Information security system, its server and its storage medium

US 20070204348A1
Filed: 05/31/2006
Published: 08/30/2007
Est. Priority Date: 02/27/2006
Status: Active Grant

First Claim

Patent Images

1. An information security system comprising a portable information processing device and a server, the portable information processing devices comprises an identification information detection/notification unit for detecting detectable identification information, of identification information of the portable information processing device, identification information of a user and identification information of a place, and notifying a server of the detected information;

and a file using control unit for making an inquiry of the server if a file is a security target file when a user specifies an arbitrary file, and controlling use of the specified file, according to a response to the inquiry and the server comprises a first storage unit for storing in advance using qualification in connection with each specific combination of the three types of identification information;

a second storage unit for storing in advance a level for each file;

a using qualification determination unit for giving the using qualification corresponding to a specific combination stored in the first storage unit to a notifier portable information processing device, if each piece of the notified identification information coincides with the specific combination; and

a using permit determination unit for determining whether to permit use of the specified file by computing a level of the specified file referring to the second storage unit when there is the inquiry and comparing the level with the using qualification given to the inquirer portable information processing device, and replying to the file using control unit.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An RFID notification unit enables an RFID reader to regularly read the RFID code of an RFID tag attached to the relevant terminal itself, its user and its current location and transmits the RFID code to a server. Upon receipt of this code, the using qualification determination unit of the server determines the current using qualification of the terminal referring to a using condition storage unit. When a user attempts to open an important information file, a file using control unit issues a request to the server. A permit determination unit determines whether to permit the opening of the relevant file, based on the using qualification and the storage contents of a file/level storage unit. When the opening is permitted, the important information file is downloaded onto the terminal or its decoding key is returned.

23 Citations

View as Search Results

13 Claims

1. An information security system comprising a portable information processing device and a server, the portable information processing devices comprises an identification information detection/notification unit for detecting detectable identification information, of identification information of the portable information processing device, identification information of a user and identification information of a place, and notifying a server of the detected information;
- and a file using control unit for making an inquiry of the server if a file is a security target file when a user specifies an arbitrary file, and controlling use of the specified file, according to a response to the inquiry and the server comprises a first storage unit for storing in advance using qualification in connection with each specific combination of the three types of identification information;
  
  a second storage unit for storing in advance a level for each file;
  
  a using qualification determination unit for giving the using qualification corresponding to a specific combination stored in the first storage unit to a notifier portable information processing device, if each piece of the notified identification information coincides with the specific combination; and
  
  a using permit determination unit for determining whether to permit use of the specified file by computing a level of the specified file referring to the second storage unit when there is the inquiry and comparing the level with the using qualification given to the inquirer portable information processing device, and replying to the file using control unit.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The information security system according to claim 1, wherein a predetermined using condition is further stored in the first storage unit, and if the using condition is not met even when each of the notified identification information coincides with the specific combination stored in the first storage unit, the using qualification determination unit does not give the using qualification.
  - 3. The information security system according to claim 2, wherein the using condition is a period or a time zone, and the using quality determination unit determines whether the using condition is met, based on a current date/time.
  - 4. The information security system according to claim 1, wherein the first storage unit further stores a specific file name and if a name of the specified file does not coincide with the specific file name, the using permit determination unit does not permit use of the specified file.
  - 5. The information security system according to claim 1, wherein the security target file is encoded and stored in the portable information processing device and the using permit determination unit transmits a decoding key of a file whose use is permitted to the portable information processing device.
  - 6. The information security system according to claim 1, wherein the security target file is not stored in the portable information processing device and when it is determined to permit the use, the using permit determination unit downloads a file whose use is permitted to the portable information processing device.
  - 7. The information security system according to claim 5, wherein the server stores a hash value of each of the encoded file, if the specified file is encoded when making the inquiry of the server, a file using control unit of the portable information processing device transmits the hash value of the encoded file to the server and if the received hash value does not coincide with the stored hash value, the using permit determination unit of the server does not permit the use of the specified file, regardless of the using qualification.
  - 8. The information security system according to claim 1, wherein the using permit determination unit of the server determines the using qualification, based on the identification information regularly notified by the identification detection/notification unit and notifies the portable information processing device of the new using qualification if the using qualification changes, and if there is a file whose use cannot permitted by the new using qualification among files in use, the file using control unit of the portable information processing device stops the use of the file.
  - 9. The information security system according to claim 1, wherein as to an external place the use of the security target file in which cannot be usually permitted, if the relevant file is registered in advance, the first storage unit stores a combination of the three types of identification information including identification information of the external place and a using qualification corresponding to the combination in order to temporarily permit the use.
  - 10. The information security system according to claim 1, wherein each type of identification information of the identification detection/notification unit is an RFID code read from an RFID tag attached to each of the portable information processing device, a user and a place.

11. A sever, comprising:
- a first storage unit for storing in advance a using qualification in connection with each combination of three types of identification information of identification information of a portable information processing device, identification information of a user and identification information of a place;
  
  a second storage unit for storing in advance a level for each file;
  
  a using qualification determination unit for giving the using qualification corresponding to the specific combination to the notifier portable information processing device if each piece of the notified identification information corresponds to a specific combination stored in the first storage unit when the identification information is notified by any of the portable information processing devices; and
  
  a using permit determination unit for determining whether to permit use of the requested security target file by computing a level of the requested security target file referring to the second storage unit and comparing the using qualification given to the requester portable information processing device with the level, when there is a use request of an arbitrary security target file from any of the portable information processing devices.

12. A computer-readable storage medium on which is recorded a program for enabling a computer to realize a function, the function comprising:
- a first storage function to store in advance a using qualification in connection with each combination of three types of identification information of identification information of a portable information processing device, identification information of a user and identification information of a place;
  
  a second storage function to store in advance a level for each file;
  
  a function to give the using qualification corresponding to the specific combination to the notifier portable information processing device if each piece of the notified identification information corresponds to a specific combination stored in the first storage unit when the identification information is notified by any of the portable information processing devices; and
  
  a function to determine whether to permit use of the requested security target file by computing a level of the requested security target file referring to the second storage unit, and comparing the using qualification given to the requestor portable information processing device with the level, when there is a use request of an arbitrary security target file from any of the portable information processing devices.

13. A transmission signal by which is carried a program for enabling a computer to realize a function, the function comprising:
- a first storage function to store in advance a using qualification in connection with each combination of three types of identification information of identification information of a portable information processing device, identification information of a user and identification information of a place;
  
  a second storage function to store in advance a level for each file;
  
  a function to give the using qualification corresponding to the specific combination to the notifier portable information processing device if each piece of the notified identification information corresponds to a specific combination stored in the first storage unit when the identification information is notified by any of the portable information processing devices; and
  
  a function to determine whether to permit use of the requested security target file by computing a level of the requested security target file referring to the second storage unit, and comparing the using qualification given to the requestor portable information processing device with the level, when there is a use request of an arbitrary security target file from any of the portable information processing devices.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Fujitsu Limited
Original Assignee
Fujitsu Limited
Inventors
Morita, Yuji, Oosawa, Kenji, Matsuda, Chiaki

Granted Patent

US 7,633,375 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/26
CPC Class Codes

G06F 21/35   communicating wirelessly

H04L 63/0492   by using a location-limited...

H04L 63/107   wherein the security polici...

Information security system, its server and its storage medium

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

23 Citations

13 Claims

Specification

Solutions

Use Cases

Quick Links

Information security system, its server and its storage medium

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

23 Citations

13 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links