JP5778524B2 - Communication medium and data communication system for preventing data leakage - Google Patents

Description

  The present invention relates to a technique for preventing data leakage in data communication via a network.

  In data communication via a network, a problem of access by a legitimate user to data to be kept secret, that is, a problem of data leakage has always been involved.

  To prevent data leakage, determine whether the user requesting access to the data stored on the network node is a user authorized to use the data, ie, a legitimate user. There is a need. For this purpose, it is necessary to identify who the user is in the first place, that is, to perform identity authentication.

  As a widely used method of personal authentication, when a combination of a user ID (Identification) and a password input by a user matches a combination of a user ID and a password stored in advance in the node, the user Is a user identified by the user ID. This is an effective method under the condition that the password is not known except by the user identified by the user ID.

  As a method for personal authentication, in addition to the above-described method using a password, biometric authentication using a biometric feature, an electronic certificate using a third party certificate, and the like are widely used.

  If the user authentication fails and the user cannot be specified, or if the user is identified by the user authentication, but the user is not authorized to use the data, A means for prohibiting access to the data is required.

  One method widely used as a method for prohibiting access to data in a network is called a firewall. The firewall is theoretically placed between the data communication devices that make up the nodes of the network and the network, and monitors the attributes of data sent and received between the network and the data communication devices. Transfer only those that match, and discard other data.

  For example, if a data communication device that is originally allowed only to transmit data in response to a data request according to a predetermined format attempts to transmit data without receiving a data request, such data transmission Is not allowed because it is suspected of unauthorized data transmission. This avoids the problem that the data communication device transmits data to be kept secret according to the virus program.

  There are an enormous number of documents relating to techniques for preventing access to illegal data as described above. For example, in Patent Document 1, unauthorized access to data is expanded by detecting unauthorized data access from an external network by a firewall and disconnecting the computer in the internal network that is the target of unauthorized data access from the internal network. The idea of preventing is described.

JP 2001-236278 A

  The above-mentioned measures for preventing the data leakage by the personal authentication and the firewall are not perfect.

  For example, the mechanism of personal authentication is effective as long as the data communication device storing the data to be kept secret performs processing in accordance with the correct program instruction "Do not allow unauthorized users to send data". However, if this program is rewritten to an instruction “permit data transmission to an arbitrary user” by any method, the data to be kept secret can be accessed even by an unauthorized user.

  The same applies to the case where the firewall is implemented as software in the data communication apparatus. In other words, when the data communication apparatus performs firewall processing in accordance with the instructions of the program, if the program is rewritten, data that does not satisfy the conditions will also pass through. Therefore, the data to be concealed that should not be transmitted to the outside from the data communication apparatus is transmitted to the outside.

  If the firewall is an independent device from the data communication device and is physically located between the network and the data communication device, the data is transferred to the data as compared to the case where the firewall is realized in terms of software. Unauthorized access is not easy. However, as long as such a firewall also operates according to the program, the possibility that the program is rewritten illegally cannot be excluded.

  However, since the firewall allows the data that satisfies the conditions to be transmitted and received, if there is a setting error in the first place, even unauthorized data access is permitted. In addition, even if there is no setting mistake, data can be transmitted and received if the format satisfies the conditions set in the firewall. For example, the data communication device sends data to the outside from the port opened by the firewall according to the virus program. When trying to transmit, the data transmission is overlooked without being blocked.

  Due to the above-mentioned problems, there has been an ongoing large-scale data leakage accident.

  In view of the above circumstances, an object of the present invention is to provide means that can significantly reduce the risk of leakage of data to be kept secret in data communication via a network.

In order to solve the above problems, the present invention provides:
A first terminal connected to the first data communication device;
A second terminal connected to the second data communication device;
Light emitting means for emitting light in accordance with data input to the first terminal from the first data communication device;
A light detection means for detecting the light emitted by the light emission means and outputting data corresponding to the detected light to the second terminal. The single data communication device is directed from the first data communication device to the second data communication device. A communication medium that forms a communication path for directional data transmission is proposed as a first embodiment.

Further, the present invention provides a desirable aspect of the communication medium according to the first embodiment described above.
The light emitting means has a plurality of light emitting elements capable of emitting light simultaneously,
A configuration is proposed as a second embodiment in which the light detection means includes a plurality of light detection elements to simultaneously detect a plurality of light beams separated from each other.

Moreover, the present invention provides a desirable aspect of the communication medium according to the first or second embodiment described above.
The light emitting means emits light of different frequencies;
A configuration in which the light detecting means identifies the frequency of the detected light and generates data corresponding to the identified frequency is proposed as a third embodiment.

Further, the present invention provides a desirable aspect of the communication medium according to any one of the first to third embodiments described above.
A housing for accommodating the light emitting means and the light detecting means;
A configuration in which the light emitting means and the light detecting means are arranged in the housing in a positional relationship that allows the light detecting means to detect light emitted by the light emitting means is proposed as a fourth embodiment.

The present invention also provides:
A first terminal connected to the first data communication device;
A second terminal connected to the second data communication device;
Sound generation means for generating sound according to data input to the first terminal from the first data communication device;
Sound detecting means for detecting the sound produced by the sound producing means and outputting data corresponding to the detected sound to the second terminal; and a single data heading from the first data communication device to the second data communication device. A communication medium that forms a communication path for directional data transmission is proposed as a fifth embodiment.

Further, the present invention provides a desirable aspect of the communication medium according to the fifth embodiment described above.
The sixth embodiment proposes a configuration in which the sound generating means generates a sound in a frequency band inaudible to humans.

Further, the present invention provides a desirable aspect of the communication medium according to the fifth or sixth embodiment described above.
The seventh embodiment proposes a configuration in which the sound generating means generates a sound obtained by mixing a plurality of sounds in different frequency bands.

Further, the present invention provides a desirable aspect of the communication medium according to any one of the fifth to seventh embodiments.
A configuration comprising a housing for accommodating the sound generation means and the sound detection means is proposed as an eighth embodiment.

The present invention also provides:
A first terminal connected to a first data communication device having a bidirectional data input / output terminal; and a second terminal connected to a second data communication device having a bidirectional data input / output terminal. Prepared,
Physical means for transmitting data in a direction from the first terminal toward the second terminal, and physical means for transmitting data in a direction from the second terminal toward the first terminal; No A communication medium that forms a communication path for unidirectional data transmission from the first data communication apparatus to the second data communication apparatus is proposed as a ninth embodiment.

Further, the present invention provides a desirable aspect of the communication medium according to the ninth embodiment described above.
A physical medium for connecting the output terminal of the data input / output terminal of the first data communication device and the input terminal of the data input / output terminal of the second data communication device to each other; A cable having no physical medium for connecting the output terminal of the data input / output terminal of the communication device and the input terminal of the data input / output terminal of the first data communication device to each other; This is proposed as an embodiment.

The present invention also provides:
A first data communication device which is a data communication device having a data transmission / reception means for performing bidirectional data communication with an external data communication device via a network;
A data storage device having storage means for storing data to be concealed,
The first data communication device has a unidirectional data output terminal or a bidirectional data input / output terminal;
The data storage device has a unidirectional data input terminal or a bidirectional data input / output terminal,
When the first data communication device has a unidirectional data output terminal and the data storage device has a unidirectional data input terminal, the data output terminal and the data storage of the first data communication device A communication medium that connects the data input terminals of the device to each other and forms a communication path for unidirectional data transmission from the first data communication device to the data storage device;
When the first data communication device has a unidirectional data output terminal and the data storage device has a bidirectional data input / output terminal, or the first data communication device has a bidirectional data input / output terminal. And the data storage device has a unidirectional data input terminal, the first data communication device and the data storage device are connected to each other and are directed from the first data communication device to the data storage device. A communication medium according to any one of claims 1 to 8, which forms a communication path for unidirectional data transmission,
When each of the first data communication device and the data storage device has a bidirectional data input / output terminal, the first data communication device is connected to the first data communication device and the first data communication device. A data communication system comprising a communication medium according to any one of claims 1 to 10 for forming a communication path for unidirectional data transmission from a data storage device to the data storage device is proposed as an eleventh embodiment.

Moreover, the present invention provides a desirable aspect of the data communication system according to the eleventh embodiment described above.
The data storage device includes a mobile data communication means for transmitting data to a mobile communication terminal device via a mobile communication network, or is detachable.
The storage means of the data storage device stores terminal identification data for uniquely identifying one mobile communication terminal device in the mobile communication network,
Proposed as a twelfth embodiment is a configuration in which the mobile data communication means of the data storage device transmits data to the one mobile communication terminal device in accordance with the terminal identification data stored in the storage means. To do.

Further, the present invention provides a desirable aspect of the data communication system according to the eleventh or twelfth embodiment described above.
A second data communication device which is the same or different data communication device as the first data communication device having a data transmission / reception means for performing bidirectional data communication with an external data communication device via a network;
The data storage device has a unidirectional data output terminal or a bidirectional data input / output terminal,
The second data communication device has a unidirectional data input terminal or a bidirectional data input / output terminal,
When the data storage device has a unidirectional data output terminal and the second data communication device has a unidirectional data input terminal, the data output terminal of the data storage device and the second data communication A communication medium that connects the data input terminals of the device to each other and forms a communication path for unidirectional data transmission from the data storage device to the second data communication device;
When the data storage device has a unidirectional data output terminal and the second data communication device has a bidirectional data input / output terminal, or the data storage device has a bidirectional data input / output terminal When the second data communication device has a unidirectional data input terminal, the data storage device and the second data communication device are connected to each other and are directed from the data storage device to the second data communication device. A communication medium according to any one of claims 1 to 8, which forms a communication path for unidirectional data transmission,
When each of the data storage device and the second data communication device has a bidirectional data input / output terminal, the data storage device and the second data communication device are connected to each other to connect the data storage device to the second data communication device. A configuration comprising a communication medium according to any one of claims 1 to 10 that forms a communication path for unidirectional data transmission toward two data communication devices is proposed as a thirteenth embodiment.

The present invention provides a desirable aspect of the data communication system according to the thirteenth embodiment as described above.
The first data communication device and the second data communication device are different data communication devices,
The second data communication device has a unidirectional data output terminal or a bidirectional data input / output terminal,
The first data communication device has a unidirectional data input terminal or a bidirectional data input / output terminal;
When the second data communication device has a unidirectional data output terminal and the first data communication device has a unidirectional data input terminal, the data output terminal of the second data communication device; A communication medium that connects the data input terminals of the first data communication device to each other and forms a communication path for unidirectional data transmission from the second data communication device to the first data communication device; ,
When the second data communication device has a unidirectional data output terminal and the first data communication device has a bidirectional data input / output terminal, or the second data communication device has bidirectional data When the first data communication device has an input / output terminal and the first data communication device has a unidirectional data input terminal, the second data communication device and the first data communication device are connected to each other to connect the second data A communication medium according to any one of claims 1 to 8, which forms a communication path for unidirectional data transmission from a communication device to the first data communication device,
When each of the second data communication device and the first data communication device has a bidirectional data input / output terminal, the second data communication device and the first data communication device are connected to each other, and A configuration comprising the communication medium according to any one of claims 1 to 10, wherein a communication path for unidirectional data transmission from a second data communication device to the first data communication device is formed. Propose as.

Further, the present invention provides a desirable aspect of the data communication system according to the thirteenth or fourteenth embodiment as described above.
Second data which is a data storage device having a storage means for storing data to be concealed, wherein the data storage device is a first data storage device, and is a data storage device different from the first data storage device A storage device,
The second data communication device has a unidirectional data output terminal or a bidirectional data input / output terminal,
The second data storage device has a unidirectional data input terminal or a bidirectional data input / output terminal;
When the second data communication device has a unidirectional data output terminal and the second data storage device has a unidirectional data input terminal, the data output terminal of the second data communication device A communication medium that connects the data input terminals of the second data storage device to each other and forms a communication path for unidirectional data transmission from the second data communication device to the second data storage device; ,
When the second data communication device has a unidirectional data output terminal and the second data storage device has a bidirectional data input / output terminal, or the second data communication device has bidirectional data When the second data storage device has an input / output terminal and the unidirectional data input terminal, the second data communication device and the second data storage device are connected to each other to connect the second data A communication medium according to any one of claims 1 to 8, which forms a communication path for unidirectional data transmission from a communication device to the second data storage device,
When each of the second data communication device and the second data storage device has a bidirectional data input / output terminal, the second data communication device and the second data storage device are connected to each other, and A fifteenth embodiment comprising the communication medium according to any one of claims 1 to 10, wherein a communication path for unidirectional data transmission from the second data communication device to the second data storage device is formed. Propose as.

The present invention also provides:
In the data communication system according to the eleventh embodiment,
The first data communication device generating instruction data for instructing processing using the data to be concealed stored in the storage means of the data storage device;
The first data communication device transmits the instruction data to the data storage device via a communication path of the unidirectional data transmission from the first data communication device to the data storage device;
The data storage device includes a step of executing processing using the data to be concealed stored in the storage means of the data storage device in accordance with an instruction indicated by the instruction data. This is proposed as an embodiment.

The present invention provides a desirable aspect of the data communication method according to the sixteenth embodiment described above.
In the data communication system according to the twelfth embodiment,
The step of executing the process includes the step of: at least part of the data to be concealed stored in the storage unit of the data storage device being transferred to the one mobile unit by the mobile unit data communication unit. A configuration including a step of transmitting to the communication terminal device is proposed as a seventeenth embodiment.

Further, the present invention provides a desirable aspect of the data communication method according to the sixteenth or seventeenth embodiment described above.
In the data communication system according to the thirteenth embodiment,
The step of executing the process includes: at least part of the data to be concealed stored in the storage unit of the data storage device from the data storage device to the second data communication device. A configuration including a step of transmitting via the communication path of the unidirectional data transmission toward the mobile phone is proposed as an eighteenth embodiment.

The present invention provides a desirable aspect of the data communication method according to the eighteenth embodiment as described above.
In the data communication system according to the fourteenth embodiment,
The second data communication device receives data indicating a result of processing using at least a part of the data to be concealed transmitted from the data storage device from the second data communication device. Proposed as a nineteenth embodiment is a configuration comprising the step of transmitting via the communication path of the unidirectional data transmission toward the data communication device.

Further, the present invention provides a desirable aspect of the data communication method according to the eighteenth or nineteenth embodiment described above.
In the data communication system according to the thirteenth or fourteenth embodiment,
The second data communication device sends at least a part of at least a part of the data to be concealed transmitted from the data storage device to the second data storage device from the second data communication device. A configuration comprising the step of transmitting via the communication path for unidirectional data transmission is proposed as a twentieth embodiment.

  According to the communication medium according to the first embodiment of the present invention, since the data flow between the two devices is optically restricted in one direction, for example, the data to be kept secret from the downstream terminal of the communication medium is stored. When connected to the stored data storage device, it is possible to reliably eliminate the possibility that the data to be concealed leaks to the data communication device to which the upstream terminal is connected via the communication medium.

  According to the communication medium according to the second embodiment of the present invention, since it is possible to transmit a plurality of data streams at the same time, a higher-speed data transmission can be achieved compared to a communication medium that can only transmit one data stream at a time. Realized.

  According to the communication medium according to the third embodiment of the present invention, since different data can be transmitted according to the light frequency, it can be transmitted within the same time as compared with the communication medium in which the light frequency cannot be distinguished. In addition, data transmission with a larger amount of information becomes possible.

  According to the communication medium according to the fourth embodiment of the present invention, the light emitting means and the light detecting means are arranged in the housing, thereby reducing noise due to dust adhesion or external light, and the light emitting means. Since the positional relationship of the light detection means is properly maintained, stable data transmission is possible.

  According to the communication medium according to the fifth embodiment of the present invention, since the data flow between the two devices is acoustically limited in one direction, for example, the data to be concealed from the downstream terminal of the communication medium is stored. When connected to the stored data storage device, it is possible to reliably eliminate the possibility that the data to be concealed leaks to the data communication device to which the upstream terminal is connected via the communication medium.

  According to the communication medium according to the sixth embodiment of the present invention, it is desirable that the sound generated by the data transmission does not disturb the surrounding people.

  According to the communication medium according to the seventh embodiment of the present invention, since it is possible to simultaneously transmit a plurality of series of data according to the sound frequency band, it is compared with a communication medium that can only transmit data using one frequency band. Thus, faster data transmission is possible.

  According to the communication medium according to the eighth embodiment of the present invention, the sound generation unit and the sound detection unit are arranged in the housing, so that noise due to noise is reduced and stable data transmission is possible. If the sound that is pronounced is in the audible range, it is difficult for people around you to hear the harsh sound.

  According to the communication medium of the ninth embodiment of the present invention, even when two devices are connected to each other using bidirectional data input / output terminals, data between the two devices is provided. For example, when the downstream terminal of the communication medium is connected to a data storage device storing data to be concealed, the data to be concealed via the communication medium is upstream. The possibility of leakage to the data communication device to which the terminal is connected can be reliably excluded.

  According to the communication medium according to the tenth embodiment of the present invention, the communication medium according to the ninth embodiment described above can be realized relatively easily using, for example, one metal wire or an optical cable.

  According to the data communication system according to the eleventh embodiment of the present invention and the data communication method according to the sixteenth embodiment, processing such as addition or rewriting of data to be concealed from the data communication device to the data storage device. In addition to being able to be executed, it is possible to completely eliminate the risk that the data to be concealed is unintentionally transmitted from the data storage device to the data communication device and leaks to the external data communication device via the network .

  According to the data communication system according to the twelfth embodiment of the present invention and the data communication method according to the seventeenth embodiment, the mobile communication terminal device belonging to the communication network is strictly identified by the mobile phone number or the like and is being transmitted. In a mobile communication network in which high-level encryption is also performed on the data, only the mobile communication terminal apparatus transmits confidential data that is permitted to be accessed by the user of the mobile communication terminal apparatus. Can do. Therefore, as long as the mobile communication terminal device does not reach the hands of unauthorized users, it is possible to use the data that should be concealed by the legitimate user while eliminating leakage of the data to be concealed to the unauthorized user. be able to.

  According to the data communication system according to the thirteenth embodiment of the present invention and the data communication method according to the eighteenth embodiment, the data to be concealed that has been extracted or the like according to the instruction of the first data communication device is the second It is transmitted to the data communication device and can be used in the second data communication device. Since the second data communication device can bidirectionally transmit and receive data to and from an external data communication device via a network, more complicated processing can be performed between these devices. However, since the second data communication apparatus can also receive data from an external data communication apparatus, there is a risk of performing unintended processing due to infection with a virus program, for example. However, since it is physically impossible for the second data communication device to transmit data to the data storage device, the confidentiality stored in the data storage device due to unauthorized processing of the second data communication device. There is no possibility that the data to be transmitted is transmitted to the second data communication device. Therefore, the data to be concealed that may be leaked is limited to that stored in the second data communication apparatus, and damage can be minimized.

  According to the data communication system according to the fourteenth embodiment of the present invention and the data communication method according to the nineteenth embodiment, for example, in the second data communication apparatus, data to be concealed with an external data communication apparatus is stored. Data indicating the result after the used processing can be returned to the first data communication apparatus that has started a series of data processing. Here, there is a possibility that the second data communication apparatus stores data to be concealed received from the data storage apparatus. Since the first data communication apparatus can bidirectionally transmit and receive data to and from an external data communication apparatus via a network, there is a risk that the first data communication apparatus may inadvertently perform processing due to infection with a virus program, for example. However, since it is physically impossible for the first data communication device to transmit data to the second data processing device, the second data processing device is accompanied by an illegal process of the first data communication device. There is no possibility that the data to be kept secret stored in is transmitted to the first data communication apparatus. Therefore, it is possible to reliably eliminate the possibility that the data to be concealed stored in the second data communication device leaks through the first data communication device.

  According to the data communication system according to the fifteenth embodiment of the present invention and the data communication method according to the twentieth embodiment, for example, data to be concealed with an external data communication device in the second data communication device. When the data indicating the result after the used processing includes data to be kept secret, the data can be stored in the second data storage device. For example, the connection point between the second data storage device and the network is limited to a unidirectional communication medium with the second data communication device, and the administrator of the second data storage device directly selects the second data storage device. If data is used by operating, it is possible to reliably eliminate the possibility that secret data stored in the second data storage device will leak to the outside via the network.

FIG. 1 is a diagram showing a configuration of a data communication system according to an embodiment of the present invention. FIG. 2 is a diagram showing a configuration of a data communication system according to an embodiment of the present invention. FIG. 3 is a diagram showing a configuration of a data communication system according to an embodiment of the present invention. FIG. 4 is a diagram showing a configuration of a data communication system according to an embodiment of the present invention. FIG. 5 is a diagram showing a configuration of a data communication system according to an embodiment of the present invention.

[Basic idea]
In a normal data communication system, data to be kept secret (hereinafter referred to as “secret data”) is stored in a data communication device such as a server device in order to be used by a legitimate user. In the present application, when “the data communication device stores data”, the data is stored in a storage unit built in the data communication device or connected to the data communication device main body as an external device. This means that the data is stored in the storage unit under the control of the control unit of the data communication apparatus regardless of whether it is stored in the unit.

  The data communication device has a capability of transmitting data to other data communication devices connected to the network. Therefore, if the data communication device that stores the confidential data is infected with a virus program or if access to the confidential data that should not be permitted is permitted due to a misconfiguration of the firewall, the confidential data is stored. The data communication device transmits confidential data to the outside.

  The inventor of the present invention uses a completely different approach from the conventional approach, i.e., the correction of bugs in a virus program or a program that allows unauthorized access, or the enhancement of firewall functions, etc. I came up with a way to radically reduce it. It is an approach in which a data storage device that stores secret data (hereinafter referred to as “secret data storage device”) is physically separated from the network.

  However, as a matter of course, if the contact point of the secret data storage device with respect to the network is completely eliminated, it becomes impossible to provide the secret data or the service using the secret data to the legitimate user via the network.

  For example, if secret data is stored in a completely stand-alone computer that is not connected to a network, whether wired or wireless, and is not connected to any other data processing device connected to the network, There is no worry of leaking confidential data via the network. However, in that case, when a legitimate user uses confidential data, data is provided by telephone or mail, and the convenience of the network cannot be enjoyed.

  Therefore, in the present invention, first, in principle, the secret data storage device is not directly connected to the network, but the secret data storage device is connected to the data communication device connected to the network. However, in this application, “connected to a network” means a state in which a data communication apparatus can perform bidirectional data communication with another data communication apparatus via the network.

  On the other hand, the data communication device and the secret data storage device according to the present invention are not connections capable of bidirectional data communication.

  If two-way data communication between the data communication device connected to the network and the secret data storage device is enabled, the data storage device transmits the secret data to the data communication device in accordance with an instruction from the data communication device. It leaves you at risk.

  In order to completely eliminate such a risk, in the present invention, in principle, data communication between the data communication device and the secret data storage device connected to the network can be performed physically in only one direction. The connection is established via a communication path (hereinafter referred to as “unidirectional data transmission path”) formed by a communication medium (hereinafter referred to as “unidirectional data transmission medium”).

  As a result, the data communication device can only transmit data to the secret data storage device or receive data from the secret data storage device. Therefore, the data communication device connected to the upstream side of the data storage device (hereinafter referred to as “upstream side” for the unidirectional data transmission and the “downstream side” for the reception side) is illegal against the confidential data storage device. Even if a data transmission instruction is issued, the upstream data communication device does not have a means for receiving data from the confidential data storage device, so that the unauthorized data transmission is not executed. In addition, the data communication device connected to the downstream side of the data storage device does not have any means for instructing the secret data storage device to send unauthorized data.

  Here, sufficient security cannot be ensured by implementing software unidirectional data communication. It is important to achieve this by using a communication medium that can physically transmit data in only one direction.

  A program that allows data transmission to the confidential data storage device but does not allow reception of data from the confidential data storage device for a data communication device having a connection capable of bidirectional data communication with the confidential data storage device, Conversely, unidirectional data transmission can be realized by executing a program that does not permit data transmission to the secret data storage device but permits data reception from the secret data storage device. However, since the rule according to such a program is a rule, it can be easily invalidated by a program bug or rewriting by a virus program. On the other hand, a communication medium for physical unidirectional data transmission, which will be described later, can completely eliminate such danger.

  By the way, in the present invention, the secret data storage device is not directly connected to the network in principle, but is exceptionally connected to a sufficiently secure network (hereinafter referred to as “secure network”), that is, secure. -Permits bidirectional data communication with data communication devices connected to the network.

  At present, the secure network that may permit the connection of the secret data storage device for the purposes of the present invention is the mobile communication network.

  In the mobile communication network, the current position of each data communication device belonging to the network, that is, the mobile communication terminal device is constantly monitored, and terminal identification data that strictly and uniquely identifies the mobile communication terminal device such as a telephone number. The connection state of each mobile communication terminal device to the mobile communication network is managed. In addition, since wireless data communication has a higher risk of hearing than wired data communication, the strength of encryption processing applied to data during data communication is also high. Therefore, in the mobile communication network, there is an extremely low risk that the confidential data is erroneously transmitted to the mobile communication terminal device that is not the transmission destination, or the confidential data is heard during transmission.

  Therefore, in the present invention, the secret data storage device is exceptionally permitted to connect to the mobile communication network, and the convenience in using the secret data by a legitimate user is enhanced. At present, the inventor of the present application knows no other than a mobile communication network as a secure network that is sufficiently safe for the purpose of the present invention. If secure networks that are sufficiently safe for the purpose of the present invention have appeared, these secure networks fall within the equivalent range of “mobile communication network” in the claims of the present application.

[Communication medium]
The unidirectional data transmission medium according to the present invention is largely (1) a unidirectional data transmission terminal provided in a data processing apparatus, that is, a communication medium (hereinafter referred to as “single data transmission terminal” connected to a data input terminal and a data output terminal). (Referred to as a “directional terminal communication medium”), (2) a communication medium connected to a bidirectional data communication terminal included in the data processing apparatus (hereinafter referred to as “bidirectional terminal communication medium”), and ( 3) Three types of communication media (for example, one terminal is unidirectional) that forms a unidirectional data transmission path regardless of whether the data communication terminal provided in the data processing device is unidirectional or bidirectional. And the other terminal may be for bidirectional use).

  Widely used unidirectional data transmission terminals are sound signal output terminals (so-called headphone terminals and speaker terminals) and sound signal input terminals (so-called microphone terminals).

  These sound signal terminals that are currently in practical use include those that transmit signals by electrical signals and those that transmit signals by optical signals. A metal cable in which a copper wire or the like is covered with a covering material is used as a communication medium for connecting an external device to a sound signal terminal according to the former method. On the other hand, an optical cable in which a glass fiber or the like is covered with a covering material is used for a sound signal terminal according to the latter method.

  In the present invention, the above-described existing sound signal terminals and their connection cables can be used as they are for forming a unidirectional data transmission path. For example, when the data communication device has a headphone terminal and the secret data storage device has a microphone terminal, the data communication device is connected to the secret data storage device by connecting the terminals with a metal cable or an optical cable. An outgoing unidirectional data transmission path is formed. Similarly, when the secret data storage device has a headphone terminal and the data communication device has a microphone terminal, the data communication device is connected to the data communication device by connecting the terminals with a metal cable or an optical cable. A unidirectional data transmission path toward the destination is formed.

  That is, a metal cable or an optical cable which is a sound signal transmission medium can be used as it is as a communication medium for a unidirectional terminal in the present invention.

  Note that the terminals for sound signals provided in existing data processing devices are provided for the purpose of inputting and outputting electrical signals or optical signals indicating sound, but the signals input to and output from these terminals do not necessarily sound. It does not have to be shown. Accordingly, for example, binary data of numerical values and text is output from the sound signal output terminal of the upstream data processing device and input to the sound signal input terminal of the downstream data processing device. Thus, it is possible to transmit data indicating numerical values and text between the data processing devices.

  Various terminals are currently used as terminals for bidirectional data communication. For example, a network cable terminal called an Ethernet (registered trademark) terminal or a LAN terminal, a USB (Universal Serial Bus) terminal, or the like is an example of a bidirectional data communication terminal.

  Since these bidirectional data communication terminals and connection cables therefor are originally designed for bidirectional data communication, they cannot be used as they are for forming a unidirectional data transmission path in the present invention. . Therefore, in the present invention, a communication medium for bidirectional terminals described below is newly proposed.

  First, the first bidirectional terminal communication medium optically forms a unidirectional data transmission path. Specifically, the first bidirectional terminal communication medium is a bidirectional data communication terminal (hereinafter, a USB terminal as an example) provided in the upstream data processing apparatus. A display to be connected and a camera to be connected to a USB terminal provided in the downstream data processing apparatus.

  The upstream data processing apparatus displays an image obtained by encoding data to be transmitted on a display connected to the USB terminal. On the other hand, the downstream data processing apparatus captures an image displayed on the display with a camera connected to the USB terminal, and receives the data by decoding the image data obtained by the imaging.

  As described above, since the first bidirectional communication medium transmits data when the camera captures an image displayed on the display, there is no possibility of data being transmitted in the reverse direction. This is because there is no physical means for transmitting data from the camera to the display.

  The display has, for example, a large number of light emitting elements arranged on a plane, and displays a specific image as a whole by controlling ON / OFF of light emission of these light emitting elements. The camera has a large number of light detection elements arranged on a plane, for example, and each light detection element that detects light outputs a signal, thereby generating a signal indicating a specific image as a whole.

  However, instead of a display having a large number of light emitting elements, a light emitting device having a single light emitting element is adopted, and instead of a camera having a large number of light detecting elements, a light detecting device having a single light detecting element is adopted. May be. In this case, although the data transmission speed cannot be increased, an inexpensive and highly durable bidirectional terminal communication medium is realized.

  The image displayed on the display (or the light emitted by the light emitting device) may display data in two colors such as black and white, or may be multicolored such as 16 colors (frequency with respect to each other). The data may be displayed with different light emission. In the latter case, as compared with the former case, a larger amount of information can be expressed by the same number of light emitting elements, so that the data transmission speed can be increased. In addition, when the image (or light emitted from the light emitting device) displayed on the display is multicolored, the light detecting element of the camera (or the light detecting device) also needs to be able to distinguish different colors from each other. is there.

  In the first bidirectional terminal communication medium, it is necessary to correctly arrange the above-described display and camera at positions facing each other so that light emitted from the display is received by the camera. For this reason, it is desirable to provide a housing, and arrange and fix the display and camera in a desired positional relationship therein. Furthermore, by covering the display and camera with the housing, it is possible to block external light, prevent dust and the like from adhering to the display and camera, and reduce noise during data transmission. .

  The second bidirectional terminal communication medium acoustically forms a unidirectional data transmission path. Specifically, the second bidirectional terminal communication medium is used as a bidirectional data communication terminal (hereinafter referred to as a USB terminal as an example) provided in the upstream data processing apparatus. A speaker to be connected and a microphone to be connected to a USB terminal provided in the downstream data processing apparatus are provided.

  The upstream data processing apparatus inputs a sound signal obtained by encoding data to be transmitted to a speaker connected to the USB terminal and causes it to sound. On the other hand, the data processing apparatus on the downstream side receives data by picking up the sound generated from the speaker with a microphone connected to the USB terminal and decoding the sound data obtained by picking up the sound.

  As described above, in the second bidirectional terminal communication medium, data is transmitted by the microphone picking up the sound generated from the speaker, so there is no possibility that the data is transmitted in the reverse direction. This is because there is no physical means for transmitting data from the microphone to the speaker.

  In the second bidirectional terminal communication medium, the sound produced from the speaker is desirably a sound in a frequency band that is inaudible to humans. This is because annoying noise is not emitted to surrounding people during data transmission via the second bidirectional terminal communication medium. If the sound produced from the speaker is inaudible, the microphone must also be able to pick up the inaudible sound.

  In addition, the sound generated from the speaker may be configured to generate a sound obtained by mixing sounds indicating different data in each of a plurality of divided frequency bands. In that case, since a large number of data can be transmitted simultaneously, the data transmission speed can be increased. In that case, in the downstream data processing device, when the sound indicated by the sound data obtained by picking up the sound is decoded, it is necessary to execute a process of separating the mixed sound for each frequency band.

  Similarly to the first bidirectional terminal communication medium, it is desirable that the second bidirectional terminal communication medium is provided with a casing, and the speaker and the microphone are arranged and fixed in a desired positional relationship in the casing. . For example, if the speaker and the microphone are too close, the level of sound picked up by the microphone becomes so high that a sound waveform cannot be detected correctly. Furthermore, by covering the speaker and the microphone with the housing, it is possible to block external noise, prevent dust and the like from adhering to the speaker and microphone, and reduce noise during data transmission. .

  The third bidirectional terminal communication medium includes a physical medium such as a copper wire used for upstream data communication provided in an existing bidirectional data communication cable, a copper wire used for downstream data communication, and the like. The data communication cable does not include any one of the physical media, or has a structure cut so that data transmission is impossible.

  For example, as a cable for a USB terminal, two cables for power supply and two cables for data communication are used. One of these two cables is used for upstream data communication, and the other is used for downstream data communication. Accordingly, by not providing one of them, a cable that can be connected to the USB terminal but can physically transmit data in only one direction can be obtained. The same applies to Ethernet (registered trademark) cables for LAN.

  The third bidirectional terminal communication medium has a demerit that it is difficult to distinguish from a normal bidirectional data communication cable in appearance compared to the first and second bidirectional terminal communication media. The structure is simple and can be manufactured at low cost, and generally has the advantage of high durability.

  By the way, a method of forming a unidirectional data transmission path using a display (or light emitting device) and a camera (or a light detection device) employed in the above-described first bidirectional terminal communication medium, and the above-described second In the method of forming a unidirectional data transmission path using a speaker (sound generator) and a microphone (sound detector) employed in a bidirectional terminal communication medium, each of the terminals on both sides is for unidirectional use. It can be used regardless of whether it is for interactive use.

  That is, since the device (display or speaker) connected to the upstream data processing device and the device (camera or microphone) connected to the downstream data processing device are independent from each other, the former is unidirectional data. A configuration may be adopted in which the latter is connected to the output terminal and the latter is connected to the bidirectional data communication terminal, or the former is connected to the bidirectional data communication terminal and the latter is unidirectional data input. The structure connected to the terminal for a data may be employ | adopted, and the structure to which both of them may be connected to the data communication terminal for unidirectional may be employ | adopted.

[Data communication system and data communication method]
Embodiments of a data communication system and a data communication method according to the present invention will be described below.

  A data communication system 1 illustrated in FIG. 1 includes a terminal device 11 operated by a user (hereinafter simply referred to as “user”) who is a valid user of confidential data, and the terminal device 11 via the Internet 30. A data communication device 12 that performs bidirectional data communication, a secret data storage device 13 that stores secret data, and a unidirectional data transmission medium 14 that is a communication medium that forms a unidirectional data transmission path are provided. The unidirectional data transmission medium 14 connects the data communication device 12 and the secret data storage device 13 to each other so as to form a unidirectional data transmission path from the data communication device 12 toward the secret data storage device 13. In the figure, the data transmission direction of the unidirectional data transmission medium is indicated by the direction of the apex of the triangle on the line indicating the connection. In addition, any of the above-described unidirectional data transmission media may be employed as the unidirectional data transmission medium 14.

  As an operation example of the data communication system 1, an operation of the data communication system 1 when the data communication system 1 is used for the purpose of mailing prizes to registered users who have answered a questionnaire will be described.

  First, the secret data storage device 13 stores a user database for managing registered user data. The user database includes records for storing data related to each registered user, and each record includes fields [user ID], [name], [address], and [questionnaire response flag] ( In the following, fields with [] indicate fields). The user ID, name, and address of the user are registered in advance in [User ID], [Name], and [Address]. In addition, “Yes” is registered in the [questionnaire answer flag] regarding the user who made the questionnaire answer. In this case, the data stored in [name] and [address] is confidential data.

  The data communication device 12 is a Web server device that distributes a Web page for presenting questionnaire questions, accepting responses from users, and the like. The user accesses the data communication device 12 using the browser function of the terminal device 11 and inputs his or her user ID, and then answers the questionnaire. At this time, bidirectional data communication is performed between the terminal device 11 and the data communication device 12 via the Internet 30.

  When the user answers the questionnaire, the data communication device 12 transmits instruction data including the user ID input by the user to the secret data storage device 13. The instruction data in this case is data instructing to store “Yes” in the “questionnaire answer flag” of the record identified by the user ID The secret data storage device 13 converts the instruction data into the instruction data according to the instruction data. A record is searched from the user database using the included user ID as a search key, and “Yes” is registered in the “questionnaire answer flag” of the searched record.

  The administrator of the data communication system 1 directly operates the secret data storage device 13 and performs address printing using the data of [name] and [address] of the record whose [questionnaire answer flag] is “Yes”, for example, Used for shipping process.

  The operation example of the data communication system 1 has been described above.

  In the data communication system 1, the contact between the secret data storage device 13 and the external data communication device is only connection with the data communication device 12 via the unidirectional data transmission medium 14. Therefore, even if the data communication device 12 tries to extract the secret data stored in the secret data storage device 13 in accordance with a virus program or the like, there is no means. Therefore, the confidential data is not leaked by the data communication system 1.

  Although the data communication system 1 is extremely robust in terms of data security as described above, it cannot be said that the data communication system 1 is always highly convenient and cannot cope with all use scenes. However, by expanding the data communication system 1, it is possible to construct a mechanism that can be used in various usage scenes. Several such examples are described below.

  A data communication system 2 shown in FIG. 2 includes a mobile communication terminal device 15 operated by a user in addition to the configuration of the data communication system 1. The mobile communication terminal device 15 is a terminal device belonging to the mobile communication network 31 and is strictly managed by a telephone number in the mobile communication network 31. Therefore, the message data addressed to the mobile communication terminal device 15 is not erroneously transmitted to another mobile communication terminal device. In addition, since the data communicated in the mobile communication network 31 is encrypted with high strength, even if someone listens to it, the possibility of the data contents leaking is extremely low.

  The secret data storage device 13 of the data communication system 2 includes a mobile data communication interface for performing bidirectional data communication with the mobile communication network 31. The mobile data communication interface may be built in the data communication device 12 or may be detachably connected to the data communication device 12 main body.

  In a mobile communication network, a message transmission mechanism widely known as SMS (Short Message Service) can be used. SMS is a mechanism for transmitting message data to a mobile communication terminal device identified by a telephone number. When message data is transmitted using SMS, the transmission source device does not directly transmit / receive data to / from the transmission destination device, but the message is sent to the mobile communication network management device (such as a base station). Send data unidirectionally.

  As an operation example of the data communication system 2, an operation of the data communication system 2 when the registered user confirms his / her registered address will be described.

  The user database stored in the secret data storage device 13 has a field [phone number] in addition to the field of the user database described in the operation example of the data communication system 1. In [telephone number], the telephone number of the user's mobile communication terminal device is registered in advance.

  The user operates the terminal device 11 to access the Web page of the data communication device 12 and inputs a user ID, and then instructs the data communication device 12 to confirm the registered address. In response to this instruction, the data communication device 12 generates instruction data including the user ID and transmits it to the secret data storage device 13. In this case, the instruction data indicates that a message including data registered in [address] of the record identified by the user ID is sent to the mobile communication terminal device identified by [phone number] by SMS. It is data to be.

  The secret data storage device 13 generates message data including the user's address in accordance with the instruction data received from the data communication device 12, and transmits the generated message data to the user's telephone number using SMS. As a result, the user can confirm his / her registered address by a message displayed on the display of the mobile communication terminal device 15.

  The operation example of the data communication system 2 has been described above.

  According to the data communication system 2, it is possible to transmit the secret data stored in the secret data storage device 13 only to a legitimate user who is permitted to use the secret data. At that time, as long as the mobile communication network operates correctly and the mobile communication terminal device is not physically handed over, the confidential data will not be leaked to anyone other than the authorized user.

  The data communication system 3 shown in FIG. 3 is greatly different from the configuration of the data communication system 2 in that a data communication device 16 and a data communication device 17 are added.

  The data communication device 16 is connected to the secret data storage device 13 by a unidirectional data transmission medium 18 that is a unidirectional data communication medium in a direction from the secret data storage device 13 to the data communication device 16.

  The data communication device 16 and the data communication device 17 perform bi-directional data communication with each other via the Internet 30 by secure communication connection with encryption such as VPN (Virtual Private Network).

  Further, in the data communication system 3, the secret data storage device 13 does not have a mobile data communication interface and therefore cannot perform data communication with the mobile communication network 31. Instead, the data communication device 16 has a mobile data communication interface, and can transmit message data using SMS to the mobile communication terminal device via the mobile communication network 31.

  As an operation example of the data communication system 3, an operation of the data communication system 3 when a registered user purchases a product on an EC (Electronic Commerce) site using a credit card will be described. In the following operation example, the data communication device 17 is a server device managed by a credit card company.

  The user database stored in the secret data storage device 13 has fields [user ID], [password], [name], [address], [phone number], [credit card information], and [product purchase information]. In addition, data corresponding to the field names is registered in advance in the fields other than [product purchase information].

  The user operates the terminal device 11 to access the EC site provided by the data communication device 12 and performs an operation of applying for purchase of a desired product. In the operation, data indicating the user ID, password, product ID, and purchase quantity is transmitted from the terminal device 11 to the data communication device 12.

  The data communication device 12 calculates the price based on the product ID and the purchase quantity, generates instruction data including the user ID, password, product name data, purchase quantity data, price data, and transaction ID, and conceals the generated instruction data. Transmit to the data storage device 13. The transaction ID is an ID for identifying a series of processes related to the product purchase in the data communication system 3 and is generated in the data communication apparatus 12.

  In this case, the instruction data collates the password included in the record identified by the user ID and the password included in the instruction data. If the collation is correctly performed, the credit card information included in the record is converted into the transaction ID and the price. This is data instructing transmission to the data communication device 16 together with the data.

  In accordance with the instruction data, the secret data storage device 13 searches for a record based on the user ID and collates the password. If the collation is successful, the secret data storage device 13 includes the data excluding the user ID and password included in the retrieved record and the instruction data. The included transaction ID and price data are transmitted to the data communication device 16.

  At the same time, the secret data storage device 13 stores status data “waiting for confirmation” in addition to the transaction ID, product name data, purchase quantity data, and price data included in the instruction data in [Product Purchase Information] of the retrieved record. To do.

  The data communication device 16 transmits the credit card information and the price data received from the secret data storage device 13 to the data communication device 17. The data communication device 17 confirms whether the credit balance of the user specified by the credit card information is equal to or greater than the price indicated in the price data, and after securing the credit for the price payment if the credit balance is sufficient Response data indicating that settlement is possible is transmitted to the data communication device 16.

  When the data communication device 16 receives the response data indicating that payment is possible, it generates message data for confirming the purchase of the product, and sends the generated message data to the telephone number of the user who received the confidential data storage device 13 from the SMS. To the mobile communication network 31. The product purchase confirmation message data includes the product name, purchase quantity, price, name, address, and transaction ID.

  The user checks the content of the product purchase confirmation message displayed on the mobile communication terminal device 15 and confirms the content. If there is no problem, the user operates the terminal device 11 to purchase the product on the purchase confirmation page of the EC site. Enter the transaction ID included in the confirmation message. The input transaction ID is transmitted from the terminal device 11 to the data communication device 12.

  When the data communication device 12 receives the transaction ID, the data communication device 12 generates instruction data including the transaction ID and transmits it to the secret data storage device 13.

  The secret data storage device 13 searches the user database for the transaction ID included in the instruction data according to the instruction data. The secret data storage device 13 updates the status data (corresponding to the transaction ID) registered in the field [product purchase information] of the record including the retrieved transaction ID from [Waiting for confirmation] to [Confirmation completed]. At the same time, the secret data storage device 13 transmits the transaction ID to the data communication device 16.

  When receiving the transaction ID, the data communication device 16 transmits the transaction ID to the data communication device 17 and issues a settlement instruction. The data communication device 17 applies the secured credit specified by the transaction ID to the payment of the price, completes the settlement process, and transmits response data indicating that to the data communication device 16.

  When the data communication device 16 receives the response data indicating the completion of the payment process, it generates message data for the product purchase completion notification, and sends the generated message data to the telephone number received from the secret data storage device 13 together with the transaction ID. To the mobile communication network 31. The message data of the product purchase completion notification includes the product name, purchase quantity, price, name, and address.

  The user waits for the product to be shipped after confirming the message of the product purchase completion notification displayed on the mobile communication terminal device 15. On the other hand, the manager of the data communication system 3 (the manager of the EC site) directly operates the secret data storage device 13 and ships the merchandise according to the merchandise purchase information registered in the user database together with the status data “confirmation completed”. To update the status data to [Delivery completed].

  When the data communication device 16 completes the transmission of the message data of the product purchase completion notification, the data communication device 16 erases all confidential data such as credit card information received from the confidential data storage device 13 from the storage means such as a hard disk. This is because the data communication device 16 is connected to the Internet 30 so as to minimize the leakage of confidential data in the event of infection with a virus program.

  The operation example of the data communication system 3 has been described above.

  In the data communication system 3, since the minimum necessary secret data is temporarily stored in the data communication device 16, when the data communication device 16 performs an illegal operation, it is stored in the data communication device 16 at that timing. There is a risk that the confidential data that is present leaks to the Internet 30. However, the secret data is not leaked directly to the Internet 30 from the secret data storage device 13 in which a large amount of secret data is stored.

  Compared to the configuration of the data communication system 3, the data communication system 4 shown in FIG. 4 includes a secret data storage device 19 first, and a unidirectional data communication medium in a direction from the data communication device 16 to the secret data storage device 19. The difference is that the unidirectional data transmission medium 20 is connected to the data communication device 16.

  The secret data storage device 19 is used, for example, for recording the result of processing using the secret data received from the secret data storage device 13 by the data communication device 16.

  The data communication system 4 is largely different in that the data communication device 16 and the data communication device 12 are connected by a unidirectional data transmission medium 21 from the data communication device 16 toward the data communication device 12. With this connection, the data communication system 4 does not require the use of the mobile communication network 31. Therefore, the user does not need to use the mobile communication terminal device 15, and the data communication device 16 does not need to have a mobile data communication interface.

  For example, in the operation example of the data communication system 3 described above, product purchase information indicating the result of a series of processing associated with product purchase is stored in the secret data storage device 13. Therefore, the administrator of the EC site who wants to use the result information needs to directly operate the secret data storage device 13. However, since the secret data storage device 13 can be used for various purposes at the same time, while the administrator of the EC site is using the secret data storage device 13, other users browse the data in the secret data storage device 13. The problem that it is not possible arises.

  Furthermore, as a more essential problem, it may be dangerous if the administrator of the EC site can browse all the confidential data stored in the confidential data storage device 13. Considering the risk of human information leakage and the risk of data corruption due to operational mistakes, it is desirable to minimize the chance of directly operating the secret data storage device 13.

  In the data communication system 4, data indicating the result of processing accumulated in the secret data storage device 13 in the data communication system 3 is accumulated not in the secret data storage device 13 but in the secret data storage device 19.

  Therefore, when the data communication system 4 is used as a product purchase system by an EC site, data stored as product purchase information is not recorded in the user database of the secret data storage device 13 but from the data communication device 16. The data is transmitted to the secret data storage device 19 and stored in the secret data storage device 19. In the product purchase process in the data communication system 4, it is not necessary to update the user database stored in the secret data storage device 13.

  According to the data communication system 4, the administrator of the EC site can perform processing such as product shipment by directly operating the secret data storage device 19 instead of the secret data storage device 13. Therefore, for example, when there are a plurality of EC sites, or when the data communication system 4 is used for purposes other than EC sites, a plurality of secret data storage devices 19 are prepared for each purpose, and each of them is stored as unidirectional data. Connecting to the data communication device 16 via the transmission medium 20 avoids the inconvenience that the managers wait for the order of operations in front of one secret data storage device 13 and also prevents unnecessary secrecy by the administrator. Access to data is prevented.

  Further, in the data communication system 4, the data communication realized by the process of transmitting message data using SMS in the data communication system 3 and inputting the transaction ID included in the message data by the user to the terminal device 11 is performed. Data feedback from the device 16 to the data communication device 12 is performed directly by a unidirectional data transmission path formed by the unidirectional data transmission medium 21.

  That is, the data communication device 16 directly transmits the confidential data such as the name and address acquired from the confidential data storage device 13 directly to the data communication device 12 via the unidirectional data transmission medium 21 in order to confirm the purchase of the product for the user. Send. The data communication device 12 can prompt the user to confirm the purchase of the product by reflecting the information on the screen of the EC site.

  The secret data temporarily stored in the data communication device 12 is deleted from the storage means when a series of merchandise purchase processing is completed, as in the data communication device 16. This is because the data communication device 12 is also connected to the Internet 30.

  According to the data communication system 4, the user can perform a series of product purchase processing by operating only the terminal device 11 without operating the mobile communication terminal device 15, which is convenient.

  The data communication system 4 seems to have a security level lower than that of the data communication system 3 in light of the purpose of protecting the confidential data stored in the confidential data storage device 13 from leakage.

  This is because, for example, the data communication device 12 obtains the confidential data stored in the confidential data storage device 13 via the data communication device 16 by sequentially transmitting the correct user ID and password combination to the confidential data storage device 13. This is because it can be done.

  However, in this example, in order for an unauthorized data user to acquire all the confidential data stored in the confidential data storage device 13 via the data communication device 12, the unauthorized data user must be the correct user. You need to know your ID and password. That is, if the secret data has not already leaked, the secret data will not leak. (In the state where the personal authentication information such as the user ID and password has already been leaked, an unauthorized data user does not need to cause the data communication apparatus 12 to perform unauthorized processing in the first place.)

  Therefore, the security level of the data communication system 4 can be evaluated to be almost the same level as the data communication system 3.

  FIG. 5 is a diagram showing the data communication system 5 having a configuration in which the configuration of the data communication system 4 is slightly changed. Specifically, the data communication device 12 also serves as the data communication device 16 in the data communication system 4. In other words, the data communication device 12 of the data communication system 5 is obtained by integrating the data communication device 12 and the data communication device 16 in the data communication system 4.

  According to the data communication system 5, compared with the data communication system 4, the same function can be obtained with a simpler system configuration.

[Modification]
The above-described embodiments can be variously modified within the scope of the technical idea of the present invention. Examples of such modifications are shown below.

  In the data communication system 3, the data communication system 4, and the data communication system 5 described above, the terminal device 11 exclusively performs bidirectional data communication with the data communication device 12. Two-way data communication with the communication device 16 may be permitted. For example, the terminal device 11 may access the data communication device 12 and the data communication device 16 at the same time, and receive a response to the data provision instruction transmitted to the data communication device 12 from the data communication device 16.

  In the data communication system 3 described above, when the data communication device 16 transmits message data to the user, an e-mail via the Internet 30 is used instead of the message data by SMS via the mobile communication network 31. You may comprise so that it may transmit.

  In that case, since the data communication device 16 is originally connected to the Internet 30, at least from the viewpoint of protecting the confidential data stored in the confidential data storage device 13, the security level is lowered by the introduction of e-mail. There is no. However, since electronic mail is vulnerable to hearing, the security level is lowered in that respect as compared with the case of using message data via the mobile communication network 31.

  In addition, a device other than the secret data storage device 13 and the data communication device 16 may be able to transmit a message to the user by transmitting message data via the mobile communication network 31. That is, the secret data storage device 19 in place of the secret data storage device 13 or the data communication device 12 in place of the data communication device 16 transmits necessary data to the user's mobile communication terminal device 15 by SMS. The structure to perform may be employ | adopted.

  Further, the terminal device 11 and the mobile communication terminal device 15 are not independent devices, and may be integrated into a terminal device such as a smartphone having these functions. In this case, the user can operate with the same terminal device, which is convenient.

  Further, the above-described communication media for forming a unidirectional data transmission path are merely examples, and other types of communication media for unidirectional data transmission may be employed. For example, instead of an optical or acoustic communication medium, a magnetic communication medium is also conceivable. In this case, a unidirectional communication medium is constituted by the magnetic generator connected to the upstream data processing device and the magnetic detection device connected to the terminal of the downstream data processing device.

  In addition, the apparatus which comprises the data communication system mentioned above may be implement | achieved by making a general computer perform the process according to a predetermined application program, and may be implement | achieved by hardware as what is called a dedicated machine. .

  The communication medium according to the present invention, the data communication system using the same, and the data communication method executed in the operation of the data communication system bring about the effect of enhancing the data security in the use of data via the network. Available in the industry.

DESCRIPTION OF SYMBOLS 1 ... Data communication system, 2 ... Data communication system, 3 ... Data communication system, 4 ... Data communication system, 5 ... Data communication system, 11 ... Terminal device, 12 ... Data communication device, 13 ... Secret data storage device, 14 ... Unidirectional data transmission medium, 15 ... mobile communication terminal, 16 ... data communication apparatus, 17 ... data communication apparatus, 18 ... unidirectional data transmission medium, 19 ... secret data storage apparatus, 20 ... unidirectional data transmission medium, 21 ... Unidirectional data transmission medium, 30 ... Internet, 31 ... Mobile communication network

Claims (4)

A first data communication device, which is a data communication device having a data transmission / reception means for performing bidirectional data communication with an external data communication device via a network, and the same or different data as the first data communication device A second data communication device which is a communication device;
A first data storage device having storage means for storing data to be concealed,
The first data communication device has a unidirectional data output terminal or a bidirectional data input / output terminal;
The first data storage device has a unidirectional data input terminal or a bidirectional data input / output terminal;
When the first data communication device has a unidirectional data output terminal and the first data storage device has a unidirectional data input terminal, the data output terminal of the first data communication device A communication medium that connects the data input terminals of the first data storage device to each other and forms a communication path for unidirectional data transmission from the first data communication device to the first data storage device; ,
When the first data communication device has a unidirectional data output terminal and the first data storage device has a bidirectional data input / output terminal, or the first data communication device has bidirectional data When the first data storage device has an input / output terminal and the unidirectional data input terminal, the first data communication device and the first data storage device are connected to each other to connect the first data A communication medium forming a communication path for unidirectional data transmission from a communication device to the first data storage device,
A first terminal connected to the first data communication device;
A second terminal connected to the second data communication device;
Light emitting means for emitting light in accordance with data input to the first terminal from the first data communication device;
A light detecting means for detecting the light emitted by the light emitting means and outputting data corresponding to the detected light to the second terminal, from the first data communication device to the second data communication device. A first communication medium that forms a communication path for unidirectional data transmission toward;
as well as,
A first terminal connected to the first data communication device;
A second terminal connected to the second data communication device;
Sound generation means for generating sound according to data input to the first terminal from the first data communication device;
Sound detection means for detecting sound generated by the sound generation means and outputting data corresponding to the detected sound to the second terminal; from the first data communication device to the second data communication device. Comprising any one of two types of communication media, a second communication medium that forms a communication path for unidirectional data transmission toward
When each of the first data communication device and the first data storage device has a bidirectional data input / output terminal, the first data communication device and the first data storage device are connected to each other, and A communication medium forming a communication path for unidirectional data transmission from a first data communication device to the first data storage device,
The first communication medium;
The second communication medium;
as well as,
A first terminal connected to the first data communication device having a bidirectional data input / output terminal, and a second terminal connected to the second data communication device having a bidirectional data input / output terminal And
Physical means for transmitting data in a direction from the first terminal toward the second terminal, and physical means for transmitting data in a direction from the second terminal toward the first terminal; A communication medium of any one of the three types of communication mediums of a third communication medium that forms a communication path for unidirectional data transmission from the first data communication apparatus to the second data communication apparatus. ,
The second data communication device has a unidirectional data input terminal or a bidirectional data input / output terminal,
When the first data storage device has a unidirectional data output terminal and the second data communication device has a unidirectional data input terminal, the data output terminal of the first data storage device and A communication medium that connects the data input terminals of the second data communication device to each other and forms a communication path for unidirectional data transmission from the first data storage device to the second data communication device; ,
When the first data storage device has a unidirectional data output terminal and the second data communication device has a bidirectional data input / output terminal, or the first data storage device has bidirectional data When the second data communication device has an input / output terminal and the second data communication device has a unidirectional data input terminal, the first data storage device and the second data communication device are connected to each other to connect the first data A communication medium forming a communication path for unidirectional data transmission from a storage device to the second data communication device,
The first communication medium;
as well as,
Comprising any one of the two types of communication media of the second communication medium,
When each of the first data storage device and the second data communication device has a bidirectional data input / output terminal, the first data storage device and the second data communication device are connected to each other, and A communication medium forming a communication path for unidirectional data transmission from a first data storage device to the second data communication device,
The first communication medium;
The second communication medium;
as well as,
Comprising any one of the three types of communication media of the third communication medium,
The first data communication device and the second data communication device are different data communication devices,
The second data communication device has a unidirectional data output terminal or a bidirectional data input / output terminal,
The first data communication device has a unidirectional data input terminal or a bidirectional data input / output terminal;
When the second data communication device has a unidirectional data output terminal and the first data communication device has a unidirectional data input terminal, the data output terminal of the second data communication device; A communication medium that connects the data input terminals of the first data communication device to each other and forms a communication path for unidirectional data transmission from the second data communication device to the first data communication device; ,
When the second data communication device has a unidirectional data output terminal and the first data communication device has a bidirectional data input / output terminal, or the second data communication device has bidirectional data When the first data communication device has an input / output terminal and the first data communication device has a unidirectional data input terminal, the second data communication device and the first data communication device are connected to each other to connect the second data A communication medium forming a communication path for unidirectional data transmission from a communication device to the first data communication device,
The first communication medium;
And any one of the two types of communication media of the second communication medium,
When each of the second data communication device and the first data communication device has a bidirectional data input / output terminal, the second data communication device and the first data communication device are connected to each other, and A communication medium that forms a communication path for unidirectional data transmission from a second data communication device to the first data communication device,
The first communication medium;
The second communication medium;
as well as,
A data communication system comprising any one of the three types of communication media of the third communication medium. A data storage device having storage means for storing data to be concealed, comprising a second data storage device which is a data storage device different from the first data storage device,
The second data communication device has a unidirectional data output terminal or a bidirectional data input / output terminal,
The second data storage device has a unidirectional data input terminal or a bidirectional data input / output terminal;
When the second data communication device has a unidirectional data output terminal and the second data storage device has a unidirectional data input terminal, the data output terminal of the second data communication device A communication medium that connects the data input terminals of the second data storage device to each other and forms a communication path for unidirectional data transmission from the second data communication device to the second data storage device; ,
When the second data communication device has a unidirectional data output terminal and the second data storage device has a bidirectional data input / output terminal, or the second data communication device has bidirectional data When the second data storage device has an input / output terminal and the unidirectional data input terminal, the second data communication device and the second data storage device are connected to each other to connect the second data A communication medium that forms a communication path for unidirectional data transmission from a communication device to the second data storage device,
The first communication medium;
as well as,
One of the two types of communication media of the second communication medium
When each of the second data communication device and the second data storage device has a bidirectional data input / output terminal, the second data communication device and the second data storage device are connected to each other, and A communication medium that forms a communication path for unidirectional data transmission from a second data communication device to the second data storage device,
The first communication medium;
The second communication medium;
as well as,
The data communication system according to claim 1, comprising any one of the three types of communication media of the third communication medium. The data communication system according to claim 1, wherein
The first data communication device generating instruction data instructing processing using the data to be concealed stored in the storage means of the first data storage device;
The first data communication device transmits the instruction data to the first data storage device via the communication path of the unidirectional data transmission from the first data communication device to the first data storage device. Sending to
The first data storage device performing processing using the data to be concealed stored in the storage means of the first data storage device in accordance with an instruction indicated by the instruction data;
With
The step of executing the processing includes: the first data storage device storing at least a part of the data to be concealed stored in the storage means of the first data storage device in the first data storage. Transmitting via a communication path of the unidirectional data transmission from the device to the second data communication device,
Data obtained as a result of processing using at least a part of the data to be concealed transmitted from the first data storage device by the second data communication device is transmitted from the second data communication device. A data communication method comprising: transmitting via the communication path of the unidirectional data transmission toward the first data communication device. The data communication system according to claim 2, wherein
Data obtained as a result of processing using at least a part of the data to be concealed transmitted from the first data storage device by the second data communication device is transmitted from the second data communication device. The data communication method according to claim 3, further comprising a step of transmitting via the communication path of the unidirectional data transmission toward the second data storage device.