Information processing apparatus, information processing method, and program therefor

US 8,375,214 B2
Filed: 05/27/2005
Issued: 02/12/2013
Est. Priority Date: 06/04/2004
Status: Expired due to Fees

First Claim

Patent Images

1. An information processing apparatus comprising:

a storage unit configured to store security processing information describing a security processing procedure that is to be applied to data generated by a service providing program, the security processing information including information identifying the service providing program and the data including data written in a structured language, wherein the security processing information can be read from or written to the storage unit by another program or user and includes element information specifying a part of the data written in the structured language and entirety-specifying information specifying the entire data written in the structured language, wherein an element to be encrypted can be specified when the part of the data is to be encrypted;

a security processing unit configured to execute security processing to encrypt or give a digital signature to the data generated by the service providing program according to the security processing procedure described in the security processing information stored in the storage unit, wherein the security processing unit provides secure communications of the data generated by the service providing program with an external program, wherein the security processing unit security-processes the entire data or a specified element in the data based on the security processing information; and

a modifying unit configured to modify the part of the data written in the structured language into data security-processed by the security processing unit in accordance with specification by the element information and modify the entire data security-processed by the security processing unit based on the entire-specifying information,wherein the security processing information further includes key information for defining an encryption key used in security processing of the data by the security processing unit according to the security processing procedure, andwherein the modifying unit adds information for decrypting the data encrypted by the security processing unit according to the securing processing procedure to the data written in the structured language.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An information processing apparatus includes a storage unit that stores security processing information describing a security processing procedure that is to be executed on data handled by a service providing program and including data written in a structured language; and a security processing unit that executes security processing to encrypt or sign the data handled by the service providing program, with reference to the security processing information stored in the storage unit, so that the service providing program can communicate securely with an external service providing program.

12 Citations

17 Claims

1. An information processing apparatus comprising:
- a storage unit configured to store security processing information describing a security processing procedure that is to be applied to data generated by a service providing program, the security processing information including information identifying the service providing program and the data including data written in a structured language, wherein the security processing information can be read from or written to the storage unit by another program or user and includes element information specifying a part of the data written in the structured language and entirety-specifying information specifying the entire data written in the structured language, wherein an element to be encrypted can be specified when the part of the data is to be encrypted;
  
  a security processing unit configured to execute security processing to encrypt or give a digital signature to the data generated by the service providing program according to the security processing procedure described in the security processing information stored in the storage unit, wherein the security processing unit provides secure communications of the data generated by the service providing program with an external program, wherein the security processing unit security-processes the entire data or a specified element in the data based on the security processing information; and
  
  a modifying unit configured to modify the part of the data written in the structured language into data security-processed by the security processing unit in accordance with specification by the element information and modify the entire data security-processed by the security processing unit based on the entire-specifying information,wherein the security processing information further includes key information for defining an encryption key used in security processing of the data by the security processing unit according to the security processing procedure, andwherein the modifying unit adds information for decrypting the data encrypted by the security processing unit according to the securing processing procedure to the data written in the structured language.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The information processing apparatus according claim 1, further comprising:
    - a communications unit configured to communicate with another apparatus via a network; and
      
      a transmission control unit configured to control transmission of the data obtained through the modification executed by the modifying unit to the another apparatus via the network.
  - 3. The information processing apparatus according to claim 1,wherein the modifying unit modifies the part of the data written in the structured language into the security-processed data by using the encryption key.
  - 4. The information processing apparatus according to claim 3, wherein the modifying unit comprises a parsing unit configured to parse the data to determine whether the data conforms to the Simple Object Access Protocol, wherein the modifying unit writes the processed data in a body defined by the Simple Object Access Protocol and writes the information for decrypting the processed data and the information for verifying the processed data in a header defined by the Simple Object Access Protocol when the parsing unit determines that the data conforms to the Simple Object Access Protocol.
  - 5. The information processing apparatus according to claim 1, wherein the security processing information stored in the storage unit is information that is capable of being registered, updated, and deleted from outside via a network.
  - 6. The information processing apparatus according to claim 1, wherein the security processing unit is configured to determine whether to execute the security processing procedure according to whether the security processing information associated with the data is stored in the storage unit.
  - 7. The information processing apparatus according to claim 1, wherein the security processing unit comprises a determination unit configured to determine whether content of the security processing information is in accordance with content of the data, and the security processing unit determines whether to execute the security processing according to the determination by the determination unit.
  - 8. The information processing apparatus according to claim 1, wherein the element information specifies the part of the data written in the structured language in accordance with a tag defined by the structured language.

9. An information processing method comprising:
- using at least one processor to perform the following;
  
  storing security processing information describing a security processing procedure associated with data generated by the service providing program in a storage unit, the security processing information including information identifying the service providing program and the data including data written in a structured language, wherein the security processing information includes element information specifying a part of the data written in the structured language and entirety-specifying information specifying the entire data written in the structured language, wherein an element to be encrypted can be specified when the part of the data is to be encrypted;
  
  applying security processing to encrypt or give a digital signature to the data generated by the service providing program, according to the security processing procedure described in the security processing information stored in the storage unit, wherein the entire data or a specified element in the data is security-processed based on the security processing information;
  
  modifying the part of the data written in the structured language into data security-processed by the security processing procedure in accordance with specification by the element information and modifying the entire data security-processed by the security processing procedure based on the entirety-specifying information; and
  
  communicating the data from the service providing program with an external service providing program,wherein the security processing information can be read from or written to the storage unit by another program or a user,wherein the security processing information further includes key information for defining an encryption key used in security processing of the data according to the security processing procedure, andwherein the data written in the structured language is modified by adding information for decrypting the data encrypted by security processing according to the securing processing procedure.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
- - 10. The information processing method according to claim 9, further comprising controlling transmission of the data obtained through modifying the part of the data to another apparatus via a network.
  - 11. The information processing method according to claim 9,wherein in modifying the part of the data, the part of the data written in the structured language is modified into the security-processed data by using the encryption key.
  - 12. The information processing method according to claim 11, wherein modifying comprises:
    - parsing the data to determine whether the data conforms to the Simple Object Access Protocol; and
      
      writing the processed data in a body defined by the Simple Object Access Protocol and writing the information for decrypting the processed data and the information for verifying the processed data in a header defined by the Simple Object Access Protocol when the parsing determines that the data conforms to the Simple Object Access Protocol.
  - 13. The information processing method according to claim 9, wherein the security processing information is information that can be registered, updated, and deleted from outside via a network.
  - 14. The information processing method according to claim 13, wherein applying security processing comprises determining whether to execute the security processing procedure according to whether the security processing information associated with the data is stored in the storage unit.
  - 15. The information processing method according to claim 9, wherein applying security processing comprises:
    - determining whether a content of the security processing information is in accordance with a content of the data; and
      
      determining whether to execute the security processing according to the determination.
  - 16. The information processing method according to claim 9, wherein the element information specifies the part of the data written in the structured language in accordance with a tag specified by the structured language.

17. A non-transitory computer-readable storage medium having stored thereon a program for allowing a computer to execute an information processing method comprising:
- storing security processing information describing a security processing procedure associated with data generated by the service providing program in a storage unit, the security processing information including information identifying the service providing program and the data including data written in a structured language, wherein the security processing information includes element information specifying a part of the data written in the structured language and entirety-specifying information specifying the entire data written in the structured language, wherein an element to be encrypted can be specified when the part of the data is to be encrypted;
  
  applying security processing to encrypt or give a digital signature to the data generated by the service providing program, according to the security processing procedure described in the security processing information stored in the storage unit, wherein the entire data or a specified element in the data is security-processed based on the security processing information;
  
  modifying the part of the data written in the structured language into data security-processed by the security processing procedure in accordance with specification by the element information and modifying the entire data security-processed by the security processing procedure based on the entirety-specifying information; and
  
  communicating the data from the service providing program with an external service providing program,wherein the security processing information can be read from or written to the storage unit by another program or a user,wherein the security processing information further includes key information for defining an encryption key used in security processing of the data according to the security processing procedure, andwherein the data written in the structured language is modified by adding information for decrypting the data encrypted by security processing according to the securing processing procedure.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Canon Ayutthaya Limited (Canon Inc.)
Original Assignee
Canon Ayutthaya Limited (Canon Inc.)
Inventors
Nishio, Masahiro
Primary Examiner(s)
Orgad, Edan
Assistant Examiner(s)
SCHMIDT, KARI L

Application Number

US11/140,446
Publication Number

US 20050273616A1
Time in Patent Office

2,818 Days
Field of Search

713/152, 713/176, 713/190, 713/193, 726/14, 709204-207
US Class Current

713/176
CPC Class Codes

G06F 21/608   Secure printing

H04L 63/0428   wherein the data content is...

H04L 63/08   for authentication of entit...

H04L 63/166   at the transport layer

Information processing apparatus, information processing method, and program therefor

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

12 Citations

17 Claims

Specification

Use Cases

Quick Links

Others

Information processing apparatus, information processing method, and program therefor

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

12 Citations

17 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others