1. Field of the Invention
The present invention generally relates to enciphered file sharing methods, and more particularly, to an enciphered file sharing method for enabling safe file sharing and maintaining privacy by forming files so that the files are only accessible by authorized persons in a network environment in which a plurality of computers are coupled.
2. Description of the Related Art
In data processing systems, distributed processing environments have progressed recently. Hence, distributed file systems have become more popular. According to the distributed file system, one information is shared by a plurality of users who are coupled via a network.
However, computer units such as work stations which are coupled to the network are not all manufactured by a specific company. In other words, computer units manufactured by various companies are coupled to the network, and the network must be open with respect to such computer units. As a result, tapping, tampering and the like using various monitoring units cannot be prevented.
Because secret documents used in businesses or the like are also treated in the distributed environment, there are strong demands to provide security so that the files are only accessible by authorized persons.
Conventionally, an access control of a file sharing system was carried out based on an access control table which is built into the system. The access control table contains accessible users for each file. For example, the control table indicates that a file F is accessible by users A and B. Hence, every time an access request is made by a person, a check is made to determine whether or not this person is an authorized user of the file by referring to the access control table.
In the conventional single closed system in which a reliable manager exists, it was sufficient to make the management based on the access control table described above. However, due to the recent progress in the distributed processing environment, the scale of the file system has become large, the area of the network has become large, and the network has become more open as mutual connections of computer units manufactured by different companies increased. Therefore, it has become impossible to manage the access by a closed system. In other words, because the files are shared, data are transmitted via the network and tapping by various network monitoring units or the like has become more easy.
On the other hand, in out-sourcing or the like which cannot rely solely on the manager, it must be possible to protect the security of the users even with respect to a wrong doing by the manager.
In order to cope with the above described situation, it is conceivable to encipher the files using enciphering techniques, so that the file sharing system can provide the necessary protection against attacks such as wrong doing by the manager and tapping of the network.
But if each of the individual files were enciphered using mutually different cipher keys, the number of cipher keys would increase depending on the number of files. In addition, there is a possibility that the user himself may not be able to grasp the correspondence of all of the accessible files and the cipher keys. For this reason, it is necessary to realize an efficient key management which reduces the information managed on the user side while maintaining the security.