Archive system, management apparatus, and control method
First Claim
1. An archive system, comprising:
- a user terminal that includes a processor that refers to an encrypted content from a removable memory medium; and
a management apparatus that includes a memory that stores a decryption key for decrypting the encrypted content that is a management target, and a processor that acquires management information uniquely specifying the encrypted content from the user terminal and authenticating whether a process of decrypting the encrypted content specified by the management information by using the decryption key is permitted, whereinthe processor of the user terminalreads out the encrypted content that is an authentication target from the removable memory medium that stores the encrypted content in association with the management information, assigns data forming the read encrypted content to a same hash function as that of the management apparatus, and computes a first hash value, andthe processor of the management apparatusacquires the first hash value and the management information from the user terminal;
reads out, from the memory that stores a second hash value in association with the management information, the second hash value corresponding to the first hash value by using the acquired management information as a retrieval key, the second hash value being previously computed by assigning data forming the encrypted content retaining its authenticity to the hash function and authenticates whether the first hash value and the second hash value are identical to each other;
stores, when the authentication result performed is an authentication failure indicating that the first hash value and the second hash value are not identical to each other, an authentication failure result in the memory in association with the management information;
authenticates whether there is a corresponding authentication failure result by using the management information acquired from the memory as a retrieval key; and
permits the process of decrypting when an authentication result is an authentication success indicating that the first hash value and the second hash value are identical to each other and when the corresponding authentication failure does not exist in the memory.
1 Assignment
0 Petitions
Accused Products
Abstract
A user terminal reads out an encrypted content from a removable memory medium, assigns data forming the read encrypted content to the same hash function, and computes a first hash value. The management apparatus acquires the computed first hash value and management information from the user terminal, reads out, from a management information memory that stores a second hash value previously computed by assigning data forming the encrypted content retaining its authenticity to the hash function in association with the management information, the corresponding second hash value by using the acquired management information as a retrieval key, authenticates whether the acquired first hash value and the second hash value are identical, and permits a decryption process when the authentication result is an authentication success.
9 Citations
16 Claims
-
1. An archive system, comprising:
-
a user terminal that includes a processor that refers to an encrypted content from a removable memory medium; and a management apparatus that includes a memory that stores a decryption key for decrypting the encrypted content that is a management target, and a processor that acquires management information uniquely specifying the encrypted content from the user terminal and authenticating whether a process of decrypting the encrypted content specified by the management information by using the decryption key is permitted, wherein the processor of the user terminal reads out the encrypted content that is an authentication target from the removable memory medium that stores the encrypted content in association with the management information, assigns data forming the read encrypted content to a same hash function as that of the management apparatus, and computes a first hash value, and the processor of the management apparatus acquires the first hash value and the management information from the user terminal; reads out, from the memory that stores a second hash value in association with the management information, the second hash value corresponding to the first hash value by using the acquired management information as a retrieval key, the second hash value being previously computed by assigning data forming the encrypted content retaining its authenticity to the hash function and authenticates whether the first hash value and the second hash value are identical to each other; stores, when the authentication result performed is an authentication failure indicating that the first hash value and the second hash value are not identical to each other, an authentication failure result in the memory in association with the management information; authenticates whether there is a corresponding authentication failure result by using the management information acquired from the memory as a retrieval key; and permits the process of decrypting when an authentication result is an authentication success indicating that the first hash value and the second hash value are identical to each other and when the corresponding authentication failure does not exist in the memory. - View Dependent Claims (2, 3, 4)
-
-
5. A non-transitory computer readable storage medium having stored therein an archive system control program for controlling an archive system that comprises a user terminal that refers to an encrypted content from a removable memory medium and a management apparatus that stores a decryption key for decrypting the encrypted content that is a management target, the management apparatus acquiring management information that is information of uniquely specifying the encrypted content from the user terminal and authenticating whether a process of decrypting the encrypted content specified by the management information by using the decryption key is permitted, the archive system control program causing a computer serving as the user terminal to execute a process comprising:
-
reading out the encrypted content that is an authentication target from the removable memory medium that stores the encrypted content in association with the management information; and computing a first hash value by assigning data forming the read encrypted content to a same hash function as that of the management apparatus, the archive system control program causing a computer serving as the management apparatus to execute a process comprising; acquiring the first hash value computed at the computing and the management information from the user terminal; reading out, from the memory that stores a second hash value in association with the management information, the second hash value corresponding to the first hash value by using the acquired management information as a retrieval key, the second hash value being previously computed by assigning data forming the encrypted content retaining its authenticity to the hash function; authenticating whether the first hash value acquired at the acquiring and the second hash value are identical to each other; storing, when the authentication result performed is an authentication failure indicating that the first hash value and the second hash value are not identical to each other, an authentication failure result in the memory in association with the management information; authenticating whether there is a corresponding authentication failure result by using the management information acquired from the memory as a retrieval key; and permitting the process of decrypting when an authentication result performed at the authenticating is an authentication success indicating that the first hash value and the second hash value are identical to each other and when the corresponding authentication failure does not exist in the memory. - View Dependent Claims (6, 7, 8)
-
-
9. A management apparatus includes a memory that stores a decryption key for decrypting an encrypted content that is a management target, and a processor that acquires management information that is information of uniquely specifying the encrypted content from a user terminal that refers to a content that is encrypted from a removable memory medium, and authenticates whether a process of decrypting the encrypted content specified by the management information by using the decryption key is permitted, the management apparatus comprising:
-
the processor that acquires a first hash value and the management information from the user terminal; reads out, from the memory that stores a second hash value in association with the management information, the second hash value corresponding to the first hash value by using the acquired management information as a retrieval key, the second hash value being previously computed by assigning data forming the encrypted content retaining its authenticity to a hash function, and authenticates whether the first hash value and the second hash value are identical to each other; stores, when the authentication result performed is an authentication failure indicating that the first hash value and the second hash value are not identical to each other, an authentication failure result in the memory in association with the management information; authenticates whether there is a corresponding authentication failure result by using the management information acquired from the memory as a retrieval key; and permits the process for decrypting when an authentication result is an authentication success indicating that the first hash value and the second hash value are identical to each other and when the corresponding authentication failure does not exist in the memory. - View Dependent Claims (10, 11, 12)
-
-
13. A controlling method performed in an archive system that includes a user terminal that refers to an encrypted content from a removable memory medium, and a management apparatus that stores a decryption key for decrypting the encrypted content that is a management target, the management apparatus acquiring management information that is information of uniquely specifying the encrypted content from the user terminal and authenticating whether a process of decrypting the encrypted content specified by the management information by using the decryption key is permitted, the controlling method comprising:
-
in the user terminal, reading out the encrypted content that is an authentication target from the removable memory medium that stores the encrypted content in association with the management information, computing a first hash value by assigning data forming the read encrypted content to a same hash function as that of the management apparatus, and in the management apparatus, acquiring the first hash value computed at the computing and the management information from the user terminal; reading out, from the memory that stores a second hash value in association with the management information, the second hash value corresponding to the first hash value by using the acquired management information as a retrieval key, the second hash value being previously computed by assigning data forming the encrypted content retaining its authenticity to the hash function; authenticating whether the first hash value acquired at the acquiring and the second hash value are identical to each other; storing, when the authentication result performed is an authentication failure indicating that the first hash value and the second hash value are not identical to each other, an authentication failure result in the memory in association with the management information; authenticating whether there is a corresponding authentication failure result by using the management information acquired at the acquiring from the memory as a retrieval key; and permitting the process of decrypting when an authentication result performed at the authenticating is an authentication success indicating that the first hash value and the second hash value are identical to each other and when the corresponding authentication failure does not exist in the memory. - View Dependent Claims (14, 15, 16)
-
Specification