1. Field of the Invention
The present invention relates to processing systems comprised of a data processing device and a data access device, and data processing and data access devices used in processing systems. The present invention relates particularly to processing systems comprised of data processing and data access devices capable of preventing improper access, and data processing and data access devices used in processing systems capable of preventing improper access.
2. Description of the Background Art
A hard disk device and a PC card ATA (Personal Computer Card Advance Technology Attachment) which are used in a terminal device such as a notebook-type personal computer can readily be removed from the terminal device and thus often used for carrying data. However, the data stored therein can be improperly stolen or changed by a third party and they are thus not suitable for storing classified information. Thus it is essential for such storage devices to have a mechanism which protects the security of data. It is also important for IC (Integrated Circuit) cards to have a data security protection mechanism.
Japanese Patent Laying-Open No. 61-43376 discloses a method of virtual authentication between an IC card and a device that can prevent a third party, e.g., from improperly stealing or changing the data stored therein. Referring to FIG. 11, an IC card 62 and a device 60, which communicate data mutually, each have system-specific functions F1 and F2. Device 60 and IC card 62 generate random numbers a1 and a2, respectively, and transmit their respective random numbers to each other. Device 60 and IC card 62 each use random numbers a1 and a2 as arguments to calculate values F1 (a1, a2) and F2 (a1, a2) of the respective functions F1 and F2. Device 60 transmits value F2 (a1, a2) to IC card 62. IC card 62 compares the received value F2 (a1, a2) with a value F2 (a1, a2) calculated by IC card 62 and, if the values are equal, regards device 60 as a regular device. When IC card 62 recognizes device 60 as a regular device, IC card 62 transmits value F1 (a1, a2) to device 60. Device 60 compares the received value F1 (a1, a2) with a value F1 (a1, a2) calculated by device 60 and, if the values are equal, regards IC card 62 as a regular card and issues to IC card 62 a command for access. Once the command for access has been issued, device 60 and IC card 62 mutually communicate data, as desired. Device 60 and IC card 62 having common functions and comparing values of the functions thus allow device 60 to determine whether card 62 is a regular card and card 62 to determine whether device 60 is a regular device.
However, if a third party could improperly steal data communicated between regular device 60 and regular IC card 62, the third party can obtain random numbers a1 and a2 and values F1 (a1, a2) and F2 (a1, a2) of functions F1 and F2. Thus the third party can construct a false device 60 to improperly steal data of IC card 62.
It should also be noted that if possible values of random numbers a1 and a2 can widely range and such a round-robin system as mentioned above cannot be carried out in a reasonable time, a portion of data can be used to conjecture function F2. Thus a third party can construct a false device 60 which outputs value F2 (a1, a2) of function F2 so that IC card 62 regards false device 60 as a regular device. Thus the third party can improperly steal data stored in IC card 62.
The present invention has been made to overcome the above disadvantages.
One object of the present invention is to provide a processing system capable of preventing third parties from carrying out improper processings.
Another object of the present invention is to provide a processing system capable of preventing third parties from carrying out improper processings if the third parties could improperly steal data communicated between devices.
Still another object of the present invention is to provide a data processing device used in a processing system that can prevent third parties from carrying out improper processings.
Still another object of the present invention is to provide a data processing device used in a processing system that can prevent third parties from carrying out improper processings if the third parties could improperly steal data communicated between devices.
Still another object of the present invention is to provide a data access device used in a processing system that can prevent third parties from carrying out improper processings.
Still another object of the present invention is to provide a data access device used in a processing system that can prevent third parties from carrying out improper processings if the third parties could improperly steal data communicated between devices.
In one aspect of the present invention, a processing system includes a data processing device and a data access device which are mutually connected to implement a predetermined function. The data processing device includes a data select unit disposed to select data, a first conversion unit connected to the data select unit to convert selected data according to a predetermined method, a first transmission unit connected to the first conversion unit to transmit converted data to the data access device, a first reception unit receiving data from the data access device, a second conversion unit connected to the data select unit to convert the selected data according to a predetermined method, and a first operation determining unit connected to the first reception unit and the second conversion unit to compare outputs from the first reception unit and the second conversion unit and respond to a result of the comparison between the outputs from the first reception unit and the second conversion unit by determining an operation of the data processing device. The data access device includes a second reception unit connected to the first transmission unit to receive an output from the first transmission unit, a third conversion unit connected to the second reception unit to convert an output from the second reception unit in accordance with a predetermined method, a first comparator unit connected to the second reception unit and the third conversion unit to compare an output from the third conversion unit and data defined by the output from the second reception unit, a fourth conversion unit connected to the second reception unit to convert the output from the second reception unit in accordance with a predetermined method, and a second operation determining unit connected to the first comparator unit and the fourth conversion unit and respond to a result of the comparison by determining an operation of the data access device and transmitting an output from the fourth conversion unit to the data processing device.
A third party who has obtained a relationship between selected data and the output from the fourth conversion unit that is transmitted from the second operation determining unit may improperly construct a false data access device which can transmit to the data processing device the data identical to the output from the fourth conversion unit associated with the selected data once the false device has received the selected data. Thus the third party may improperly combine the false data access device with the regular data processing device to implement a predetermined function. For example, if the data processing device is a storage device the third party may improperly steal data stored in the storage device. In effect, however, the selected data is previously converted by the first conversion unit before it is transmitted to the data access device. Thus, if the third party could improperly steal communication between the data processing device and the data access device, the party could hardly extract only the selected data. Thus the third party cannot engage the processing system of interest in implementing the predetermined function.
Furthermore, a third party who has obtained a relationship between the data converted by the first conversion unit and the output from the fourth conversion unit may improperly construct a false data access device which can transmit to the data processing device the data identical to the output from the fourth conversion unit associated with the converted data from the first conversion unit once the false device has received the converted data from the first conversion unit. Thus the third party may improperly combine the false data access device with the regular data processing device to implement a predetermined function. In effect, however, a bit length of the data converted by the first conversion unit is an item classified between the data processing device and the data access device. Thus the third party cannot obtain the bit length of the data converted by the first conversion unit, so that the party cannot obtain the possible number taken by the converted data. Thus the third party could not find how many combinations of the converted data from the first conversion unit and the output from the fourth conversion unit should be extracted and will thus continue to take data endlessly. Thus the third party can hardly obtain such combinations properly, so that the party cannot engage the processing system of interest in implementing the predetermined function.
Thus the third party cannot exploit the processing system to carry out improper processings.
Preferably, the first conversion unit includes a fifth conversion unit connected to the data select unit to convert selected data in accordance with a first predetermined method and a sixth conversion unit connected to the data select unit and the fifth conversion unit to convert outputs from the data select unit and the fifth conversion unit in accordance with a predetermined conversion method, the third conversion unit includes a seventh conversion unit connected to the second reception unit to extract selected data from the output of the second reception unit and convert the selected data in accordance with the first method, and the first comparator unit includes a second compactor unit connected to the second reception unit and the seventh conversion unit to extract from the output of the second reception unit the data converted according to the first method and compare the extracted data with an output from the seventh conversion unit.
Still preferably, the sixth conversion unit includes a conversion rearrangement unit connected to the data select unit and the fifth conversion unit to rearrange each bit of the outputs from the data select unit and the fifth conversion unit in accordance with a predetermined rearrangement method.
In another aspect of the present invention, a data processing device is used in a processing system including a data processing device and a data access device which are interconnected to implement a predetermined function. The data processing device includes a data select unit disposed to select data, a first conversion unit connected to the data select unit to convert selected data in accordance with a predetermined method, a first transmission unit connected to the first conversion unit to transmit converted data to the data access device, a first reception unit receiving data from the data access device, a second conversion unit connected to the data select unit to convert the selected data in accordance with a predetermined method, and a first operation determining unit connected to the first reception unit and the second conversion unit to compare outputs from the first reception unit and the second conversion unit and respond to a result of the comparison by determining an operation of the data processing device.
A third party who has obtained a relationship between selected data and data transmitted from the data access device may improperly construct a false data access device which can transmit to the data processing device the data identical to the data transmitted from the data access device associated with the selected data once the false device has received the selected data. Thus the third party may improperly combine the false data access device with the regular data processing device to implement a predetermined function. For example, if the data processing device is a storage device the third party may improperly steal data stored in the storage device. In effect, however, the selected data is previously converted by the first conversion unit before it is transmitted to the data access device. Thus, if the third party could improperly steal communication between the data processing device and the data access device, the party could hardly extract only the selected data. Thus the third party cannot engage the processing system of interest in implementing the predetermined function.
Furthermore, a third party who has obtained a relationship between the data converted by the first conversion unit and data transmitted from the data access device may improperly construct a false data access device which can transmit to the data processing device the data identical to the data transmitted from the data access device associated with the converted data from the first conversion unit once the false device has received the converted data from the first conversion unit. Thus the third party may improperly combine the false data access device with the regular data processing device to implement a predetermined function. In effect, however, a bit length of the data converted by the first conversion unit is an item classified between the data processing device and the data access device. Thus the third party cannot obtain the bit length of the converted data from the first conversion unit, so that the party cannot obtain the possible number taken by the converted data. Thus the third party could not find how many combinations of the converted data from the first conversion unit and the data transmitted from the data access device should be extracted and will thus continue to take data endlessly. Thus the third party can hardly obtain such combinations properly, so that the party cannot engage the processing system of interest in implementing the predetermined function.
The data transmitted from the data access device to the data processing device is comprised of selected data and data converted based on the selected data, with each bit rearranged. Thus the third party could hardly extract the selected data from the rearranged data. Thus the third party could hardly construct a false data access device nor exploit the system of interest to implement improper processings.
Still preferably, the sixth conversion unit includes an enciphering unit connected to the data select unit and the fifth conversion unit to encipher the outputs from the data select unit and the fifth conversion unit and the second reception unit includes a reception and deciphering unit connected to the first transmission unit to receive and decipher the output from the first transmission unit.
Data transmitted from the data access device to the data processing device is comprised of the selected data and data converted based on the selected data that are enciphered. Thus third parties could hardly extract the selected data from the enciphered data. Thus the third parties could hardly construct a false data access device nor exploit the processing system of interest to implement improper processings.
In still another aspect of the present invention, a data access device is used in a processing system comprised of: a data processing device including a data select unit disposed to select data, a first conversion unit connected to the data select unit to convert selected data in accordance with a predetermined method, a first transmission unit connected to the first conversion unit to transmit converted data to a data access device, a first reception unit receiving data from the data access device, a second conversion unit connected to the data select unit to convert selected data in accordance with a predetermined method, and a first operation determining unit connected to the first reception unit and the second conversion unit to compare outputs from the first reception unit and the second conversion unit and respond to a result of the comparison by determining an operation of the data processing device; and a data access device interconnected to the data processing device to implement a predetermined function. The data access device includes a second reception unit connected to the first transmission unit to receive an output from the first transmission unit, a third conversion unit connected to the second reception unit to convert an output from the second reception unit in accordance with a predetermined method, a first comparator unit connected to the second reception unit and the third conversion unit to compare an output from the third conversion unit and data defined by the output from the second reception unit, a fourth conversion unit connected to the second reception unit to convert the output from the second reception unit in accordance with a predetermined method, and a second operation determining unit connected to the first comparator unit and the fourth conversion unit and responding to a result of the comparison by determining an operation of the data access device to transmit an output from the fourth conversion unit to the data processing device.
A third party who has obtained a relationship between selected data and the output from the fourth conversion unit that is transmitted from the second operation determining unit may improperly construct a false data access device which can transmit to the data processing device the data identical to the output from the fourth conversion unit associated with the selected data once the false device has received the selected data. Thus the third party may improperly combine the false data access device with the regular data processing device to implement a predetermined function. For example, if the data processing device is a storage device the third party may improperly steal data stored in the storage device. In effect, however, the selected data is previously converted by the first conversion unit before it is transmitted to the data access device. Thus, if the third party could improperly steal communication between the data processing device and the data access device, the third party could hardly extract only the selected data. Thus the third party cannot engage the processing system of interest in implementing the predetermined function.
Furthermore, a third party who has obtained a relationship between the data converted by the first conversion unit and the output from the fourth conversion unit may improperly construct a false data access device which can transmit to the data processing device the data identical to the output from the fourth conversion unit associated with the converted data from the first conversion unit once the false device has received the converted data from the first conversion unit. Thus the third party may improperly combine the false data access device with the regular data processing device to implement a predetermined function. In effect, however, a bit length of the data converted by the first conversion unit is an item classified between the data processing device and the data access device. Thus the third party cannot obtain the bit length of the data converted by the first conversion unit, so that the party cannot obtain the possible number taken by the converted data. Thus the third party could not find how many combinations of the converted data from the first conversion unit and the output from the fourth conversion unit should be extracted and will thus continue to take data endlessly. Thus the third party could hardly obtain such combinations properly, so that the party cannot engage the processing system of interest in implementing the predetermined function.
Thus the third party cannot exploit the processing system to carry out improper processings.
The foregoing and other objects, features, aspects and advantages of the present invention will become more apparent from the following detailed description of the present invention when taken in conjunction with the accompanying drawings.