Information processing apparatus, control method thereof, control program, and storage medium

US 7,814,562 B2
Filed: 03/23/2005
Issued: 10/12/2010
Est. Priority Date: 03/24/2004
Status: Active Grant

First Claim

Patent Images

1. An information processing apparatus which is equipped with plural storage devices each storing security function information indicating at least a security level of the respective storage device, said apparatus comprising:

a data move request receiving unit adapted to receive a request to move data from a source storage device to a destination storage device among the plural storage devices;

a security function information comparison unit adapted to, upon the data move request unit receiving the data move request, compare the security level of the source storage device with the security level of the destination storage device, based on the security function information;

a data move control unit adapted to inhibit the data move if the security level of the source storage device is higher than the security level of the destination storage device and allow the data move, wherein the data move control unit copies the data from the source storage device to the destination storage device and erases the data copied to the destination storage device from the source storage device, if the security level of the source storage device matches that of the destination storage device,wherein the security function information includes user authentication information and data area access right information, andwherein when the user authentication information included in the security function information stored in the source storage device indicates that a user authentication function exists but the user authentication information included in the security function information stored in the destination storage device does not indicate that the user authentication function exists, said security function information comparison unit judges that the security function information stored in the source storage device does not conform to the security function information stored in the destination storage device.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In an information processing apparatus which is equipped with plural storage devices, there are provided a security information comparison unit for, in a case where data is moved from a movement source storage device to a movement destination storage device, comparing security information of the movement source storage device with security information of the movement destination storage device, and a data movement control unit for controlling the movement of the data based on a comparison result by the security information comparison unit. Thus, it is possible to strongly secure safety with respect to the movement and/or copy of the data among the storage devices by a user.

12 Citations

View as Search Results

14 Claims

1. An information processing apparatus which is equipped with plural storage devices each storing security function information indicating at least a security level of the respective storage device, said apparatus comprising:
- a data move request receiving unit adapted to receive a request to move data from a source storage device to a destination storage device among the plural storage devices;
  
  a security function information comparison unit adapted to, upon the data move request unit receiving the data move request, compare the security level of the source storage device with the security level of the destination storage device, based on the security function information;
  
  a data move control unit adapted to inhibit the data move if the security level of the source storage device is higher than the security level of the destination storage device and allow the data move, wherein the data move control unit copies the data from the source storage device to the destination storage device and erases the data copied to the destination storage device from the source storage device, if the security level of the source storage device matches that of the destination storage device,wherein the security function information includes user authentication information and data area access right information, andwherein when the user authentication information included in the security function information stored in the source storage device indicates that a user authentication function exists but the user authentication information included in the security function information stored in the destination storage device does not indicate that the user authentication function exists, said security function information comparison unit judges that the security function information stored in the source storage device does not conform to the security function information stored in the destination storage device.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. An information processing apparatus according to claim 1, wherein, when the security function information stored in said source storage device does not conform to the security function information stored in said destination storage device, said data move control unit does not permit the data move.
  - 3. An information processing apparatus according to claim 1, wherein said data move control unit further comprises:
    - an indication request unit adapted to request an indication whether or not to execute the data move when the security function information stored in said source storage device does not conform to the security function information stored in said destination storage device; and
      
      an acquisition unit adapted to acquire the indication,wherein when said acquisition unit acquires the indication to execute the data move, said data move control unit permits the data move.
  - 4. An information processing apparatus according to claim 1, wherein when the user authentication information included in the security function information stored in said source storage device indicates that a user authentication function has been set to be valid but the user authentication information included in the security function information stored in said destination storage device indicates that the user authentication function is not set to be valid, said security function information comparison unit judges that the security function information stored in said source storage device does not conform to the security function information stored in said destination storage device.
  - 5. An information processing apparatus according to claim 1, wherein:
    - the user authentication information included in the security function information includes user discrimination information, andwhen the user discrimination information included in the security function information stored in said source storage device does not conform to the user discrimination information included in the security function information stored in said destination storage device, said security function information comparison unit judges that the security function information stored in said source storage device does not conform to the security function information stored in said destination storage device.
  - 6. An information processing apparatus according to claim 1, further comprising a display unit adapted to display the comparison result acquired by said security function information comparison unit.

7. A control method for an information processing apparatus which is equipped with plural storage devices each storing security function information indicating at least a security level of the respective storage device, said method comprising:
- a data move request receiving step of receiving a request to move data from a source storage device to a destination storage device among the plural storage devices;
  
  a security function information comparison step of, upon the data move request receiving step receiving the data move request, comparing the security level of the source storage device with the security level of the destination storage device, based on the security function information;
  
  a data move control step of inhibiting the data move if the security level of the source storage device is higher than the security level of the destination storage device and allowing the data move, wherein the data move control step copies the data from the source storage device to the destination storage device and erases the data copied to the destination storage device from the source storage device, if the security level of the source storage device matches that of the destination storage device,wherein the security function information includes user authentication information and data area access right information, andwherein when the user authentication information included in the security function information stored in the source storage device indicates that a user authentication function exists but the user authentication information included in the security function information stored in the destination storage device does not indicate that the user authentication function exists, said security function information comparison step judges that the security function information stored in the source storage device does not conform to the security function information stored in the destination storage device.
- View Dependent Claims (8, 9, 10, 11, 12)
- - 8. A control method according to claim 7, wherein, when the security function information stored in the source storage device does not conform to the security function information stored in the destination storage device, said data move control step does not permit the data move.
  - 9. A control method according to claim 7, wherein said data move control step further comprises:
    - an indication request step of requesting an indication whether or not to execute the data move when the security function information stored in the source storage device does not conform to the security function information stored in the destination storage device; and
      
      an acquisition step of acquiring the indication,when said acquisition step acquires the indication to execute the data move, said data move control step permits the the data move.
  - 10. A control method according to claim 7, wherein when the user authentication information included in the security function information stored in the source storage device indicates that a user authentication function has been set to be valid but the user authentication information included in the security function information stored in the destination storage device indicates that the user authentication function is not set to be valid, said security function information comparison step judges that the security function information stored in the source storage device does not conform to the security function information stored in the destination storage device.
  - 11. A control method according to claim 7, wherein:
    - the user authentication information included in the security function information includes user discrimination information, andwhen the user discrimination information included in the security function information stored in the source storage device does not conform to the user discrimination information included in the security function information stored in the destination storage device, said security function information comparison step judges that the security function information stored in the source storage device does not conform to the security function information stored in the destination storage device.
  - 12. A control method according to claim 7, further comprising a display step of displaying the comparison result acquired in said security function information comparison step.

13. A non-transitory computer-readable storage medium storing a computer program for an information processing apparatus which is equipped with plural storage devices each storing security function information indicating at least a security level of the respective storage device, said program comprising:
- a data move request receiving module for receiving a request to move data from a source storage device to a destination storage device among the plural storage devices;
  
  a security function information comparison module for, upon the data move request receiving module receiving the data move request, comparing the security level of the source storage device with the security level of the destination storage device, based on the security function information;
  
  a data move control module for inhibiting the data move if the security level of the source storage device is higher than the security level of the destination storage device and allowing the data move, wherein the data move control module copies the data from the source storage device to the destination storage device and erases the data copied to the destination storage device from the source storage device, if the security level of the source storage device matches that of the destination storage device,wherein the security function information includes user authentication information and data area access right information, andwherein when the user authentication information included in the security function information stored in the source storage device indicates that a user authentication function exists but the user authentication information included in the security function information stored in the destination storage device does not indicate that the user authentication function exists, said security function information comparison module judges that the security function information stored in the source storage device does not conform to the security function information stored in the destination storage device.

14. An information processing apparatus which is equipped with plural storage devices each storing security function information indicating at least a security level of the respective storage device, said apparatus comprising:
- a data move request receiving unit adapted to receive a request to move data from a source storage device to a destination storage device among the plural storage devices;
  
  a security function information comparison unit adapted to, upon the data move request unit receiving the data move request, compare the security level of the source storage device with the security level of the destination storage device, based on the security function information;
  
  a display unit adapted to display a warning if the security level of the source storage device is higher than the security level of the destination storage device and not display a warning if the security level of the source storage device matches that of the destination storage device;
  
  a receiving unit adapted to receive an instruction whether or not to allow the data move if the warning is displayed; and
  
  a data move control unit adapted to allow the data move, wherein the data move control unit copies the data from the source storage device to the destination storage device and erases the data copied to the destination storage device from the source storage device, if the receiving unit receives instruction to allow the data move and inhibit the data move if the receiving unit receives instruction to not allow the data move, when the warning is displayed,wherein the security function information includes user authentication information and data area access right information, andwherein when the user authentication information included in the security function information stored in the source storage device indicates that a user authentication function exists but the user authentication information included in the security function information stored in the destination storage device does not indicate that the user authentication function exists, said security function information comparison unit judges that the security function information stored in the source storage device does not conform to the security function information stored in the destination storage device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Canon Kabushiki Kaisha (Canon Inc.)
Original Assignee
Canon Kabushiki Kaisha (Canon Inc.)
Inventors
Takada, Tomoyuki, Suzuki, Noriyuki, Toyama, Takeshi, Ito, Hiroyasu
Primary Examiner(s)
Moise; Emmanuel L
Assistant Examiner(s)
Abyaneh; Ali S

Application Number

US11/087,488
Publication Number

US 20050216761A1
Time in Patent Office

2,029 Days
Field of Search

726/27, 726/31, 713/165, 713/166, 713/169, 380/201
US Class Current

726/31
CPC Class Codes

G06F 21/606 by securing the transmissio...

G06F 21/78 to assure secure storage of...

Information processing apparatus, control method thereof, control program, and storage medium

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

12 Citations

14 Claims

Specification

Use Cases

Quick Links

Others

Information processing apparatus, control method thereof, control program, and storage medium

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

12 Citations

14 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others