CN-121997326-A - Information processing system and method, program product and normality guarantee system

Abstract

The invention discloses an information processing system and method, a program product and a normality assurance system, wherein the information processing system is provided with a processor, the processor performs startup based on a startup program when the startup program is confirmed to be normal by referring to first confirmation information for confirming the normality of the startup program, communicates with one or more other systems registered in advance, mutually confirms that the startup program is normal with other systems by referring to second confirmation information for confirming the normality of the startup program of the other systems, and permits communication with an external device when the startup program is confirmed to be normal with other systems of more than the set number.

Inventors

• TOJO HIROYUKI

Assignees

• 富士胶片商业创新有限公司

Dates

Publication Date

20260508

Application Date

20250512

Priority Date

20241101

Claims (10)

1. 1. An information processing system, characterized in that, The device is provided with a processor and is provided with a control unit, The processor When the normal of the startup procedure is confirmed by referring to the first confirmation information for confirming the normal of the startup procedure, the startup is performed based on the startup procedure, Communicate with one or more other systems registered in advance, refer to second confirmation information for confirming the normality of the start-up procedure of the other systems, confirm the start-up procedure with each other with the other systems as normal, When the normal start-up procedure is confirmed with other systems of the set number or more, communication with the external device is permitted.
2. 2. The information handling system of claim 1, wherein, At least one of the first confirmation information and the second confirmation information is a hash value of a start program.
3. 3. The information handling system of claim 2, wherein, The start-up procedure is made up of a plurality of procedures, The hash value of the boot program is a hash value derived from each of a plurality of programs constituting the boot program.
4. 4. The information handling system of claim 2, wherein, The start-up procedure is made up of a plurality of procedures, The hash value of the boot program is a hash value derived from the boot program as a whole.
5. 5. The information processing system according to any one of claims 1 to 4, wherein, The processor In a monitoring system for acquiring information of a confirmation result of normal confirmation of a respective starting program from the system and other systems to confirm the matching of the normal confirmation of the starting program, communication with the external device is permitted when the confirmation result in the system and the confirmation result in the other systems match.
6. 6. The information handling system of claim 5, wherein, The monitoring system is realized through a cloud server.
7. 7. The information handling system of claim 5, wherein, The monitoring system is realized by an edge server of a local area network comprising the system.
8. 8. A program product comprising a program for causing a computer to execute a process, characterized in that the process has the steps of: when the normal of the starting program is confirmed by referring to the first confirmation information for confirming the normal of the starting program, starting based on the starting program is performed; communicating with one or more other systems registered in advance, referring to second confirmation information for confirming the normality of the start-up procedure of the other systems, mutually confirming the normality of the start-up procedure with the other systems, and When the normal start-up procedure is confirmed with other systems of the set number or more, communication with the external device is permitted.
9. 9. A normality assurance system, comprising: Multiple information processing systems, and The system of the monitoring and control system, The plurality of information handling systems are provided with a processor, The processor When the normal of the startup procedure is confirmed by referring to the first confirmation information for confirming the normal of the startup procedure, the startup is performed based on the startup procedure, Communicate with one or more other systems registered in advance, refer to second confirmation information for confirming the normality of the start-up procedure of the other systems, confirm the start-up procedure with each other with the other systems as normal, In the monitoring system which mutually confirms that the startup procedure is normal with other systems of the set number or more and acquires information of confirmation results of normal confirmation of the respective startup procedures from the plurality of information processing systems to confirm the matching of the normal confirmation of the startup procedure, communication with an external device is permitted when the confirmation results in the present system and the confirmation results in the other systems coincide.
10. 10. An information processing method characterized by comprising the steps of: when the normal of the starting program is confirmed by referring to the first confirmation information for confirming the normal of the starting program, starting based on the starting program is performed; communicating with one or more other systems registered in advance, referring to second confirmation information for confirming the normality of the start-up procedure of the other systems, mutually confirming the normality of the start-up procedure with the other systems, and When the normal start-up procedure is confirmed with other systems of the set number or more, communication with the external device is permitted.

Description

Information processing system and method, program product and normality guarantee system Technical Field The invention relates to an information processing system, an information processing method, a program product and a normality assurance system. Background Japanese patent application laid-open No. 2009-259160 discloses a system for preventing an improper start of a program, which controls only a correct program by a program cooperating with a TPM (Trusted Platform Module, security chip) mounted on a motherboard of a PC (personal computer). JP 2020-140665A describes a program for properly securing safety at the time of starting up a device. Japanese patent application laid-open No. 2021-190808 describes an information processing system that combines security management of IoT (Internet of Things ) and security management of data stored therein. Disclosure of Invention If the startup procedure of an information processing system that can connect to the internet, also referred to as an IoT device, is improperly rewritten, it may become a security hole on the network. Therefore, regarding an information processing system connected to a network, it is desirable to be able to guarantee the normality of a startup procedure. The invention provides an information processing system, an information processing method, a program product and a normal guarantee system capable of guaranteeing the normal performance of a startup procedure. According to a first aspect of the present invention, there is provided an information processing system including a processor that performs a communication with one or more other systems registered in advance based on a startup of a startup procedure when the startup procedure is confirmed to be normal by referring to first confirmation information for confirming the normal of the startup procedure, confirms the normal of the startup procedure with other systems by referring to second confirmation information for confirming the normal of the startup procedure of the other systems, and permits a communication with an external device when the startup procedure is confirmed to be normal with other systems equal to or more than a set number. According to a second aspect of the present invention, in the information processing system according to the first aspect, at least one of the first acknowledgement information and the second acknowledgement information is a hash value (hash value) of a boot program. According to a third aspect of the present invention, in the information processing system according to the second aspect, the boot program is constituted by a plurality of programs, and the hash value of the boot program is a hash value derived from each of the plurality of programs constituting the boot program. According to a fourth aspect of the present invention, in the information processing system according to the second aspect, the boot program is composed of a plurality of programs, and the hash value of the boot program is a hash value derived from the entire boot program. According to a fifth aspect of the present invention, in the information processing system according to any one of the first to fourth aspects, the processor permits communication with the external device when the confirmation result in the present system and the confirmation result in the other system agree in the monitoring system that acquires information of the confirmation result of the normal confirmation of the respective start-up programs from the present system and the other system to confirm the matching of the normal confirmation of the start-up programs. According to a sixth aspect of the present invention, in the information processing system relating to the fifth aspect, the monitoring system is implemented by a cloud server. According to a seventh aspect of the present invention, in the information processing system according to the fifth aspect, the monitoring system is implemented by an edge server including a local area network of the present system. According to an eighth aspect of the present invention, there is provided a program product including a program for causing a computer to execute a process including the steps of performing a startup based on a startup procedure when the startup procedure is confirmed to be normal with reference to first confirmation information for confirming the normal nature of the startup procedure, communicating with one or more other systems registered in advance, mutually confirming that the startup procedure is normal with the other systems with reference to second confirmation information for confirming the normal nature of the startup procedure of the other systems, and permitting communication with an external device when the startup procedure is confirmed to be normal with respect to the other systems of a set number or more. According to a ninth aspect of the present invention, there is provided a normality assurance system including a plurality of