Data encryption control apparatus and method

US 6,023,506 A
Filed: 10/28/1996
Issued: 02/08/2000
Est. Priority Date: 10/26/1995
Status: Expired due to Fees

First Claim

Patent Images

1. In a data encryption system for encrypting/decrypting information on a computer, a file encryption apparatus comprising:

storage area means for storing one or more encrypted files with a specific encryption key associated with said storage area means and storing encrypted information for managing the files;

password registration means for registering an authentication password required for a user to access said storage area means; and

file encryption/decryption means for encrypting an unencrypted file specified by a user by using the specific encryption key associated with the storage area means.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An end-user oriented, file encryption control apparatus and method involving simple manipulations. File encryption is performed by conducting intuitive drag and drop manipulation with respect to an icon modeled after a safe. From the password for user authentication, an encryption key used for file encryption and decryption is automatically generated. All manipulations concerning the encryption key are concealed from users. A user interface section for performing encryption and decryption by conducting intuitive drag and drop manipulation with respect to an icon modeled after a safe, an automatic encryption key generation section for automatically generating an encryption key from a password, and a file encryption processing section for conducting file encryption processing without conducting authentication using a password are included. A file encryption function excellent in manipulation convenience is thus provided.

350 Citations

22 Claims

1. In a data encryption system for encrypting/decrypting information on a computer, a file encryption apparatus comprising:
- storage area means for storing one or more encrypted files with a specific encryption key associated with said storage area means and storing encrypted information for managing the files;
  
  password registration means for registering an authentication password required for a user to access said storage area means; and
  
  file encryption/decryption means for encrypting an unencrypted file specified by a user by using the specific encryption key associated with the storage area means.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. A file encryption apparatus according to claim 1, further comprising:
    - file name conversion means for converting a file name of said unencrypted file to a file name of an internal encrypted file of said storage area means;
      
      a file association table between said unencrypted file name and said encrypted file name; and
      
      internal data encryption/decryption means for encrypting internal data relating to encryption inputted to said storage area means,whereby said storage area means being concealed from users.
  - 3. A file encryption apparatus according to claim 1, further comprising:
    - automatic encryption key generation means for automatically generating said encryption key associated with said storage means on the basis of said authentication password; and
      
      said file encryption/decryption means performing file encryption and file decryption by using said encryption key automatically generated by said automatic encryption key generation means.
  - 4. A file encryption apparatus according to claim 3, wherein said file encryption apparatus further comprises internal data encryption/decryption means for encrypting internal data relating to encryption inputted to said storage area means,wherein said authentication password is encrypted by said internal data encryption/decryption means and registered and held in a storage area of said password registration means, andwherein when encrypting said unencrypted file, said unencrypted file is encrypted by decrypting said authentication password, generating automatically an encryption key in said automatic encryption key generation means, and using said encryption key.
  - 5. A file encryption apparatus according to claim 1, further comprising storage area invalidating means for invalidating said storage area means in response to improper authentication passwords inputted at least a specific number of times.
  - 6. A file encryption apparatus according to claim 5, further comprising storage area backup means for making said storage area means invalidated by said storage area invalidating means usable again as said storage area means.
  - 7. A file encryption apparatus according to claim 1, further comprising storage area generation means for generating a plurality of said storage area means and assigning said encryption key and said authentication password to each of said plurality of storage areas independently.
  - 8. A file encryption apparatus according to claim 1, wherein said storage area means comprises a location information table indicating a location, on a memory device before encryption, of said encrypted file stored in said storage area means, andwherein when decrypting said encrypted file, an unencrypted file obtained after decryption is automatically returned to the original location on the memory device.
  - 9. A file encryption apparatus according to claim 1, further comprising:
    - external file conversion means for converting all data of said storage area means to an external file capable of being transferred to another computer; and
      
      storage area generation means for regenerating said storage area means from said external file, transfer of information of said storage area means to another computer being made possible by said storage area generation means and said external file conversion means.
  - 10. A file encryption apparatus according to claim 1, further comprising self-decryption program generation means for generating a self-decryption program file by combining all data of said storage area means into a file decryption processing program, said self-decryption program file being transferred to another computer and executed, said self-decryption program file being capable of automatically decrypting said encrypted file included in said storage area in response to input of said authentication password.
  - 11. A file encryption apparatus according to claim 1, further comprising user interface means for displaying a graphic metaphor easily reminding of an encryption apparatus, such as a safe, on a display screen of a computer as a subject of file encryption, and performing file encryption in response to simple manipulations of file selection and selection of said graphic metaphor.

12. A method for encrypting and decrypting information on a computer, using an apparatus, said method comprising the steps of:
- providing a storage area defined as a storage folder, formed by specifying an encrypted file area for storing encrypted files obtained by encrypting plain text files as said information, an encrypted data area for storing plain text file names in association with encrypted file names, and a password storage area for storing a password obtained by encrypting, by means of a system key, a password inputted by a user;
  
  in encryption,generating an encrypted password by using a system key from a password inputted by an encryption user and storing said encrypted password in said password storage area;
  
  decrypting said encrypted password by using the system key and generating an encryption key;
  
  encrypting a specified plain text file by using said encryption key and said encrypted plain text file in said encrypted file area; and
  
  registering a table representing the relation of plain text file names with encrypted file names in said encrypted data area;
  
  in decryptiondisplaying said registered association table of the encrypted data area on the basis of a password inputted by an decryption user;
  
  making the decryption user specify a file name to be decrypted by referring to said displayed table;
  
  generating said encryption key on the basis of said inputted password; and
  
  decrypting an encrypted file having said specified file name by using said generated encryption key.
- View Dependent Claims (13, 14, 15, 16)
- - 13. A method according to claim 12, further comprising, in said decryption, the steps of:
    - receiving a password input from a user;
      
      comparing the inputted password with the password stored in said password storage area; and
      
      allowing or refusing execution of the decryption process according to a result of said step of comparing.
  - 14. A method according to claim 12, further comprising the steps of:
    - setting a plurality of said storage areas; and
      
      displaying said plurality of storage areas on a display screen by using metaphor icons representing respective areas in distinction from each other.
  - 15. A method according to claim 14, further comprising the steps of:
    - starting the decryption process by specifying a file name displayed on said display screen with a pointing device and specifying one of icons displaying said plurality of storage areas with said device by using an overlap relation.
  - 16. A method according to claim 12, wherein in said decryption said file name represents an encrypted file stored in the encrypted file area included in the storage area.

17. A computer program encoded in a computer readable memory medium for directing information encrypting and decrypting operations on the computer, when executed by a computer causes the computer to perform the following:
- providing a storage area (storage folder) formed by specifying an encrypted file area for storing encrypted files obtained by encrypting unencrypted or plain text files as said information, an encrypted data area for storing plain text file names in association with encrypted file names, and a password storage area for storing a password obtained by encrypting, by means of a system key, a password inputted by a user;
  
  in encryption,generating an encrypted password by using a system key from a password inputted by an encryption user and storing said encrypted password in said password storage area;
  
  decrypting said encrypted password by using the system key and generating an encryption key;
  
  encrypting a specified noncryptic file by using said encryption key and said encrypted plain text file in said encrypted file area; and
  
  registering said table representing the relation of plain text file names with encrypted file names in said encrypted data area;
  
  in decryptiondisplaying said registered association table of the encrypted data area on the basis of a password inputted by an decryption user;
  
  making the decryption user specify a file name to be decrypted by referring to said displayed table;
  
  generating said encryption key on the basis of said inputted password; and
  
  decrypting an encrypted file having said specified file name by using said generated encryption key.
- View Dependent Claims (18)
- - 18. A medium according to claim 17, further comprising, in said decryption, receiving a password input from the decryption user, comparing the inputted password with the password stored in said password storage area;
    - andallowing or refusing execution of the decryption process according to a result of the step of comparing.

19. A method of encrypting information comprising the steps of:
- creating an encryption folder for holding a plurality of encrypted files;
  
  receiving from a user a password associated with the encryption folder;
  
  authenticating the password to provide the user access to files in the encryption folder;
  
  storing the password in the encryption folder;
  
  receiving a user selection of an unencrypted data file to be encrypted;
  
  retrieving the password stored in the encryption folder;
  
  automatically generating an encryption key associated with the encryption folder based on the retrieved password; and
  
  encrypting the selected data file using the encryption key.
- View Dependent Claims (20, 21)
- - 20. The method of claim 19 and further comprising the step of storing the encrypted data file in the encryption folder.
  - 21. The method of claim 19 and further comprising the steps of:
    - generating a file name of the encrypted file based on a file name of the unencrypted filestoring a file association table identifying the encrypted file name and the unencrypted file name in the storage means.

22. A method of encrypting information comprising the steps of:
- creating an encryption folder for holding a plurality of encrypted files;
  
  receiving from a user a password associated with the encryption folder;
  
  authenticating the password to provide the user access to files in the encryption folder;
  
  encrypting the password;
  
  storing the encrypted password in the encryption folder;
  
  receiving a user selection of a data file to be encrypted;
  
  retrieving the password stored in the encryption folder;
  
  decrypting the retrieved password;
  
  automatically generating an encryption key associated with the encryption folder based on the decrypted password; and
  
  encrypting the selected data file using the encryption key.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Hitachi, Ltd.
Original Assignee
Hitachi, Ltd.
Inventors
Kobayashi, Yuuichi, Sumitomo, Masahito, Iwabuchi, Kazunori, Furukawa, Hiroshi, Washimi, Hiroaki, Ote, Ichiro
Primary Examiner(s)
Swann, Tod R.
Assistant Examiner(s)
Callahan, Paul E.

Application Number

US08/738,907
Time in Patent Office

1,198 Days
Field of Search

380/4, 380/25, 380/54, 380/21, 380/23, 380/44, 380/49, 395/620, 395/670, 395/701, 395/888, 395/491, 395/404-406, 395/412, 395/413, 364/200, 364/900, 364/285.1, 364/222, 364/182, 364/187, 364/700
US Class Current

713/165
CPC Class Codes

G06F 21/6209 to a single file or object,...

G06F 2211/007 Encryption, En-/decode, En-...

Data encryption control apparatus and method

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

350 Citations

22 Claims

Specification

Solutions

Use Cases

Quick Links

Data encryption control apparatus and method

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

350 Citations

22 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links