JP2014236474A - Setting data encryption device, information processing apparatus, setting change method, setting data encryption program and setting change program - Google Patents

Abstract

The present invention provides a technique for more quickly changing a setting related to the performance of an information processing apparatus (server or the like). On the mass production factory side, for each item whose setting related to the performance of the CL device 30 which is a customer information processing device is to be changed using the terminal device 20, the type data and setting value of the item are set. Encrypted together and created as PMLKD2, which is data expressed in a character string format. The CL device 30 can manually input PMLKD2, decodes the manually input PMLKD2, and changes the setting value for each item. Therefore, various electronic transfers such as e-mail, telephone, and facsimile can be used for transmission of PMLKD 2 for causing the customer's worker to change the setting of the CL device 30. [Selection] Figure 2

Description

  The disclosed technology relates to a technology for changing settings related to the performance of an information processing apparatus such as a server.

  Currently, among manufacturers that sell or rent information processing devices such as servers (hereinafter referred to as “servers”), there are manufacturers that provide servers that can change settings related to performance. The settings related to performance include the number of CPUs (Central Processing Units) that actually operate on the server, the amount of usable memory, the validity / invalidity of optional functions, and the like.

  A maker that provides a server capable of changing such settings usually collects charges according to the settings. Hereinafter, unless otherwise specified, the term “setting” is used to refer to a function related to the performance of changing the collection amount (sales amount or rental (use) fee). The setting data is hereinafter referred to as “model lock data”.

  A customer who uses a server whose settings can be changed can change the settings according to the performance required for the server. For example, customers can choose low-performance settings during periods when the amount of data to be processed is considered to be relatively small, reduce payments, and select higher-performance settings by increasing the amount of data. be able to. The customer can also take the opposite action. Since the performance can be changed by changing the setting, it is not necessary to change the server itself. For this reason, the server whose settings can be changed is convenient for the customer to perform necessary data processing while suppressing the payment amount. The amount paid by the customer is hereinafter referred to as “usage fee” for convenience.

  FIG. 1 is a diagram illustrating an example of model lock data. Model lock data 1 (1-1 to 1-8) shown in FIG. 1 is for changing the setting of a plurality of setting items. In FIG. 1, only the model ID, the number of CPUs, and the clock are shown as setting items. The setting item is described as “model lock word”.

  The model ID is a model lock word (setting item) for roughly classifying performance. FIG. 1 shows that the performance increases as the value of the model ID increases. The number of CPUs is a model lock word that designates the number of CPUs that actually operate, and the clock is a model lock word that designates the frequency of a clock for operating the CPU.

  The model lock data 1 as shown in FIG. 1 not only relates to the usage fee collected from the customer, but also directly affects the performance of the server used by the customer. Therefore, confidentiality is required for the model lock data 1. Thereby, the model lock data 1 is encrypted and input to the server in an encrypted state.

  For the encryption of the model lock data 1, a common key cryptosystem that uses the same key for decryption is usually employed. As the key (key), unique information that differs depending on the server is usually adopted. Thereby, the setting of the model lock data 1 after encryption can be changed only in the target server without inputting a key.

  The model lock data 1 is encrypted on the manufacturer side. Servers used by customers are not always installed in facilities (for example, data centers) managed by manufacturers. Further, the server is not always connected to the manufacturer's terminal device via the network. Since the manufacturer's terminal device is not used for server management or the like, the necessity of connecting to the server is very low. There is also a possibility that the server is not connected to the outside. For this reason, the actual situation is that a network environment in which the manufacturer's terminal device can be connected to the server cannot be expected.

  Since the network environment cannot be expected, the customer engineer (CE) inputs model lock data to the server. The encrypted model lock data 1 is data expressed in a binary number and has a large number of bits. Therefore, the input of the encrypted model lock data 1 is normally performed by recording the encrypted model lock data 1 on a portable recording medium and causing the server to read the recording medium. .

  In order for the server to read the recording medium in which the encrypted model lock data 1 is recorded, it is necessary for the manufacturer to prepare the recording medium and deliver the prepared recording medium. Alternatively, the encrypted model lock data 1 needs to be transmitted from the manufacturer side to the terminal device operated by the CE via the network, and the received model lock data 1 needs to be written in a recording medium accessible by the terminal device. . However, in any method, it is difficult to quickly change the server settings.

  In the method of preparing a recording medium on the manufacturer side, since it takes time to deliver the recording medium, it is difficult to quickly change the setting of the server. In the method of transmitting the model lock data 1 via the network, there is a possibility that the model lock data 1 cannot be transmitted via the network. In addition, there may be a possibility that the CE does not have a terminal device that can access a server-readable recording medium, a possibility that there is no usable recording medium, and the like. Either possibility hinders quick change of server settings.

  Server settings may be urgently requested by customers. If the possibility is taken into consideration, it seems important to make it possible to change the setting of the server quickly.

JP 2003-303028 A JP 2007-11944 A

  In one aspect, an object of the present invention is to provide a technique that can more quickly change a setting related to the performance of an information processing apparatus (such as a server).

  One system to which the present invention is applied is input via an input unit for inputting setting data representing contents to be newly set to an information processing apparatus whose settings related to performance are to be changed. An encryption unit that encrypts the setting data; and an output unit that outputs the encrypted data obtained by encrypting the design data by the encryption unit in a character string format.

  When the present invention is applied, it is possible to more quickly change the settings related to the performance of the information processing apparatus (server or the like).

It is a figure explaining the example of model lock data. It is a figure explaining the change method of the setting regarding the performance of information processing apparatus implement | achieved by this embodiment. It is a flowchart showing the work procedure example in the case of changing the setting regarding the performance of the information processing apparatus in this embodiment. It is a figure explaining the function structural example of the setting data encryption apparatus by this embodiment. It is a figure explaining the functional structural example of CL apparatus which is the information processing apparatus by this embodiment. It is a figure showing the example of the selection screen and PMLKD input screen which a CL apparatus displays. It is a figure showing the example of a change log | history screen. It is a flowchart of a data creation process. It is a flowchart of an update process. It is a figure showing the example of a structure of the information processing apparatus which can be used as a setting data encryption apparatus by this embodiment. It is a figure showing the structural example of CL apparatus which is the information processing apparatus by this embodiment.

Hereinafter, embodiments of the present invention will be described in detail with reference to the drawings.
FIG. 2 is a diagram illustrating a method for changing settings related to the performance of the information processing apparatus, which is realized by the present embodiment. FIG. 3 is a flowchart illustrating an example of a work procedure when changing settings related to the performance of the information processing apparatus according to the present embodiment. First, with reference to FIG. 2 and FIG. 3, the change method implement | achieved by this embodiment and the work procedure which implement | achieves the change method are demonstrated concretely.

  In FIG. 2, 20 is a terminal device (for example, a PC (Personal Computer)) installed in a mass production factory where a manufacturer manufactures an information processing device, and 30 is an information processing device delivered to a customer. The terminal device 20 is an information processing device on which the setting data encryption device according to the present embodiment is mounted, and the information processing device 30 is an information processing device according to the present embodiment. Hereinafter, the information processing apparatus 30 manufactured by the manufacturer is referred to as “CL apparatus”. “CL” is an abbreviation for Client.

  A worker who operates the terminal device 20 in the mass production factory creates model lock data in response to a request from a customer. In the present embodiment, the model lock data is assumed to have a plurality of model lock words (items) as shown in FIG.

  In this embodiment, the setting change of the CL apparatus 30 is made possible by manual input by a worker (CE). In this embodiment, setting change for each model lock word is made possible so that the amount of data manually input by the worker can be minimized. “PMLKD” shown in FIG. 2 is an abbreviation for Partial Model Lock Data, and is data for changing the setting of one model lock word.

  In order to be able to change the setting for each model lock word, it is necessary to be able to specify the model lock word to which PMLKD corresponds. Therefore, in this embodiment, data representing the model lock word (hereinafter referred to as “model lock word type data”), data representing the setting contents of the model lock word (hereinafter referred to as “set value”), Are encrypted together.

  2 in FIG. 2 is the encrypted PMLKD, more precisely, the PMLKD output from the terminal device 20. “A2EG78-IS2261” represents an example of the contents of the output PMLKD2. The reference numeral 2 is attached only to PMLKD in the character string format.

  For encryption, a common key cryptosystem that uses the same key for decryption is employed. As the key (key), different unique information is adopted for each CL device 30. Hereinafter, a serial ID (IDentifier) is assumed as the unique information.

  As shown in FIG. 2, in this embodiment, PMLKD2 is output in a character string format (here, an alphanumeric character string format). This is because there are advantages in that the number of digits (number of characters) is reduced and the content can be easily recognized as compared with data expressed in binary numbers. These advantages allow PMLKD2 to be manually entered accurately and quickly. Enabling the setting change for each model lock word has an effect of reducing the number of characters of PMLKD2.

  Since PMLKD2 is output in a data representation that can be easily input manually, the necessity of recording PMLKD2 on a recording medium is reduced. This is because the operator can appropriately change the setting of the CL device 30 by transmitting the PMLKD 2 information to the worker in charge of the setting change of the customer's CL device 30.

  Various electronic transfers can be used for information transmission of the PMLKD2. As the electronic transfer, not only electronic mail but also telephone and facsimile can be used. As the number of options for information transmission increases, the manufacturer (or vendor) may select an appropriate option according to the customer. By improving such convenience, prompt information transmission to the customer's workers can be performed more reliably. The information to be transmitted is data in the form of a character string, and the number of digits is smaller than that of binary representation data, and it is easy to recognize. For this reason, the setting change of the CL device 30 as requested by the customer can be performed quickly and accurately.

  The setting change of the CL device 30 by creating the PMLKD 2 is realized by a work procedure as shown in FIG.

  The terminal device 20 stores a program (hereinafter referred to as “model lock tool”) used for creating PMLKD2. When creating the PMLKD2, the worker causes the terminal device 20 to execute the model lock tool and inputs data necessary for creating the PMLKD2 (SM1). The data to be input (or specified) by the operator includes at least the unique information (serial ID) assigned to the target CL device 30, the type of the target model lock word, and the model lock word of that type. A setting value representing the content to be newly set is included. In the present embodiment, in addition, the terminal device 20 adds a dummy set with a password of the terminal device 20 and check data. The type and setting value of the model lock word must be input for each model lock word. The check data is for confirming whether an error has occurred in the data group of the dummy, model lock data type data, and set value data. The dummy is data used to further improve the confidentiality, and makes it difficult to analogize the model lock word and its set value.

  The operator who has input all the data to be input (designated) instructs the model lock tool to create PMLKD2. In response to the instruction, the terminal device 20 that executes the model lock tool encrypts the model lock word type data and the set value data together for each model lock word using the input unique information, and the character string format. (SM2).

  The PMLKD2 output in the character string format is notified to the customer's worker by e-mail, telephone, facsimile or the like by a worker in the mass production factory (for example, a worker who operates the terminal device 20).

  The customer's worker inputs the notified PMLKD2 manually into the CL device 30 and instructs the application (SC1). In response to the instruction, the CL device 30 decrypts the input PMLKD2 using its own serial ID (SC2). After the decryption, the CL device 30 determines whether or not the decrypted check data matches the decrypted dummy, model lock data type data, and check data obtained from the set value data (SC3). ). As a result, when the check data match (Yes in SC3), the CL device 30 changes the setting using the input PMLKD2 (SC4). If the check data do not match (No in SC3), the CL device 30 notifies the operator that an error has occurred, and does not change the setting using the input PMLKD2 (SC5).

  FIG. 4 is a diagram illustrating an example of a functional configuration of the setting data encryption device according to the present embodiment. Next, the setting data encryption device according to the present embodiment installed in the terminal device 20 will be described in detail with reference to FIG.

  As shown in FIG. 4, the setting data encryption apparatus according to the present embodiment includes a UI (User Interface) unit 201, a data creation unit 202, an encryption unit 203, a medium creation unit 204, a PMLKD data creation unit 205, and a PMLKD cipher. A conversion unit 206 is provided. The data creation unit 202, the encryption unit 203, and the medium creation unit 204 are model lock data encrypted in a portable recording medium (indicated as “portable medium” in FIG. 4; hereinafter, this notation is used) 220. It is a function for recording. Hereinafter, recording the encrypted model lock data on the portable medium 220 is expressed as creation of the portable medium 220 or the like. The PMLKD data creation unit 205 and the PMLKD encryption unit 206 are functions for creating and outputting PMLKD2.

  The UI unit 201 is a function that enables creation of a screen to be presented to an operator who operates the terminal device 20 and data input (including various instructions here) of the operator. The UI unit 201 first displays a selection screen and allows the operator to select a creation target. By the selection, the creation target is specified as one of the portable medium 220 and PMLKD2. Thereafter, the UI unit 201 causes the operator to input data according to the selection result.

  Data input is performed, for example, in the order of serial ID input → setting value data input of the CL device 30 to be changed. The creation history database (DB) 211 stores setting value data input in the past for each CL device 30. The serial ID is data that can uniquely identify the CL device 30. In the present embodiment, the serial ID is first input so that the worker can check the setting value data input in the past.

  When the operator selects creation of PMLKD2, the UI unit 201 displays an input screen for inputting a serial ID, and allows the operator to input the serial ID. The serial ID input by the worker on the input screen is notified from the UI unit 201 to the PMLKD data creation unit 205. The serial ID is stored as the encryption key 213.

  The PMLKD data creation unit 205 searches the creation history DB 211 using the notified serial ID as a key, and extracts the last specified setting value and creation date for each model lock word. The model lock word is also subject to change in content due to the creation of the portable medium 220. This is to allow the operator to check the current setting value of each model lock word.

  The extracted data is notified from the PMLKD data creation unit 205 to the UI unit 201, and the UI unit 201 displays a setting value input screen in which the notified data is arranged in time series. The history arranged on the screen basically has contents as shown in FIG.

  FIG. 7 itself is a change history screen 701 that represents a history that the CL device 30 has changed settings in the past. In the change history screen 701, for each model lock word whose setting value has been changed, a character string indicating the type of the model lock word, the contents of the setting value data, and the date of change of setting (here, the time is included) ) Is arranged. “CPU NUMBER”, “MSU SIZE”, and “ESA MODE” expressed as character strings respectively represent the number of CPUs, the capacity of the main storage device, and the ESA (Enterprise Service Architecture) mode. Thus, for example, “4 CPU” indicates that the number of CPUs is 4, and “512 MB” indicates that the capacity of the main storage device is 512 MB. ESA is a specification that supports all the main functions of SOA (Service Oriented Architecture), and “ENABLE” described as a setting value of the ESA mode indicates that the ESA mode is valid.

  A character string, a set value, and a date indicating the type of the model lock word for each model lock word are also displayed in a list on the set value input screen. Thereby, the operator selects the model lock word whose setting is to be changed and inputs the setting value while confirming the current setting content. The selected model lock word and the input set value are notified from the UI unit 201 to the PMLKD data creation unit 205 when, for example, the operator instructs the end of the input.

  Some model lock words require setting values to be determined according to the setting values of other model lock words. For example, in order to achieve high performance, it is desirable to set a larger number as the number of CPUs, set a larger capacity as the capacity of the main storage device, and the like. For this reason, for example, it is highly possible that the operator does not intend to set the minimum capacity as the capacity of the main storage device while setting the maximum number as the number of CPUs. Therefore, in this embodiment, setting value information 212 is prepared for determining whether or not the setting value input with the model lock word of the type selected by the operator is appropriate.

  When the selected model lock word and the input setting value are notified from the UI unit 201, the PMLKD data creation unit 205 refers to the setting value information 212, and the setting value input with the model lock word is valid. It is determined whether or not. If it is determined that it is not valid, the PMLKD data creation unit 205 notifies the UI unit 201 to that effect. In response to the notification, the UI unit 201 displays a setting input screen on which, for example, a message prompting the operator to confirm the input content is arranged. Thereby, the input of the setting value that is not valid is at least invalidated.

  On the other hand, if it is determined to be valid, the PMLKD data creation unit 205 notifies the PMLKD encryption unit 206 of the type and setting value for each model lock word. In response to this notification, the PMLKD encryption unit 206 encrypts the type data representing the type and the set value together for each model lock word using the serial ID as an encryption key. The PMLKD that is encrypted data obtained by the encryption is notified to the UI unit 201 via the PMLKD data creation unit 205.

  The UI unit 201 displays the content of each notified PMLKD in a character string format. As a result, the worker can transmit the displayed PMLKD 2 to the customer's worker using various electronic transfers such as e-mail, telephone, or facsimile.

  When the worker selects creation of the portable medium 220 on the selection screen displayed by the UI unit 201, the UI unit 201 displays the input screen next, and the serial ID of the CL device 30 that is the setting change target. Let the operator input. The serial ID input by the worker on the input screen is notified from the UI unit 201 to the data creation unit 202. The serial ID is stored as the encryption key 213.

  The data creation unit 202 searches the creation history DB 211 using the notified serial ID as a key, and generates model lock word type data for each model lock word for which PMLKD2 has been created or whose setting value has been changed in the past. The setting value and creation date are extracted. The extracted data is notified from the data creation unit 202 to the UI unit 201, and the UI unit 201 displays a setting value input screen in which the notified data is arranged.

  The operator selects a model lock word whose setting is to be changed and inputs a setting value while confirming the current setting content. The selected model lock word and the input set value are notified from the UI unit 201 to the data creation unit 202, for example, when the operator instructs the end of input.

  Similar to the PMLKD data creation unit 205, the data creation unit 202 refers to the setting value information 212 and determines whether or not the input setting value is appropriate for each selected model lock word. If there is a model lock word determined to be invalid, the data creation unit 202 notifies the UI unit 201 to that effect. In response to the notification, the UI unit 201 displays a setting input screen on which, for example, a message prompting the operator to confirm the input content is arranged. Thereby, the input of the setting value that is not valid is at least invalidated.

  On the other hand, if it is determined to be valid, the data creation unit 202 notifies the encryption unit 203 of the setting value for each model lock word. In the model lock word in which the operator has not input a setting value, the latest setting value stored in the creation history DB 211 is notified to the encryption unit 206. Thereby, the encryption unit 203 collectively encrypts all model lock word setting values, that is, model lock data, using the serial ID as an encryption key. The encrypted data (model lock data) obtained by the encryption is notified to the medium creating unit 204.

  The medium creation unit 204 writes the encrypted data notified from the encryption unit 203 to the portable medium 220 set by the worker. After writing the encrypted data, the medium creating unit 204 notifies the encryption unit 203 to that effect.

  With this notification, the encryption unit 203 notifies the data creation unit 202 of the end of encryption to the data creation unit 202. The data creation unit 202 notifies the UI unit 201 of the end of creation of the portable medium 220 by the notification. In response to the notification, the UI unit 201 displays a screen for notifying the worker of the completion of the creation of the portable medium 220.

  FIG. 10 is a diagram illustrating a configuration example of an information processing apparatus that can be used as the setting data encryption apparatus according to the present embodiment. A configuration example of the information processing apparatus that can be used as the setting data encryption apparatus according to the present embodiment, that is, the terminal apparatus 20 used in the mass production factory, will be specifically described with reference to FIG.

  As shown in FIG. 10, the information processing apparatus includes a CPU 101, a ROM 102, a memory (memory module) 103, a NIC (Network Interface Card) 104, a hard disk device (HD) 105, a medium driving device 106, a display device 107, and an input device. 108 and a controller 109. This configuration is an example of an information processing device that can be used as the terminal device 20, and the configuration of the information processing device that implements the setting data encryption device according to the present embodiment is limited to that shown in FIG. Not.

  The ROM 102 is a memory that stores a basic input / output system (BIOS). This BIOS is read out to the memory 103 by the CPU 101 and executed. The hard disk device 105 stores an OS (Operating System) and various programs (for example, an application program, hereinafter abbreviated as “application”) including a model lock tool operating on the OS. After the activation of the BIOS is completed, the CPU 101 can read out the OS and various programs to be executed from the hard disk device 105 via the controller 109 and execute them. Communication via the NIC 104 is enabled by starting up the BIOS or OS.

  The NIC 104 enables communication via a network such as a LAN (Local Area Network). Electronic transfer for information transmission of PMLKD 2 by e-mail, telephone, facsimile, or the like can be performed using this NIC 104.

  The medium driving device 106, the display device 107, and the input device 108 are connected to the controller 109 together with the hard disk device 105. The CPU 101 controls the medium driving device 106, displays the screen on the display device 107, and recognizes the operation performed on the input device 108 via the controller 109. The medium driving device 106, the display device 107, and the input device 108 may all be removable.

  The medium driving device 106 is a device that can access the portable medium 220. The display device 107 is used for displaying various screens. The input device 108 includes, for example, a keyboard and a pointing device, and enables various data inputs or instructions.

  As described above, the model lock tool is an application that runs on the OS, for example, and is stored in the hard disk device 105. The creation history DB 211 and the setting value information 212 are also stored on the hard disk device 105, for example. The encryption key 213 is stored on the memory 103. Under such assumption, the UI unit 201 is realized by the CPU 101, the ROM 102, the memory 103, the hard disk device 105, the display device 107, the input device 108, and the controller 109.

  The data creation unit 202, encryption unit 203, PMLKD data creation unit 205, and PMLKD encryption unit 206 are realized by the CPU 101, ROM 102, memory 103, hard disk device 105, and controller 109. The medium creating unit 204 is realized by the CPU 101, the ROM 102, the memory 103, the hard disk device 105, the medium driving device 106, and the controller 109.

  FIG. 8 is a flowchart of the data creation process. This data creation process is a process realized by execution of the model lock tool, and the creation of the portable medium 220 and the creation of PMLKD2 are realized by this data creation process. FIG. 8 shows a flow from the start to the creation of the portable medium 220 or PMLKD2. Here, the data creation processing will be described in detail with reference to FIG. As the configuration of the terminal device 20 that executes this data creation processing, the configuration shown in FIG. 10 is assumed.

  First, the CPU 101 displays a selection screen on the display device 107 (SM11). Next, the CPU 101 monitors the operation performed by the operator on the input device 108 via the controller 109, and determines whether or not the selected creation target is the portable medium 220 (SM12). When the operator selects creation of the portable medium 220, the determination in SM12 is YES and the process proceeds to SM13. When the worker selects the creation of PMLKD2, the determination in SM12 is NO and the process proceeds to SM20.

  In SM13, the CPU 101 causes the display device 107 to display a serial ID input screen and allows the operator to input the serial ID. When the operator operates the input device 108 to input the serial ID and instruct the completion of the input, the CPU 101 searches the creation history DB 211 using the serial ID as a key, thereby making the model after the last data creation. Extract a set of lock data. The CPU 101 causes the display device 107 to display a set value input screen on which the extracted model lock data set is arranged (SM14).

  The operator uses the input device 108 to select a model lock word whose setting value is to be changed from the displayed model lock data, and newly inputs the setting value. The CPU 101 monitors the operation performed by the worker on the input device 108 via the controller 109 and inputs a set value (SM15). When the operator instructs the end of setting value input, the CPU 101 refers to the setting value information 212 and confirms the validity of the setting value input by the worker for each model lock word (SM16). The process proceeds to SM17 after the confirmation.

  In SM17, the CPU 101 determines whether or not the confirmation result is appropriate. If all the set values input by the operator are valid, the determination in SM17 is YES and the process proceeds to SM18. If any of the setting values input by the operator can be said to be inappropriate, the determination in SM17 is NO and the process returns to SM14. This causes the operator to re-enter the set value. In the display of the setting value after returning to SM14, the setting value input by the operator may be displayed while highlighting the setting value that is considered inappropriate.

  In SM18, the CPU 101 collectively encrypts the setting values on the setting value input screen using the input serial ID as the encryption key 213. Next, the CPU 101 outputs encrypted data of the model lock data obtained by the encryption to the medium driving device 106 via the controller 109, and the encrypted data is transferred to the portable medium 220 set in the medium driving device 106. Store data. Also, the CPU 101 stores the encrypted model lock data together with the current date and time in the creation history DB 211 constructed on the hard disk device 108 via the controller 109. Thereafter, the CPU 101 causes the display device 107 to display that the creation of the portable medium 220 has been properly completed via the controller 109 (SM19). After such a result is displayed, the data creation process ends.

  In SM20, where the determination of SM12 is NO and the process proceeds, the CPU 101 causes the display device 107 to display an input screen for serial ID, and allows the operator to input the serial ID. When the operator operates the input device 108 to input a serial ID and instructs the completion of the input, the CPU 101 is currently valid by searching the creation history DB 211 using the serial ID as a key. Extract a set of model lock data. The CPU 101 causes the display device 107 to display a setting value input screen on which the extracted model lock data set is arranged (SM21).

  On this set value input screen, the operator selects a model lock word to which the set value is to be input, and inputs the set value. The CPU 101 monitors the operation performed by the operator on the input device 108 via the controller 109, and enables selection of a model lock word and input of a set value (SM22). When the operator instructs the end of setting value input, the CPU 101 refers to the setting value information 212 to check the validity of the setting value input to each model lock word selected by the worker (SM23). After the confirmation, the process proceeds to SM24.

  In SM24, the CPU 101 determines whether the confirmation result is valid. If all the setting values input by the operator are valid, the determination in SM24 is YES and the process proceeds to SM25. If any of the setting values input by the operator can be said to be inappropriate, the determination in SM24 is NO and the process returns to SM21. This causes the operator to re-enter the set value. In the display of the setting value after returning to SM21, the setting value that is considered inappropriate may be deleted, and the user may be prompted to input a new setting value again.

  In SM25, the CPU 101 encrypts the model lock word type data and the set value together for each model lock word selected on the set value input screen using the input serial ID as the encryption key 213. Next, the CPU 101 causes the display device 107 to display the PMLKD2 obtained by the encryption, a message indicating that the creation of the PMLKD2 has been properly completed, and the like via the controller 109. Further, the CPU 101 stores the model lock word type data and the set value together with the current date and time for each encrypted model lock word in the creation history DB 211 constructed on the hard disk device 108 via the controller 109. (Above SM25). Thereafter, the data creation process ends.

  As described above, in this embodiment, the worker selects either the portable medium 220 or PMLKD2, and creates the portable medium 220 or PMLKD2 selected by the worker. This is to allow the worker to select an option that he considers more appropriate depending on the situation.

Next, the CL device 30 will be specifically described.
FIG. 5 is a diagram illustrating an example of a functional configuration of the CL apparatus that is the information processing apparatus according to the present embodiment. As illustrated in FIG. 5, the CL device 30 includes a UI unit 301, a medium recognition unit 302, a decoding unit 303, an application unit 304, a PMLKD decoding unit 305, and a PMLKD application unit 306.

  The UI unit 301 is a function that enables creation of a screen to be presented to an operator who operates the CL apparatus 30 and data input (including various instructions here) of the operator. The medium recognizing unit 302, the decoding unit 303, and the applying unit 304 are functions for enabling the setting change by the portable medium 220, and the PMLKD decoding unit 305 and the PMLKD applying unit 306 are manually input. This is a function for enabling the setting change by PMLKD2. The UI unit 201 first displays a selection screen and allows the operator to select the type of data to be input to the CL device 30. There are two options: model lock data stored in the portable medium 220 and PMLKD2.

  FIG. 6 is a diagram illustrating an example of a selection screen and a PMLKD input screen displayed by the CL device.

  As shown in FIG. 6, on the selection screen 610, the type of data to be input is selected by inputting a numerical value of 1 or 2. The character string “1. MODEL LOCK PACKAGE” on the selection screen 610 indicates that the numerical value to be input is 1 when data input using the portable medium 220 is desired. The character string “2. PARTIAL MODEL LOCK DATA” represents that the numeric value to be input is 2 when manual input of PMLKD2 is desired.

  When the worker inputs 2 on the selection screen 610 and instructs execution, the UI unit 301 displays a PMLKD input screen 620 as shown in FIG. The part following the character string “ITEM01 WORD:” on the PMLKD input screen 620 is an input area of PMLKD2, and “123456” and “7890AB” written across the hyphen represent the actually input PMLKD2. . In the PMLKD input screen 620 shown in FIG. 7, portions following the character strings “ITEM02 WORD:” to “ITEM10 WORD:” other than the character string “ITEM01 WORD:” are also input areas of the PMLKD2. “XXXXXXX” and “XXXXXXX” written with a hyphen interposed therebetween indicate that PMLKD2 is not input. The PMLKD2 input on the PMLKD input screen 620 is notified from the UI unit 301 to the PMLKD decoding unit 305 in accordance with an instruction from the worker.

  The PMLKD decryption unit 305 notified of PMLKD2 decrypts the notified PMLKD2 using its serial ID as a decryption key 312. The PMLKD decoding unit 305 notifies the UI unit 301 of the model lock word type data and the set value obtained by the decoding for each decoded PMLKD2.

  The model lock word has a model ID as shown in FIG. The basic data table 311 stores setting values for each model lock word for each setting value that can be set as a model ID. When the decrypted PMLKD2 uses the model ID as a model lock word, the PMLKD decoding unit 306 sends the set value of each corresponding model lock word to the UI unit 301 in addition to the set value of the model ID, for example. Notice.

  The UI unit 301 displays the model lock word and the set value represented by the notified model lock word type data, and allows the worker to confirm the contents. Thereafter, when the worker instructs execution of application, the UI unit 301 notifies the PMLKD decoding unit 305 to that effect. When the operator instructs re-input, the UI unit 301 displays the PMLKD input screen 620 again. When the worker gives an instruction to cancel, the UI unit 301 displays the selection screen 610 again, for example.

  The PMLKD decoding unit 305 notified of the application execution from the UI unit 301 notifies the PMLKD application unit 306 of the model lock word type data and the setting value obtained by the decoding for each decoded PMLKD2. Instruct application execution.

  Model lock data, that is, the set value of each model lock word is stored as a part of the setting data 314. In response to the application execution instruction, the PMLKD application unit 306 rewrites the setting value of the model lock word notified of the setting value from the PMLKD decoding unit 305 to the notified setting value.

  The PMLKD decoding unit 305 notified of the application execution from the UI unit 301, for each decoded PMLKD2, stores the model lock word type data, the set value, and the current date and time obtained by the decoding in the history database (DB) 313. To store. The current date and time is stored in the history DB 313 as the application date and time of the current setting change.

  On the other hand, when the worker inputs 1 on the selection screen 610 and instructs execution, the UI unit 301 requests the decryption unit 303 to read data from the portable medium 220, for example. In response to a request from the UI unit 301, the decryption unit 303 instructs the medium recognition unit 302 to read data from the set portable medium 220. The medium recognition unit 302 is a function for accessing the set portable medium 220, and reads data from the set portable medium 220 in accordance with an instruction from the decryption unit 303, and reads the read data to the decryption unit 303. Notice. Data read from the portable medium 220 is encrypted data of model lock data. When the portable medium 220 is not set in the medium recognizing unit 302, the fact is notified to the UI unit 301 via the decoding unit 303, and the UI unit 301 displays a message for prompting the portable medium 220 to be set. . After the message is displayed, when the worker instructs reading, the UI unit 301 instructs the decryption unit 303 to read data from the portable medium 220 again.

  The decryption unit 303 decrypts the encrypted data notified from the medium recognition unit 302 by using the serial ID of the own CL device 30 as the decryption key 312. The decryption unit 303 notifies the UI unit 301 of the model lock data obtained by the decryption.

  The UI unit 301 displays the model lock data notified from the decryption unit 303 and allows the worker to confirm the contents. When the worker who has confirmed the contents instructs the application, the UI unit 301 instructs the decryption unit 303 to apply the model lock data, that is, to change the setting.

  In response to an application instruction from the UI unit 301, the decryption unit 303 notifies the application unit 304 of the model lock data, and stores the model lock data in the history DB 313 together with the current date and time as the application date and time.

  The application unit 304 overwrites the model lock data in the setting data 314 with the model lock data notified from the decryption unit 303. Thereafter, the application unit 304 notifies the decryption unit 303 that the application has been completed.

  The end of application is notified to the UI unit 301 via the decoding unit 303. The UI unit 301 displays, for example, a message indicating that in response to the application end notification, and notifies the worker.

  The history DB 313 stores design values that have been applied in the past, in addition to the setting values currently being applied to each model lock word. Thereby, the operator can display a change history screen 710 as shown in FIG. 7 according to an instruction to the UI unit 301. The change history screen 710 is displayed when the UI unit 301 instructs the PMLKD decoding unit 305 to read out data stored in the history DB 313, for example.

  The displayed change history screen 710 can be used to restore the settings. In the present embodiment, higher convenience is realized by enabling the change to return the setting without using the portable medium 220 or the like.

  The change to be restored can be performed, for example, by designating a line on which the setting value to be restored is arranged on the change history screen 710 and instructing the change of the setting. Even when a setting change for returning such a setting value is performed, the setting data 314 and the history DB 313 are updated.

  FIG. 11 is a diagram illustrating a configuration example of a CL apparatus that is the information processing apparatus according to the present embodiment. Here, a configuration example of the CL device 30 will be specifically described with reference to FIG.

  As shown in FIG. 11, the CL device 30 includes a plurality of system boards (SB) 111, a service processor (SVP) 112, a disk unit 113, a communication interface 114, a bus 115, an input unit 116, A medium driving device 117 is provided. Each SB 111, SVP 112, disk unit 113, and communication interface 114 are connected to a bus 115.

  Each SB 111 is a processing module for the CL device 30 to perform data processing, and is equipped with a plurality of CPUs 111a and a plurality of DIMMs (Dual Inline Memory Modules) 111b. Each setting of the number of CPUs and the capacity of the main storage device, which are model lock words, specifies, for example, the number of SBs 111 to be actually operated among all the SBs 111. Alternatively, the number of CPUs 111a to be actually operated and the number of DIMMs 111b to be used or the capacity thereof are designated in each SB 111.

  The disk unit 113 is a module used for storing various programs executed by each SB 111 and data used by each SB 111. The disk unit 113 is equipped with a plurality of hard disk devices 113a as storage devices.

  The communication interface 114 has a plurality of communication ports for connecting to a network, for example, and enables communication with the network via each communication port. Each SB 111 can communicate with the network via the communication interface 114.

  The SVP 112 is a module for managing the entire CL device 30 and functions as one information processing device. The SVP 112 includes a CPU 112a, a flash memory 112b, a RAM (Read Only Memory) 112c, and an interface (I / F) 112d.

  An input unit 116 and a medium driving device 117 are connected to the interface 112d. Thereby, the CPU 112a controls the input unit 116 and the medium driving device 117 via the interface 112d.

  The medium driving device 117 can access the portable medium 220. The input unit 116 is used by a worker to input data and various instructions, and includes a display unit 116a and an operation unit 116b. Various screens such as a selection screen 610 shown in FIG. 6, a PMLKD input screen 620, and a change history screen 710 shown in FIG. 7 are displayed on the display unit 116a. The operation unit 116b includes various keys and the like, and the input of PMLKD2 is performed by operating the operation unit 116.

  The UI unit 301, the medium recognition unit 302, the decoding unit 303, the application unit 304, the PMLKD decoding unit 305, and the PMLKD application unit 306 illustrated in FIG. 5 are realized by the SVP 112, the input unit 116, and the medium driving device 117. . A creation history DB 211. The history DB 313 is constructed on the flash memory 112b, for example. The flash memory 112b also stores a basic data table 311, a decryption key (serial ID) 312, and setting data 314.

  For example, when activating the SB 111, the CPU 112a of the SVP 112 controls the activation of the SB 111 according to the setting data 314, and gives instructions on various settings. Thereby, the setting by the setting data 314 is reflected on the CL device 30.

  The flash memory 112b stores a program (hereinafter referred to as “applied program”) for changing the setting by the PMLKD2 or the portable medium 220. In each unit 301 to 306 illustrated in FIG. 5, the CPU 112 a reads out the application program stored in the flash memory 112 b to the RAM 112 c and executes it. When it is assumed that the application program is read from the flash memory 112b to the RAM 112c and executed, the UI unit 301 is realized by the CPU 112a, the flash memory 112b, the RAM 112c, the interface 112d, and the input unit 116. The decoding unit 303, the application unit 304, the PMLKD decoding unit 305, and the PMLKD application unit 306 are realized by the CPU 112a, the flash memory 112b, and the RAM 112c. The medium recognition unit 302 is realized by the CPU 112a, the flash memory 112b, the RAM 112c, the interface 112d, and the medium driving device 117.

  FIG. 9 is a flowchart of the update process. This update process is a process realized by executing the application program, and the setting change by the portable medium 220 and PMLKD 2 is realized by executing the update process. In FIG. 9, for the sake of convenience, the part related to the setting change performed by displaying the change history screen 710 is omitted. Here, the update process will be described in detail with reference to FIG. As a configuration of the CL device 30 that executes the update process, a configuration illustrated in FIG. 11 is assumed. More specifically, it is assumed that the application program is executed by the CPU 112a of the SVP 112.

  First, the CPU 112a displays the selection screen 610 on the display device 107 of the input unit 116 (SC11). Next, the CPU 112a monitors the operation performed by the worker on the operation unit 116b of the input unit 116 via the interface 112d, and the type of data selected by the worker is model lock data, that is, the portable medium 220. It is determined whether or not the input data is encrypted data (SC12). When the worker inputs 1 on the selection screen 610 and instructs execution, the determination in SC12 is YES and the process proceeds to SC13. When the worker inputs 2 on the selection screen 610 and instructs execution, the determination in SC12 is NO and the process proceeds to SC19.

  In SC13 to SC18, processing for realizing a design change using the portable medium 220 is performed.

  First, in SC13, the CPU 112a instructs the medium driving device 117 via the interface 112d to read the encrypted data stored in the set portable medium 220. Next, the CPU 112a decrypts the encrypted data read from the portable medium 220 using the serial ID as a decryption key 312 (SC14). Thereafter, the CPU 112a displays the model lock data obtained by the decryption, that is, the set value of each model lock word on the display unit 116a of the input unit 116 (SC15).

  The worker confirms the content of the model lock data displayed on the display unit 116a, and instructs updating if the content is appropriate. The CPU 112a determines whether or not the operator has performed an operation to instruct the update to the operation unit 116b of the input unit 116 by monitoring via the interface 112d (SC16). When the operator performs an operation for instructing the update, the determination in SC16 is YES and the process proceeds to SC17. When the worker instructs to cancel the update, the determination in SC16 is NO and the process proceeds to SC18.

  In SC17, the CPU 112a overwrites the decrypted model lock data as the model lock data in the setting data 314 stored in the flash memory 112b. The CPU 112a stores the decrypted model lock data together with the current date and time in the history DB 313 constructed on the flash memory 112b. In this way, after applying the decrypted model lock data, the process proceeds to SC18.

  In SC18, the CPU 112a displays the application result on the display unit 116a of the input unit 116. When the model lock data is applied, that is, when the process shifts from SC17 to SC18, the CPU 112a causes the display unit 116a to display a screen for notifying the worker that the application has been properly completed. When the model lock data is not applied, that is, when the process shifts from SC16 to SC18, the CPU 112a causes the display unit 116a to display a screen for notifying the worker that the setting has not been changed. Thereafter, the update process ends.

  In SC19 to SC24 in which the determination of SC12 is NO and transition is made, processing for realizing design change by manual input of PMLKD2 is performed.

  First, in SC19, the CPU 112a displays the PMLKD input screen 620 on the display unit 116a of the input unit 116, and inputs PMLKD2 according to the operation of the operator to the operation unit 116b. When the operator operates the operation unit 116b to instruct the end of input, the CPU 112a decrypts the input PMLKD2 using the serial ID as the decryption key 312 (SC20). Thereafter, the CPU 112a displays the decrypted setting value on the display unit 116a of the input unit 116 for each model lock word represented by the decrypted model lock word type data (SC21).

  The worker confirms the set value for each model lock word displayed on the display unit 116a, and instructs the update if the set value is appropriate. The CPU 112a determines whether or not the operator has performed an operation for instructing the update to the operation unit 116b of the input unit 116 by monitoring via the interface 112d (SC22). When the operator performs an operation to instruct the update, the determination in SC22 is YES and the process proceeds to SC23. If the worker has not instructed the update, the determination in SC22 is NO and the process proceeds to SC24.

  In SC23, the CPU 112a sets the setting value obtained by decoding the setting value of the model lock word obtained by decoding the model lock word type data among the setting values of the model lock word in the setting data 314 stored in the flash memory 112b. Overwrite to. Further, the CPU 112a stores the setting value of the model lock word obtained by decoding the model lock word type data in the history DB 313 constructed on the flash memory 112b together with the current date and time. In this way, after changing the setting by PMLKD2, the process proceeds to SC18.

  In SC24, the CPU 112a determines whether or not the operator has performed an operation to instruct re-input to the operation unit 116b of the input unit 116 by monitoring via the interface 112d (SC24). When the operator performs an operation for instructing re-input, the determination in SC24 is YES, the process returns to SC19, and the PMLKD input screen 620 is displayed again on the display unit 116a. If the worker has not instructed either update or re-input, that is, if the worker has instructed cancellation of the update, the determination in SC24 is NO and the process proceeds to SC18.

  In SC18 transferred from SC23, the CPU 112a causes the display unit 116a to display a screen for notifying the worker that the application has been properly completed. In SC18 transferred from SC24, the CPU 112a causes the display unit 116a to display a screen for notifying the worker that the setting has not been changed. Thereafter, the update process ends.

  As described above, in this embodiment, it is possible to instruct the worker who has confirmed the decoding result to re-input PMLKD2. This is because an input error may occur in PMLKD2 that is manually input. In the display of the PMLKD input screen after returning to SC19, although not shown in the figure, by displaying the type and setting value of the model lock word for each input PMLKD2, the input mistaken PMLKD2 is indicated to the worker. Is easier to identify.

  In the present embodiment, one PMLKD2 is created for each model lock word, but one PMLKD2 may be created for each of a plurality of model lock words. The operator may be able to select the type and number (combination) of model lock words to be collected. The PMLKD 2 may be input using a scanner or the like in addition to manual input. This is because PMLKD2 can be transmitted by facsimile or the like. If attention is paid to the CL device 30, the worker can arbitrarily select the output format of PMLKD 2 according to the data input function provided in the CL device 30 or the corresponding data expression format. good.

2 PMLKD
20 terminal device 30 CL device 201, 301 UI unit 202 data creation unit 203 encryption unit 204 medium creation unit 205 PMLKD data creation unit 206 PMLKD encryption unit 213 encryption key 220 portable medium 302 medium recognition unit 303 decryption unit 304 Application unit 305 PMLKD decryption unit 306 PMLKD application unit 312 Decryption key 314 Setting data

Claims (9)

An input unit for inputting setting data representing contents to be newly set for an information processing apparatus whose settings relating to performance are to be changed;
An encryption unit that encrypts the setting data input via the input unit;
An output unit that outputs encrypted data obtained by encrypting the design data by the encryption unit in a character string format;
A setting data encryption apparatus comprising: The input unit also inputs unique information assigned to the information processing apparatus,
The encryption unit encrypts the setting data as a common key that is also used for decrypting the input unique information.
The setting data encryption apparatus according to claim 1, wherein: If you can change the settings by item,
The input unit inputs items to change the settings together,
The encryption unit encrypts the setting data and the type data representing the item together for each item,
The setting data encryption apparatus according to claim 1 or 2, characterized in that An input unit for inputting encrypted data obtained by encrypting setting data for changing settings related to performance in a character string format;
A decryption unit for decrypting the encrypted data input via the input unit;
An application unit that changes the setting using the setting data decoded by the decoding unit;
An information processing apparatus comprising: A storage unit that stores unique information assigned to the information processing apparatus of itself;
The decryption unit decrypts the input encrypted data using the unique information.
The information processing apparatus according to claim 4. In the encrypted data, in addition to the setting data, type data representing items whose settings should be changed by the setting data are collectively encrypted,
The encryption unit decrypts the setting data and the type data for each encrypted data,
The application unit changes the setting of the item represented by the type data using setting data that is decoded together with the type data.
The information processing apparatus according to claim 4 or 5, wherein For information processing devices whose settings related to performance should be changed,
The encrypted data obtained by encrypting the setting data for changing the setting is input in a character string format to be decrypted,
Using the setting data obtained by the decoding, the setting is changed.
A setting change method characterized by that. In the information processing device,
Enter the setting data representing the contents to be newly set in another information processing device whose settings related to performance should be changed.
Encrypt the entered setting data,
Outputting encrypted data obtained by encrypting the design data in a character string format;
A setting data encryption program characterized by causing processing to be executed. In the information processing device,
Enter the encrypted data obtained by encrypting the setting data to change the settings related to performance in character string format,
Decrypt the input encrypted data,
Using the setting data obtained by decoding, changing the setting;
A setting change program characterized by causing processing to be executed.

Images