Electronic data storage apparatus, system and method

Details Electronic data storage apparatus, system and method Electronic data storage apparatus, system and method

1998-07-29

2002-07-16

Peeso, Thomas R. (Department: 2132)

Electrical computers and digital processing systems: support

Multiple computer communication using cryptography

Particular communication authentication technique

C713S170000, C713S176000, C713S180000

Reexamination Certificate

active

06421779

ABSTRACT:

BACKGROUND OF THE INVENTION
FIELD OF THE INVENTION
The present invention relates to an electronic data storage system, and more specifically to an electronic data storage apparatus, system, and method for safely protecting electronic data against illegal amendments and deletion, and maintaining the sufficient legal evidence of the electronic data.
Conventionally, the first method of storing electronic data with reliability is to have a reliable third party TTP (Trusted Third Party) and trust the TTP with the electronic data.
FIG. 1
shows the data reliability guarantee system through the TTP.
In
FIG. 1
, the TTP stores data with the electronic signatures of, for example, A and B to process the data as a reliable agreement between A and B. The electronic signatures indicating the agreement of A and B can be represented as an RSA which is a public key encryption based on the factorization in prime numbers, the oval curve, or an individual key shared by the TTP, A, and B. There has been the problem that, when the electronic data is stored by the TTP, A cannot deny to B that A has agreed with the electronic data because the data with the electronic signature of A is stored by the TTP even though A insists later that A has not agreed with the electronic data.
FIG. 2
shows that a large volume of electronic data is stored by the TTP. In the system using the TTP, each time a transaction such as a contract made between A and B, etc. occurs, it is necessary to store data of the contract, etc. With the increasing number of transactions, the volume of the electronic data to be stored greatly increases. Apart from the problem of the maintenance of the reliability of a document, the electronic data is stored for each transaction so that B cannot deny the fact that A and B agreed with the electronic data, that is, so that the agreement cannot be denied later. This produces the problem that data is concentrated. As a result, it is recommended that the reliability of data is guaranteed while the data is distributed for storage to avoid the concentration of data for all transactions.
FIG. 3
shows the necessity of the network security and the data security to, for example, store and transmit electronic data with sufficient legal evidence maintained. In
FIG. 3
, the network security can be realized by encrypting data, submitting identification papers, and transmitting the electronic data with electronic signatures to avoid illegal amendments through a network. However, even if the transferred data is stored as a certificate and accompanying electronic signatures on, for example, floppy disks, the security of the data cannot be guaranteed if the data is illegally amended or deleted. Therefore, the security of the stored electronic data should be guaranteed.
FIG. 4
shows the second method of storing electronic data on paper with the sufficient legal evidence of the electronic data maintained. As shown in
FIG. 4
, the data such as a contract of a corporation, a final return of a government office, a patient's card in hospital, etc. should be legally stored for a predetermined period. When such legally stored data are managed on a medium such as a hard disk, a floppy disk, etc., they can possibly be illegally amended or deleted. Therefore, according to the conventional technology, the data should have been printed on paper for storage. Under such circumstances, the security of electronic data should be guaranteed as well as the data printed on paper.
FIG. 5
shows the four conditions required for the electronic data storage system to realize the security of, as well as retrieve, the data printed on paper for storage. The first condition relates to retention of data. In the retention period, data should be stored in a restorable state. The second condition relates to the correctness of data. The data should be retrieved as correct data. The third condition relates to readability. The contents of data should be read as necessity. The fourth condition relates to legal evidence. The data should be maintained with legal evidence for use in a trial.
The above listed four conditions have been required in the electronic data storage system to realize the security obtained by the data written on paper.
As described above, in the first conventional method of storing electronic data, that is, in the method to be followed by a TTP, there is the problem that the storage capacity and the performance of the TTP is limited because the electronic data is concentrated on the TTP, and the problem that, the reliability of data is not guaranteed when, for example, an electronic signature is realized by a shared individual key and the key is accidentally lost.
In the second method, that is, when electronic data is printed and stored on paper, there is the problem about the place for storage of the paper, and about the labor required to search for necessary data and reenter data when the data is reused. These operations are labor-intensive, costly, and inefficient.
SUMMARY OF THE INVENTION
The present invention aims at realizing an electronic data storage apparatus capable of distributing and managing electronic data while maintaining the security and legal evidence of the electronic data; realizing an electronic data storage system capable of distributing the electronic data and storing them in a plurality of electronic data storage apparatus by an authorization organization guaranteeing the reliability of the electronic data storage apparatus; and providing a method of storing electronic data whose security can be guaranteed by the electronic data storage apparatus.
According to the first embodiment of the present invention, the electronic data storage apparatus
1
includes a data storage device; an authentication information generation device; and an authentication information data output device.
The data storage device stores electronic data. The data authentication information generation device generates the data authentication information for use in verifying the correctness of the electronic data stored in the data storage device. When the authentication information data output device externally outputs the electronic data stored in the data storage device, it adds to the electronic data the authentication information generated for the electronic data, and then outputs the resultant data.
The electronic data storage apparatuses independently function, and authenticate each other. To establish the reliability of the electronic data, authentication information is generated to check the existence of illegal amendment to the electronic data. The electronic data provided with the authentication information is transferred between electronic data storage apparatuses.
Thus, an electronic data storage apparatus can be realized with the electronic data secured and managed in a distributed manner.
The electronic data storage apparatus according to the first embodiment of the present invention can perform various basic processes using a master key by providing a master key storage device for storing a common master key in a plurality of electronic data storage apparatuses.
The first process performed using a master key is mutual authentication through which electronic data storage apparatuses mutually authenticate one another. That is, the mutual authentication is performed between electronic data storage apparatuses which store distributed electronic data. After the mutual authentication, the stored electronic data can be transferred.
The second process performed using a master key is to generate authentication information for use in verifying the correctness of the amendments to data, and to output as authentication information data the electronic data provided with the authentication information to a unit external to the electronic data storage apparatuses.
The third process performed using a master key is to verify authentication information using a master key when electronic data provided with the authentication information is externally input, and to store the data in the data storage device only when it is

Affiliated with

Also associated with

Rating

Electronic data storage apparatus, system and method does not yet have a rating. At this time, there are no reviews or comments for this patent.

If you have personal experience with Electronic data storage apparatus, system and method, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Electronic data storage apparatus, system and method will most certainly appreciate the feedback.

Rate now

Comments { 0 }

Profile ID: LFUS-PAI-O-2886981