JPS59122254A - Protecting method of data - Google Patents

Abstract

PURPOSE:To obtain a data protecting method capable of transmission of data securely by ciphering the data in a processing medium having a ciphering program to transmit the data and deciphering the ciphered data in a processing medium having a deciphering program at a remote place. CONSTITUTION:Data from an automatic transacting device are supplid to a CPU 3 in a converter 1. The CPU3 sends the received data to an IC card 10 through an IC card reading/writing part 21 to cipher the data by a ciphering program in the IC card 10. The ciphered data are stored in a floppy disk 13. The disk 13 is transmitted to a converter 2 in a remote place and deciphered by a deciphering program in the IC card 10 and the deciphered data are sent to a center.

Description

[Detailed Description of the Invention] [Technical Field of the Invention] The present invention is directed to data protection in devices that transmit data between an offline terminal in a financial institution, that is, an automated transaction device installed in a company, and a center. Data related to Hoei Swordsmith.

[Technical background of the invention]

Traditionally, when transmitting data between an offline terminal at a financial institution, i.e., an automated transaction device installed at a company, etc., and a center, the data is transmitted via a signal line that connects the automated transaction device and the center. ing. In order to perform this transmission, data is encrypted using a predetermined encryption key and then transmitted, and the encrypted data is decrypted at the destination using the encryption key.

[Problems with background technology]

However, in the above-mentioned automatic transaction devices,
Since the operator handling the center knows the encryption key, it is possible to read the data on the signal line, which poses a security problem. Even if an attempt was made to protect it, the encryption key would have to be changed for each user, which would be impossible.

[Purpose of the invention]

This invention was made in view of the above circumstances, and its purpose is to provide data that can be protected and safely transmitted when transmitting data from a data source to a remote location. The purpose is to provide a protection method.

[Narrowness of the invention]

This encrypted data is transmitted to a remote location, and the data is decrypted at the remote location.

[Embodiments of the invention]

An embodiment of the present invention will be described below with reference to the drawings.

In Figures 1 and 2, 1 is a data conversion device connected to an automatic transaction device (not shown) installed in a company, etc., and 2 is a data conversion device connected to a center (not shown) installed in a financial institution. It is a data conversion facility. The data conversion device 1 converts data (transaction data) supplied from an automatic transaction device into encrypted data using an IC chip 15 of an IC card 10, which will be described later, and stores the conversion result in a storage medium, such as a floppy disk, which will be described later. The parable is structured as follows. In other words, 3 is a CPU (central processing unit) that controls the entire system, 4 is a keyboard for inputting passwords, 5 is a CRT display device, and 6 is a ROM (read-only) in which a control program is stored. 7 is a RAM (random access 1 memory) in which data is stored; 8 is an information processing medium inserted from the card insertion slot 9, for example, contacts a contact portion 19 of an IC chip 15 on the IC card 10, which will be described later. By this, C.P.
1 outputs data from U5 to CPU 16 in IC chip 15 and outputs data from CPU 16 to CPU 5; This is a floppy disk device that records and plays data.

The IC card IO is provided with a magnetic stripe section 14 and an IC chip 15, as shown in Figure 3. The above IC
The C tag 5 is connected to a CPU 6 for control as shown in FIG.
, a ROM 17 in which a control program, a password, and an encryption program are stored, a RAMzs for data storage, and a contact section 19.

The CPU 16 outputs the password stored in the ROMz7 and inputs the supplied transaction data to I(, OMZ7).
The encrypted data can be encrypted according to the encryption program and the encrypted data can be output, or the supplied encrypted data
Decryption is performed according to the decryption log 2m corresponding to the above-mentioned encryption program of OMzv, and the decrypted data is output. An example of a method for encrypting data using the above encryption program is Date Enc.
ryption 5 standard (DES)
It has been known.

The IC card reading and loading section 8 is configured as shown in FIG. 5, for example. That is, a bus 34 is provided to transport the IC card 10 inserted from the card insertion slot 9. The transport bus 34 is provided with a plurality of pairs of rotatable transport rows 236, which are positioned so as to sandwich the IC card 10 from above and below when it is transported.

The conveyance rollers 36 are arranged along the conveyance path 34 at equal intervals. The distance between these transport rows 236 in the transport direction is such that the distance from the center of one transport roller 36 to the center of an adjacent transport roller 36 is equal to the width of the card in the transport direction. Therefore, the IC card 10 can be smoothly moved on the transport bus 34. This transport bus 34 is defined by a transport guide 38. Further, on the conveyance guide 38, a C-chip reading and removing device 21 is disposed in the manner of 甫收=q珈1鷹目-久下IJ2連=.

The data conversion device 2 also includes a floppy disk device 11.
It outputs the encrypted data supplied from the IC to the center via the CPU 5, and has the same configuration as the data conversion device 1, so a description thereof will be omitted.

Next, the operation in such a configuration will be explained. For example, right now, the handler inserts the card into the card slot 9 of the data converter l.
Insert C card IO.

Then, the IC card 10 is taken into the card reading storage part 8, the contact part 19 of the IC chip 15 and the IC chip reading book 4grl are electrically connected, and the IC chip reading enrichment device 21 reads the IC chip 15. The password stored in R and OMzy is read. The output of the IC chip reading/writing device is supplied to the CPU 3. With 0,
The handler inputs a password indicating the handler of the IC card 1o using the keyboard 4. Then, the CPU 3 compares the password from the keyboard 4 and the password read from the ROMz7 of the IC chip 15 to see if they match. If the results match, the CPU 5 determines that the IC card 10 for the correct handler has been inserted by the correct handler. And the CPU? is shown in Figure 1 (-Transaction data supplied from the automatic transaction device is supplied to the CPU 76 in the IC chip 15 via the ICC card reader 8. As a result, the CPU 16 converts the supplied data into a code in the ROM 1y. The encrypted data is encrypted according to the encryption program and output to the CPU 3 via the I17 reading/writing section 8.Then, the CPU,
9 causes the floppy disk device 11 to sequentially store the encrypted data on the floppy disk 13.

In this way, a data conversion device 2 is installed that connects the PTS disk I3 (in which transaction data is stored) and the IC card IO (used at this time) to a center (not shown) installed at a financial institution. Then, the bearer (handler) of the floppy disk 13 and IC cart 910 inserts the IC card into the card insertion slot 9 of the data conversion device 2, and
Insert floppy disk 13 into floppy disk insertion slot 1
Insert into 2. Then, the IC card 10 is taken into the ICC card reading/writing section, electrically connected to the contact section 19 of the IC chip 15, and stored in the ROM 1y in the IC chip 15 by the IC card reading/writing section 8. The password is read and supplied to the CPU 5. Also, 7
The disk device 11 sequentially reads out transaction data (encrypted data) on the floppy disk 13, CPo, 9.
Output to. Next, the handler inputs a password indicating the handler of the IC card 10 using the keyboard 4. Then, the CPU 3 compares the password from the keyboard 4 and the password read from the RAMZ7 of the IC chip 15 to see if they match.

If the result is a match, the CPU 3 determines that the card has been inserted into the IC cart by the correct handler. Then, the CPU 5 transfers the encrypted data of the 70-bit disk device 11 to the IC card reading/writing section 8.
It is supplied to the CPU 76i in the IC chip 15. Then,
The CPU 1-6 decrypts the supplied encrypted data using the decryption program 2 in the ROM 1z, and
It is output to the CPU 3 via the card reading/writing section 8. Thereby, the CPU 5 outputs the decrypted transaction data to a center (not shown).

In this way, when data is exchanged using a floppy disk, that is, an offline storage medium, the data on the floppy disk can be managed by the IC card held by the bearer (handler), and safety is guaranteed. Additionally, when inserting an IC card, the authenticity of the handler is determined based on whether the PIN number on the IC card matches the input PIN number, so the legitimacy of the handler is guaranteed. TomoK, the validity of the floppy disk is guaranteed.

In the above embodiments, a floppy disk was used as the off-line storage medium, but the present invention is not limited to this, and magnetic data, magnetic disks, optical disks, etc. may also be used. Further, although the storage medium is brought offline, the data may be transferred online. In this case, IC card designation data is transferred together with the data, and processing is performed with the IC card according to this designation data. Furthermore, although the description has been made regarding the transmission of data between the automated teller machine and the customer, the present invention is not limited to this, and can be implemented in the same way as long as the data is transmitted between two devices.

Further, although an IC card is used as the information hxK medium, the present invention is not limited to this, and a passbook with an embedded IC chip may also be used.

〔Effect of the invention〕

As described in detail above, according to the present invention, when transmitting data from a data source to a remote location, it is possible to protect the data and provide a data protection system that allows data to be transmitted safely.

[Brief explanation of drawings]

The drawings are for explaining one embodiment of the present invention, and FIG. 1 is a perspective view of a data conversion device, FIG. 2 is a block diagram schematically showing the configuration of the data conversion device, and FIG. 3 is an IC card. FIG. 4 is a block diagram showing the structure of the IC chip, and FIG. 5 is a cross-sectional view schematically showing the structure of the IC card reading pledge section. 1.2...Data conversion device, 3...CPU, 4.Keyboard, 8...Card reading oath unit, 10...IC
Card (information processing medium), 11... Floppy disk device, I4... Magnetic stripe section, 15... IC
Chip, 16...CPU, z7...ROM. 18...RAM, z 9...Contact part, 2
l-IC chip reader/writer = ↓↓One cup of momome and three belly number of five 0 Applicant's agent Patent attorney Suzue Takehiko 0-B. to the Commissioner of the Japan Patent Office Kazuo Wakasugi 1, of the case Indication Patent Application No. 57-233512 2, Name of the invention Data protection method 3, Relationship with the case of the person making the amendment Patent applicant (307) Tokyo Shibaura Electric Co., Ltd. 4, Agent 6, Subject of amendment Figure 1 ( 1) On page 5, line 19 of the specification, [1)ate
Correct "J" to "i Data j". (2) From the 3rd line to the 4th line of page 6 of the specification, the statement ``Ic card 1θ is transported by the transport path 34'' is 1-
The transport path 34 that transports the IC card 1θ is corrected. (3) On the 18th line of the same page, place the word ``arrangement''.''
I am corrected. (4) On page 7, line 3 of the specification, “decryption (deciphering)
``Program'' has been corrected to ``Decryption Program''. (5) In the fourth line of page 10 of the specification, the phrase "decryption (cryptoanalysis)" is corrected to "decryption." (6) In Figure 3 of the drawing, the code "11" is corrected to "14" as shown in the attached drawing.

Claims (1)

[Claims] A device for transmitting data from a data source to a remote location, comprising: means for receiving data from the data source; encryption means for encrypting the received data within an information processing medium having an encryption program; a transmission means for transmitting encrypted data to a remote location, a means for receiving the encrypted data transmitted by the transmission means, and a decryption program corresponding to the encryption program for the encrypted data received by the means. 1. A data protection method characterized by comprising a means for decoding within an information processing medium.