Patent Grant
7925895
1. Field of the Invention
The present invention relates to a data management device which has a nonvolatile storage apparatus such as a hard disc drive, a printer, a facsimile, a copying machine, a server machine, and a personal computer; a method for managing data; and a storage medium.
Priority is claimed on Japanese Patent Application No. 2005-45239 and No. 2005-45240, filed Feb. 22, 2005, and Japanese Patent Application No. 2005-197370, filed Jul. 6, 2005 the content of which is incorporated herein by reference.
2. Description of Related Art
In printers and other devices, font data and job data which are sent from a host computer are saved in a removable hard disc (HDD). Therefore, there is a risk of data leakage when the HDD is taken away.
Conventionally, some arts for preventing data leakage described hereinbelow are known. Japanese Unexamined Patent Application, First Publication No. 2002-260326 discloses an art which scrambles video data or audio data when saved in a storage medium, using a key which is made by encrypting unique information to a reproducing device by the identifier of the storage medium. Japanese Unexamined Patent Application, First Publication No. 2003-303136 discloses an art which deletes a key after reproducing encrypted data saved in a storage medium such as a compact disc (CD). Japanese Unexamined Patent Application, First Publication No. 2003-131950 discloses an art which encrypts digitalized copyrighted works, using information unique to a device, and saves the encrypted data in a storage device such as a memory card.
However, these aforementioned arts do not have sufficient security. In addition, the data becomes useless when the key is broken because of an error in operation or for other reasons, since these arts do not consider the case in which a key for decryption is broken.
Concerning the aforementioned circumstances, an object of the present invention is to provide a data management apparatus, a method for data management, and a storage medium which have a higher security and are able to reproduce a key for decryption even when the key is broken.
To achieve the above-described purpose, the present invention provides a data management apparatus including: a removable storage device; a nonvolatile memory which saves a first conversion key; a first encrypting device which converts a datum to be saved in the storage device into an encrypted datum by the first conversion key; a first writing device which writes the encrypted datum into the storage device; a first reading device which reads the encrypted data from the storage device; a first decrypting device having a second conversion key which decrypts the encrypted datum by the second conversion key; a second encrypting device having a third conversion key which encrypts the second conversion key by the third conversion key, and converts the second conversion key into a fourth conversion key; a second writing device which writes the fourth conversion key into the storage device; a second reading device which reads the fourth conversion key from the storage device; and a second decrypting device which decrypts the fourth conversion key by the third conversion key.
In addition, the present invention provides a storage medium having a computer program stored therein for a computer having a removable storage device and a nonvolatile memory which saves a first conversion key, the computer program including: a first step of converting a datum to be saved in the storage device into an encrypted datum by the first conversion key; a second step of writing the encrypted datum into the storage device; a third step of reading the encrypted datum from the storage device; a fourth step of decrypting the encrypted datum by a second conversion key; a fifth step of encrypting the second conversion key by a third conversion key, and converting the second conversion key into a fourth conversion key; a sixth step of writing the fourth conversion key into the storage device; a seventh step of reading the fourth conversion key from the storage device; and an eighth step of decrypting the fourth conversion key by the third conversion key.
Furthermore, the present invention provides a method for data management which is applicable to a computer having a removable storage device and a nonvolatile memory which saves a first conversion key, the method for data management including: a first step of converting a datum to be saved in the storage device into an encrypted datum by the first conversion key; a second step of writing the encrypted datum into the storage device; a third step of reading the encrypted datum from the storage device; a fourth step of decrypting the encrypted datum by a second conversion key; a fifth step of encrypting the second conversion key by a third conversion key, and converting the second conversion key into a fourth conversion key; a sixth step of writing the fourth conversion key into the storage device; a seventh step of reading the fourth conversion key from the storage device; and an eighth step of decrypting the fourth conversion key by the third conversion key.
Furthermore, the present invention provides a data management apparatus including: a removable storage device; a nonvolatile memory which generates and saves the first conversion key; a first encrypting device having a second conversion key which encrypts the first conversion key by the second conversion key, and converts the first conversion key into a third conversion key; a first writing device which writes the third conversion key into the storage device; a second encrypting device having a fourth conversion key which encrypts the third conversion key by the fourth conversion key, and converts the third conversion key into a fifth conversion key; a datum encrypting device which converts a datum to be saved in the storage device into an encrypted datum by the fifth conversion key; a datum writing device which writes the encrypted datum into the storage device; a datum reading device which reads the encrypted datum from the storage device; a datum decrypting device which decrypts the encrypted datum by the fifth conversion key; and a deleting device which deletes the fifth conversion key after encryption by the datum encrypting device and after decryption by the datum decrypting device.
In the data management apparatus of the present invention, a unique key to the data management apparatus itself may be used as the fourth conversion key.
Furthermore, the present invention provides a storage medium having a computer program stored therein for a computer having a removable storage device and a nonvolatile memory which generates and saves a first conversion key, the computer program including: a first step of encrypting the first conversion key by the second conversion key, and converting the first conversion key into a third conversion key; a second step of writing the third conversion key into the storage device; a third step of encrypting the third conversion key by a fourth conversion key, and converting the third conversion key into a fifth conversion key; a fourth step of converting a datum to be saved in the storage device into an encrypted datum by the fifth conversion key; a fifth step of writing the encrypted datum into the storage device; a sixth step of reading the encrypted datum from the storage device; a seventh step of decrypting the encrypted datum by the fifth conversion key; and an eighth step of deleting the fifth conversion key after encryption by the datum encrypting device and after decryption by the datum decrypting device.
Furthermore, the present invention provides a method for data management which is applicable for a computer having a removable storage device and a nonvolatile memory which saves a first conversion key, the method for data management including: a first step of encrypting the first conversion key by the second conversion key, and converting the first conversion key into a third conversion key; a second step of writing the third conversion key into the storage device; a third step of encrypting the third conversion key by a fourth conversion key, and converting the third conversion key into a fifth conversion key; a fourth step of converting a datum to be saved in the storage device into an encrypted datum by the fifth conversion key; a fifth step of writing the encrypted datum into the storage device; a sixth step of reading the encrypted datum from the storage device; a seventh step of decrypting the encrypted datum by the fifth conversion key; and an eighth step of deleting the fifth conversion key after encryption by the datum encrypting device and after decryption by the datum decrypting device.
Furthermore, the present invention provides a data management apparatus including: a removable storage medium having an authentication key stored therein; an encryption key generating device which generates an encryption key based on a preset master key when a power supply is turned on; and a collating device which collates the authentication key and the encryption key, wherein the data management apparatus writes a datum into the storage medium or reads a datum from the storage medium when a result of a collation carried out by the collating device satisfies a predetermined condition.
The data management apparatus of the present invention may further include a format device which formats the storage medium, generates an authentication key based on the master key, and writes the authentication key in the storage medium when a result of a collation carried out by the collating device does not satisfy the predetermined condition.
In the data management apparatus of the present invention, an identification number of the data management device or a datum set by a user may be used as the master key.
Furthermore, the present invention provides a storage medium having a computer program stored therein for a computer having a removable storage medium in which an authentication key is saved, the processing by the computer program including the steps of: generating an encryption key based on a preset master key when a power supply is turned on; collating the authentication key and the encryption key; writing a datum into the storage medium or reading a datum from the storage medium when a result of a collation in the step of collating satisfies a predetermined condition; and formatting the storage medium, generating an authentication key based on the master key, and writing the authentication key in the storage medium when a result of a collation carried out by the collating device does not satisfy the predetermined condition.
Furthermore, the present invention provides a method for data management which is applicable to a computer having a removable storage medium in which an authentication key is saved, the method for data management including the steps of: generating an encryption key based on a preset master key when a power supply is turned on; collating the authentication key and the encryption key; writing a datum into the storage medium or reading a datum from the storage medium when a result of a collation in the step of collating satisfies a predetermined condition; and formatting the storage medium, generating an authentication key based on the master key, and writing the authentication key in the storage medium when a result of a collation carried out by the collating device does not satisfy the predetermined condition.
Several embodiments of the present invention are described hereinbelow with reference to the drawings.
Reference numeral 7 is an image forming unit which forms a non-fixated toner image on a sheet made of a photoreceptor by copying the toner image. Paper, plastic or the like is used for the sheet. Reference numeral 8 is a driving unit which drives a mechanical portion to supply, discharge, and send the sheet. Reference numeral 9 is a fixation unit which fixates the non-fixated image made by the image forming unit 7 on the sheet. The fixation unit 9 maintains the heat generation required for fixation of the non-fixated image during a stand-by state. Therefore, the image forming device is ready for an immediate image forming without warm up.
Next, writing and reading operations of the storage medium 4 of the aforementioned image forming device are described with reference to
When the key A is broken due to an error in operation or the like, the control unit 1 reads the key A1 from the storage medium 4, decrypts it by the key B, and writes the key A obtained by the decryption to the nonvolatile memory 3.
In the aforementioned embodiment, a job datum is encrypted by the key A which is unique to each image forming device, and stored in the storage medium 4. Therefore, security is maintained because the job datum cannot be printed even if the storage medium 4 is stolen. In addition, the key A1, obtained by encrypting the key A by the key B in the control unit 1, is stored in the storage medium 4 in this embodiment. Therefore, there is no risk that the key A1 is decrypted by the key B when the storage medium 4 is stolen. At the same time, when the key A in the nonvolatile memory 3 is broken, the key A can be immediately reproduced by decrypting the key A1 in the storage medium 4.
Next, a second embodiment of the present invention is described hereinbelow with reference to the drawings.
Next, writing and reading operations of the storage medium 14 of the aforementioned image forming device are described with reference to
When a job datum is input to the control unit 11 from a host computer via the communication unit 16, the control unit 11 encrypts the key D by a unique key which is stored therein, and writes it into the RAM 12 as a key E (refer to
When printing the job datum in the storage medium 14, the control unit 11 generates the key E by encrypting the key D as described above, writes the key E into the RAM 12. Then, the control unit 11 reads the encrypted job datum in the storage medium 14, decrypts it by the key E, and outputs the decrypted job datum to the image forming unit 7. When the decryption of the job datum in the storage medium 14 is terminated, the control unit 11 deletes the key E in the RAM 12.
As described above, the key E is generated by being encrypted by the unique key. Therefore, even if the storage medium 14 is set in an image forming device of the same specification, the datum therein can be neither decrypted nor printed. In addition, since the key E is generated only when it is needed and is deleted after using, it enables a higher security than a conventional device.
Though the key E is used for encryption and decryption in the aforementioned embodiment, a pair of keys for encryption and decryption may be used. In addition, though the key E is generated by encrypting the key D in the aforementioned embodiment, the key E may be generated by encrypting the key C. Furthermore, although an HDD is used as the storage medium in these aforementioned embodiments, a memory card, an optical disc, a magnetooptical disc or the like may be used instead of the HDD.
Next, a third embodiment of the present invention is described hereinbelow with reference to the drawings.
Next, operations of the aforementioned image forming device are described with reference to
(1) Operations when Turning On (
When the image forming device is turned on by the user, the control unit 21 reads the master key (an ID which is unique to the device) saved in the ROM and generates the encryption key by carrying out a calculation on the master key based on the predetermined algorithm. The control unit writes the encryption key in the nonvolatile memory 23 (refer to
Next, the control unit 21 reads the authentication key from the storage medium 24 and checks it with the encryption key in the nonvolatile memory 23. When the authentication key and the encryption key are identical, the storage medium 24 is determined to be an appropriate one, and the operation proceeds to a reading/writing step which is described hereinafter. When the authentication key and the encryption key are not identical, the storage medium 24 is determined to be an inappropriate one, and the storage medium 24 is formatted. Then, a new authentication key is generated by carrying out a calculation on the master key in the ROM based on the aforementioned algorithm. The new authentication key is written in the storage medium and the operation proceeds to the reading/writing step (refer to
(2) Reading Data from the Storage Medium and Writing Data Thereinto (
When the job datum in the host computer is printed, the user selects the job datum and inputs a command to print to the host computer. The host computer receives the command to print and sends the selected job datum to the image forming device via a LAN. The control unit 21 of the image forming device receives the job datum from the host computer and saves it in the RAM 22 temporally. The control unit 21 reads the encryption key from the nonvolatile memory 23, encrypts the job datum by the encryption key, and writes the encrypted job datum in the storage medium 24 (refer to
When the job datum is printed, the control unit 21 reads the encrypted job datum from the storage medium 24, decrypts it by the encryption key in the nonvolatile memory 23 (refer to
As described above, the encryption key is generated based on the master key (an ID which is unique to the device) when the image forming device is turned on in this embodiment, and even if the encryption key is broken during operations of the image forming device, the encryption key can be immediately reproduced by turning the image forming device on again. Therefore, there is no risk of the image forming device becoming out of order. In addition, since the authentication key is saved in the storage medium 24 and it is checked whether the authentication key is identical to the encryption key when the device is turned on, an inappropriate storage medium can be detected. Furthermore, since the storage medium is formatted and an appropriate authentication key is written therein when the storage medium is determined to be inappropriate, the storage medium can be used again immediately.
In the aforementioned embodiment, although an ID which is unique to the image forming device is used as the master key, the master key may be set by the user. In addition, although an identical key is used as the encryption key and the authentication key in the aforementioned embodiment, these keys may be respectively generated by different algorithms. In this case, both keys have to be decrypted when checking. Furthermore, although an HDD is used as the storage medium in the aforementioned embodiment, a memory card, an optical disc, a magnetooptical disc or the like may be used instead of HDD.
While preferred embodiments of the invention have been described and illustrated above, it should be understood that these are exemplary of the invention and are not to be considered as limiting. Additions, omissions, substitutions, and other modifications can be made without departing from the spirit or scope of the present invention. Accordingly, the invention is not to be considered as being limited by the foregoing description, and is only limited by the scope of the appended claims.
| Number | Date | Country | Kind |
|---|---|---|---|
| P2005-045239 | Feb 2005 | JP | national |
| P2005-045240 | Feb 2005 | JP | national |
| P2005-197370 | Jul 2005 | JP | national |
| Number | Name | Date | Kind |
|---|---|---|---|
| 5857021 | Kataoka | Jan 1999 | A |
| 6012146 | Liebenow | Jan 2000 | A |
| 6097814 | Mochizuki | Aug 2000 | A |
| 6134660 | Boneh et al. | Oct 2000 | A |
| 6249866 | Brundrett et al. | Jun 2001 | B1 |
| 6333983 | Enichen et al. | Dec 2001 | B1 |
| 6363149 | Candelore | Mar 2002 | B1 |
| 6947556 | Matyas et al. | Sep 2005 | B1 |
| 6986043 | Andrew et al. | Jan 2006 | B2 |
| 7020780 | Mochizuki | Mar 2006 | B1 |
| 7023998 | Garay et al. | Apr 2006 | B2 |
| 7124301 | Uchida | Oct 2006 | B1 |
| 7181016 | Cross et al. | Feb 2007 | B2 |
| 7203317 | Kallahalla et al. | Apr 2007 | B2 |
| 7298845 | Tatebayashi et al. | Nov 2007 | B2 |
| 7418602 | Yoshida et al. | Aug 2008 | B2 |
| 7444306 | Varble | Oct 2008 | B2 |
| 20010056541 | Matsuzaki et al. | Dec 2001 | A1 |
| 20020114468 | Nishimura | Aug 2002 | A1 |
| 20020166072 | Cromer et al. | Nov 2002 | A1 |
| 20030028765 | Cromer et al. | Feb 2003 | A1 |
| 20040003267 | Strom et al. | Jan 2004 | A1 |
| 20040172538 | Satoh | Sep 2004 | A1 |
| 20040264698 | Oda | Dec 2004 | A1 |
| 20050039044 | Gassho | Feb 2005 | A1 |
| 20050086471 | Spencer | Apr 2005 | A1 |
| 20050232415 | Little et al. | Oct 2005 | A1 |
| 20060039554 | Fry | Feb 2006 | A1 |
| 20060101267 | Takamura et al. | May 2006 | A1 |
| Number | Date | Country |
|---|---|---|
| 1324028 | Nov 2001 | CN |
| 58-178456 | Oct 1983 | JP |
| 07-287655 | Oct 1995 | JP |
| 09-134311 | May 1997 | JP |
| 10-198558 | Jul 1998 | JP |
| 11-161552 | Jun 1999 | JP |
| 2001-523064 | Nov 2001 | JP |
| A-2002-245427 | Aug 2002 | JP |
| 2002-260326 | Sep 2002 | JP |
| 2002-292980 | Oct 2002 | JP |
| A-2002-368735 | Dec 2002 | JP |
| 2003-131950 | May 2003 | JP |
| 2003-195758 | Jul 2003 | JP |
| 2003-303136 | Oct 2003 | JP |
| 2003-333030 | Nov 2003 | JP |
| 2004-013763 | Jan 2004 | JP |
| 2004-118232 | Apr 2004 | JP |
| 2004-201038 | Jul 2004 | JP |
| 2004-355268 | Dec 2004 | JP |
| 2005-020346 | Jan 2005 | JP |
| 2005-130261 | May 2005 | JP |
| 2005-258558 | Sep 2005 | JP |
| WO 9925086 | May 1999 | WO |
| WO 0203271 | Jan 2002 | WO |
| WO 03021406 | Mar 2003 | WO |
| WO03107171 | Dec 2003 | WO |
| Number | Date | Country | |
|---|---|---|---|
| 20060190426 A1 | Aug 2006 | US |
