ENCRYPTION KEY DISTRIBUTION SYSTEM, KEY DISTRIBUTION SERVER, LOCKING TERMINAL, VIEWING TERMINAL, ENCRYPTION KEY DISTRIBUTION METHOD, AND COMPUTER-READABLE MEDIUM
First Claim
1. An encryption key distribution system comprising:
- a locking terminal that stores thereon an encryption key used to encrypt a folder and generates an encrypted folder by encrypting the folder by using the encryption key;
a key distribution server that stores thereon, in association with the encryption key, a decryption key used to decrypt the encrypted folder which is encrypted by the locking terminal using the encryption key;
a viewing terminal that (i) stores thereon the encrypted folder which is encrypted by the locking terminal using the encryption key, (ii) when receiving a request to view the encrypted folder, transmits the request to view the encrypted folder to the key distribution server, and (iii) when receiving the decryption key corresponding to the encrypted folder from the key distribution server, unlocks the encrypted folder by using the decryption key; and
a mobile communication terminal that is registered in the key distribution server as an authentication key used to authenticate a user, wherein when receiving the request to view the encrypted folder from the viewing terminal, the key distribution server transmits the decryption key to the viewing terminal, under a condition that the key distribution server receives an access from the mobile communication terminal owned by the user who is set as an unlocking right owner of the encrypted folder.
1 Assignment
0 Petitions
Accused Products
Abstract
It is aimed to provide an encryption key distribution system which can be easily operated, highly freely share the data therein, and achieve high reliability for authentication of one or more unlocking right owners who are assigned to each encrypted folder. An encryption key distribution system 500 stores a lock used to lock a folder on a PC 100, and stores an unlocking key corresponding to the lock on a key distribution server 200. To view a locked folder (hereinafter referred to as the encrypted folder), a mobile telephone 300 accesses the key distribution server 200, and is authenticated by using authentication data unique to the mobile telephone 300. Under the condition that the authentication is successful, the key distribution server 200 distributes the unlocking key to the PC 100. The PC 100 unlocks the encrypted folder by using the unlocking key distributed from the key distribution server 200, thereby displaying the contents of the folder.
70 Citations
32 Claims
-
1. An encryption key distribution system comprising:
-
a locking terminal that stores thereon an encryption key used to encrypt a folder and generates an encrypted folder by encrypting the folder by using the encryption key;
a key distribution server that stores thereon, in association with the encryption key, a decryption key used to decrypt the encrypted folder which is encrypted by the locking terminal using the encryption key;
a viewing terminal that (i) stores thereon the encrypted folder which is encrypted by the locking terminal using the encryption key, (ii) when receiving a request to view the encrypted folder, transmits the request to view the encrypted folder to the key distribution server, and (iii) when receiving the decryption key corresponding to the encrypted folder from the key distribution server, unlocks the encrypted folder by using the decryption key; and
a mobile communication terminal that is registered in the key distribution server as an authentication key used to authenticate a user, wherein when receiving the request to view the encrypted folder from the viewing terminal, the key distribution server transmits the decryption key to the viewing terminal, under a condition that the key distribution server receives an access from the mobile communication terminal owned by the user who is set as an unlocking right owner of the encrypted folder. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
-
-
18. A key distribution server for distributing a decryption key used to decrypt an encrypted folder that is generated by a locking terminal, to a viewing terminal that decrypts the encrypted folder, wherein
when receiving a viewing request of the encrypted folder from the viewing terminal, the key distribution server waits for receiving an access from a mobile communication terminal of a user who is set as an unlocking right owner who is entitled to decrypt the encrypted folder and transmits the decryption key to the viewing terminal under a condition that the key distribution server successfully authenticates the mobile communication terminal.
-
23. A locking terminal for generating an encrypted folder by encrypting a folder, comprising
a locking section that, when the locking terminal generates the encrypted folder by encrypting the folder by using an encryption key, writes a user ID of an unlocking right owner who is entitled to decrypt the encrypted folder and a key ID that identifies the encryption key used to generate the encrypted folder, into the encrypted folder.
-
24. A viewing terminal for unlocking an encrypted folder which is generated by encrypting a folder by using an encryption key, comprising:
-
a viewing request section that, when the viewing terminal receives a request to view the encrypted folder, reads (i) a user ID of an unlocking right owner who is entitled to decrypt the encrypted folder, (ii) a key ID that identifies the encryption key used to generate the encrypted folder, and (iii) an address of a key distribution server that stores thereon a decryption key corresponding to the key ID, from the encrypted folder, and transmits the read user ID and key ID, to the address of the key distribution server as a viewing request of the encrypted folder; and
an unlocking section that, when receiving the decryption key from the key distribution server, decrypts the encrypted folder the viewing of which is requested, by using the decryption key received from the key distribution server.
-
-
25. A locking terminal for generating an encrypted folder by encrypting a folder, and decrypting the encrypted folder by using a decryption key received from a key distribution server, the locking terminal comprising:
-
a locking section that stores thereon an encryption key used to encrypt the folder, and when generating the encrypted folder by encrypting the folder by using the encryption key, writes a user ID of an unlocking right owner who is entitled to decrypt the encrypted folder and a key ID that identifies the encryption key used to encrypt the folder, into the encrypted folder;
a viewing request section that, when the locking terminal receives a request to view the encrypted folder, reads (i) the user ID of the unlocking right owner who is entitled to decrypt the encrypted folder, (ii) the key ID that identifies the encryption key used to generate the encrypted folder, and (iii) an address of the key distribution server that stores thereon the decryption key corresponding to the key ID, from the encrypted folder, and transmits the read user ID and key ID, to the address of the key distribution server as a viewing request of the encrypted folder; and
an unlocking section, when the locking terminal receives the decryption key from the key distribution server, decrypts the encrypted folder the viewing of which is requested, by using the decryption key received from the key distribution server.
-
-
26. An encryption key distribution method for distributing an encryption key by using a system including therein (i) a locking terminal that stores thereon an encryption key used to encrypt a folder, (ii) a key distribution server that stores thereon, in association with the encryption key, a decryption key used to decrypt the encrypted folder which is generated by using the encryption key, (iii) a viewing terminal that unlocks the encrypted folder, and (iv) a mobile communication terminal that is registered on the key distribution server as an authentication key used to authenticate a user, wherein
the locking terminal generates the encrypted folder by encrypting the folder by using the encryption key, when receiving a request to view the encrypted folder, the viewing terminal transmits a viewing request of the encrypted folder to the key distribution server, when receiving the viewing request of the encrypted folder from the viewing terminal, the key distribution server transmits the decryption key to the viewing terminal, under a condition that the key distribution server receives an access from the mobile communication terminal owned by the user who is set as an unlocking right owner of the encrypted folder, and when receiving the decryption key corresponding to the encrypted folder the viewing of which is requested from the key distribution server, the viewing terminal unlocks the encrypted folder by using the decryption key.
-
28. A computer-readable medium storing thereon a program for a key distribution server for distributing a decryption key used to decrypt an encrypted folder that is generated by a locking terminal, to a viewing terminal that decrypts the encrypted folder,
the program causing the key distribution server to realize an authentication function of, when the key distribution server receives a viewing request of the encrypted folder from the viewing terminal, waiting for receiving an access from a mobile communication terminal of an unlocking right owner who is entitled to decrypt the encrypted folder and transmitting the decryption key to the viewing terminal under a condition that the key distribution server successfully authenticates the mobile communication terminal.
-
30. A computer-readable medium storing thereon a program for a locking terminal for generating an encrypted folder by encrypting a folder,
the program causing the locking terminal to realize a locking function of, when the locking terminal generates the encrypted folder by encrypting the folder by using an encryption key, writing a user ID of an unlocking right owner who is entitled to decrypt the encrypted folder and a key ID that identifies the encryption key used to generate the encrypted folder, into the encrypted folder.
-
31. A computer-readable medium storing thereon a program for a viewing terminal for unlocking an encrypted folder which is generated by encrypting a folder by using an encryption key,
the program causing the viewing terminal to realize a viewing request function of, when the viewing terminal receives a request to view the encrypted folder, reading (i) a user ID of an unlocking right owner who is entitled to decrypt the encrypted folder, (ii) a key ID that identifies the encryption key used to generate the encrypted folder, and (iii) an address of a key distribution server that stores thereon a decryption key corresponding to the key ID, from the encrypted folder, and transmitting the read user ID and key ID, to the address of the key distribution server as a viewing request of the encrypted folder.
-
32. A computer-readable medium storing thereon a program for a locking terminal for generating an encrypted folder by encrypting a folder, receiving a decryption key used to decrypt the encrypted folder from a key distribution server, and decrypting the encrypted folder by using the decryption key,
the program causing the locking terminal to realize: -
a locking function of storing an encryption key used to encrypt the folder, and when the locking terminal generates the encrypted folder by encrypting the folder by using the encryption key, writing a user ID of an unlocking right owner who is entitled to decrypt the encrypted folder and a key ID that identifies the encryption key used to encrypt the folder, into the encrypted folder;
a viewing request function of, when the locking terminal receives a request to view the encrypted folder, reading (i) the user ID of the unlocking right owner who is entitled to decrypt the encrypted folder, (ii) the key ID that identifies the encryption key used to generate the encrypted folder, and (iii) an address of the key distribution server that stores thereon the decryption key corresponding to the key ID, from the encrypted folder, and transmitting the read user ID and key ID, to the address of the key distribution server as a viewing request of the encrypted folder; and
an unlocking function of, when the locking terminal receives the decryption key from the key distribution server, decrypting the encrypted folder the viewing of which is requested, by using the decryption key received from the key distribution server.
-
Specification