Abstract: Security of an information processing apparatus is ensured by performing biological information authentication and collecting the environment information about the information processing apparatus. The information processing apparatus transmits the collected environment information to a first authentication apparatus. An electronic certificate issued by a second authentication apparatus and information encrypted with a secret key issued by the second authentication apparatus are transmitted to the first authentication apparatus. The first authentication apparatus acquires the public key of the second authentication apparatus and the public key of the information processing apparatus so as to decrypt the encrypted information, and judges whether or not the decrypted information is proper. The first authentication apparatus refers to an environment information database and the transmitted information, and judges whether or not the transmitted environment information is proper.

Abstract: An information management method restoring electronic data using backup information upon the loss of electronic data stored on a recording medium. Information stored in a predetermined area of the recording medium having medium-specific information is encrypted using medium-specific information or a key generated therefrom and is derived outside the predetermined area.

Abstract: Before accepting a setting request from a predetermined manager in a plurality of date-and-time managers capable of issuing a date-and-time setting request, a setting request from any manager can be accepted. After accepting a setting request from a predetermined manager, only the setting request from the predetermined manager can be accepted. A date and time can be set in response to an accepted date-and-time setting request.

Abstract: A data acquiring unit acquires electronic data. A tamper-resistant chip includes a storing unit that stores a confidential key specific to a device, and a collecting unit that collects device information that is internal information of the device. An attaching unit attaches collected device information to acquired electronic data. An encrypting unit encrypts the electronic data with the device information attached, using the confidential key stored in the storing unit.

Abstract: A TPM chip installed in an image reading apparatus records an operation log, and encrypts recorded operation log with a secret key. The image reading apparatus transmits encrypted operation log to an evaluation apparatus. The evaluation apparatus receives the encrypted operation log, decrypted received operation log, and evaluates an operation performed on the image reading apparatus based on decrypted operation log.

Abstract: A device management system is configured with a target device including at least one unit that includes a tamper-resistant chip, a management apparatus that manages or uses the target device, and an authentication apparatus including a database for authentication, connected via a network in a communicable manner. In the target device, each unit is equipped with the tamper-resistant chip that collects device information specific to a unit, stores collected device information, and stores a confidential-key.

Abstract: An updating unit updates a color-conversion table stored in a storing unit. An image processing unit processes an input image data based on updated color-conversion table. A tamper-resistant chip that includes a first collecting unit that collects log information related to a usage of the image processing apparatus, a generating unit that generates a hash value corresponding to collected log information, and a recording unit that records generated hash value. An acquiring unit acquires the log information corresponding to the hash value by referring to recorded hash value. The updating unit updates the color-conversion table based on acquired log information.

Abstract: A recording unit records an operation log. A storing unit included in a temper-resistant chip stores therein a secret key unique to an image reading apparatus. An encrypting unit included in the temper-resistant chip encrypts recorded operation log with stored secret key. A transmitting unit transmits information including encrypted operation log to a server.

Abstract: The security information mediation apparatus comprises security information registering unit which registers security information supplied by a client of a user, a transfer unit which transfers the security information registered in the security information registering unit to a client of a program developer. This client judges the usefulness of the security information and outputs reply information when the security information is useful. A reply information registering unit receives the reply information and payment information that indicates payment of the information presentation fee of the corresponding security information from the developer client. A transfer unit transfers the reply information and payment information to the client of the user.

Abstract: A job administrator terminal embeds control information in service data and transmits the service data to a job executor terminal. The job executor terminal receives the service data, extracts the control information from the service data, and stores the control information in a storing unit. When the job administrator terminal provides a service to the job executor terminal, the job administrator terminal controls provision of the service based on the control information and environmental information of the job executor terminal.

Abstract: An information generating unit generates identification information for an equipment based on environment information of the equipment. A search-result transmitting unit searches, when an information output request for equipment information generated based on the identification information is received, a database for the equipment information corresponding to the identification information, and transmits a search result as information indicating whether the equipment is allowed to receive a service.

Abstract: This invention is to provide a technique to appropriately authenticate the requesting side and the diagnosis side in the remote diagnosis system. In this invention, an authentication server communicating with a diagnosis requesting side terminal and a diagnosis side terminal carries out: at the beginning of a remote diagnosis, judging whether or not an image obtained in the diagnosis requesting side terminal satisfies a first condition; at the beginning of the remote diagnosis, judging whether or not an image obtained by the diagnosis side terminal satisfies a second condition; and upon detection that affirmative judgments are obtained in the first and second judgings, generating authentication data including information concerning the diagnosis requesting side terminal, information concerning the diagnosis side terminal and a diagnosis time. Accordingly, it is possible to guarantee that both terminals have an appropriate capability and etc.

Abstract: A data managing device with a single chip that includes: first hardware that authenticates security of communication performed by a data processing apparatus that houses the data managing device; second hardware that performs different processing from processing performed by the first hardware; and third hardware that receives an update program for a program executed by any one of the first hardware and the second hardware, from a data providing apparatus with which security of communication is authenticated by the first hardware, and updates the program by the update program.

Abstract: A data management method that by encrypting and distributing digital content prevents copyright infringement, and that prevents authorization information for decrypting the encrypted digital content from being damaged or otherwise lost. Encrypted content 45 is prepared by encrypting digital content 11 with a content key 44. A portion of the digital content 11 is extracted as sample data 41. A secret key 46, by which the content key 44 is encrypted with user information 14, is embedded as invisible information into the sample data 41, thus preparing watermarked sample data 47. The watermarked sample data 47 is synthesized with the encrypted content 45 to form synthesized data 48. The synthesized data 48 is distributed.

Abstract: The apparatus controls access to the contents. The apparatus comprises MO device, MPEG2 decoder, and MO media as physical elements. Information for identifying these physical elements (identifying information) is allocated to each of these physical elements. License information, indicating whether access to the contents is to be allowed or not, is recorded on a MO media. Access to the contents recorded on the MO media is controlled based on the license information and the identifying information.

Abstract: A file processing unit comprises a first signature information producing unit that produces first signature information in accordance with a predetermined rule utilizing the data of a file designated by a file close request issued in an application used in a computer system, and a signature information storage control unit that stores the first signature information, correlated with the file designated by the file close request, in a storage unit.

Abstract: A cryptographic communication method is provided in which a cryptographic communication is performed by an easy operation even if both enciphered data and unenciphered data are mixed to be handled. In the transmission side, a communication key is used for enciphering data to be transmitted, and in the reception side the same communication key as in the transmission side is used for decoding received data. In the transmission side, an individual key that is different from the communication key is used for enciphering the data to be transmitted, the enciphered data are decoded by using the individual key first, and then the decoded data are enciphered by using the communication key so that the enciphered file can be transmitted.

Abstract: In a signature creating apparatus, a clock generates a time stamp and in which time can be set only by a computer installed in a certificate authority center. Further, connecting sections connects an apparatus ID for specifying an apparatus and the time stamp and personal identification information for identifying an implementor to a plain-text so as to create data for the signature. A signature creating circuit encrypts the data for the signature using a signature creating key or the like and generates the signature. A connecting section connects the signature to the data for the signature and transmits the data as data after signature.

Abstract: There is provided a license devolution system for devolving the right of using as to contents. The license devolution system makes it possible to copy or distribute contents while contributing to a protection of the copyright for the contents. Contents is encrypted with a first key. The first key and use information are encrypted with a second key consisting of a media ID for identifying a first storage medium in which the first key and the use information are stored. In order to devolve the right of using as to the contents, the contents is transferred to a second storage medium of a destination of devolution in the form of encryption. The first key and the use information are decoded with the media ID of the first storage medium, and further encrypted with the media ID of the second storage medium of the destination of devolution into storage in the second storage medium of the destination of devolution.

Abstract: Method of data operation facilitating utilization of legitimate users without violating the copyright and literary property of digital content. A part of digital content (11) is duplicated to create discrete data unit (43), and is encrypted with content key (45). Content key (45) and image-compositing information (42) are encrypted with secret key (47) to create authorization information (48). Content information (41) is visibly embedded in digital content (11). Authorization information-added data unit (50) in which authorization information (48) is embedded as invisible information and encrypted discrete data unit information (46) are composited into composite data (60), which is then distributed.