This application is based upon and claims the benefit of priority from the prior Japanese Patent Application No. 11-207982, filed Jul. 22, 1999, the entire contents of which are incorporated herein by reference.
The present invention relates to a digital data recording and reproducing system, and, more particularly, to a digital data recording and reproducing system to retain digital data, for example, on removable and rewritable recording media such as a magnet-optical disk.
In recent years, with spread of electronic computers such as personal computers, various kinds of information have been retained in a recording medium as digital data.
However, as the digital data used in the computers may be easily copied and falsified in general, there has been a serious problem from a viewpoint of data protection and data security.
In order to solve such problems, two electronic computers are connected in a network such as a LAN, while they function as a retention device and a host device respectively, in a recent development project xe2x80x9cDevelopment of an electronic retention system for original documents with copying preventionxe2x80x9d (A meeting for final reports on a project supporting creative software, and a project promoting electric commerce, 1998).
The above retention device denotes a device actually retaining data, and may be expressed as a server in a network computing terminology.
Moreover, the above host device functions as a terminal for user use, and may correspond to a client in terms of the network computing terminology.
In other words, the data confidentiality has been improved by configuration of a client/server system in the network with limitation on access to data.
However, at least two, or more than two electric computers are required for configuration of the client/server system comprising the above data retention device and the above host device on a network. Then, there has been a problem that the above system is very expensive system to require much high cost at introduction of the system.
In addition, the client/server system comprising the above data retention device and the host device may not be operated, or may require further cost for installing a new network devices, if no network devices previously provided.
The present invention has been made based on the above circumstances, and the object of the present invention is to offer a digital data recording and reproducing system which may function as a low-cost data retention device with easy operation even under no network devices.
In order to achieve the above object, the present invention provides a digital data recording and reproducing system comprising:
a data input part to input digital data;
a computer system unit manipulating data input through the data input part as digital data therein; and
a data output part to output digital data manipulated within the computer system unit,
wherein the computer system unit comprises at least one of:
a data storage or retention part to store digital data;
a personal identification part to verify whether a user operating the digital data recording and reproducing system is authorized or not;
an access log recording part to record that the user have accessed the data retention part;
a falsification detection part to detect whether data stored in the data retention part is falsified or not;
a history data recording part to record information on changes or corrections in data stored in the data retention part; and
an attribute control part to control attributes of data stored in the data retention part, and the computer system unit further comprises:
a control part to control parts by giving operation instructions to the parts which the computer system unit comprises as component parts, the parts including at least one of the data retention part, the personal identification part, the access log recording part, the falsification detection part, the history data recording part, and the attribute control part; and
an execution decision part to decide where an environment, in which the operation instructions by the control part to the each parts are executed, is an authorized one or not.
The xe2x80x9cenvironmentxe2x80x9d denotes both a hardware one, and a software one. The most important environment to be decided is the software environment, that is programs themselves.
And, the present invention provides a digital data recording and reproducing system according to the above system further comprising a protection part connected to the computer system unit,
wherein the protection part comprises a read only nonvolatile memory retaining a host identifier to guarantee that the environment in which the operation control instructions are executed is an authorized one, and
wherein the execution decision part decides whether the environment in which the operation control instructions are executed is an authorized one or not by acquiring the host identifier retained in the read only nonvolatile memory through communication with the protection part.
Further, the present invention provides a digital data recording and reproducing system according to the above system, wherein the execution decision part performs decision in a processing part provided in the computer system unit by reading out the host identifier to guarantee that the environment in which the operation instructions previously written in are executed is an authorized one.
And, the present invention provides a digital data recording and reproducing system according to the above system,
wherein the execution decision part comprises a plurality of independent host identifier reading parts. And, the present invention provides a digital data recording and reproducing system according to the above system,
wherein the independent host identifier reading parts verify each other by mutual verification that they are authorized host identifier reading parts.
And, the present invention provides a digital data recording and reproducing system according to the above system,
wherein the personal identification part comprises:
an IC card having identification information written therein; and
an IC card readout part to read out the identification information written in the IC card, and
wherein encryption communication is used for communication between the personal identification part and the IC card readout part.
And, the present invention provides a digital data recording and reproducing system according to the above system,
wherein the personal identification part comprises:
a physiological information input part to input physiological information, and
wherein personal identification is performed based on the physiological information input by the physiological information input part.
And, the present invention provides a digital data recording and reproducing system according to the above system,
wherein the falsification detection part comprises a collate part to collate
a collate code obtained by decryption of electronic signatures recorded for each data file in the data retention part connected to the computer system unit; with
a collate code calculated based on a predetermined calculation method using each data file in the data retention part.
And, the present invention provides a digital data recording and reproducing system according to the above system,
wherein the falsification detection part comprises a collate part to collate
a collate code obtained by decryption of electronic signatures recorded for each data file in the data retention part connected to the computer system unit; with
a collate code made based on all the data files retained in the data retention part.
And, the present invention provides a digital data recording and reproducing system according to the above system,
wherein the access log recording part records in the data retention part:
start or end time of accesses; a user name to identify the user; and a classification sign denoting the start or the end time of the accesses.
And, the present invention provides a digital data recording and reproducing system according to the above system,
wherein the history data recording part records in the data retention part:
a user name to identify the user as history data; time of the accesses showing when the accesses occur; an access type denoting the type of operation made by the user; and a retention device identifier to specify a retention device used.
And, the present invention provides a digital data recording and reproducing system according to the above system,
wherein the control part further comprises:
an I/O control part for access to data on a retention medium in the data retention part, and
wherein the I/O control part comprises:
a retention medium identification part to identify the retention medium;
an encryption part to encrypt data information;
a decryption part to decrypt encrypted data.
And, the present invention provides a digital data recording and reproducing system according to the above system,
wherein the encryption and decryption parts may respectively control an encryption level by a hierarchical structure.
And, the present invention provides a digital data recording and reproducing system according to the above system,
wherein the attribute control part controls:
an original identifier showing that data is original at least as attribute data; and
a backup identifier showing that data is backup data.
Additional objects and advantages of the invention will be set forth in the description which follows, and in part will be obvious from the description, or may be learned by practice of the invention. The objects and advantages of the invention may be realized and obtained by means of the instrumentalities and combinations particularly pointed out hereinafter.