Patent Application
20050055584
1. Field of the Invention
The present invention relates to an information protection apparatus for preventing illegal use of information.
2. Description of the Related Art
Conventionally, to prevent illegal use of the information, a password is entered in employing the information, or the information is encrypted. Lately, several techniques for preventing improper copy of the contents, such as a CPRM (Contents Protection for Recordable Media) method and a CPPM (Contents Protection for Prerecorded Media) method, have been proposed which involve recording the encoded information of contents in an optical disk such as DVD or CD, and a code (decoding key) required when the information of contents is made composite. In JP-A-2000-163873, a technique for preventing illegal use of the information has been proposed, in which an authentication code of the optical disk is multiply recorded in the entire recording area or a plurality of parts in the recording area, it is confirmed whether the optical disk is proper or illegally copied (the authentication code is recorded) not only at the start of reproduction but also in the course of reproduction, and a process during execution is stopped if it is confirmed that the optical disk is copied.
In order to prevent illegal use of the information with the key code such as decoding key for decoding the password or encoded information, it is required to protect the key code from the person who tries to use the information illegally (hereinafter referred to as an illegal user) (to prevent the key code from leaking to the illegal user). Also, a typical system for preventing illegal use of the information with the key code is configured to request the user to re-input the key code, if the input key code is improper (if the correct key code is not input). With this configuration, when the normal user authorized for the use of information inputs a false key code, the user is made to recognize that the previously input key code is false and the key code is input smoothly.
On the other hand, the illegal user may input a different key code repeatedly till a proper key code is input to make the exhaustive search for the key code, and acquire the key code illegally. And in the exhaustive search for the key code, it is unnecessary to take human resources by executing a program (hereinafter referred to as an exhaustive search program) in which if the re-input of the key code is requested, another key code is input. Thus, the number of digits of the key code is increased to keep the security of information, thereby spending a lot of time (about several tens years) till the key code is acquired by the exhaustive search program.
However, along with the higher processing speed of the recent information processing apparatus, the time required to make the exhaustive search of the key code is shorter, resulting in a problem that the security of information against the illegal use is gradually lowered.
An object of the invention is to provide an information protection apparatus for preventing the security of information against the illegal use from being degraded due to higher processing speed of an information processing apparatus.
According to a first aspect of the invention, there is provided an information protection apparatus including: a key code acceptance unit that accepts a key code; a key code confirmation unit that confirms whether or not the key code accepted by the key code acceptance unit is proper; a re-input request unit that requests the key code to be re-input, when the key code confirmation unit confirms that the key code is improper; a delay unit that delays the key code confirmation unit to confirm presently accepted key code for an appropriate time, in a case where the key code confirmation unit confirms that previously accepted key code is improper when the key code acceptance unit accepts the key code; a counting unit that counts a number of inputting of the key code that is confirmed to be improper by the key code confirmation unit; and a delay invalidation unit that invalidates the delay unit, when the key code acceptance unit accepts the key code after elapse of a certain time or more since the key code confirmation unit confirms whether or not the key code is proper, wherein the delay unit makes longer the time for delaying the key code confirmation unit to confirm the presently accepted key code, as the count value of the counting unit is greater, and wherein the counting unit clears the count value of the counting unit, when the key code confirmation unit confirms that the key code is proper.
According to a second aspect of the invention, there is provided an information protection apparatus including: a key code acceptance unit that accepts a key code; a key code confirmation unit that confirms whether or not the key code accepted by the key code acceptance unit is proper; a re-input request unit that requests the key code to be re-input, when the key code confirmation unit confirms that the key code is improper; and a delay unit that delays the key code confirmation unit to confirm presently accepted key code for an appropriate time, in a case where the key code confirmation unit confirms that previously accepted key code is improper when the key code acceptance unit accepts the key code.
The above objects and advantages of the present invention will become more apparent by describing a preferred exemplary embodiment thereof in detail with reference to the accompanying drawings, wherein:
An information protection apparatus according to an embodiment of the present invention will be described below.
The key code acceptance unit 2 may accept the key code by the operation of an input device such as a keyboard connected, or accept the key code transmitted from another apparatus via a network such as LAN or the Internet. The key code confirmation unit 3 confirms whether or not the key code accepted by the key code acceptance unit 2 is proper. For example, when the key code is the password, the input key code is collated with the registered key code, in which it is confirmed that the key code is proper, if they are matched, or improper, if they are unmatched. Also, when the key code is the key for decoding the encrypted information, it is confirmed that the key code is proper, if the encrypted information is decoded by the input key code, or improper, if it is not decoded. The re-input request unit 4 displays a request for re-input of the key code on a display unit connected to the main body, or transmits it via the network to the apparatus that has transmitted the key code when it is confirmed that the input key code is improper. The access unit 5 accesses the storage medium such as a hard disk, DVD or CD storing the information, to read, record (or update) or delete the information. The count unit 7 counts the number that the key code confirmation unit 3 confirms the accepted key code to be improper. The delay unit 7 delays the timing of the key code confirmation unit 3 confirming whether or not the presently accepted key code is proper by adjusting the timing of passing the key code accepted by the key code acceptance unit 2 to the key code confirmation unit 3. Also, the delay unit 7 has a timer for measuring the time elapsed since it is confirmed that the key code accepted lastly is proper. Also, the delay unit 7 measures the time for which the key code accepted by the key code acceptance unit 2 is passed to the key code confirmation unit 3, using this timer.
The information protection apparatus 1 of the embodiment is applied to various kinds of apparatus, including a server connected to the LAN or the Internet, a personal computer, and a DVD apparatus.
The operation of the information protection apparatus 1 according to the embodiment will be described below.
In the information protection apparatus 1, if it is determined that the fixed time or more has elapsed at s2 (the key code is manually input by the user), the delay unit 6 promptly passes the key code from the key code acceptance unit 2 to the key code confirmation unit 3 (s3). The user who manually inputs the key code is considered to be the normal user. If the key code is passed from the delay unit 6, the key code confirmation unit 3 confirms whether or not the passed key code is proper (s4). A processing at s4 involves collating the key code (password) with the registered password, when the key code is the password, and if they are matched, it is determined that the key code is proper. On the contrary, if they are unmatched, it is determined that the key code is improper. Also, when the key code is the key for decoding the encrypted information, the encrypted information is decoded by this key code. If the encrypted information is decoded, it is determined that the key code is proper. On the contrary, if the encrypted information is not decoded, it is determined that the key code is improper.
In the information protection apparatus 1, if it is determined that the key code input at s4 is proper, the count value of the counting unit 7 is cleared (s5), and the access unit 5 starts to gain access to the storage medium (s6). Thereafter, the information is employed by the user.
On the contrary, in the information protection apparatus 1, if it is confirmed at s4 that the key code is improper, the count value of the counting unit 7 is counted up by 1 (s7), and the timer of the delay unit 6 is reset to start to measure the time elapsed since the key code confirmation unit 3 confirms whether or not the key code is proper (s8). Moreover, in the information protection apparatus 1, the re-input request unit 4 issues a request for the re-input of the key code (s9), and the procedure returns to s1.
In this manner, the counting unit 7 counts the consecutive number that the key code accepted by the key code acceptance unit 2 is improper. Also, the delay unit 6 measures the time used for determination at s2 by resetting the timer at s8.
An instance of determining that the time elapsed since it is confirmed whether or not the key code is proper at the previous time at s2 is not greater than the fixed time will be described.
As described above, it is determined that the fixed time or more has not elapsed at s2, because the manually input key code is not accepted but the key code by the exhaustive search program is accepted. The delay unit 6 calculates the delay time for delaying the confirmation whether or not the presently accepted key code is proper, employing the count value of the counting unit 7 (s10). The delay time calculated at s10 is longer, as the count value of the counting unit 7 is greater. More specifically, the delay unit 6 calculates the delay time T such that T=N×N(s) when the count value of the counting unit 7 is N.
Also, the delay unit 6 resets the timer, and starts to measure the delay time calculated at s10 (s11). If the time measured by the timer reaches the delay time calculated at s10 (s12), the delay time 6 passes the key code passed from the key code acceptance unit (presently accepted key code) to the key code confirmation unit 3 (s3) and the steps following s4 are performed.
In this manner, in the information protection apparatus 1 of the embodiment, if the key code acceptance unit 2 accepts the improper key code repeatedly, the delay units delays the confirmation whether or not the accepted key is proper, whereby it is possible to spend a long time to make the exhaustive search for key codes, irrespective of the processing speed of the apparatus executing the exhaustive search program for making the exhaustive search for key codes. Accordingly, the security of the information is prevented from being degraded due to higher processing speed of the information processing apparatus.
Also, it is judged whether the presently accepted key code is input manually or by the exhaustive search program for key codes at s2. If it is considered that the key code is input manually, the delay unit does not delay the confirmation whether or not the presently accepted key code is proper, whereby the operability is not degraded when the normal user mistakes an input operation of the key code. Also, even when the exhaustive search program for making the exhaustive search for key codes is programmed to transmit the new key code after the elapse of the fixed time for use at s2 since the time of accepting the re-input of the key code, it is possible to spend a long time to make the exhaustive search for key codes, because it takes at least the fixed time to confirm whether or not one key code is proper.
Also, since the time for delaying the confirmation whether or not the accepted key code is proper is made longer, as the number of confirming that the key code is improper is increased, whereby the security of information is further enhanced.
Moreover, when the proper key code is confirmed, the count value of the counting unit 7 counting the number of confirming that the key code is improper is cleared, whereby the time for the input key code to be confirmed is not extremely longer, even if the user (normal user) inputs the false key code frequently.
The normal user can input the proper key code without inputting the false key code consecutively many times.
According to a first aspect of the invention, there is provided an information protection apparatus including: key code acceptance unit for accepting a key code; key code confirmation unit for confirming whether or not the key code accepted by the key code acceptance unit is proper; and re-input request unit for requesting the key code to be re-input, if the key code confirmation unit confirms that the key code is improper; and a delay unit for delaying the key code confirmation unit to confirm the presently accepted key code for an appropriate time, if the key code confirmation unit confirms that the previously accepted key code is improper when the key code acceptance unit accepts the key code.
According to the above configuration, if the key code confirmation unit confirms that the previously accepted key code is improper, delay unit delays the key code confirmation unit to confirm the presently accepted key code for an appropriate time. Therefore, even though the exhaustive search program for inputting another key code when the re-input of the key code is requested, if it is confirmed that the previously accepted key code is improper, the confirmation for the presently accepted key code is delayed, irrespective of the processing speed of the information processing apparatus (time since requesting the re-input of the key code till accepting another key code). Thereby, even if the key code is acquired illegally by the exhaustive search for the key code, irrespective of the processing speed of the information processing apparatus for making the exhaustive search for the key code, it takes a lot of time to acquire the key code, thereby preventing the security of information from being degraded due to higher processing speed of the information processing apparatus.
The information protection apparatus may further include a counting unit for counting the number of inputting the key code that is confirmed to be improper by the key code confirmation unit, and the delay unit may be configured to make longer the time for delaying the key code confirmation unit to confirm the presently accepted key code, as the count value of the counting unit is greater.
According to the above configuration, the time for delaying the confirmation for the presently accepted key code is longer, as the number of confirming that the key code is improper is greater. Accordingly, when the normal user inputs the key code falsely, the delay time till the re-input key code is confirmed is shorter, and the operability of the normal user is not lowered.
The normal user does not input the key code falsely many times.
The counting unit may configured to clear the count value of the counting unit, when the key code confirmation unit confirms that the key code is proper.
According to the above configuration, since the counter for counting the number of confirming that the key code is improper is cleared, when it is confirmed that the key code is proper, the confirmation for the key code is delayed by the number of inputting the key code falsely in employing the present information for the normal user. Accordingly, the operability of the normal user is not lowered.
The information protection apparatus may configured to include delay invalidation unit for invalidating the delay unit, if the key code acceptance unit accepts the key code after the elapse of a certain time or more since the key code confirmation unit confirms whether or not the key code is proper.
According to the above configuration, for the key code input after the elapse of a certain time or more since it is confirmed whether or not the previously input key code is proper, the confirmation is promptly made whether or not the key code is proper. It is caused by an erroneous operation of the key or the mistake of the key code that the normal user inputs a false key code, because the user manually inputs the key code. It takes a few seconds (one to two seconds) to manually input the key code. On the other hand, when the exhaustive search program for the key is employed, the time since the re-input of the key code is requested till the new key code is input is about a few ms, depending on the processing speed of the information processing apparatus executing the exhaustive search program. Accordingly, the fixed time is set to approximately one second, for the key code input by the person who manually inputs the key code, namely, the normal user, the confirmation for the presently input key code is not delayed, even if the previous key code is false, whereby the operability of the normal user is not degraded.
Also, even if the exhaustive search program is the program for inputting the new key code the fixed time after accepting the re-input of the key code, the confirmation whether or not one key code is proper consequently takes at least the fixed time. Therefore, even if the key code is acquired illegally by the exhaustive search for the key code, it takes a lot of time to acquire the key code, whereby the security of information is prevented from being lowered due to higher processing speed of the information processing apparatus.
It is preferable to set the fixed time to a minimum time that is required to judge whether or not the key code is manually input.
According to the embodiment described above, it takes a lot of time to make the exhaustive search for the key code, irrespective of the processing speed of the information processing apparatus that executes the exhaustive search program for the key code, whereby the security of information is prevented from being degraded due to higher processing speed of the information processing apparatus.
Although the present invention has been shown and described with reference to a specific preferred embodiment, various changes and modifications will be apparent to those skilled in the art from the teachings herein. Such changes and modifications as are obvious are deemed to come within the spirit, scope and contemplation of the invention as defined in the appended claims.
| Number | Date | Country | Kind |
|---|---|---|---|
| P2003-316428 | Sep 2003 | JP | national |
