Data storage device provided with function for user's access right
First Claim
1. A data storage device provided with a function for authenticating a user'"'"'s access right, which verifies legitimacy of proof data generated for proving a right of an application program to access data stored in a storage medium, to thereby authenticate the access right of a user of the application program to the data, the data storage device comprising:
- first storage means for storing authentication data;
second storage means for storing user unique identifying information of the user of the application program;
third storage means for storing auxiliary proof information being a result in which a specific calculation is executed to the user unique identifying information of the application program and unique security characteristic information;
proof data generation means for executing a specific calculation to the authentication data stored in the first storage means, the user unique identifying information of the application program stored in the second storage means, and the auxiliary proof information stored in the third storage means, to thereby generate proof data;
a data storage main frame provided with the storage medium, which stores and preserves data in the storage medium;
command generation means installed in the application program, for generating a command that instructs an operation to the data stored in the storage medium of the data storage main frame;
command issuing means installed in the application program, for issuing the command generated by the command generation means to the outside of the application program;
proof data verification means for verifying that the proof data generated by the proof data generation means has been generated on the basis of the unique security characteristic information; and
command management means for permitting to execute the command only when the verification is successful, as to at least one type of the command that instructs the operation to the data stored in the data storage main frame;
wherein;
the command is erasing the data stored within the storage medium; and
in spite of any erasing command issued, the data stored within the storage medium is preserved.
1 Assignment
0 Petitions
Accused Products
Abstract
An application of a client includes a proof data generation device, a command generation device, and a command issuing device. A command and proof data are sent to a server from the application of the client, and a command management device of the server receives them. A proof data verification device verifies the access right of a user to the application on the basis of the proof data, and enables a data storage device to be accessed in accordance with the command, if the verification is successful. The data storage device, used instead of a commonly used hard disk drive, includes a phase change type optical memory or a phase separation type optical memory to execute write once recording. Thus, the access to the data storage device is flexibly controlled.
-
Citations
51 Claims
-
1. A data storage device provided with a function for authenticating a user'"'"'s access right, which verifies legitimacy of proof data generated for proving a right of an application program to access data stored in a storage medium, to thereby authenticate the access right of a user of the application program to the data, the data storage device comprising:
-
first storage means for storing authentication data; second storage means for storing user unique identifying information of the user of the application program; third storage means for storing auxiliary proof information being a result in which a specific calculation is executed to the user unique identifying information of the application program and unique security characteristic information; proof data generation means for executing a specific calculation to the authentication data stored in the first storage means, the user unique identifying information of the application program stored in the second storage means, and the auxiliary proof information stored in the third storage means, to thereby generate proof data; a data storage main frame provided with the storage medium, which stores and preserves data in the storage medium; command generation means installed in the application program, for generating a command that instructs an operation to the data stored in the storage medium of the data storage main frame; command issuing means installed in the application program, for issuing the command generated by the command generation means to the outside of the application program; proof data verification means for verifying that the proof data generated by the proof data generation means has been generated on the basis of the unique security characteristic information; and command management means for permitting to execute the command only when the verification is successful, as to at least one type of the command that instructs the operation to the data stored in the data storage main frame; wherein; the command is erasing the data stored within the storage medium; and in spite of any erasing command issued, the data stored within the storage medium is preserved. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50)
-
-
51. A data storage device provided with a function for authenticating a user'"'"'s access right, which verifies legitimacy of proof data generated for proving right of an application program to access data, stored in a storage medium, to thereby authenticate the access right of a user of the application program to the data, the data storage device comprising:
-
first storage means for storing authentication data; second storage means for storing user unique identifying information of the application program; third storage means for storing auxiliary proof information being a result in which a specific calculation is executed to the user unique identifying information of the application program and unique security characteristic information; proof data generation means for executing a specific calculation to the authentication data stored in the first means and the user unique identifying information of the application program stored in the second storage means, to thereby generate proof data; a data storage main frame provided with a storage medium, which stores and preserves data in the storage medium; command generation means installed in the application program, for generating a command that instructs an operation to the data stored in the storage medium of the data storage main frame; command issuing means installed in the application program, for issuing a command generated by the command generation means to the outside of the application program; proof data verification means including calculation means for applying a specific calculation to the proof data generated by the proof data generation means and the auxiliary proof information held in the third storage means, which verifies the proof data to be generated on the basis of the user unique identifying information of the application program, by using a calculation result by the calculation means; and command management means for permitting to execute the command only when the verification is successful, as to at least one type of the command that instructs the operation to the data stored in the data storage main frame; wherein; the command is erasing the data stored within the storage medium; and in spite of any erasing command issued, the data within the storage medium is preserved.
-
Specification