in the distributed key storage unit 301 to the DB device 100.

  Next, the operation of the electronic data browsing system configured as described above will be described with reference to the sequence diagram of FIG.

  First, the administrator device 200 sets the user ID, password, and authority level in the authentication information unit 101 in the DB device 100 by the operation of the access setting unit 202 by the administrator (ST21 to ST22). As shown in FIG. 40, the authentication information unit 101 stores the user ID, password, and authority level in association with each other (ST23).

  Next, in the DB device 100, the encryption key generation unit 108 generates an encryption key (ST24), and sends this encryption key to the encryption key management unit 107. The encryption key management unit 107 stores an encryption key ID indicating this encryption key in association with the authority level. Note that the reason for storing the encryption key ID instead of the encryption key is that the encryption key is secretly shared, so that it is not necessary to store the encryption key. In addition, the encryption key management unit 107 sends the encryption key to the data encryption unit 111.

  Next, the data encryption unit 111 encrypts the electronic data based on the encryption key (ST25). For example, as shown in FIG. 39, authority level 1 data is encrypted with a key whose encryption key ID is 001. Similarly, authority level 2 data is encrypted with an encryption key ID 002 key, and authority level 3 data is encrypted with an encryption key ID 003 key. The data encryption unit 111 stores the obtained encrypted data in the encrypted data unit 102 and notifies the encryption key management unit 107 of the completion of storage. In response to this notification, the encryption key management unit 107 transmits the encryption key to the encryption key distribution unit 109, while transmitting the encryption key ID indicating the encryption key and the authority level to the distribution key management unit 110.

Next, encryption key distribution section 109 secretly distributes the encryption key received from encryption key management section 107 (ST26). In the present embodiment, three types of encryption keys SK _{1 to} SK 3 corresponding to authority levels 1 to ₃ are secretly shared.

  Here, a specific example of the encryption key secret sharing method will be shown. Note that the secret sharing of the encryption key shown in the present embodiment is an example, and can be realized using other secret sharing methods. Detailed descriptions of the secret sharing method are described in Non-Patent Documents 1 to 3.

(Cryptographic key secret sharing)
As a preparation, in Shamir's (k, n) type secret sharing method described in Non-Patent Document 3, the threshold value k is set to 2 and the distribution number n is set to 3.

The secret original data is set as the encryption key Sk ₁ . The encryption key distribution unit 109 generates a first-order polynomial f (x) = ax + Sk ₁ (mod p) based on the (k, n) type secret distribution method. Here, (mod p) represents the number of remainders divided by p, and is larger than the original data and a.

  Specifically, the encryption key distribution unit 109 calculates the following first order polynomials f (1) to f (3).

f (1) = a + Sk ₁ (mod p)
f (2) = 2a + Sk ₁ (mod p)
f (3) = 3a + Sk ₁ (mod p)
The encryption key distribution unit 109 converts the obtained first order polynomials f (1), f (2), and f (3) into the distribution key Sk _1,1 (= f (1)) and the distribution key Sk _{1,2 respectively.} (= F (2)) and distributed key Sk _1,3 (= f (3)) are sent to the encryption key management unit 107. The encryption key management unit 107 stores these distributed keys Sk _1,1 , Sk _1,2 and Sk _1,3 individually in the distributed key storage units 103a to 103c via the distributed key management unit 110 (ST27). At this time, the distributed key storage units 103 a to 103 c are written with the distributed key, the encryption key ID, and the authority level from the distributed management unit 110 in association with each other.

The encryption key distribution unit 109 similarly performs secret sharing for the encryption keys Sk2 and Sk3, and the distribution keys Sk _2,1 , Sk _2,2 , Sk _2,3 , Sk _3,1 , Sk _3,2 , Sk _{3. , 3} are sent to the encryption key management unit 107. Similarly, the encryption key management unit 107 stores these distributed keys Sk _2,1 ,..., Sk _3,3 in the distributed key storage units 103d to 103i via the distributed key management unit 110 (ST27).

Thereafter, the encryption key management unit 107 transmits one of the distributed keys corresponding to the authority level of the user to the user apparatus 300 together with the authority level and the encryption key ID (ST28). In the present embodiment, the distributed key transmitted to the user device 300 of the authority level ₁ is Sk _1,1 and the distributed key transmitted to the user device 300 of the authority level 2 is Sk _2,1. Suppose that the distributed key transmitted to the user device 300 of the user with authority level 3 is Sk _3,1 .

  It should be noted that it is better to pass the same distributed key to user devices having the same authority level as the distributed key to be transferred to the user device 300. The reason is that when different distributed keys are transferred to different user devices, there is a risk that the users will collide and restore the original encryption key. Further, it is preferable to securely pass the distributed key to be passed to the user by using a secret communication such as SSL (Secure Socket Layer). This is because it is assumed in this embodiment that user authentication is performed using an ID and a password, and that the user is identified as a correct user by presenting a secret-distributed encryption key. For this reason, if anyone can obtain a secret-distributed encryption key, impersonation is facilitated when an ID and a password are leaked. If a scheme that is difficult to impersonate with strong user authentication in place of an ID or password is used, management of secret-distributed encryption keys may be simplified.

In the user apparatus 300, the distributed key management unit 305 stores the received distributed key SK _1,1 , authority level, and encryption key ID in the distributed key storage unit 301 (ST29).
Thus, user registration is completed.

  Next, the user device 300 transmits an access request for referring to the DB device 100 from the data display requesting unit 303 to the DB device 100 by the user's operation (ST30).

  In the DB device 100, when the access request is received by the authentication request unit 104, the authentication request unit 104 transmits the authentication request to the user device 300 (ST31).

  When the user apparatus 300 receives the authentication request, the screen display unit 302 displays that the authentication request has been received (ST32). In the user device 300, when the user ID and password are input by the operation of the authentication information input unit 304 by the user (ST33), the user ID and password are transmitted to the DB device 100 as an authenticator (ST34). ). For example, in the case of a user with authority level 1 in FIG. 39, the user ID *** 001 and the password giaw439ase are transmitted to the DB device 100 as an authenticator.

  When the DB device 100 receives the authenticator, the authentication verification unit 105 verifies the authenticator against the user ID and password in the authentication information unit 101 (ST35), and confirms the authority level (ST36). . And the access control part 106 transmits the authentication result and the list | wrist of data ID which can be browsed to the user apparatus 300 (ST37).

The user device 300 transmits a browse request including the data ID in the list and the distributed key SK _1,1 in the distributed key storage unit 301 to the DB device 100 by the user's operation (ST38).

The DB device 100 retrieves encrypted data from the encrypted data unit 102 based on the data ID in the browsing request (ST39). Further, the encryption key management unit 107 reads the distributed key SK _1,2 different from the distributed key SK _1,1 in the browsing request from the distributed key storage unit 103b, and these k distributed keys SK _1,1 , SK _{1. , 2} to restore the encryption key SK ₁ (ST40).

  The encryption key is restored by the following procedure.

(Restore encryption key)
As a specific example, a detailed description will be given using the (k, n) type secret sharing scheme of Shamir et al. The specific example shown here is a case where the encryption key of a user with authority level 1 is restored.

The encryption key management unit 107 prepares the distributed key Sk _1,1 received from the user device 300 and the distributed key Sk _1,2 read from the distributed key storage unit 103b. The distributed keys Sk _1,1 and Sk _1,2 are expressed by the following equations.

Sk _1,1 = f (1) = a + Sk ₁ (mod p)
Sk _1,2 = f (2) = 2a + Sk ₁ (mod p)
The encryption key management unit 107 restores the encryption key SK ₁ from the distributed keys Sk _1,1 and Sk _1,2 based on the (k, n) type secret sharing method. In the above case, the encryption key SK ₁ is restored by solving the two simultaneous equations.

The data decryption unit 112 decrypts the encrypted data in the encrypted data unit 102 based on the encryption key Sk ₁ (ST41), and transmits the obtained decrypted data (electronic data) to the user device 300 ( ST42).

  The user device 300 displays the received electronic data on the screen display unit 302 (ST43).

  As described above, according to the present embodiment, when the encrypted data obtained by encrypting the electronic data with the encryption key is decrypted according to the viewing authority and can be browsed, n encryption keys are obtained by the secret sharing method. The security of the encryption key can be improved by the configuration distributed to the distributed keys.

  In addition, with the configuration in which the encryption key is restored using the distributed key received from the user device 300, it is possible to further improve the safety against unauthorized access from an internal administrator or the like.

  In the first embodiment as described above, the DB device 100 has all of the authentication function, the data encryption function, and the key distribution function. However, the present invention is not limited to this, and the authentication function, the data encryption function, and the key are not limited thereto. The distributed function may be modified into a configuration provided in the administrator device 200 in any combination. Such a modification will be described below.

<First Modification: Example in which Administrator Device 200 is Provided with Authentication Function>
As shown in FIG. 5, the first modification of the first embodiment is that the authentication information unit 101, the authentication request unit 104, the authentication verification unit 105, and the access control unit 106 are omitted from the DB device 100, and the omitted units are omitted. The administrator apparatus 200 includes an authentication information unit 201, an authentication request unit 204, an authentication verification unit 205, and an access control unit 206 corresponding to 101, 104 to 106.

  According to such a configuration, in addition to the effects of the first embodiment, as shown in FIG. 6, authority level setting (ST21ma), storage (ST23ma), access request reception (ST30ma), authentication surrounded by a broken line Implementation of a modification in which the administrator device 200 executes request transmission (ST31ma), authenticator reception (ST34ma), authenticator verification (ST35ma), authority level confirmation (ST36ma), authentication result and viewable data list transmission (ST37ma) can do.

<Second Modification: Example in which Administrator Device 200 is Provided with Data Encryption Function>
In the second modification of the first embodiment, as shown in FIG. 7, the encryption key generation unit 108 and the data encryption unit 111 are omitted from the DB device 100, and the encryption key management corresponding to the encryption key management unit 107 is performed. The administrator device 200 includes a unit 207, an encryption key generation unit 208 corresponding to the omitted units 108 and 111, and a data encryption unit 211.

  According to such a configuration, in addition to the effects of the first embodiment, as shown in FIG. 8, encryption key generation (ST24ma), data encryption (ST25ma-1), encryption key, and encryption surrounded by a broken line It is possible to realize a modification in which the administrator device 200 executes the data transmission (ST25ma-2).

<Third Modification: Example Including Administrator Key Device with Key Distribution Function>
As shown in FIG. 9, the third modification example of the first embodiment omits the encryption key generation unit 108 and the encryption key distribution unit 109 from the DB device 100, and performs encryption key management corresponding to the encryption key management unit 107. The administrator device 200 includes a unit 207, an encryption key generation unit 208 corresponding to the omitted units 108 and 109, and an encryption key distribution unit 109.

  According to such a configuration, in addition to the effects of the first embodiment, as shown in FIG. 10, encryption key generation (ST24ma), encryption key secret sharing (ST26ma-1), and distributed key transmission surrounded by a broken line It is possible to realize a modification in which the administrator apparatus 200 executes (ST26ma-2) and the DB apparatus 100 executes data encryption (ST25db) using an encryption key decrypted from the distributed key.

<Fourth Modification: Example in which Administrator Device 200 is Provided with Authentication Function and Data Encryption Function>
As shown in FIG. 11, the fourth modification in the first embodiment is a combination of the first and second modifications, and the administrator device 200 includes an authentication function and a data encryption function. Yes. According to such a configuration, in addition to the effects of the first embodiment, as illustrated in FIG. 12, a modification example in which the administrator device 200 executes the authentication function and the data encryption function surrounded by a broken line is realized. be able to.

<Fifth Modification: Example in which Administrator Device 200 is Provided with Authentication Function and Key Distribution Function>
As shown in FIG. 13, the fifth modification in the first embodiment is a combination of the first and third modifications, and the administrator device 200 includes an authentication function and a key distribution function. . According to such a configuration, in addition to the effects of the first embodiment, as illustrated in FIG. 14, a modification example is realized in which the administrator device 200 or the like executes the authentication function and the key distribution function surrounded by a broken line. be able to.

<Sixth Modification: Example in which Administrator Device 200 is Provided with Data Encryption Function and Key Distribution Function>
As shown in FIG. 15, the sixth modification in the first embodiment is a combination of the second and third modifications, and the administrator device 200 includes a data encryption function and a key distribution function. ing. According to such a configuration, in addition to the effects of the first embodiment, as shown in FIG. 16, a modification is realized in which the administrator device 200 executes the data encryption function and the key distribution function surrounded by a broken line. can do.

<Seventh Modification: Example in which Administrator Device 200 is Provided with Authentication Function, Data Encryption Function, and Key Distribution Function>
As shown in FIG. 17, the seventh modification example in the first embodiment is a combination of the first to third modification examples, and includes an authentication function, a data encryption function, and a key distribution function. 200 is provided. According to such a configuration, in addition to the effects of the first embodiment, as shown in FIG. 18, the administrator device 200 or the like executes the authentication function, the data encryption function, and the key distribution function surrounded by a broken line. Variations can be realized.

(Second Embodiment)
Next, a second embodiment of the present invention will be described. In the electronic data browsing system capable of outputting electronic data according to the viewing authority, the second embodiment improves the safety of the electronic data by a configuration in which the electronic data to be browsed is secretly distributed according to the viewing authority. It is.

  FIG. 19 is a schematic diagram showing a configuration of an electronic data browsing system according to the second embodiment of the present invention. In this electronic data browsing system, a user device 300, three DB devices 500a to 500c, and a database (DB) management device 600 are connected to each other via a network.

  Here, the user device 300 includes a screen display unit 302, a data display request unit 303, and an authentication information input unit 304.

  The screen display unit 302 has a function of displaying an authentication request received from the DB management apparatus 600 and a function of displaying electronic data received from the DB management apparatus 600.

  The data display request unit 303 has a function of transmitting an access request for referring to the DB devices 500a to 500c to the DB management device 600 by a user operation.

  The authentication information input unit 304 has a function of encrypting a password with a DB public key and transmitting the obtained encrypted authenticator to the DB management apparatus 600 by a user operation. The authentication information input unit 304 may transmit the password as it is to the DB management apparatus 600 without being encrypted with the DB public key by the user's operation.

  Since the DB devices 500a to 500c have the same configuration, the DB device 500a will be described as a representative example here. The DB device 500a includes an authentication information unit 501a, a secret sharing data unit 503a, an authentication verification unit 505a, and an access control unit 506a.

  The authentication information unit 501a is a storage device that can be written from the DB management device 600 and can be read from the authentication verification unit 505a, and stores the encrypted user ID, the encrypted password, and the authority level in association with each other. The encrypted password is obtained by encrypting the password with the DB public key, and can be decrypted with the DB secret key for each of the DB devices 500a,. The user ID and password correspond to an authenticator (user authentication information), and the authority level corresponds to browsing authority information.

  The secret sharing data unit 503a is a storage device that can be read / written from the access control unit 506a, and stores a data ID, an authority level, and shared data in association with each other. For example, as shown in FIG. 20, a customer number is stored as the data ID. Since the data ID functions as a search key for searching the secret sharing data unit 503a in response to an inquiry from a customer, the data ID is not encrypted. The distributed data includes “last name, first name” secretly distributed according to authority level 1, “address” secretly distributed according to authority level 2, and “age, ..., mail address, phone number, mobile phone number "are stored. The authority level 1 is an authority capable of browsing the information of first name and last name. Authority level 2 is an authority that allows browsing of address information in addition to first and last names. A user of authority level 3 has authority to view information on age,..., E-mail address, telephone number, and mobile phone number in addition to the surname, first name, and address. That is, the smaller the authority level, the smaller the range of electronic data that can be browsed.

  As shown in FIG. 21 or FIG. 22, the other secret sharing data units 503b and 503c store data IDs, authority levels, and encrypted data in association with each other as in the secret sharing data unit 503a.

  Upon receiving the encrypted authenticator (encrypted “user ID and password”) from the user device 300, the authentication verification unit 505a decrypts the encrypted authenticator with the DB private key in the authentication information unit 501a. A function for obtaining an authenticator (user ID and password), a function for verifying the authenticator against the user ID and password in the authentication information unit 501a, and checking the authority level, and an authentication result (verification result) And a function of sending the authority level to the access control unit 506a.

  When the access control unit 506a receives the authentication result and the authority level from the authentication verification unit 505a, and the function to write the shared data, the data ID, and the authority level received from the DB management apparatus 600 in association with each other in the secret shared data unit 503a. When the authentication result is valid, a function of transmitting the authentication result and a list of viewable data IDs based on the authority level to the user device 300 via the DB management device 600, and data received from the DB management device 600 It has a function of transmitting the shared data read from the secret shared data unit 503a to the DB management apparatus 600 based on the data request including the ID.

  The database (DB) management apparatus 600 includes an access setting unit 602, an authentication request unit 604, a secret sharing setting unit 610, a secret sharing unit 611, and a restoration unit 612.

  The access setting unit 602 has a function of setting a user ID and an authority level by an operation of the administrator, and transmitting the user ID and the authority level and a previously stored DB public key to the user apparatus 300.

  Upon receiving an access request from the user device 300, the authentication request unit 604 receives the data ID based on the browsing request including the function of transmitting the authentication request to the user device 300 and the data ID received from the user device 300. And a function of transmitting the distributed data read from the DB devices 500a to 500c to the restoration unit 612.

  The secret sharing setting unit 610 has a function of setting electronic data according to the viewing authority as the electronic data to be shared by the administrator.

  The secret sharing unit 611 uses a (k, n) type secret sharing scheme that can restore the original secret information from k pieces of shared information among n pieces of shared information in which secret information is distributed. It generates n pieces of distributed data from the electronic data set in the distribution setting unit 610, and has a function of transmitting the obtained distributed data to the DB devices 500a to 500c.

  The restoration unit 612 has a function of restoring electronic data from k pieces of distributed data read from each of the DB devices 500a to 500c based on the (k, n) type secret sharing scheme, and the restored electronic data. And a function of transmitting to the user device 300.

  Next, the operation of the electronic data browsing system configured as described above will be described with reference to the sequence diagram of FIG.

  First, in the DB management apparatus 600, the user ID and the authority level are set by the operation of the access setting unit 602 by the administrator (ST51). The access setting unit 602 transmits the user ID and authority level and the DB public key to the user device 300 (ST52).

  User device 300 inputs the password by the user's operation (ST53). Also, the user device 300 encrypts this password with the DB public key and generates an encrypted password (ST54). Thereafter, the user device 300 transmits the user ID, the encrypted password, and the authority level to the DB devices 500a to 500c via the DB management device 600 (ST55).

  The DB devices 500a to 500c store these user IDs, encrypted passwords, and authority levels in the authentication information units 501a to 501c in association with each other (ST56).

Next, the DB management apparatus 600 performs secret sharing setting by the operation of the secret sharing unit 611 by the administrator (ST57). Specifically, as shown in FIGS. 20 to 22, electronic data that can be referred to according to the authority level is bundled, and secret sharing is performed by the secret sharing unit 611 as a batch of electronic data. For example, as shown in the figure, the surname and first name data of authority level 1 are collectively D ₁ and the address data of authority level 2 are collectively D ₂ , authority level 3 age, mail address, telephone number, mobile phone The data such as the number is set to D ₃ as a lump.

  The secret sharing of data is performed by the following procedure, for example.

(Cryptographic key secret sharing)
As a preparation, in Shamir's (k, n) type secret sharing method described in Non-Patent Document 3, the threshold value k is set to 2 and the distribution number n is set to 3.

  Let D be secret original data. The secret sharing unit 611 generates a first-order polynomial f (x) = ax + D (mod p) based on the (k, n) type secret sharing method. Here, (mod p) represents the number of remainders divided by p, and is larger than the original data and a.

  Specifically, the secret sharing unit 611 calculates the following first-order polynomials f (1) to f (3).

f (1) = a + D ₁ (mod p)
f (2) = 2a + D ₁ (mod p)
f (3) = 3a + D ₁ (mod p)
The secret sharing unit 611 converts the obtained first order polynomials f (1), f (2), and f (3) into the distributed data D _1,1 (= f (1)) and the distributed data D _1,2 ( = f (2)), distributed data _{D 1,3 (= f (3)} ) and then (ST58), and transmits to DB server 500a-500c (ST59). Secret sharing unit 611, D ₂ and D ₃ is similarly performed secret _{sharing, D 2,1, D 2,2, D} 2,3, D 3,1, D 3,2, seeking D _3,3 , To the DB devices 500a to 500c. At this time, the distributed data is transmitted together with the data ID and the authority level.

  In the DB devices 500a to 500c, the shared data, the data ID, and the authority level are individually stored in the secret shared data units 501a to 501c via the access control unit 506 (ST60). At this time, the shared data, the data ID, and the authority level are associated with each other and written from the access control unit 506 to the secret shared data units 501a to 501c.

  Thus, user registration is completed.

  Next, the user device 300 transmits an access request for referring to the DB devices 500a to 500c from the data display requesting unit 303 to the DB management device 600 by the user's operation (ST61).

  In the DB management device 600, when the access request is received by the authentication request unit 604, the authentication request unit 604 transmits the authentication request to the user device 300 (ST62).

  Upon receiving the authentication request, user apparatus 300 displays that the authentication request has been received on screen display unit 302 (ST63). In the user device 300, when the user ID and password are input by the operation of the authentication information input unit 304 by the user (ST64), the user ID and password are encrypted with the DB public key (ST65) and obtained. The obtained encrypted authenticator is transmitted to the DB management device 600 (ST66).

  Upon receiving the encrypted authenticator, the DB management apparatus 600 transmits this encrypted authenticator to at least two DB apparatuses among the DB apparatuses 500a to 500c (ST67).

  Hereinafter, only the DB device 500a will be described, but the same processing is performed for the other DB device 500b or 500c. In the present embodiment, the DB devices 500a and 500b are used, and the DB device 500c is used as a spare.

  In the DB device 500a, when receiving the encrypted authenticator, the authentication verification unit 505a obtains the authenticator by decrypting the encrypted authenticator with the DB private key in the authentication information unit 501a. Next, the authentication verification unit 505a verifies this authenticator against the user ID and password in the authentication information unit 501a (ST68), and confirms the authority level (ST69). And the access control part 506a transmits the authentication result and the list | wrist of data ID which can be browsed to the user apparatus 300 (ST70).

  The user device 300 transmits a browsing request including the data ID in the list to the DB management device 600 by the user's operation (ST71). The DB management device 600 transmits a data request including this data ID to the DB devices 500a and 500b (ST72).

The DB devices 500a and 500b search the shared data from the secret shared data sections 501a and 501b based on the data ID in the data request (ST73), and manage the obtained distributed data D _1,1 and D _1,2 as DB management. To device 600.

Upon receiving the distributed data D _1,1 and D _1,2 (ST74), the DB management device 600 restores the secret-distributed data at the restoration unit 612 (ST75).

  The secret-restored data is restored by the following procedure.

(Restore encryption key)
As a specific example, a detailed description will be given using the (k, n) secret sharing scheme described in Non-Patent Document 3 and a specific example. The specific example shown here is a case where the encryption key of a user with authority level 1 is restored.

The restoration unit 612 prepares the received distributed data D _1,2 and D _1,2 . The distributed data D _1,1 and D _1,2 are expressed by the following equations.

D _1,1 = f (1) = a + D ₁ (mod p)
D _1,2 = f (2) = 2a + D ₁ (mod p)
The restoration unit 612 restores the original data D ₁ from the distributed data D _1,1 and D _1,2 based on the (k, n) type secret sharing method. In the above case, the original data D ₁ is restored by solving the two simultaneous equations.

DB management unit 600 transmits the restored data D ₁ to the user device 300 through the network 400 (ST76).

The user device 300 receives the restored data _{D 1,} and displays the data _{D 1} on the screen display unit 302 (ST77).

  Note that even if either the DB device 500a or 500b fails and data cannot be taken out or the data is lost due to an accident or the like, the data can be restored using the DB device 500c.

  As described above, according to the present embodiment, when electronic data can be browsed according to the viewing authority, the security of the electronic data can be improved by the configuration in which the electronic data is distributed by the secret sharing method. .

  In the second embodiment as described above, the DB devices 500a to 500c have the authentication function and the DB management device 600 has the data distribution function. However, the present invention is not limited to this, and the authentication function and the data distribution function are provided. You may deform | transform into the structure with which DB management apparatus 600 or DB apparatus 500a-500c was equipped with arbitrary combinations. In the second embodiment, the DB management apparatus 600 has a restoration function. However, the present invention is not limited to this, and the user apparatus 300 may be modified to have a restoration function. Such modifications will be described sequentially.

<First Modification: Example in which DB Management Device 600 is provided with Authentication Function and Data Distribution Function>
As shown in FIG. 24, the first modification in the second embodiment is that the authentication information units 501a to 501c and the authentication verification units 505a to 505c are omitted from the DB devices 500a to 500c, and the omitted units 501a to 501c, The DB management apparatus 600 includes an authentication information unit 601 and an authentication verification unit 605 corresponding to 505a to 505c.

  According to such a configuration, in addition to the effects of the second embodiment, as shown in FIG. 25, authority level setting (ST51), storage (ST56), encrypted authenticator reception (ST66) surrounded by a broken line A modification in which the DB management apparatus 600 executes authenticator verification (ST68), authority level confirmation (ST69), authentication result and viewable data list transmission (ST70) can be realized.

<Second Modification: An Example in which an Authentication Function is Provided in the DB Management Device 600 and a Data Distribution Function is Provided in the DB Device 500a>
As shown in FIG. 26, the second modification example of the second embodiment omits the authentication information units 501a to 501c and the authentication verification units 505a to 505a from the DB devices 500a to 500c, and omits the omitted units 501a to 501c, The DB management apparatus 600 includes an authentication information unit 601 and an authentication verification unit 605 corresponding to 505a to 505c.

  On the other hand, the secret sharing setting unit 610 and the secret sharing unit 611 are omitted from the DB management device 600, and the DB device 500a includes a secret sharing setting unit 510 and a secret sharing unit 511 corresponding to the omitted units 610 and 611.

  According to such a configuration, in addition to the effects of the second embodiment, as shown in FIG. 27, authority level setting (ST51), storage (ST56), encrypted authenticator reception (ST66) surrounded by a broken line , Authenticator verification (ST68), authority level confirmation (ST69), authentication result and viewable data list transmission (ST70) are executed by the DB management apparatus 600, secret sharing setting (ST57), and distributed data generation (ST58) are DB. The modification which the apparatus 500a performs and the DB apparatus 500a-500c performs distributed data storage (ST60) is realizable.

<Third Modification: Example in which the DB Device 500a has a Data Distribution Function>
As shown in FIG. 28, the third modified example of the second embodiment omits the secret sharing setting unit 610 and the secret sharing unit 611 from the DB management apparatus 600, and the secret sharing corresponding to the omitted units 610 and 611. The DB unit 500a includes a setting unit 510 and a secret sharing unit 511.

  According to such a configuration, in addition to the effects of the second embodiment, as shown in FIG. 29, the DB device 500a executes the secret sharing setting (ST57) and the shared data generation (ST58) and stores the distributed data ( A modification in which the DB devices 500a to 500c execute ST60) can be realized.

<Fourth Modification: Example in which User Device 300 is Provided with Restoration Function>
In the fourth modification of the second embodiment, as shown in FIG. 30, the restoration unit 612 is omitted from the DB management device 600, and the user device 300 includes a restoration unit 312 corresponding to the omitted restoration unit 612. ing.

  According to such a configuration, in addition to the effects of the second embodiment, as shown in FIG. 31, the user device 300 executes distributed data reception (ST74) and data restoration (ST75) surrounded by a broken line. Variations can be realized.

<Fifth Modification: Example in which the DB management apparatus 600 includes an authentication function and a data distribution function, and the user apparatus 300 includes a restoration function>
As shown in FIG. 32, the fifth modification example of the second embodiment is a combination of the first and fourth modification examples. The DB management apparatus 600 includes an authentication function and a data distribution function, and is restored. The user apparatus 300 has a function.

  Specifically, the authentication information units 501a to 501c and the authentication verification units 505a to 505c are omitted from the DB devices 500a to 500c, and the authentication information unit 601 and the authentication verification unit 605 corresponding to the omitted units 501a to 501c and 505a to 505c. Is provided in the DB management apparatus 600.

  Further, the restoration unit 612 is omitted from the DB management device 600, and the user device 300 includes a restoration unit 312 corresponding to the omitted restoration unit 612.

  According to such a configuration, in addition to the effects of the second embodiment, as shown in FIG. 33, authority level setting (ST51), storage (ST56), encrypted authenticator reception (ST66) surrounded by a broken line , Authenticator verification (ST68), authority level confirmation (ST69), authentication result and viewable data list transmission (ST70) are executed by the DB management apparatus 600, distributed data reception (ST74), data restoration (ST75) are performed by the user Variations performed by the apparatus 300 can be realized.

<Sixth Modification: Example in which the DB management apparatus 600 is provided with an authentication function, a data distribution function is provided in the DB apparatus 500a, and a restoration function is provided in the user apparatus 300>
As shown in FIG. 34, the sixth modified example in the second embodiment is a combination of the second and fourth modified examples. The DB management apparatus 600 includes an authentication function, and a data distribution function is provided in the DB. The user device 300 is provided with the restoration function.

  Specifically, the authentication information units 501a to 501c and the authentication verification units 505a to 505a are omitted from the DB devices 500a to 500c, and the authentication information unit 601 and the authentication verification unit 605 corresponding to the omitted units 501a to 501c and 505a to 505c. Is provided in the DB management apparatus 600.

  On the other hand, the secret sharing setting unit 610 and the secret sharing unit 611 are omitted from the DB management device 600, and the DB device 500a includes a secret sharing setting unit 510 and a secret sharing unit 511 corresponding to the omitted units 610 and 611.

  Further, the restoration unit 612 is omitted from the DB management device 600, and the user device 300 includes a restoration unit 312 corresponding to the omitted restoration unit 612.

  According to such a configuration, in addition to the effects of the second embodiment, as shown in FIG. 35, authority level setting (ST51), storage (ST56), encrypted authenticator reception (ST66) surrounded by a broken line , Authenticator verification (ST68), authority level confirmation (ST69), authentication result and viewable data list transmission (ST70) are executed by the DB management apparatus 600, secret sharing setting (ST57), and distributed data generation (ST58) are DB. It is possible to realize a modification in which the device 500a executes, the distributed data storage (ST60) is executed by the DB devices 500a to 500c, and the distributed data reception (ST74) and data restoration (ST75) are executed by the user device 300. .

<Seventh Modification: Example in which a data distribution function is provided in the DB device 500a and a restoration function is provided in the user device 300>
As shown in FIG. 36, the seventh modified example in the second embodiment is a combination of the third and fourth modified examples. The DB device 500a has a data distribution function, and a user has a restoration function. The apparatus 300 is provided.

  Specifically, the secret sharing setting unit 610 and the secret sharing unit 611 are omitted from the DB management device 600, and the secret sharing setting unit 510 and the secret sharing unit 511 corresponding to the omitted units 610 and 611 are provided in the DB device 500a. Yes.

  Further, the restoration unit 612 is omitted from the DB management device 600, and the user device 300 includes a restoration unit 312 corresponding to the omitted restoration unit 612.

  According to such a configuration, in addition to the effects of the second embodiment, as shown in FIG. 37, the DB device 500a executes secret sharing setting (ST57) and shared data generation (ST58) surrounded by a broken line. Further, it is possible to realize a modification in which the DB devices 500a to 500c execute the distributed data storage (ST60) and the user device 300 executes the distributed data reception (ST74) and the data restoration (ST75).

  Note that the method described in the above embodiment includes a magnetic disk (floppy (registered trademark) disk, hard disk, etc.), an optical disk (CD-ROM, DVD, etc.), a magneto-optical disk (MO) as programs that can be executed by a computer. ), And can be distributed in a storage medium such as a semiconductor memory.

  In addition, as long as the storage medium can store a program and can be read by a computer, the storage format may be any form.

  In addition, an OS (operating system) running on a computer based on an instruction of a program installed in the computer from a storage medium, MW (middleware) such as database management software, network software, and the like realize the above-described embodiment. A part of each process may be executed.

  Further, the storage medium in the present invention is not limited to a medium independent of a computer, but also includes a storage medium in which a program transmitted via a LAN, the Internet, or the like is downloaded and stored or temporarily stored.

  Further, the number of storage media is not limited to one, and the case where the processing in the above embodiment is executed from a plurality of media is also included in the storage media in the present invention, and the media configuration may be any configuration.

  The computer according to the present invention executes each process in the above-described embodiment based on a program stored in a storage medium, and is a single device such as a personal computer or a system in which a plurality of devices are connected to a network. Any configuration may be used.

  In addition, the computer in the present invention is not limited to a personal computer, but includes an arithmetic processing device, a microcomputer, and the like included in an information processing device, and is a generic term for devices and devices that can realize the functions of the present invention by a program. .

  Note that the present invention is not limited to the above-described embodiment as it is, and can be embodied by modifying the constituent elements without departing from the scope of the invention in the implementation stage. In addition, various inventions can be formed by appropriately combining a plurality of components disclosed in the embodiment. For example, some components may be deleted from all the components shown in the embodiment. Furthermore, constituent elements over different embodiments may be appropriately combined. For example, in ST55 of the second embodiment, the encrypted password is transmitted from the user device 300 to the DB device 500a. However, the password itself may not be transmitted regardless of the presence or absence of encryption. In this case, in FIG. 23, the user ID is input in ST53, and the input user ID is encrypted in ST54. The target transmitted in ST55 is the user ID and authority level, and what is stored in ST56 is the user ID and authority level. The authenticator input in ST64 is the user ID, and in ST65 the user ID is the user ID. The target encrypted with the DB public key and transmitted in ST66 is the encrypted user ID encrypted in ST65. In ST67, the encrypted user ID is transmitted, and the authenticator verification in ST68 becomes the encrypted user ID.

The schematic diagram which shows the structure of the electronic data browsing system which concerns on the 1st Embodiment of this invention. The schematic diagram which shows the modification of the distributed key memory | storage part in the embodiment. The schematic diagram which shows the structure of the encryption key management part in the embodiment. The sequence diagram for demonstrating operation | movement of the electronic data browsing system in the embodiment. The schematic diagram which shows the structure of the 1st modification in the embodiment. The sequence diagram for demonstrating the operation | movement of the modification. The schematic diagram which shows the structure of the 2nd modification in the embodiment. The sequence diagram for demonstrating the operation | movement of the modification. The schematic diagram which shows the structure of the 3rd modification in the embodiment. The sequence diagram for demonstrating the operation | movement of the modification. The schematic diagram which shows the structure of the 4th modification in the embodiment. The sequence diagram for demonstrating the operation | movement of the modification. The schematic diagram which shows the structure of the 5th modification in the embodiment. The sequence diagram for demonstrating the operation | movement of the modification. The schematic diagram which shows the structure of the 6th modification in the embodiment. The sequence diagram for demonstrating the operation | movement of the modification. The schematic diagram which shows the structure of the 7th modification in the embodiment. The sequence diagram for demonstrating the operation | movement of the modification. The schematic diagram which shows the structure of the electronic data browsing system which concerns on the 2nd Embodiment of this invention. The schematic diagram which shows the structure of the secret sharing data part in the embodiment. The schematic diagram which shows the structure of the secret sharing data part in the embodiment. The schematic diagram which shows the structure of the secret sharing data part in the embodiment. The sequence diagram for demonstrating operation | movement of the electronic data browsing system in the embodiment. The schematic diagram which shows the structure of the 1st modification in the embodiment. The sequence diagram for demonstrating the operation | movement of the modification. The schematic diagram which shows the structure of the 2nd modification in the embodiment. The sequence diagram for demonstrating the operation | movement of the modification. The schematic diagram which shows the structure of the 3rd modification in the embodiment. The sequence diagram for demonstrating the operation | movement of the modification. The schematic diagram which shows the structure of the 4th modification in the embodiment. The sequence diagram for demonstrating the operation | movement of the modification. The schematic diagram which shows the structure of the 5th modification in the embodiment. The sequence diagram for demonstrating the operation | movement of the modification. The schematic diagram which shows the structure of the 6th modification in the embodiment. The sequence diagram for demonstrating the operation | movement of the modification. The schematic diagram which shows the structure of the 7th modification in the embodiment. The sequence diagram for demonstrating the operation | movement of the modification. The schematic diagram which shows the structure of the conventional electronic data browsing system. The schematic diagram which shows the structure of a general encryption data part. The schematic diagram which shows the structure of a general authentication information part. The sequence diagram for demonstrating operation | movement of the conventional electronic data browsing system. The schematic diagram which shows the modification of the conventional electronic data browsing system.

Explanation of symbols

  DESCRIPTION OF SYMBOLS 100,500a-500c ... DB apparatus, 101,501a-501c ... Authentication information part, 102 ... Encrypted data part, 103a-103i ... Distributed key storage part, 104 ... Authentication request part, 105,505a-505c ... Authentication verification part 106, 506a to 506c ... access control unit, 107 ... encryption key management unit, 108 ... encryption key generation unit, 109 ... encryption key distribution unit, 110 ... distributed key management unit, 111 ... data encryption unit, 112 ... data decryption , 200 ... administrator device, 202 ... access setting unit, 300 ... user device, 301 ... distributed key storage unit, 302 ... screen display unit, 303 ... data display request unit, 304 ... authentication information input unit, 305 ... distributed Key management unit, 503a to 503c: secret sharing data unit.

Claims (5)

An electronic data browsing system capable of decrypting and outputting encrypted electronic data obtained by encrypting electronic data corresponding to the viewing authority with an encryption key corresponding to the viewing authority,
Based on the (k, n) type secret sharing scheme capable of restoring the original secret information from k pieces of shared information among n pieces of shared information in which the secret information is distributed, A distributed key generating means for generating a distributed key;
A plurality of distributed key storage means for storing each of the n distributed keys in association with the viewing authority information;
Authority storage means for storing user authentication information and browsing authority information in association with each other;
When receiving user authentication information, user authentication means for authenticating the user authentication information with reference to the authority storage means;
When this authentication result is valid, when one distributed key is received from the transmission source of the user authentication information, each of the distributed information is based on the browsing authority information related to the user authentication information in the authority storage means. Distributed key reading means for reading k-1 distributed keys from the key storage means;
An encryption key restoring means for restoring the encryption key from the received one distributed key and the read k−1 distributed keys based on a (k, n) type secret sharing scheme;
Electronic data decrypting means for decrypting the encrypted electronic data corresponding to the browsing information of the encryption key with the restored encryption key;
An electronic data browsing system comprising: electronic data output means for outputting the decrypted electronic data to a transmission source of the user authentication information. An electronic data browsing system capable of outputting electronic data according to browsing authority,
Based on the (k, n) type secret sharing scheme capable of restoring the original secret information from k pieces of shared information of n pieces of distributed information in which the secret information is distributed, Distributed data generation means for generating distributed data;
A plurality of distributed data storage means for storing the n pieces of distributed data in association with browsing authority information,
Authority storage means for storing user authentication information and browsing authority information in association with each other;
When the user authentication information is received, the user authentication information is authenticated with reference to the authority storage unit, and the obtained authentication result and the browsing authority information related to the user authentication information in the authority storage unit are displayed. User authentication means to send,
When receiving the authentication result and the browsing authority information from the user authentication unit, if this authentication result is valid, the distributed data reading unit reads out k pieces of distributed data from each of the distributed data storage units based on the browsing authority information When,
Electronic data restoration means for restoring electronic data from the read k pieces of shared data based on a (k, n) type secret sharing scheme;
An electronic data browsing system comprising: electronic data output means for outputting the restored electronic data to a transmission source of the user authentication information. A database device capable of decrypting and outputting encrypted electronic data obtained by encrypting electronic data corresponding to the viewing authority with an encryption key corresponding to the viewing authority,
Based on the (k, n) type secret sharing scheme capable of restoring the original secret information from k pieces of shared information among n pieces of shared information in which the secret information is distributed, A distributed key generating means for generating a distributed key;
A plurality of distributed key storage means for storing each of the n distributed keys in association with the viewing authority information;
Authority storage means for storing user authentication information and browsing authority information in association with each other;
When receiving user authentication information, user authentication means for authenticating the user authentication information with reference to the authority storage means;
When this authentication result is valid, when one distributed key is received from the transmission source of the user authentication information, each of the distributed information is based on the browsing authority information related to the user authentication information in the authority storage means. Distributed key reading means for reading k-1 distributed keys from the key storage means;
An encryption key restoring means for restoring the encryption key from the received one distributed key and the read k−1 distributed keys based on a (k, n) type secret sharing scheme;
Electronic data decrypting means for decrypting the encrypted electronic data corresponding to the browsing information of the encryption key with the restored encryption key;
A database apparatus comprising: electronic data output means for outputting the decrypted electronic data to a transmission source of the user authentication information. A database device connected to a database management device capable of outputting electronic data according to viewing authority,
Based on the (k, n) type secret sharing scheme capable of restoring the original secret information from k pieces of shared information of n pieces of distributed information in which the secret information is distributed, Distributed data storage means in which any one of the n distributed data is written in association with browsing authority information from the database management device when the distributed data is generated by the database device;
Authority storage means for storing user authentication information and browsing authority information in association with each other;
When the user authentication information is received, the user authentication information is authenticated with reference to the authority storage unit, and the obtained authentication result and the browsing authority information related to the user authentication information in the authority storage unit are displayed. User authentication means to send,
When receiving the authentication result and the browsing authority information from the user authentication unit, if the authentication result is valid, based on the browsing authority information, the distributed data reading unit that reads the distributed data from the distributed data storage unit,
Distributed data for outputting the distributed data read by the distributed data reading means to the database management device so that the database management device can restore the electronic data based on the (k, n) type secret sharing scheme And a database device. A program used for a database apparatus capable of decrypting and outputting encrypted electronic data obtained by encrypting electronic data corresponding to a viewing authority with an encryption key corresponding to the viewing authority. ,
A computer of the database device;
Based on the (k, n) type secret sharing scheme capable of restoring the original secret information from k pieces of shared information among n pieces of shared information in which the secret information is distributed, Distributed key generation means for generating a distributed key;
A plurality of distributed key storage means for storing each of the n distributed keys in association with browsing authority information;
Authority storage means for storing user authentication information and browsing authority information in association with each other;
When receiving the user authentication information, user authentication means for authenticating the user authentication information with reference to the authority storage means,
When this authentication result is valid, when one distributed key is received from the transmission source of the user authentication information, each of the distributed information is based on the browsing authority information related to the user authentication information in the authority storage means. Distributed key reading means for reading k-1 distributed keys from the key storage means;
An encryption key restoring means for restoring the encryption key from the received one distributed key and the read k−1 distributed keys based on a (k, n) type secret sharing scheme;
Electronic data decrypting means for decrypting the encrypted electronic data corresponding to the browsing information of the encryption key with the restored encryption key;
Electronic data output means for outputting the decrypted electronic data to the transmission source of the user authentication information;
Program to function as.

Images