JP2009042927A - Information storage device and information management system - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide an information storage device for using stored electronic data even when a user who manages the electronic data is absent for a long time, and which can be used as a general USB memory, and which can be used without care about the failure of the reading precision of the fingerprint. <P>SOLUTION: This information storage device is provided with an R/W (reader/writer) for receiving manager ID or secure ID from an RFID card and a large capacity of storage, and configured to change an area which can be accessed from the terminal of the large capacity of storage based on the manager ID or the secure ID received from the RFID card. Also, this information storage device is provided with a circuit configuration for interrupting access from the terminal to the R/W. <P>COPYRIGHT: (C)2009,JPO&INPIT

Description

  The present invention relates to an information storage device such as a USB memory and an information management system for managing information stored in the information storage device.

2. Description of the Related Art Conventionally, a technique of a data storage device having a USB interface and a fingerprint authentication function has been disclosed for the purpose of realizing a safe work environment for safe carrying of electronic data and data processing using the electronic data. According to this data storage device, access to electronic data requiring high confidentiality is restricted to a legitimate right holder by fingerprint authentication, so that an external storage device as a safe electronic data storage location is realized. be able to.
JP 2006-65705 A

  By the way, since the data storage device having the fingerprint authentication function as described above cannot be authenticated with a fingerprint other than a pre-registered fingerprint, naturally, the data storage is performed due to the transfer or long-term absence of the person who registered the fingerprint. There is a possibility that the electronic data stored in the apparatus cannot be used. In addition, a data storage device (usually called a USB memory) provided with a USB interface has an environment in which the driver is recorded in advance in the operating system and can be used immediately after being connected. When the device has a fingerprint authentication function, it is necessary to register a new device driver in the operating system for recognizing the fingerprint authentication function, and it takes time to prepare an environment that can be used by the user. There is also a problem that fingerprint reading accuracy is unstable.

  Therefore, the present invention can use stored electronic data even in the absence of a user who manages the electronic data for a long period of time, and can be used as a general USB memory. It is an object of the present invention to provide an information storage device and an information management system that can be used without making them.

  In order to achieve the above object, the present invention provides a radio signal receiving means for receiving a radio signal from an information carrier medium that transmits a radio signal of unique identification information by an electromotive force generated by receiving an electromagnetic wave, and information And a unique identification information detecting means for detecting the unique identification information based on a radio signal received from the information carrier medium.

  According to the present invention, the information storage device includes an accessible area changing unit that changes an accessible area of the storage unit based on the detected unique identification information.

  Further, the present invention is characterized in that the above-mentioned information storage device has a circuit configuration for blocking access from an external device to a reader / writer unit that constitutes the wireless signal receiving means and the unique identification information detecting means. To do.

  Further, according to the present invention, the information storage device described above includes a temporary setting file generation unit that generates a temporary setting file for storing the detected unique identification information, and the unique identification information stored in the temporary setting file is unique to the administrator. When designation as identification information is received from the external device, an administrator setting file generating means for generating an administrator setting file for storing unique identification information read from the temporary setting file, and storing in the temporary setting file Secure user setting file for generating a secure user setting file for storing the unique identification information read from the temporary setting file when the specified identification information is the unique identification information of the secure user received from the external device Generating means.

  According to the present invention, the above-mentioned information storage device, the accessible area changing means, the unique identification information received from the information carrier medium is stored in either the administrator setting file or the secure user setting file. It is characterized by determining whether it is unique identification information, and changing a predetermined area to an accessible area from the external device based on the determination result.

  The present invention also includes a wireless signal receiving means for receiving the wireless signal from an information carrier medium that transmits a wireless signal of unique identification information by an electromotive force generated by receiving electromagnetic waves, a storage unit for storing information, Unique identification information detection means for detecting the unique identification information based on a radio signal received from the information carrier medium, and accessible area change for changing an accessible area of the storage unit based on the detected unique identification information A terminal device comprising: an information storage device comprising: means for reading; information reading means for reading information stored in the accessible area of the information storage device; and information display means for displaying the read information; And an information management system characterized by comprising:

  According to the present invention, in the information management system described above, the information storage device is configured to block access from an external device to a reader / writer unit constituting the wireless signal receiving means and the unique identification information detecting means. It is characterized by having.

  According to the present invention, in the information management system described above, the information storage device includes a temporary setting file generating unit that generates a temporary setting file for storing the detected unique identification information, and a unique identification stored in the temporary setting file. An administrator setting file generating means for generating an administrator setting file for storing the unique identification information read from the temporary setting file, when the specification is received from the external device, the information is the unique identification information of the administrator; If the external device accepts the specification that the unique identification information stored in the temporary setting file is the unique identification information of the secure user, a secure user setting file for storing the unique identification information read from the temporary setting file is stored. Secure user setting file generation means for generating, and changing the accessible area The stage determines whether the unique identification information received from the information carrier medium is the unique identification information stored in the administrator setting file or the secure user setting file, and is determined in advance based on the determination result. The area is changed to an area accessible from the external device.

  According to the present invention, since user authentication is performed using an information carrier medium, when a person other than the user managing the data wants to view the electronic data recorded in the USB memory, the data is stored. Any information carrier medium for the user to be managed is sufficient. Therefore, the electronic data can be used even when the user who manages the electronic data is absent for a long time. Further, when the administrator setting file and the secure user setting file are not stored in the large-capacity storage, the general storage can be used as a USB memory because the large-capacity storage is not locked. In addition, since authentication is performed using an information carrier medium, it can be used without worrying about a defect in fingerprint reading accuracy during authentication.

Hereinafter, an information management system according to an embodiment of the present invention will be described with reference to the drawings.
FIG. 1 is a block diagram showing the configuration of the information management system according to the embodiment. In this figure, reference numeral 2 is a USB (Universal Serial Bus) memory, 3 is a terminal that reads electronic data stored in the USB memory 2, writes electronic data to the USB memory 2, and displays the electronic data. It is. Reference numeral 10a denotes an administrator RFID card which is an information carrying medium storing an administrator ID, and 10b denotes a secure user RFID card which is an information carrying medium storing a user ID of a secure user. The secure user accesses a specific storage area in the large-capacity storage mounted on the USB memory 2 and cannot be accessed by a general user, and uses an electronic file stored in the storage area. A user who can.

  The USB memory 2 includes an R / W (reader / writer) 21, an antenna 22, a controller 23, a large-capacity storage 24, LEDs (Light Emitting Diodes) 25a to 25c, and an I / F (interface) 27. The terminal 3 includes I / Fs (interfaces) 31a to 31c, an OS processing unit 32 that performs processing of the operating system, an authentication setting processing unit 33 that determines whether or not an administrator ID or user ID can be registered for authentication, and the like. A database 34 for storing information, a controller 35 for controlling each processing unit of the terminal 3, and a display unit 36 for displaying electronic data are provided.

  In such an information management system, in a state where the USB memory 2 is connected to the terminal 3, the USB memory 2 receives the administrator ID or the secure user ID from the administrator RFID card 10a or the secure user RFID card 10b. Is received by a wireless signal, and processing for changing an area accessible from the terminal 3 in the large-capacity storage 24 is performed according to the received ID of the USB memory 2.

  The large-capacity storage 24 is a flash memory, for example, and is physically or logically divided into a plurality of areas. As shown in FIG. 1, the large-capacity storage 24 according to the present embodiment is physically or logically divided into three storage areas 24a to 24c. The storage area 24c includes an administrator setting file 29a. The secure user setting file 29b and the temporary setting file 29c are stored. The administrator setting file 29a stores an administrator ID, the secure user setting file stores a secure user ID, and the temporary setting file 29c stores an administrator ID or a secure user setting file by processing described later. The temporary setting file 29c is a file for temporarily storing the administrator ID or the secure user ID before storing them in the administrator setting file 29a or the secure user setting file 29b.

  In this embodiment, each of the LEDs 25a to 25c is a light-emitting diode that blinks depending on the state of the USB memory 2, and the LED 25a is used by an administrator when receiving an administrator ID. Lights in the case of a state indicating that it can be performed and a state indicating an authentication error of the administrator ID. The LED 25b is lit in a state indicating standby for receiving a secure user ID, a state indicating that a secure user can be used by receiving the secure user ID, and a state indicating an authentication error of the secure user ID. The LED 25c is lit when accessing electronic data stored in the mass storage 24.

FIG. 2 is a first diagram showing a processing flow of authentication setting in the information management system.
FIG. 3 is a second diagram showing a processing flow of authentication setting in the information management system.
Next, a processing flow at the time of authentication setting in the information management system will be described with reference to FIGS.
First, the administrator registers in the USB memory 2 an administrator who can use the USB memory 2 and a secure user. At this time, the administrator connects the I / F 27 of the USB memory 2 to any of the I / Fs 31a to 31c of the terminal 3 owned by the administrator. When connected to the terminal 3, the USB memory 2 is powered on (step S101). When the power is turned on, the controller 23 of the USB memory 2 determines whether or not the temporary setting file 29c is stored in the storage area 24c of the large-capacity storage 24 (step S102). The temporary setting file 29c is deleted (step S103). If the controller 23 determines that the temporary setting file is not stored in the storage area 24c of the large-capacity storage 24, the controller 23 instructs the R / W 21 to start polling (step S104). In the following processing, the controller 23 always determines whether or not the temporary setting file is stored in the storage area 24c of the large-capacity storage 24. If the temporary setting file is not stored, the controller 23 always starts polling to the R / W 21. Instruct. Polling means that the antenna 22 transmits a radio signal under the control of the R / W 21.

  Here, the antenna 22 outputs an electromagnetic wave by RFID technology. Then, the administrator RFID card 10a or the secure user RFID card 10b receives the electromagnetic wave transmitted from the antenna 22 of the USB memory 2, activates the power by the induced electromotive force obtained from the electromagnetic wave, and is recorded in the memory in advance. ID is transmitted by radio signal (electromagnetic wave) (administrator RFID card 10a transmits administrator ID, secure user RFID card 10b transmits secure user ID). At this time, the LED 25a and LED 25c of the USB memory 2 are blinking to indicate an ID reception waiting state (that is, waiting for reception of an administrator ID or a secure user ID).

  When the USB memory 2 is turned on, the controller 23 determines whether or not an administrator setting file is stored in the storage area 24c of the large-capacity storage 24 (step S105). If 29a is not stored (the administrator setting file is not stored at the time of initial setting), it is recognized as a normal USB memory (step S106), and all users have specified storage areas (for example, storage areas). 24a and 24b) are determined to be accessible. Further, the OS processing unit 32 of the terminal 3 performs a driver setup process for the USB memory 2 (step S107), and recognizes the connection of the USB memory 2. Then, after the driver setup process is completed, the controller 35 of the terminal 3 recognizes the storage areas 24a and 24b of the mass storage 24 in the USB memory 2 as file areas (step S108). As a result, the terminal 3 can be used as a normal USB memory.

  Next, the administrator instructs the terminal 3 to start the authentication setting application program in order to set the authentication function for the USB memory 2. When the terminal 3 receives an instruction to start the authentication setting application program (step S109), the terminal 3 starts the program, and thereby the authentication setting processing unit 33 is configured in the terminal 3. Then, the authentication setting processing unit 33 determines whether or not the administrator setting file 29a is stored in the storage area 24c of the large-capacity storage 24 (step S110), and the administrator setting file 29a is not stored. In this case (not stored at the time of initial setting), it is determined that the administrator has not been set, and first, a process for displaying the administrator setting screen on the display unit 36 is performed (step S111). This administrator setting screen is, for example, “Please hold the administrator RFID card. Is displayed on the screen.

  Next, the administrator holds the administrator RFID card 10 a over the USB memory 2. As a result, the administrator RFID card 10a transmits the administrator ID as a wireless signal, and the antenna 22 receives the signal (step S112). The R / W 21 detects the manager ID from the radio signal, and transmits the manager ID to the controller 23. When the controller 23 receives the administrator ID from the R / W 21, the controller 23 generates a temporary setting file 29 c storing the administrator ID (step S <b> 113) and writes it in the storage area 24 c of the mass storage 24. Then, the controller 23 notifies the R / W 21 of the end of polling when the temporary setting file 29c is generated and the file is written to the storage area 24c. Thereby, the R / W 21 ends the polling process (step S114). Further, when the manager ID is received, the manager's usage mode is set, and only the LED 25a is lit (that is, the manager usage mode is indicated). The authentication setting processing unit 33 displays an administrator ID registration confirmation message on the display unit 36 when the administrator use mode is set (step S115). This message is, for example, “RFID recognized. Do you want to register this RFID ID as an administrator ID? <Yes> <No> ”. The display unit 36 displays <Yes> and <No> character strings in the administrator ID registration confirmation message so that they can be designated (designated by a mouse or the like).

  When the administrator designates <Yes> in the administrator ID registration confirmation message and instructs to register the received ID as the administrator ID, the authentication setting processing unit 33 passes the USB memory via the controller 35. An instruction to generate the administrator setting file 29a is output to the second controller 23 (step S116). Then, the controller 23 reads the administrator ID stored in the temporary setting file, generates the administrator setting file 29a storing the administrator ID (step S117), and writes it in the storage area 24c. This completes the administrator settings.

When the authentication setting processing unit 33 detects the completion of the administrator setting, the authentication setting processing unit 33 next displays a secure user setting screen for starting registration processing as a secure user on the display unit 36 (step S118). . This secure user setting screen is, for example, a screen on which a message “Do you want to register a secure user RFID card <Yes><No>” is displayed. When the administrator selects <Yes>, the temporary setting file 29c is deleted, and the administrator holds the secure user RFID card 10b over the USB memory 2. As a result, the secure user RFID card 10b transmits the secure user ID as a radio signal, and the antenna 22 receives the signal (step S119). The R / W 21 detects the secure user ID from the radio signal and transmits the secure user ID to the controller 23.
If the administrator selects <No>, the process ends without creating the secure user setting file 29b. However, the authentication setting process is performed after the USB memory 2 is connected to the terminal 3 and authenticated as the administrator later. The procedure can be performed again by the unit 33.

  When the controller 23 receives the secure user ID from the R / W 21, the controller 23 generates a temporary setting file 29 c storing the secure user ID (step S 120) and writes it in the storage area 24 c of the mass storage 24. Then, the controller 23 notifies the R / W 21 of the end of polling when the temporary setting file 29c (secure user ID is stored) is generated and written to the storage area 24c. Thereby, the R / W 21 ends the polling process. When the temporary setting file 29c storing the secure user ID is generated, the authentication setting processing unit 33 displays a secure user ID registration confirmation message on the display unit 36 (step S121). This message is, for example, “RFID recognized. Do you want to register this RFID ID as a secure user ID? <Yes> <No> ”. The display unit 36 displays <Yes> and <No> character strings in the secure user ID registration confirmation message so that they can be designated (designated by a mouse or the like).

  When the administrator designates <Yes> in the secure user ID registration confirmation message and instructs to register the received ID as the secure user ID, the authentication setting processing unit 33 passes the USB memory via the controller 35. An instruction to generate the secure user setting file 29b is output to the second controller 23 (step S122). Then, the controller 23 reads the secure user ID stored in the temporary setting file, generates a secure user setting file 29b storing the secure user ID (step S123), and writes it in the storage area 24c. This completes the setting of the first secure user.

  With the above processing, the administrator setting file 29a and the secure user setting file 29b are stored in the storage area 24c of the large-capacity storage 24 in the USB memory 2. In this state, the administrator or the secure user set as the first user accesses a specific storage area in the large-capacity storage 24 of the USB memory 2 and cannot be accessed by a general user, and stores the storage area. The electronic file stored in the area can be used. In addition, after the setting of the first secure user is completed, a menu screen is displayed on the display unit 36, and an instruction for setting the next secure user is received on the menu screen, and the processing from step S118 to step S123 is performed. Thus, the next secure user registration process may be performed. In that case, in addition to the first secure user ID, the second secure user ID is additionally recorded in the secure user setting file 29b. The processing for the number of secure user registrations can be repeated.

  If only the administrator setting file 29a is stored in the storage area 24c of the large-capacity storage 24 in steps S110 and S105 described above, the authentication setting processing unit 33 displays the menu screen on the display unit 36. On the menu screen, an instruction for registering a secure user is accepted, and then a secure user setting screen is displayed on the display unit 36, and the processes in steps S118 to S123 are performed, so that only the secure user is registered. It may be. Alternatively, the administrator ID may be changed on the menu screen, and the processes in steps S111 to S117 may be performed to change the administrator ID.

FIG. 4 is a diagram showing a processing flow in the USB memory when the USB memory is used.
Next, a processing flow in the USB memory when the secure user uses the USB memory will be described with reference to FIG.
First, the secure user connects the I / F 27 of the USB memory 2 to any of the I / Fs 31a to 31c of the terminal 3 owned by the secure user. When connected to the terminal 3, the USB memory 2 is powered on (step S201). When the power is turned on, the controller 23 of the USB memory 2 determines whether or not the temporary setting file 29c is stored in the storage area 24c of the large-capacity storage 24 (step S202). The temporary setting file 29c is deleted (step S203). If the controller 23 determines that the temporary setting file is not stored in the storage area 24c of the large-capacity storage 24, the controller 23 instructs the R / W 21 to start polling (step S204). At this time, the LED 25a and LED 25c of the USB memory 2 blink, indicating an ID reception waiting state.

  Further, when the USB memory 2 is turned on, the controller 23 determines whether or not the administrator setting file 29a and the secure user setting file 29b are stored in the storage area 24c of the large-capacity storage 24 (step S30). S205). Here, when both the administrator setting file 29a and the secure user setting file 29b are stored (if the administrator and the secure user have been registered in the USB memory 2, the administrator setting file 29 29a and the secure user setting file 29b), until the authentication using the administrator RFID card or the secure user RFID card is completed, the storage area of the large-capacity storage 24 is not allowed to be recognized as a normal USB memory. Access from the terminal 3 is locked (step S206). In step S205, if the administrator setting file 29a or both the administrator setting file 29a and the secure user setting file 29b are not stored, the process of step S106 is started as an initial setting.

  Next, in step S205, when both the administrator setting file 29a and the secure user setting file 29b are stored, the LED 25a and the LED 25c of the USB memory 2 blink, so that the secure user connects the secure user RFID card to the USB. The necessity of holding over the memory 2 is grasped, and the secure user RFID card held by itself is held over the USB memory 2. (If necessary, it is also possible to display a message “Please hold the card” on the terminal 3.) As a result, the secure user RFID card 10b transmits a secure user ID as a radio signal, and the signal is transmitted to the antenna 22. Is received (step S207). The R / W 21 detects the secure user ID from the radio signal and transmits the secure user ID to the controller 23.

  When the controller 23 receives the secure user ID from the R / W 21, the controller 23 generates a temporary setting file 29 c storing the secure user ID (step S 208) and writes it in the storage area 24 c of the mass storage 24. Then, the controller 23 notifies the R / W 21 of the end of polling when the temporary setting file 29c (secure user ID is stored) is generated and written to the storage area 24c. Thereby, the R / W 21 ends the polling process (step S209). When the temporary setting file 29c storing the secure user ID is generated, the controller 23 obtains the ID stored in the temporary setting file 29c generated in step S120 and the ID stored in the secure user setting file 29b. In comparison, it is determined whether or not they have the same ID value (step S210). If the comparison result is not the same ID value, the controller 23 deletes the temporary setting file 29c, performs a process of rapidly blinking the LED 25a and the LED 25c, and controls the R / W 21 to start polling again. (Step S211). That is, the operation of notifying the user to hold the secure user RFID card 10b again is performed.

  If the comparison results in step S209 are the same, the controller 23 stops the LED 25a and the LED 25c from blinking, turns on the LED 25c, and controls the terminal 3 to the mass storage 4 in the USB memory 2. The access lock from is released (step S212). As a result, the terminal 3 recognizes the connection of the USB memory 2. Further, the controller 35 of the terminal 3 recognizes the storage area 24a of the large-capacity storage 24 as a file area. Note that when the administrator uses the USB memory 2, the processing of step 201 to step 210 is performed using the administrator ID. That is, the USB memory 2 receives the administrator ID, generates a temporary setting file for the administrator ID, and if the ID stored in the temporary setting file matches the ID stored in the administrator setting file 29a, the terminal The access lock from 3 is released.

  Here, the controller 23 accesses from the terminal 3 in the storage area of the large-capacity storage 24 based on whether the ID that is the same as a result of the comparison in step S209 is an administrator ID or a secure user ID. The possible area may be changed. For example, if the ID that is the same as a result of the comparison in step S209 is an administrator ID, the controller 23 controls the storage areas 24a and 24b to be accessible from the terminal 3, and the comparison in step S209 is performed. When the IDs having the same result are secure user IDs, control is performed so that only the storage area 24a can be accessed from the terminal 3. By storing electronic data in a storage area that can be accessed only by a user who has been successfully authenticated using an RFID card, the user who has succeeded in authentication can use the electronic data recorded in the USB memory 2 by other users. It can be stored without

In addition, since the user authentication is performed by using the RFID card with the configuration of the terminal 3 and the USB memory 2 as described above, the electronic data recorded in the USB memory 2 is not a user who manages the data. If the person wants to browse, it is sufficient if there is an RFID card of the user who manages the data. Therefore, the electronic data can be used even when the user who manages the electronic data is absent for a long time. Further, when the administrator setting file and the secure user setting file are not stored in the large-capacity storage, the general storage can be used as a USB memory because the large-capacity storage is not locked. In addition, since authentication is performed using an RFID card, it can be used without worrying about problems with fingerprint reading accuracy during authentication.
In addition, the information carrier medium used for authentication is not limited to the RFID card, and may be in any shape other than a card shape such as a non-contact IC tag as long as it is a medium capable of non-contact communication by electromagnetic waves. Alternatively, a composite device such as a mobile phone equipped with a non-contact IC tag may be used.

  Note that the above-described terminal and USB memory 2 have a computer system inside. The process described above is stored in a computer-readable recording medium in the form of a program, and the above process is performed by the computer reading and executing this program. Here, the computer-readable recording medium means a magnetic disk, a magneto-optical disk, a CD-ROM, a DVD-ROM, a semiconductor memory, or the like. Alternatively, the computer program may be distributed to the computer via a communication line, and the computer that has received the distribution may execute the program.

  The program may be for realizing a part of the functions described above. Furthermore, what can implement | achieve the function mentioned above in combination with the program already recorded on the computer system, and what is called a difference file (difference program) may be sufficient.

It is a block diagram which shows the structure of an information management system. It is a 1st figure which shows the processing flow of the authentication setting in an information management system. It is a 2nd figure which shows the processing flow of the authentication setting in an information management system. It is a figure which shows the processing flow in the USB memory at the time of USB memory use.

Explanation of symbols

10a: administrator RFID card 10b: secure user RFID card 2 ... USB memory 3 ... terminal 21 ... R / W
22 ... Antenna 23, 35 ... Controller 24 ... Mass storage 24a, 24b, 24c ... Storage area 25a, 25b, 25c, ... LED
27, 31a, 31b, 31c ... I / F
29a ... Administrator setting file 29b ... Secure user setting file 29c ... Temporary setting file 32 ... OS processing unit 33 ... Authentication setting processing unit 34 ... Database 36 ... Display unit

Claims (8)

Radio signal receiving means for receiving the radio signal from an information carrier medium that transmits a radio signal of unique identification information by electromotive force generated by receiving electromagnetic waves;
A storage unit for storing information;
Unique identification information detecting means for detecting the unique identification information based on a radio signal received from the information carrier medium;
An information storage device comprising: Accessible area changing means for changing an accessible area of the storage unit based on the detected unique identification information;
The information storage device according to claim 1, further comprising:   3. The information according to claim 1, further comprising a circuit configuration that blocks access from an external device to a reader / writer unit that constitutes the wireless signal receiving unit and the unique identification information detecting unit. Storage device. Temporary setting file generating means for generating a temporary setting file for storing the detected unique identification information;
When the external device receives a specification that the unique identification information stored in the temporary setting file is the unique identification information of an administrator, an administrator setting file for storing the unique identification information read from the temporary setting file is stored. An administrator setting file generation means to generate;
If the external device accepts the specification that the unique identification information stored in the temporary setting file is the unique identification information of the secure user, a secure user setting file for storing the unique identification information read from the temporary setting file is stored. Secure user setting file generating means for generating;
The information storage device according to claim 1, further comprising: The accessible area changing unit determines whether the unique identification information received from the information bearing medium is the unique identification information stored in the administrator setting file or the secure user setting file, and the determination result The information storage device according to any one of claims 2 to 4, wherein a predetermined region is changed to a region accessible from the external device. From the information carrier medium that receives the radio signal from the information carrier medium that transmits the radio signal of the unique identification information by the electromotive force generated by receiving the electromagnetic wave, the storage unit that stores the information, and the information carrier medium Unique identification information detecting means for detecting the unique identification information based on a received radio signal; and accessible area changing means for changing an accessible area of the storage unit based on the detected unique identification information. An information storage device,
A terminal device comprising: information reading means for reading information stored in the accessible area of the information storage device; and information display means for displaying the read information;
An information management system comprising: The information storage device has a circuit configuration that blocks access from an external device to a reader / writer unit that constitutes the wireless signal reception unit and the unique identification information detection unit. Information management system. The information storage device includes:
Temporary setting file generating means for generating a temporary setting file for storing the detected unique identification information;
When the external device receives a specification that the unique identification information stored in the temporary setting file is the unique identification information of an administrator, an administrator setting file for storing the unique identification information read from the temporary setting file is stored. An administrator setting file generation means to generate;
When the external device accepts the designation that the unique identification information stored in the temporary setting file is the unique identification information of the secure user, a secure user setting file for storing the unique identification information read from the temporary setting file is stored. Secure user setting file generation means for generating,
The accessible area changing unit determines whether the unique identification information received from the information bearing medium is the unique identification information stored in the administrator setting file or the secure user setting file, and the determination result The information management system according to claim 6 or 7, wherein a predetermined area is changed based on an area accessible from the external device.

Images