Electronic data storage apparatus with key management function and electronic data storage method
First Claim
1. An electronic data storage apparatus for storing electronic documents included in a group of electronic data storage apparatuses including a main electronic data storage apparatus, said electronic data storage apparatus comprising:
- a key management unit managing an individual key unique to said electronic data storage apparatus to which said management unit belongs, and a common key shared with other electronic data storage apparatuses of the group, selecting the individual key when performing an encryption process on an electronic document stored in said electronic data storage apparatus to which said management unit belongs, and selecting the common key when performing the encryption process or when verifying the electronic document transmitted to or received from another electronic data storage apparatus; and
an encryption unit performing the encryption process using the key selected by said key management unit, and wherein said individual key is generated and distributed to said electronic data storage apparatus by said main electronic data storage.
1 Assignment
0 Petitions
Accused Products
Abstract
A storage apparatus includes a key management unit for managing an individual key unique to the apparatus and a common key shared with other storage apparatuses, and an encryption unit for performing an encrypting process or verifying data for performing the encrypting process on electronic data stored in the apparatus to which the unit belongs using the individual key, and performing the encrypting process or verifying the data on the electronic data transmitted to or received from another apparatus using the common key. Thus, the apparatus communicates data using an applicable common key in a local environment and a global environment, appropriately manages a key in each environment, and guarantees the security of the electronic data.
369 Citations
23 Claims
-
1. An electronic data storage apparatus for storing electronic documents included in a group of electronic data storage apparatuses including a main electronic data storage apparatus, said electronic data storage apparatus comprising:
-
a key management unit managing an individual key unique to said electronic data storage apparatus to which said management unit belongs, and a common key shared with other electronic data storage apparatuses of the group, selecting the individual key when performing an encryption process on an electronic document stored in said electronic data storage apparatus to which said management unit belongs, and selecting the common key when performing the encryption process or when verifying the electronic document transmitted to or received from another electronic data storage apparatus; and
an encryption unit performing the encryption process using the key selected by said key management unit, and wherein said individual key is generated and distributed to said electronic data storage apparatus by said main electronic data storage. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A method of managing electronic documents in an electronic data storage apparatus in a hierarchical structure having a group of a plural of electronic data storage apparatuses as one hierarchical level, the group including said electronic data storage apparatus and a main electronic data storage apparatus, the method comprising:
-
re-encrypting, by a first electronic data storage apparatus in one hierarchical level of the hierarchical structure, a document encrypted using an individual key which is unique to and stored in the apparatus, using a higher order group key corresponding to the hierarchical level, and transmitting the re-encrypted document to an electronic data storage and management apparatus for managing the electronic data storage apparatuses in a group at one hierarchical level lower;
verifying, by said electronic data storage and management apparatus for managing a lower group of electronic data storage apparatuses, the received document using the higher order group key. re-encrypting the received document using the lower order group key corresponding to one hierarchical level lower if the received documents is correct as a result of the verification, and transmitting the received document to a second electronic data storage apparatus in the group at one level lower; and
verifying, by the second electronic data storage apparatus, the received documents using the lower order group key, re-encrypting the received document using an individual key unique to the second electronic data storage apparatus If the electronic document is correct as a result of the verification, and storing the re-encrypted received document, and wherein said individual key is generated and distributed by said main electronic data storage apparatus.
-
-
15. A method of managing electronic documents in an electronic data storage apparatus in a hierarchical structure having a group of a plurality of electronic data storage apparatuses as one hierarchical level, the group including said electronic data storage apparatus and a main electronic data storage apparatus, the method comprising:
-
re-encrypting, by a first electronic data storage apparatus in one hierarchical level of the hierarchical structure, a document encrypted using an individual key which is unique to and stored in the first electronic data storage apparatus, using a lower order group key corresponding to the hierarchical level, and transmitting the re-encrypted document to a lower order group electronic data storage and management apparatus for managing the electronic data storage apparatuses in the group;
verifying, by said electronic data storage and management apparatus for managing a lower group of electronic data storage apparatuses, the received document using the lower order group key, re-encrypting the received document using the higher order group key corresponding to one hierarchical level higher if the electronic document is correct as a result of the verification, and transmitting the document to a receiving electronic data storage apparatus in the group at one level higher;
verifying, by the receiving second electronic data storage apparatus, the received document using the higher order group key, re-encrypting the received document using an individual key unique to the second electronic data storage apparatus if the electronic document is correct as a result of the verification, and storing the re-encrypted received document, and wherein said individual key is generated and distributed by said main electronic data storage apparatus.
-
-
16. A method of processing electronic documents, comprising:
-
storing in a storage unit an individual key unique to an electronic data storage apparatus for storing an electronic document and a common key shared with another electronic data storage apparatus;
selecting the common key stored in the storage unit as a key to be used when communicating the electronic document;
selecting the individual key to be used when performing an encryption process on the document to be stored in said electronic data storage apparatus; and
performing the communication process or encryption process using the selected key, and wherein said individual key is generated and distributed to said electronic data storage apparatus by a main electronic data storage apparatus in a group of data storage apparatuses including said data storage apparatus. - View Dependent Claims (17, 18)
-
-
19. An electronic data storage apparatus for storing electronic documents, comprising:
-
key management means for managing an individual key unique to an electronic data storage apparatus to which said key management means belongs, and a common key shared with other electronic data storage apparatuses, selecting the individual key when performing an encryption process on the electronic document stored in the electronic data storage apparatus to which said means belongs, and selecting the common key when performing an encryption process or when verifying the electronic document transmitted to or received from another electronic data storage apparatus; and
encryption means for performing the encryption process using the key selected by said key management unit, and wherein said individual key is generated and distributed to said electronic data storage apparatus by a main electronic data storage apparatus in a group of data storage apparatuses including said data storage apparatus.
-
-
20. A computer-readable storage medium for storing a program which directs a computer to process electronic documents, comprising:
-
storing in a storage unit an individual key unique to an electronic data storage apparatus for storing an electronic document and a common key shared with another electronic date storage apparatus;
selecting the common key stored in the storage unit as a key to be used when communicating the electronic document;
selecting the individual key as a key to be used when performing an encryption process on the document to be stored in the electronic data storage apparatus; and
performing the communication process or the encryption process using the selected key, and wherein said individual key is generated and distributed to said electronic data storage apparatus by a main electronic data storage apparatus in a group of data storage apparatuses including said data storage apparatus.
-
-
21. A method of document transmission for a local environment and a global environment, comprising:
-
storing a local encryption key for the local environment locally and storing a global key for the global environment;
receiving a document to be transmitted along with an environment indicator indicating the environment of the document transmission;
selecting one of the local and global encryption keys responsive to the indicator;
encrypting the document with the selected one of the keys; and
transmitting the encrypted document, andwherein the local key is used for data storage in a local data storage unit only by a local data storage system that stores the local key. - View Dependent Claims (22, 23)
-
Specification