1. Field of the Invention
The present invention relates to an alteration detection method of data stored in a data storage unit, a data alteration detection device and a data alteration detection program.
2. Description of the Related Art
With the spread of networks, a possibility that an illegal access is made to a database and data is altered has been increased. In order to detect such an illegal data alteration, for example, a data alteration detection method shown in FIG. 16 is considered.
In the data alteration detection method shown in FIG. 16, when a data storing unit 11 writes log data in a database 12, a record alteration detection code calculation unit 12 applies a prescribed operation to data to calculate a record alteration detection code and attaches the record alteration detection code to the data.
When reading data, a data extraction unit 14 reads the relevant record from the database 13. Then, a record alteration detection code verification unit 15 applies a prescribed operation to the read data to calculate a record alteration detection code and verifies whether the calculated record alteration detection code coincides with the recode alteration detection code attached to the data to determine whether the data is altered.
However, by the alteration detection method, the addition/deletion of a record cannot be detected.
In order to detect the alteration, such as addition/deletion, of a record, an alteration detection code must be provided for a specific record unit. For example, as shown in FIG. 17, alteration detection codes must be calculated and stored for all the data records 1-100 in advance. In order to verify addition/deletion to/from records 1-5, alteration detection codes must be calculated for all the data records 1-100, and it must be verified whether the respective calculated alteration detection codes coincide with the respective stored alteration detection codes of all the records 1-100. Therefore, in order to verify the alteration of several records, its data alteration detection process takes much time, which is a problem.
Japanese Patent Application No. 2002-259216 (Patent Reference 1) discloses that when transmitting an electronic file, a describer H for verifying the integrity of each unit file and a describer C for verifying the continuity of each unit file (whether a previous or subsequent unit file is lost) are provided.
However, in the method disclosed by Patent Reference 1, when the structure of a unit file is known, the describer C for verifying the continuity of each unit file can be easily generated. Therefore, it is difficult to prevent the alteration of data.