The present disclosure relates to computer programs, secret management methods and systems.
In recent years, there has been frequent leakage of information managed by corporations, public offices, educational institutions, or other organizations. It is one of the causes that there have been no sufficient mechanisms against illegal access to information or no sufficient mechanisms of preventing users from carelessly leaking information in spite of the fact that the development of information communication technologies made it easier to access information and increased information portability. Not only organizations such as corporations, but individuals are also at risk of information leakage.
The most popular technology of protecting information from security risks is encryption using passwords. Simply encrypting information cannot, however, eliminate the risks of information leakage caused by cracking passwords or encryption keys, or social hacking. It is not either realistic to expect all the end users to strictly manage their passwords. Accordingly, it is the Secret Splitting method (also referred to as Secret Sharing method) that has attracted attention in recent years. According to the Secret Splitting, information is split into a plurality of fragments so as to make it impossible to recover the original information unless a certain number of fragments or more are put together.
JP 2008-139996A proposes a system that uses the secret splitting to prevent information leakage. The information leakage prevention system proposed by JP2008-139996A generates a virtual application image file from an execution file, a driver, and data of an application (AP) used at an information terminal, and splits the virtual AP image file into two or more share files. One of the share files is stored by a mobile terminal that is different from the information terminal. The share file stored by the information terminal can be erased in response to an instruction from a management server when the management server is notified that the information terminal has been lost or stolen.