1. Field of the Invention
The present invention relates to a data protection system, a data protection method, and a memory card that enable protection of data being encrypted and stored on storage media, while allowing that data to be readily available to particular persons.
2. Description of the Related Art
Storage media such as SD cards are widely used as, e.g., so-called bridge media, for sharing data between multiple computers or the like (see, for example, Japanese Patent Laid-Open No. 2006-5557). In digital cameras, for example, recording image data on an SD card in a format compliant with the standard for digital still camera allows such image data to be utilized in other digital still cameras or personal computers compliant with the standard (which is known as interoperability).
Such interoperability, however, may have an adverse effect from the viewpoint of privacy protection. That is, due to the interoperability, one cannot restrict access by others to such image data stored in an SD card that he/she does not want others to see. Furthermore, if one lost the SD card on which image data is stored and if the SD card was found by a third party, the one cannot prohibit the third party from viewing the image data. Likewise, if any information is recorded on an SD card, such as business information or confidential documents, it is not possible to share it only among particular persons.
Some methods exist where the entire SD card is locked with a password in an attempt to share data among a number of particular persons, in which case, however, it is not possible to selectively protect only particular data, and password management or the like becomes an issue.
In addition, it is known, as a method of selectively protecting only particular data, to encrypt data files with passwords on a file-by-file basis. However, this method is not adequate to share data among the particular persons as mentioned above because the encryption key for use in encrypting data is protected at terminal side.
Therefore, it would be desirable to provide a data protection system that allows for protection of personal information and reduction of implementation load on host devices, while ensuring interoperability.