1. Field of the Invention
The present invention relates to an apparatus and a method for translating information such as source files encoded to protect the security of the information.
2. Description of the Related Art
Recently, the decentralized development of software utilizing computer networks, etc. has become popular, and along with this trend, many technologies relative to encryption to protect the security of information have been developed. For example, when a developer A wants to convey certain information I to a developer B using a network, etc., the developer A encodes the information I and transfers the information I to the developer B via a network. The developer B receives the information I and restores the information I. In this case, a technology of encoding and decoding information is widely utilized.
However, there is a case where the developer A wants to enable the developer B to use the information I possessed by the developer A for a process P possessed by the development B, but wants to protect the security of the information I from outsiders of the process P (operators, etc.). For example, this is the case where it is necessary to compile a program source of a new product corresponding to the information I in such an environment that persons other than those concerned can also access it. In this case, when the information I is decoded before compiling, there is a possibility that the information I may leak outside, even if the source file is transferred to the developer B after being encoded. Accordingly, the security of the contents of the source file cannot be completely protected.
Conventionally, protecting the security of the information using an encoding technology is directed to protecting the information from a third party other than the information provider A and information receiver B. For example, in a xe2x80x9cData Transfer Methodxe2x80x9d described in the Japan Laid-open Patent Publication No. 7-162409, a module for decoding encoded data is changed and compiled again every a certain time period and the object code of the module is transferred to a user of the encoded data. Thus, it is difficult for a third party to decode the encoded data.
However, this data transfer method is to protect the security of data from a third party, and a receiver of the data can easily obtain the data before encryption using the object code (including a decoder key) of the decoding module.
When an encoded source file is transferred, by executing in succession a command C1 for decoding and an existing compiler command C2, the receiver can compile the source file and create an object code file (executable module). However, when the commands C1 and C2 are just executed in succession, it is easy for an engineer familiar with an operating system (OS) and its commands to obtain the execution result of the command C1. Accordingly, it is difficult to protect the security of the contents of the source file from the receiver.
As described above, since in the conventional data transfer method there is a possibility that source information may leak, a provider of software distributes an executable module after compiling. Then, in a user""s system, the software is customized by directly operating the given executable module.
However, in this operation only a part of the original executable module which includes an abundance of options is used, and there are also many parts in the distributed executable module unnecessary for a user. For this reason, it is necessary to install an executable module of an unnecessarily large size in a system, which is a problem.
Although preparation of an executable module customized by a provider according to a user""s desire and distribution of the module can also be considered, in this case, a provider""s work becomes troublesome, and too much load is generated on the provider, if the number of users increases.
It is an object of the present invention to provide a translation apparatus and method for providing users with a variety of software safely and without imposing too much load on a provider.
The translation apparatus of the present invention comprises an input unit, a restoration unit, a translator unit and an output unit.
In the first aspect of the present invention, the input unit divides encoded information into a plurality of parts and inputs the information to the restoration unit, and the restoration unit restores the original information for each part of the encoded information. Then, the translator unit translates the original information, and the output unit outputs the result of the translation.
Encoded information to be input is, for example, an encoded source file, and the restoration unit decodes the information and restores a source file to its state before encryption, and the translation unit compiles the decoded source file and creates an executable module.
At this moment, the restoration unit does not decode all the encoded information at once, but decodes the information little by little for each divided part of the information. Then, the translator unit translates the original information for each decoded part of the information.
In the second aspect of the present invention, the input unit inputs encoded information, and the translation unit executes a process for restoring the original information from the encoded information within the scope of the translation process, and translates the information without enabling the original information to be leaked outside. Then, the output unit outputs the result of the translation.
The translation apparatus does not translate all the encoded information after it has been decoded, but decodes the information within the scope of the translation process. At this moment, the translator unit executes a fused process of the restoration and translation processes, and generates the result of the translation from the encoded information.