1. Field of the Invention
The present invention relates to an information processing device for executing processing in accordance with processing instruction data and processing target data received via a network, and particularly relates to technology for ensuring security of such data.
2. Description of the Related Art
In recent years, demands have been increasing to increase the strength of information security due to the increasing prevalence of networks and the accompanying misuse of information. In response to these demands, fundamental technology referred to as PKI (public key infrastructure) using public key encryption methods has become widespread, with various types of information equipment such as copiers, multi-function equipment, and facsimiles that are PKI-compatible being developed.
PKI-compatible equipment receives processing instruction data and processing target data encrypted using a public key for its own device via a network from external PCs (personal computers) and various devices. In this case, the forms that processing of encrypted data received by PKI-compatible equipment takes can be roughly classified into the following two types.
First, equipment decrypts received encrypted data using a private key of its own equipment and existing processing is executed based on the results of this decryption. Second, equipment decrypts received encrypted data using a private key of its own equipment, holds the results of decryption in an internal storage device (for example, a hard disk), and then reads out the held data and carries out processing afterwards. An example of the second form of processing would be a security print. In security print processing, the printer temporarily internally stores print data sent from an external PC and executes print processing on the saved print data on condition that the user inputs the correct password to the printer.
Further, that disclosed in Japanese Patent Laid-open Publication No. Hei. 09-134264 is known as an image processing device for decrypting and processing received encrypted data.
In this way, with related PKI-compatible equipment, in the above second method there is a possibility that decrypted data will be held for long periods of time in storage devices within the equipment and there is a danger of information being disclosed during this time.
In order to deal with this, the second method has been considered where encrypted data received from external devices is held in storage devices in place of decrypted data in the processing of the above two methods. However, this method causes the following problems to arise.
First, with PKI, reliability is based on public key certificates for public keys certified by a Certificate Authority (CA). Such public key certificates have an period of validity (usually one year) and when this period of validity runs out, it is necessary to create a new separate private key/public key pair and have a public key certificate issued. When data encrypted using the old public key is then held in a storage unit within the equipment, it is necessary to save not just the current private key but also the old private key in order to execute processing on this data. Management of old private keys therefore becomes complex in cases where public key certificates are issued by a number of certifying authorities such as public certifying authorities or private in-house certificate authorities. This problem is more prominent for data stored for short periods such as with print processing for printers and multi-purpose equipment. This is because the amount of data kept over long periods of time in such cases is small but private key history management is still necessary regardless of the amount of data being small.
Second, the encryption strength of encrypted data sent from external devices to the equipment depends on the encryption method used by the external device and on key length. The encryption strength of encrypted data from different external devices may therefore differ. On the other hand, in the management of information within a single enterprise, it is demanded that encryption strength of data held in equipment within the enterprise is of a fixed extent or greater. However, encrypted data received from external devices is managed as is and this condition is therefore not fulfilled.