Abstract: IC cards (R11, R12, and R21) are issued respectively to users ?, ?, and ?. An identification code (ID(11)) of a computer (11) supplied to user ? and environment information (ENV(11)) that indicates a normal network environment of the computer (11) are recorded in the IC card (R11) issued to user ?. When in order to use a computer, a user connects his/her IC card, the identification code and the network environment of the computer to be used are compared with the identification code and environment information recorded in the IC card and different access rights are provided in accordance to the degree of matching. The identification code may be a MAC address of a LAN circuit incorporated in the computer, and the environment information may be a default gateway address or the like. Different access rights can thus be set according to the computer or the network environment that is used.

Abstract: It is possible to perform encrypted communication between members of a group while assuring a sufficient security compatible with a change of the members. An IC card having the same fixed code F(a) is distributed to all the staffs of company A. When communication is performed between a staff ? and a staff ? belonging to the same project group, ? of the transmission side writes an arbitrary variable code V(1) in the IC card (100a) so as to generate encryption key information K(a1) according to F(a) and V(1) in the IC card and encrypt data D1 by using K(a1). ? of the reception side writes the variable code V(1) received from ? in the IC card (100b) so as to generate encryption key information K(a1). By using this K(a1), the encrypted data D2 received is decrypted to obtain data D3. The fixed code F(a) is different for each of the companies and rewrite-disabled so as to assure security.

Abstract: It is possible to issue an IC card storing unique encryption key information in such a manner that re-issuing is enabled and sufficient security can be assured. An IC card provider X delivers an IC card having a group code G(A) to a company A and an IC card having a group code G(B) to a company B. When a company staff ? inputs a unique personal code P(?) and performs initialization, in the IC card, calculation is performed according to a predetermined algorithm using the P(?) and G(A). Data uniquely determined by the calculation is stored as encryption key information K(?) in the IC card. Even if the company staff ? loses the IC card, it is possible to obtain the IC card having the same encryption key information K(?) as before by performing initialization again by using the IC card delivered by the IC card provider X.

Abstract: When storing data (D1), spread on a memory (10), into a file storage unit (50), a user ? assigns a meaningful filename-for-user, such as “sales book for April.” Storage control unit (35) converts this “sales book for April” to a meaningless filename-for-storage, such as “RST123.” The correspondence between the two is stored as filename correspondence information for user ? in a correspondence information storage unit (80). A storage processing unit (30) stores the data (D1) with the filename, “RST123.” Whereas when user ? is presented with a list of filenames of the stored files from a filename presentation unit (60), the meaningful filename of “sales book for April” is presented as the filename since a presentation control unit (65) performs reverse conversion of the filename based on the filename correspondence information, the meaningless filename of “RST123” is presented to other users. Security in regard to filenames can thus be secured and inference of the file contents can be prevented.

Abstract: It is possible to issue an. IC card storing unique encryption key information in such a manner that re-issuing is enabled and sufficient security can be assured. An IC card provider X delivers an IC card having a group code G(A) to a company A and an IC card having a group code G(B) to a company B. When a company staff ? inputs a unique personal code P(?) and performs initialization, in the IC card, calculation is performed according to a predetermined algorithm using the P(?) and G(A). Data uniquely determined by the calculation is stored as encryption key information K(?) in the IC card. Even if the company staff ? loses the IC card, it is possible to obtain the IC card having the same encryption key information K(?) as before by performing initialization again by using the IC card delivered by the IC card provider X.

Abstract: It is possible to perform encrypted communication between members of a group while assuring a sufficient security compatible with a change of the members. An IC card having the same fixed code F(a) is distributed to all the staffs of company A. When communication is performed between a staff ? and a staff ? belonging to the same project group, ? of the transmission side writes an arbitrary variable code V(1) in the IC card (100a) so as to generate encryption key information K(a1) according to F(a) and V(1) in the IC card and encrypt data D1 by using K(a1). ? of the reception side writes the variable code V(1) received from ? in the IC card (100b) so as to generate encryption key information K(a1). By using this K(a1), the encrypted data D2 received is decrypted to obtain data D3. The fixed code F(a) is different for each of the companies and rewrite-disabled so as to assure security.

Abstract: By limiting a backup object to a particular one, it is possible to reduce the system load and perform effective automatic backup. By using a hard disc device or the like, a first storage unit (40) and a second storage unit (70) are prepared. When the system is started, a spreading and storing unit (30) formed by a device driver spreads an OS program and an application program A on a memory (20). The programs are executed by a program execution unit (10). An application to be backed up is registered in advance in an application registration unit (50). A backup management unit (60) monitors operation of the spreading and storing unit (30). Only when particular data in the memory (20) is stored in the first storage unit (40) according to the storing instruction by the registered application, the backup management unit (60) performs a backup process, i.e., stores the particular data also in the second storage unit (70).

Abstract: When storing data (D1), spread on a memory (10), into a file storage unit (50), a user ? assigns a meaningful filename-for-user, such as “sales book for April.” Storage control unit (35) converts this “sales book for April” to a meaningless filename-for-storage, such as “RST123.” The correspondence between the two is stored as filename correspondence information for user ? in a correspondence information storage unit (80). A storage processing unit (30) stores the data (D1) with the filename, “RST123.” Whereas when user ? is presented with a list of filenames of the stored files from a filename presentation unit (60), the meaningful filename of “sales book for April” is presented as the filename since a presentation control unit (65) performs reverse conversion of the filename based on the filename correspondence information, the meaningless filename of “RST123” is presented to other users. Security in regard to filenames can thus be secured and inference of the file contents can be prevented.

Abstract: When a user, who has logged onto an information processing apparatus (100), executes a logoff procedure, a saving unit (160) executes the following processes. Firstly, from among the files residing in a data storage unit (110), any files that are recognized as requiring a security protection and hence are to be saved are copied into an external storage device (300) via a network (200), and the original files in the data storage unit (110) are then deleted. At this moment, the address of the copy destination is stored, as management information, into a portable information recording medium (400) possessed by the user. When the user logs onto the information processing apparatus (100) again, a restoring unit (170) restores, based on the management information stored in the portable information recording medium (400), the files saved in the external storage device (300) into the data storage unit (110).

Abstract: By limiting a backup object to a particular one, it is possible to reduce the system load and perform effective automatic backup. By using a hard disc device or the like, a first storage unit (40) and a second storage unit (70) are prepared. When the system is started, a spreading and storing unit (30) formed by a device driver spreads an OS program and an application program A on a memory (20). The programs are executed by a program execution unit (10). An application to be backed up is registered in advance in an application registration unit (50). A backup management unit (60) monitors operation of the spreading and storing unit (30). Only when particular data in the memory (20) is stored in the first storage unit (40) according to the storing instruction by the registered application, the backup management unit (60) performs a backup process, i.e., stores the particular data also in the second storage unit (70).

Abstract: A computer system and file storage/read-out method. When storing data spread on a memory into a file storage unit, user ?. assigns a meaningful filename-for-user, such as “sales book for April.” A storage control unit converts the “sales book for April” to a meaningless filename-for-storage, such as “RST123.” The correspondence between the two is stored as filename correspondence information for user ? in a correspondence information storage unit. A storage processing unit stores the data with the filename “RST123.” When user ? is presented with a list of filenames of the stored files from a filename presentation unit, the meaningful filename of “sales book for April” is presented as the filename since a presentation control unit performs reverse conversion of the filename based on the filename correspondence information, and the meaningless filename of “RST123” is presented to other users. Security in regard to filenames can thus be secured, and inference of the file contents can be prevented.

Abstract: IC cards (R11, R12, and R21) are issued respectively to users ?, ?, and ?. An identification code (ID(11)) of a computer (11) supplied to user ? and environment information (ENV(11)) that indicates a normal network environment of the computer (11) are recorded in the IC card (R11) issued to user ?. When in order to use a computer, a user connects his/her IC card, the identification code and the network environment of the computer to be used are compared with the identification code and environment information recorded in the IC card and different access rights are provided in accordance to the degree of matching. The identification code may be a MAC address of a LAN circuit incorporated in the computer, and the environment information may be a default gateway address or the like. Different access rights can thus be set according to the computer or the network environment that is used.

Abstract: It is possible to perform encrypted communication between members of a group while assuring a sufficient security compatible with a change of the members. An IC card having the same fixed code F(a) is distributed to all the staffs of company A. When communication is performed between a staff ? and a staff ? belonging to the same project group, ? of the transmission side writes an arbitrary variable code V(1) in the IC card (100a) so as to generate encryption key information K(a1) according to F(a) and V(1) in the IC card and encrypt data D1 by using K(a1). ? of the reception side writes the variable code V(1) received from a in the IC card (100b) so as to generate encryption key information K(a1). By using this K(a1), the encrypted data D2 received is decrypted to obtain data D3. The fixed code F(a) is different for each of the companies and rewrite-disabled so as to assure security.

Abstract: It is possible to issue an IC card storing unique encryption key information in such a manner that re-issuing is enabled and sufficient security can be assured. An IC card provider X delivers an IC card having a group code G(A) to a company A and an IC card having a group code G(B) to a company B. When a company staff ? inputs a unique personal code P(?) and performs initialization, in the IC card, calculation is performed according to a predetermined algorithm using the P(?) and G(A). Data uniquely determined by the calculation is stored as encryption key information K(?) in the IC card. Even if the company staff ? loses the IC card, it is possible to obtain the IC card having the same encryption key information K(?) as before by performing initialization again by using the IC card delivered by the IC card provider X.

Abstract: When a user, who has logged onto an information processing apparatus (100), executes a logoff procedure, a saving unit (160) executes the following processes. Firstly, from among the files residing in a data storage unit (110), any files that are recognized as requiring a security protection and hence are to be saved are copied into an external storage device (300) via a network (200), and the original files in the data storage unit (110) are then deleted. At this moment, the address of the copy destination is stored, as management information, into a portable information recording medium (400) possessed by the user. When the user logs onto the information processing apparatus (100) again, a restoring unit (170) restores, based on the management information stored in the portable information recording medium (400), the files saved in the external storage device (300) into the data storage unit (110).

Abstract: When storing data (D1), spread on a memory (10), into a file storage unit (50), a user ? assigns a meaningful filename-for-user, such as “sales book for April.” Storage control unit (35) converts this “sales book for April” to a meaningless filename-for-storage, such as “RST123.” The correspondence between the two is stored as filename correspondence information for user ? in a correspondence information storage unit (80). A storage processing unit (30) stores the data (D1) with the filename, “RST123.” Whereas when user ? is presented with a list of filenames of the stored files from a filename presentation unit (60), the meaningful filename of “sales book for April” is presented as the filename since a presentation control unit (65) performs reverse conversion of the filename based on the filename correspondence information, the meaningless filename of “RST123” is presented to other users. Security in regard to filenames can thus be secured and inference of the file contents can be prevented.