JPH07200617A - Control method for reference right of shared information - Google Patents

Abstract

PURPOSE:To set a user free from managing many secret keys when all user groups having the same reference right for each information are set by securing the correspondence between the user groups and the coding incidental information obtained by coding the coding key of the information by the secret key of the user. CONSTITUTION:An information provider codes the offering information by a certain coding key and generates the coding information (S1). Then the coding key is coded by means of a secret key that is shared by the information provider and a user who has the reference right to the offered information (S2). The secret key is stored in a data base together with the coding information as the coding incidental information (S3). In a reference mode, a user of a user group having the reference right acquires the coding information and the coding incidental information from the data base. Then the user decodes the coding incidental information by the secret key in order to calculate a coding key (S4) and then decodes the coding information by the coding key to obtain the offered information. Therefore the user has not to manage many secret keys.

Description

Detailed Description of the Invention

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a shared information reference authority control method, and more particularly to a system for sharing distributedly managed information over a network by using a cryptographic method to allow users to access the information. The present invention relates to a shared information reference authority control method for controlling reference authority to information according to the authority of.

[0002]

2. Description of the Related Art FIG. 8 shows an outline of a sharing system. The sharing system is provided by the information provider 10 via the network.
0 registers information in database 200 and user 300
Is a system that refers to that information.

As a basic method of applying the encryption technique to the information sharing system shown in FIG. 8, information is encrypted and registered in the database 200, and the encryption key is distributed only to users who have the authority to refer to the information. There is a method to do. This method is shown in FIG.

Common key algorithms such as FEAL (high-speed data encryption algorithm) and DES (data encryption standard) are used for encryption.

Since this method encrypts the information at the registration stage, the information can be kept secret on the network and the database. In order to control the reference authority according to the authority of the user, for each information (Pa, Pb, ..., Pz),
Encrypt with a private key for each user, or private keys (Ka, K) corresponding to user groups with the same reference authority.
b, ..., Kz).

For example, the information Pa is encrypted with the encryption key Ka of the user A and registered in the database 200 as encrypted information EKa (Pa). User A has private key K
When referring to the registered encrypted information EKa (Pa) having a, the encrypted information EKa (Pa) is decrypted with the secret key (encryption key) Ka to obtain the information Pa.

[0007]

However, when encrypted with the private key for each user, the encrypted information must be prepared for each user, which is very redundant.
Further, when encrypted with a secret key corresponding to a user group, there are the following problems.

When the structure of the user group changes, the private key of the related member must be changed. Alternatively, if secret keys of all user groups are prepared in advance, information provision must deliver multiple secret keys corresponding to the user group to which the user belongs, and the user corresponds to the user group to which the user belongs. Must manage multiple private keys.

The present invention has been made in view of the above points, and solves the above-mentioned conventional problems, and when setting all user groups having the same reference authority for each information, the user sets a large number of secret keys. It is an object to provide a shared information reference authority control method that does not need to be managed.

[0010]

FIG. 1 is a diagram for explaining the principle of the present invention.

According to the present invention, in a method of sharing information between a plurality of user groups using a database, an information provider encrypts provided information with an encryption key to generate encrypted information (step 1 ), The encryption key is encrypted in advance with the secret key shared by the information provider and the user who has the authority to refer to the provision information (step 2), and the secret key is stored in the database as the encryption supplementary information together with the encryption information. At the time of reference (step 3), the user of the user group having the reference authority encrypts the encrypted supplementary information out of the encrypted information and the supplementary information obtained from the database by using the secret key to encrypt the encrypted supplementary information. The key is calculated (step 4), and the provided information is obtained by decrypting the encrypted information with the encryption key.

Further, according to the present invention, a user is classified according to N elements, the encryption key is divided into N as encryption supplementary information, and the divided divided encryption key is a secret corresponding to each element. By combining the encrypted information with the key as the encrypted supplementary information, and decrypting the encrypted supplementary information with the secret key,
The original encryption key is obtained by combining the obtained N divided encryption keys.

[0013]

According to the present invention, an information provider encrypts information with a certain encryption key to obtain encrypted information, and the encryption key is shared in advance by the information provider and a user who has authority to refer to the information. The private key is encrypted, and the encryption key encrypted with the private key together with the encrypted information is stored in the database as the encrypted supplementary information. When a user with reference authority refers to the encrypted information stored in the database, of the encrypted information and the encrypted supplementary information obtained from the database, the secret supplementary information is shared with the information provider. An encryption key is obtained by decrypting with the key, and decryption information is obtained by decrypting the encryption information with this encryption key. As a result, it is not necessary to change the user secret key for each user group by associating the encrypted supplementary information obtained by encrypting the information encryption key with the user secret key for each user group. Therefore, when setting all user groups having the same reference authority, it is not necessary to manage a large number of private keys.

Further, the user classified into N elements sets the encryption key corresponding to the element, and the user manages only the secret key of the separated element, so that the amount of encrypted incidental information is reduced. To be done.

[0015]

Embodiments of the present invention will now be described in detail with reference to the drawings.

<< First Embodiment >> FIG. 2 shows a system configuration for referring to shared information according to a first embodiment of the present invention. In the example shown in the figure, the information provider 100 registers the information in the database 200, and the registered information is stored in the user 3
00 refers to the case.

The information provider 100 encrypts the encryption key (K) with the individual secret key (K1, K2, ..., Kn) of the user 300 and obtains the encrypted supplementary information 220 (EK1).
(K), EK22 (K), ..., EKn (K)) are registered in the database 200 together with the encrypted information 210. The user 300 retrieves the encrypted information 21 from the database 200.
0 and the encrypted supplementary information 220 are referenced. When the user 300 refers to the encrypted information 210 and the encrypted supplementary information 220 of the database 200, first, the encrypted supplementary information 220 is decrypted by the secret key Kn of the user, and the encrypted key K is decrypted.
To get The user 300 can use the encryption key K to decrypt the encrypted information 210.

Specifically, when the information provider 100 registers the information P in the database 200, the information P is encrypted using the encryption key K and the encrypted information E
It is registered in the database 200 as K (P). Further, the information provider 100 encrypts the encryption key K using the secret key K1 shared with the user 300 ₁ and registers it in the database 200 as the encrypted supplementary information 220. Next, when the user 300 ₁ refers to the encrypted information 210 EK (P) registered in the database 200, the encrypted supplementary information 220 is referenced from the database 200,
The encrypted supplementary information 220 is decrypted with the private key K1 owned by the user to obtain the encrypted key K. The user 300 ₁ decrypts the encrypted information 210EK (P) retrieved from the database 200 by using the obtained encryption key K, and obtains the information P provided by the information provider 100.

By adopting such a method, the user 300 can obtain the information from the encrypted supplementary information 220 by using the encryption key of the encrypted information 210 by using the private key of each user.

<Second Embodiment> As is clear from the first embodiment, the user has only to manage the individual secret key Kn, but the encrypted information is the information sent by the information provider. Since the capacity is small in comparison, the redundancy of this embodiment is lower than that of the conventional one. This is because the encrypted supplementary information 220 managed for each encrypted information 210 linearly increases in proportion to the number of users. In the present embodiment, a method for reducing the amount of encrypted supplementary information and increasing redundancy when the number of users is large will be described below.

FIG. 5 is a diagram for explaining the second embodiment of the present invention. In this embodiment, the user groups are classified by associating the organizational hierarchy with the groups.

The entire user is defined as an organization, and the user is defined by two attributes of hierarchy and group within this organization.

Each user has a unique combination of a secret key that is common to the group to which he belongs and a secret key that is common to the hierarchy to which he belongs, and the information provider 100 must have some 2 (N) divided encryption keys. Is set to become an encryption key when the exclusive OR is taken.

When the information provider 100 sets the reference authority of the information to the user group corresponding to the hierarchical structure of the organization, the information is encrypted with a certain encryption key to obtain the encrypted information 210.
And for the users included in that user group,
Information obtained by encrypting one of the two divided encryption keys as a private key for each user's belonging group and encrypting the other with the private key for the belonging hierarchy is stored as encrypted supplementary information 220 together with the encrypted information 210 in the database. Register with 200. The user 300 having the reference authority decrypts the two divided encryption keys using the possessed private key for the group and the private secret key for the hierarchy, and obtains the encrypted key by taking the exclusive OR of these. . The user 300 can obtain information using this encryption key.

The procedure of processing is described by the information provider 100 and the user 3.
00 and a database 200 that stores encryption information will be described separately. An example of processing in an organization in which two layers are L1 and L2 and three groups are Ga, Gb, and Gc is shown.

[Information Provider] As shown in FIG. 5, the private key is managed by determining and managing the private key for all layers and groups. In the example of the figure, for example, "K1" is managed as the secret key of the hierarchy "L1", and "Ka" is managed as the secret key of the group "Ga".

When registering the information (P) corresponding to a certain user group, the information is registered by the encryption key (K) obtained by the exclusive OR of the two divided encryption keys (X, Y). )
Encrypt the information using. Encrypted information 210 to register
In (EK (P)), information (EK1 (L1) EL1) obtained by encrypting the hierarchy name (L1) and the split encryption key (X) using the secret key (K1) of the hierarchy included in the user group.
(X)) and the secret key (Ka / Kb) of the group included in the user group, using the group name (Ga / Gb)
And the encrypted supplementary information 220 (EKa (Ga), EKa (Y) / EK) obtained by encrypting the other divided encryption key (Y).
b (Gb) and EKb (Y)) are added.

[User (Level: L1, Group: G
a)] FIG. 5 shows secret key information managed by the user according to the second embodiment of this invention. In the example of the figure, the secret key (K1) of the hierarchy to which the user belongs and the secret key (Ka) of the group are managed.

FIG. 6 is a diagram for explaining the processing when the user refers to information according to the second embodiment of the present invention.

Information is referred to in the layer L1 and the group Ga
When the user belonging to the user searches the database 200, the encrypted supplementary information 220 “EK1 (L1): EK1 (X)”, “EKa (Ga): EKa (Y)”, “EKb () Gb): EKb (Y) ”is passed. Among them, if the hierarchy (L1) to which the user belongs can be obtained as a result of decryption with the private keys (K1) and (Ka) held by the user, the divided encryption key (X) 310 obtained at that time is held. To do. Furthermore, if the group (La) to which the user belongs is obtained by decrypting with the private key (Ka) of the group that he possesses, the divided encryption key (Y) 320 obtained at that time and the secret key of the hierarchy first. Using the encryption key (K) 330 obtained by exclusive OR with the divided encryption key (X) obtained by (Ka), the encryption information (EK
(P)) 340 is decoded. As a result, the information provider 1
The information P from 00 is obtained.

As for information registration, when registering the encrypted information 210 to be shared in a user group including myself as an information provider in the database 200, information on which user group the information is registered is used. The encrypted supplementary information 220 corresponding to the user group is created, and the information to be registered is encrypted as the encrypted supplementary information 210 based on the encrypted supplementary information 220.
Register with 0 in the database 200.

[Database] FIG. 7 shows registration information of a database according to the second embodiment of the present invention. This figure shows registration information for the user groups of the hierarchy L1, the groups Ga, and Ga. When the database 200 manages information, the encrypted supplementary information 220 used when encrypting the encrypted information 210 is added to the encrypted information 210 and managed. The information registered in the database 200 is shown in FIG.
Since the structure is as shown in (1), the user can obtain the encryption key K of the encryption information 210 from the encryption supplementary information 220 by using the hierarchical secret key K1 and the group secret keys Ka and Kb. it can. Further, users belonging to the same layer have a common layer secret key (K1), and users belonging to the same group have a common group secret key (Ka or
Since it has Kb), the information (P) obtained by encrypting the split encryption key with this secret key is common to the users.
Therefore, the amount of information is proportional to the total number of layers and groups even when the encrypted supplementary information 220 corresponding to a user group including the number of users of the number of combinations of layers and groups is generated.

As is clear from this result, the user
Only the private key of the hierarchy and the private key of the group need be managed. Further, it becomes possible to reduce the amount of encrypted supplementary information as compared with the first embodiment.

It should be noted that the present invention is not limited to the above-mentioned embodiment, and in the above-mentioned embodiment, the user is classified into two types of elements, that is, a hierarchy and a group, but the invention is not limited to this example. Replace with other factors such as period, place, etc.
Also, other elements may be added.

Further, although the elements for classifying the users are classified into two types, that is, the hierarchy and the group, the user is not limited to this example, and the user may be classified into N elements. In this case, the user has N secret keys and uses these secret keys to obtain the split encryption key. In the subsequent process, the information provided by the information provider is obtained by decrypting using the divided encryption key as in the above-described embodiment.

[0036]

As described above, according to the present invention, the encrypted supplementary information obtained by encrypting the information encryption key with the user's secret key is associated with the user group. Therefore, since it is not necessary to change the user's private key for each user group, it is not necessary to manage a large number of private keys when all user groups having the same reference authority are set.

[Brief description of drawings]

FIG. 1 is a diagram illustrating the principle of the present invention.

FIG. 2 is a system configuration diagram when referring to shared information according to the first embodiment of this invention.

FIG. 3 is a diagram for explaining a second embodiment of the present invention.

FIG. 4 is a diagram showing a secret key managed by an information provider according to a third embodiment of this invention.

FIG. 5 is a diagram showing information managed by a user according to the second embodiment of this invention.

FIG. 6 is a diagram for explaining a process when a user refers to information according to the second embodiment of this invention.

FIG. 7 is a diagram showing registration information of a database according to the second embodiment of this invention.

FIG. 8 is a diagram showing an outline of a sharing system.

FIG. 9 is a diagram showing an example in which an encryption technique is applied to an information sharing system.

[Explanation of symbols]

 100 information provider 200 database 210 encryption information 220 encryption supplementary information 300 user 310 split encryption key 320 split encryption key 330 encryption key obtained by exclusive OR 340 encryption information

Claims (2)

[Claims] 1. A method for sharing information between a plurality of user groups using a database, wherein an information provider encrypts provided information with an encryption key to generate encrypted information, and the encryption key is used. It is encrypted with a secret key shared in advance by the information provider and a user who has authority to refer to the provided information, and the secret key is stored in a database as encrypted supplementary information together with the encrypted information. A user of a user group having reference authority calculates an encryption key by decrypting the encrypted supplementary information from the encrypted supplementary information obtained from the database using the secret key. A shared information password authorization control method, characterized in that the provided information is obtained by decrypting the encrypted information with the encryption key. 2. The user is classified according to N elements, the encryption key is divided into N as the encryption supplementary information, and the divided divided encryption keys are associated with the respective elements. Claiming a combination of N divided encryption keys obtained by decrypting the encrypted supplementary information with the secret supplemented information to obtain the original encryption key The shared information reference authority control method according to item 1.