1. Patent Search
  2. Details

FILE TRANSMITTING AND RECEIVING SYSTEM

20180239917 ยท 2018-08-23

    Inventors

    Cpc classification

    International classification

    Abstract

    The present invention addresses the problem of realizing a tamper-proof and intrusion-proof file transmitting and receiving means between an Internet of Things (IoT) device and a server. A file transmitting and receiving system comprises a server configured to encrypt a file addressed to a data processing apparatus and transmit the encrypted file to a network, a network connection terminal configured to receive the file from the network, a two-port storage apparatus having two I/O ports and the data processing apparatus, wherein the only function of a first I/O port of the two-port storage apparatus is to write data from the network connection terminal to the two-port storage apparatus, the only functions of a second I/O port are to decrypt the data written to the two-port storage apparatus and to cause the decrypted data to be read by the data processing apparatus, or to delete unnecessary files, and the functions of the two I/O ports are determined by hardware or firmware built into or coupled directly to the two-port storage apparatus.

    Claims

    1. A file transmitting and receiving system comprising: a server configured to transmit to a network an encrypted file in which a data to be transmitted is encrypted; a network configured to transmit the encrypted file; a network connection terminal configured to receive the encrypted file from the network; a data processing apparatus configured to use the encrypted file being decrypted; and a two-port storage apparatus configured to relay the network connection terminal and the data processing apparatus, wherein a first I/O port A of the two-port storage apparatus is connected to the network connection terminal, a second I/O port B is connected to the data processing apparatus, the I/O port A operates with a functional restriction restricting the function of the I/O port A to only add data from the network connection terminal to the two-port storage apparatus; the I/O port B operates with a functional restriction restricting the function of the I/O port B to two functions, which are read and decryption only in which the I/O port B reads the data from the two-port storage apparatus, decrypts the encrypted file and transfers the file to the data processing apparatus, and deletion of file in which the I/O port B deletes unnecessary files, and the functional restriction is realized by hardware or firmware built into or coupled directly to the two-port storage apparatus.

    2. The file transmitting and receiving system according to claim 1, wherein the add only function of the I/O port A is set as a decryption and add only function in which the I/O port does not perform operations other than decrypting a code after receiving data from the network connection terminal, and adding the decrypted data to the two-port storage apparatus after decrypting the code, the decrypting function of the I/O port B is set as a simple read/write function, and the functional restriction is realized by hardware or firmware bunt into or coupled directly to the two-port storage apparatus.

    3. The file transmitting and receiving system according to claim 1, wherein the file transmitting and receiving system further comprises a second two-port storage apparatus or a second partition in the two-port storage apparatus, wherein if the system comprises the second two-port storage apparatus, in a state where access is performed from the network connection terminal to the second two-port storage apparatus using a second I/O port A attached thereto, the second I/O port A operates with a functional restriction restricting the function thereof to read only, in a state where access is performed from the data processing apparatus to the second two-port storage apparatus using a second I/O port B attached thereto, the second I/O port B performs a read/write operation, if the system comprises the second partition in the two-port storage apparatus, in a state where access is performed from the network connection terminal to the second partition of the two-port storage apparatus using the I/O port A, the I/O port A operates with a functional restriction restricting the function thereof to read only, in a state where access is performed from the data processing apparatus to the second partition of the two-port storage apparatus using the I/O port B, the I/O port B performs a read/write operation, and the functional restriction is realized by hardware or firmware built into or coupled directly to the two-port storage apparatus.

    4. The file transmitting and receiving system according to claim 1, wherein the network connection terminal is a smartphone.

    5. The file transmitting and receiving system according to claim 1, wherein the network connection terminal is a personal computer.

    6. The file transmitting and receiving system according to claim 1, wherein the network connection terminal is a webserver.

    Description

    BRIEF DESCRIPTION OF DRAWINGS

    [0089] FIG. 1 is a view illustrating a file transmitting and receiving system.

    [0090] FIG. 2 is a view illustrating an operation principle.

    [0091] FIG. 3 is a view illustrating an operation principle.

    [0092] FIG. 4 is a view having applied the system to a wearable device.

    [0093] FIG. 5 is a view having applied the system to a personal computer or a smartphone.

    [0094] FIG. 6 is a view having applied the system to a webserver.

    [0095] FIG. 7 is a view having applied the system to a navigation.

    [0096] FIG. 8 is a view having applied the system to an IoT device.

    [0097] FIG. 9 is a view illustrating a file transmitting and receiving system equipped with a second two-port storage apparatus.

    [0098] FIG. 10 is a view of the file transmitting and receiving system in which a decryption function is moved from I/O port B to I/O port A.

    DESCRIPTION OF EMBODIMENTS

    First Embodiment

    [0099] A file transmitting and receiving system according to FIG. 1 applied to a vehicle-mounted control system of a motor vehicle will be described with reference to FIGS. 2 and 3. A vehicle-mounted controller of a motor vehicle is connected to a data processing apparatus 1, and operates in cooperation with the data processing apparatus 1.

    [0100] In order for a motor vehicle manufacturer to write a maintenance file into the vehicle-mounted controller of the manufactured motor vehicle, the manufacturer encrypts the maintenance file using an encryption key set by a server 3 in its own company, as illustrated in FIG. 2, and transmits the file to a network 4. A network connection terminal 2 writes the encrypted maintenance file being received to a first partition 8 of a two-port storage apparatus 5. An I/O port A 61 used for the writing of data has its function restricted to additional write only by hardware or firmware provided in the storage. Therefore, even if a virus file that differs from a normal maintenance file is written, the network connection terminal 2 cannot read any of the files, such that the same effect as not being infected with a virus is achieved in the network connection terminal 2.

    [0101] The data processing apparatus 1 reads the maintenance file from the first partition 8 of the two-port storage apparatus 5 through an I/O port B 71 that is independent from the I/O port A and whose function is restricted to decryption and read only using the encryption key by hardware or firmware, and updating the file of the vehicle-mounted controller. The vehicle-mounted controller starts to perform control using the new updated version of software.

    [0102] Since the I/O port B 7 has a delete only function as a second function, if the maintenance file becomes unnecessary, the I/O port B 7 can delete the file using the delete only mode.

    [0103] Since the code is decrypted before the data processing apparatus 1 receives the maintenance file, a correct file will be decrypted and will function normally, but an unauthorized file will be destroyed and will no longer function, and it will become meaningless data. Therefore, the data processing apparatus 1 will not be attacked.

    [0104] The decryption circuit of hardware merely decrypts a code by the method designed at the time of manufacture, and a file that is not correctly encrypted will be destroyed or invalidated. Unlike software, hardware can only operate as designed, and even the most talented hacker will not be able to change its operation.

    [0105] A code is safe as long as the encryption key is concealed, encrypting environment and decrypting environment exist, and algorithm is correct. In the present file transmitting and receiving system, encryption is information processing performed at the server 3 of the manufacturer, and decryption is performed by hardware that cannot be accessed by a hacker through the network 4.

    [0106] This system solves the problem of not only realizing strong security but also protecting file transmission and reception by a means that clearly has no fear of being breached.

    [0107] If file transmission and reception can be performed safely through the network 4, it will also be possible to transmit instruction files and operation files of the vehicle-mounted controller to the data processing apparatus 1 through the network 4, and for example, a destination of a reserved taxi by automatic vehicle operation can be instructed safely through the network 4.

    [0108] Now, we will describe bidirectional data exchange. The fact that intrusion to the data processing apparatus 1 is not permitted means that real-time communication by polling and the like cannot be performed between the network connection terminal 2 and the data processing apparatus 1, and that they are offline.

    [0109] However, according to the file transmitting and receiving system illustrated in FIG. 1, bidirectional data exchange through the two-port storage apparatus 5 is enabled, and log of the vehicle-mounted controller acquired by the data processing apparatus 1 can be transmitted through the network connection terminal 2 to the server 3.

    [0110] With reference to FIG. 3, the two-port storage apparatus 5 includes a second partition 9, and the data processing apparatus 1 can acquire information from the sensors and control systems of the vehicle-mounted controller, edit, encrypt and write the same through the I/O port B 72 to the second partition 9. The I/O port B 72 connected to the data processing apparatus 1 can perform read/write when accessing the second partition 9. FIG. 9 illustrates a state where the second two-port storage apparatus can realize the same functions as the second partition.

    [0111] When the I/O port A 62 connected to the network connection terminal 2 accesses the second partition 9, the function thereof is restricted to read only and operated. This functional restriction is realized by hardware or firmware built into or directly connected to the storage.

    [0112] The network connection terminal 2 arbitrarily monitors the second partition 9 using the I/O port A 62 of the two-port storage apparatus 5, and if a new file is added, the network connection terminal 2 transmits the new file through the network 4 to the server 3.

    [0113] As described, the log of the vehicle-mounted controller and the result of execution of files such as commands, operations and updates transmitted from the server 3 can be returned to the server 3.

    Second Embodiment

    [0114] The file transmitting and receiving system illustrated in FIG. 4, where a wearable device 11 detecting blood pressure, pulse, breathing and body temperature is controlled, operated and monitored by the data processing apparatus 1 illustrated in FIG. 3, and where the network connection terminal 2 is a smartphone 10, will be described.

    [0115] In order for a manufacturer of the wearable device 11 to write a maintenance file to its own product, the maintenance file is encrypted in a manner set in advance in the server 3 of the manufacturer, and the file is transmitted to the network 4, as illustrated in FIG. 2. The smartphone 10 writes the received encrypted maintenance file to the first partition 8 of the two-port storage apparatus 5. The function of the I/O port A 61 used for writing the file is restricted to additional write only. Therefore, the smartphone 10 cannot read the file being written.

    [0116] The data processing apparatus 1 reads the maintenance file from the two-port storage apparatus 5 through the I/O port B 71 whose function is restricted to decryption and read only, and which is independent from the I/O port A 61, and updates the file of the wearable device 11. The wearable device 11 starts controlling and monitoring operations using the updated new version of software.

    [0117] If the I/O port 7 is provided with a delete only function as a second function, the maintenance file becomes unnecessary, and the I/O port B 71 can be switched to delete only mode to delete the file.

    [0118] Since the code is decrypted before the data processing apparatus 1 receives the maintenance file, a correct file will be decrypted and will function normally, but an unauthorized file will be destroyed and will no longer function, and it will become meaningless data. Therefore, the data processing apparatus 1 will not be attacked.

    [0119] The decryption circuit of hardware merely decrypts a code by the method designed at the time of manufacture, and a file that is not correctly encrypted will be destroyed or invalidated. Unlike software, hardware can only operate as designed, and even the most talented hacker will not be able to change its operation.

    [0120] The present system not only realizes reinforced security, but also solves the problem of realizing protection using a means that clearly has not fear of being breached.

    [0121] If file update can be performed safely through the network 4, instruction files and operation files for the wearable device 11 can also be transmitted to the data processing apparatus 1 through the network 4, and instruction can be sent safely through the network 4.

    [0122] The fact that intrusion to the data processing apparatus 1 is not permitted means that real-time communication by polling and the like cannot be performed between the smartphone 10 and the data processing apparatus 1. However, according to the file transmitting and receiving system illustrated in FIG. 1, bidirectional data exchange through the two-port storage apparatus 5 is enabled safely, and log of the wearable device 11 acquired by the data processing apparatus 1 can be transmitted through the smartphone 10 to the server 3.

    [0123] This operation is described with reference to FIG. 3. The two-port storage apparatus 5 includes a second partition 9, wherein when the I/O port A 62 connected to the smartphone 10 accesses the second partition 9, it operates with its function restricted to read only, and when the I/O port B 72 connected to the data processing apparatus 1 accesses the second partition 9, read/write is enabled.

    [0124] The data processing apparatus 1 can edit, encrypt and write the information from the wearable device 11 through the I/O port B 72 to the second partition 9. The smartphone 10 arbitrarily monitors the second partition 9 using the I/O port A 62 of the two-port storage apparatus 5, and if a new file is added, it transmits the new file through the network 4 to the server 3. As described, the log of the wearable device 11 and the result of execution of files such as commands, operations and updates transmitted from the server 3 can be returned to the server 3.

    Third Embodiment

    [0125] With reference to FIG. 5, an example of a case where the network connection terminal 2 is a personal computer or a smartphone will be described. In a case where the network connection terminal 2 of the file transmitting and receiving system illustrated in FIG. 1 is a personal computer or a smartphone 12, if the OS, important software and important contents of the personal computer or the smartphone 12 are stored in the second partition 9 of the two-port storage apparatus 5, the personal computer or the smartphone will not be infected with a virus or tampered by intrusion from the network 4. The stored data can be updated by a provider sharing the encryption key through use of the server 3.

    [0126] According to the file transmitting and receiving system of the third embodiment, in a state where the network connection terminal 2 is a personal computer or a smartphone 12, the security of the personal computer or the smartphone 12 can be reinforced. By placing the functions related to a phone in the data processing apparatus 1, and placing personal information and address books in the first partition 8 or the storage belonging to the data processing apparatus 1, they can be concealed from the network 4.

    [0127] The software and data of the first partition 8 can be updated by a provider sharing the encryption key, and if the data is transferred to the second partition 9 after decryption, it can be read by the personal computer or the smartphone 12.

    [0128] Further, if a navigation function is provided to the data processing apparatus 1, and software and data are stored in the storage belonging to the data processing apparatus 1, they can be concealed from the network 4. Further, track of movement of the personal computer or the smartphone 12 can be saved in the second partition 9 in a tamper-proof manner from the network 4. This can be used to follow the track in which the personal computer or the smartphone 12 has moved.

    [0129] Further, the file transmitting and receiving system according to the third embodiment can reinforce copyright protection of contents of the personal computer or the smartphone 12. If encrypted contents are written to the first partition 8 of the two-port storage apparatus 5 of the file transmitting and receiving system illustrated in FIG. 1, these contents can be viewed from the data processing apparatus 1. By adopting this system, only the encrypted contents are stored in the first partition 8 of the two-port storage apparatus 5, and plaintext contents are not stored anywhere.

    Fourth Embodiment

    [0130] With reference to FIG. 6, a file transmitting and receiving system in which the network connection terminal 2 is a webserver 13 will be described. The file transmitting and receiving system in which the network connection terminal 2 is a webserver 13 enables to reinforce the security of the webserver 13. As described in [0043], the contents of the webserver 13 can be received safely from the server 3.

    [0131] The contents can be transferred to the second partition 9 of the two-port storage apparatus 5, and made public from the webserver 13 using the I/O port A 61 of the two-port storage apparatus. This is because the contents of the second partition 9 of the two-port storage apparatus 5 will not be tampered by unauthorized intrusion from the network 4. Further, important files such as the OS of the webserver 13 can be stored in the second partition 9 of the two-port storage apparatus 5 to prevent tampering thereof.

    Fifth Embodiment

    [0132] With reference to FIG. 7, a navigation system that adopts the file transmitting and receiving system of FIG. 1 will be described.

    [0133] The navigation device 15 controlled by the data processing apparatus 1 of FIG. 1 performs navigation, receives update files of navigation software, update files of map information and command files through the network 4 from the server 3, and returns the acquired files such as log information as a result of execution.

    [0134] A function for supporting navigation can be added to the network connection terminal 2, and the network connection terminal 2 can function as a navigation auxiliary terminal 16 capable of accessing a website that is not necessarily secure from the network 4, to utilize store information, visitor information, SNS and so on.

    [0135] Even if the navigation auxiliary terminal 16 is infected with a virus, the terminal 16 can be recovered by rebooting the same.

    [0136] The following describes the operation of the file transmitting and receiving system illustrated in FIG. 1.

    [0137] A manufacturer of the navigation device 15 encrypts a maintenance file and a command file using its own server 3, and transmits the same to the network 4.

    [0138] The network connection terminal 2 of the file transmitting and receiving system writes the received encrypted maintenance file and the encrypted command file to the first partition 8 of the two-port storage apparatus 5. Since the function of an I/O port 61 used for writing data is restricted to additional write only, the network connection terminal 2 will not be infected with a virus unless it has a readable/writable storage.

    [0139] The data processing apparatus 1 reads and processes the maintenance file and the command file from the two-port storage apparatus through an I/O port 71 whose function is restricted to decryption and read only.

    [0140] Since the code is decrypted before the data processing apparatus 1 receives the maintenance file, a correct file will be decrypted and will function normally, but an unauthorized file will be destroyed and will no longer function, and it will become meaningless data. Therefore, the data processing apparatus 1 will not be intruded illegally.

    [0141] The data processing apparatus 1 can edit and encrypt the information from the navigation device 15 and write the information through an I/O port 72 to the second partition 9. The navigation auxiliary terminal 16 uses a read only I/O port 62 of the two-port storage apparatus 5 to monitor the second partition 9 arbitrarily, and if a new file is added, it transmits the same through the network 4 to the server 3.

    [0142] The functions of the I/O port 61, the I/O port 71 and the I/O port 62 are restricted by hardware or firmware in the two-port storage apparatus.

    [0143] As described, the file transmitting and receiving system illustrated in FIG. 7 realizes a strong security by a means that clearly has no fear of being breached in transmitting and receiving files through the network 4.

    Sixth Embodiment

    [0144] A medical device control system that adopts the file transmitting and receiving system according to FIG. 1 will be described with reference to FIG. 8.

    [0145] A medical device control apparatus 17 controlled by the data processing apparatus 1 of FIG. 1 receives update files and command files of control software through the network 4 from the server 3, controls the medical device, and returns information files acquired as a result of execution of the files through the data processing apparatus 1 to the server 3.

    [0146] The medical device control system can be used to control and monitor medical data of the medical device 17, such as an oxygen inhaling apparatus, at a remote location or owned by a home-treated patient.

    [0147] The operation of the file transmitting and receiving system illustrated in FIG. 1 constituting the present medical device control system is similar to that described in [0071], as described below.

    [0148] A manufacturer of the medical device control apparatus 17 encrypts a maintenance file and a command file using its own server 3, and transmits the same to the network 4.

    [0149] The network connection terminal 2 of the file transmitting and receiving system writes the received encrypted maintenance file and the encrypted command file to the first partition 8 of the two-port storage apparatus 5. Since the function of the I/O port 61 used for writing data is restricted to additional write only, the network connection terminal 2 will not be infected with a virus unless it has a readable/writable storage.

    [0150] The data processing apparatus 1 reads and processes the maintenance file and the command file from the two-port storage apparatus through the I/O port 71 whose function is restricted to decryption and read only.

    [0151] Since the code is decrypted before the data processing apparatus 1 receives the maintenance file, a correct file will be decrypted and will function normally, but an unauthorized file will be destroyed and will no longer function, and it will become meaningless data. Therefore, the data processing apparatus 1 will not be intruded illegally.

    [0152] The data processing apparatus 1 can edit and encrypt the information from the medical device control apparatus 17 and write the information through an I/O port 72 to the second partition 9. The network connection terminal 2 uses the read only I/O port 62 of the two-port storage apparatus 5 to monitor the second partition 9 arbitrarily, and if a new file is added, it transmits the same through the network 4 to the server 3.

    [0153] The functions of the I/O port 61, the I/O port 71 and the I/O port 62 are restricted by hardware or firmware in the two-port storage apparatus.

    [0154] As described, the file transmitting and receiving system illustrated in FIG. 8 realizes a strong security by a means that clearly has no fear of being breached in transmitting and receiving files through the network 4.

    Seventh Embodiment

    [0155] An electric appliance control system for an air conditioner and the like that adopts the file transmitting and receiving system illustrated in FIG. 1 will be described with reference to FIG. 8.

    [0156] An electric appliance 17 controlled and operated by the data processing apparatus 1 illustrated in FIG. 1 receives update files and command files of control software through the network 4 from the server 3, and transmits log information files obtained as a result of execution through the data processing apparatus 1 to the server 3.

    [0157] It becomes possible to use a smartphone from outside the house to access the server 3 of an agent managing the electric appliance 17 and use the same to control the operation of the electric appliance.

    [0158] The operation of the file transmitting and receiving system described in FIG. 1 constituting the present electronic appliance control system is similar to that described in [0071], as described below.

    [0159] A manufacturer of the electric appliance 17 encrypts a maintenance file and a command file using its own server 3, and transmits the same to the network 4.

    [0160] The network connection terminal 2 of the file transmitting and receiving system writes the received encrypted maintenance file and the encrypted command file to the first partition 8 of the two-port storage apparatus 5. Since the function of the I/O port 61 used for writing data is restricted to additional write only, the network connection terminal 2 will not be infected with a virus unless it has a readable/writable storage.

    [0161] The data processing apparatus 1 reads and processes the maintenance file and the command file from the two-port storage apparatus through the I/O port 71 whose function is restricted to decryption and read only.

    [0162] Since the code is decrypted before the data processing apparatus 1 receives the maintenance file and the command file, a correct file will be decrypted and will function normally, but an unauthorized file will be destroyed and will no longer function, and it will become meaningless data. Therefore, the data processing apparatus 1 will not be intruded illegally.

    [0163] The data processing apparatus 1 can edit and encrypt the information from the electronic appliance 17 and write the information through the I/O port 72 to the second partition 9. The network connection terminal 2 uses the read only I/O port 62 of the two-port storage apparatus 5 to monitor the second partition 9 arbitrarily, and if a new file is added, it transmits the same through the network 4 to the server 3.

    [0164] The functions of the I/O port 61, the I/O port 71 and the I/O port 62 are restricted by hardware or firmware in the two-port storage apparatus.

    [0165] As described, the file transmitting and receiving system illustrated in FIG. 8 realizes a strong security by a means that clearly has no fear of being breached in transmitting and receiving files through the network 4.

    Eighth Embodiment

    [0166] A home security device 17 that adopts the file transmitting and receiving system according to FIG. 1 will be described with reference to FIG. 8.

    [0167] The home security device 17 controlled and operated by the data processing apparatus 1 of FIG. 1 receives update files and command files of control software through the network 4 from the server 3, and returns information files acquired as a result of execution of the files through the data processing apparatus 1 to the server 3.

    [0168] It becomes possible to use a smartphone from outside the house to access the server 3 of an agent managing the home security device 17 and use the same to monitor theft, unauthorized intrusion, disaster and the like, and to perform operation such as locking.

    [0169] The operation of the file transmitting and receiving system illustrated in FIG. 1 constituting the present home security device 17 is similar to that described in [0071], as described below.

    [0170] A manufacturer of the home security device 17 encrypts a maintenance file and a command file using its own server 3, and transmits the same to the network 4.

    [0171] The network connection terminal 2 of the file transmitting and receiving system writes the received encrypted maintenance file and the encrypted command file to the first partition 8 of the two-port storage apparatus 5. Since the function of the I/O port 61 used for writing data is restricted to additional write, the network connection terminal 2 will not be infected with a virus unless it has a readable/writable storage.

    [0172] The data processing apparatus 1 reads and processes the maintenance file and the command file from the two-port storage apparatus 5 through the I/O port 71 whose function is restricted to decryption and read only.

    [0173] Since the code is decrypted before the data processing apparatus 1 receives the maintenance file, a correct file will be decrypted and will function normally, but an unauthorized file will be destroyed and will no longer function, and it will become meaningless data. Therefore, the data processing apparatus 1 will not be intruded illegally.

    [0174] The data processing apparatus 1 can edit and encrypt the information from the home security device 17 and write the information through the I/O port 72 to the second partition 9. The network connection terminal 2 uses a read only I/O port 62 of the two-port storage apparatus 5 to monitor the second partition 9 arbitrarily, and if a new file is added, it transmits the same through the network 4 to the server 3.

    [0175] The functions of the I/O port 61, the I/O port 71 and the I/O port 62 are restricted by hardware or firmware in the two-port storage apparatus.

    [0176] As described, the file transmitting and receiving system illustrated in FIG. 8 realizes a strong security by a means that clearly has no fear of being breached in transmitting and receiving files through the network 4.

    Ninth Embodiment

    [0177] A monitoring camera device that adopts the file transmitting and receiving system according to FIG. 1 will be described with reference to FIG. 8.

    [0178] A monitoring camera 17 controlled by the data processing apparatus 1 of FIG. 1 performs monitoring, receives update files and command files of control software through the network 4 from the server 3, and returns information files acquired as a result of execution of the files through the data processing apparatus 1 to the server 3.

    [0179] The monitoring camera device can be applied to monitoring and operating the monitoring camera 17 at a remote location through the network 4, and networking of the monitoring camera can be realized in the network 4.

    [0180] The operation of the file transmitting and receiving system illustrated in FIG. 1 constituting the present monitoring camera device is similar to that described in [0071], as described below.

    [0181] A manufacturer of the monitoring camera 17 encrypts a maintenance file and a command file using its own server 3, and transmits the same to the network 4. The network connection terminal 2 of the file transmitting and receiving system writes the received encrypted maintenance file and the encrypted command file to the first partition 8 of the two-port storage apparatus 5. Since the function of the I/O port 61 used for writing data is restricted to additional write only, the network connection terminal 2 will not be infected with a virus unless it has a readable/writable storage.

    [0182] The data processing apparatus 1 reads and processes the maintenance file and the command file from the two-port storage apparatus through the I/O port 71 whose function is restricted to decryption and read only.

    [0183] Since the code is decrypted before the data processing apparatus 1 receives the maintenance file, a correct file will be decrypted and will function normally, but an unauthorized file will be destroyed and will no longer function, and it will become meaningless data. Therefore, the data processing apparatus 1 will not be intruded illegally.

    [0184] The data processing apparatus 1 can edit and encrypt the information from the monitoring camera 17 and write the information through the I/O port 72 to the second partition 9. The network connection terminal 2 uses a read only I/O port 62 of the two-port storage apparatus 5 to monitor the second partition 9 arbitrarily, and if a new file is added, it transmits the same through the network 4 to the server 3.

    [0185] The functions of the I/O port 61, the I/O port 71 and the I/O port 62 are restricted by hardware or firmware in the two-port storage apparatus.

    [0186] As described, the file transmitting and receiving system illustrated in FIG. 8 realizes a strong security by a means that clearly has no fear of being breached in transmitting and receiving files through the network 4.

    Tenth Embodiment

    [0187] A facility/installation control system for controlling a drainage pump during flooding and the like that adopts the file transmitting and receiving system according to FIG. 1 will be described with reference to FIG. 8.

    [0188] A facility/installation control system 17 controlled and operated by the data processing apparatus 1 of FIG. 1 receives update files and command files of control software through the network 4 from the server 3, and returns information files acquired as a result of execution of the files through the data processing apparatus 1 to the server 3.

    [0189] The facility/installation control system can be used to monitor and operate facilities and installations 17 at a remote location through the network 4, and also operate unmanned facilities, factories, and disaster preventing installations such as a tide embankment.

    [0190] The operation of the file transmitting and receiving system illustrated in FIG. 1 constituting the present facility/installation control system is similar to that described in [0071], as described below.

    [0191] A manufacturer of the facility/installation control system 17 encrypts a maintenance file and a command file using its own server 3, and transmits the same to the network 4.

    [0192] The network connection terminal 2 of the file transmitting and receiving system writes the received encrypted maintenance file and the encrypted command file to the first partition 8 of the two-port storage apparatus 5. Since the function of the I/O port 61 used for writing data is restricted to additional write only, the network connection terminal 2 will not be infected with a virus unless it has a readable/writable storage.

    [0193] The data processing apparatus 1 reads and processes the maintenance file and the command file from the two-port storage apparatus 5 through the I/O port 71 whose function is restricted to decryption and read only.

    [0194] Since the code is decrypted before the data processing apparatus 1 receives the maintenance file and the command file, a correct file will be decrypted and will function normally, but an unauthorized file will be destroyed and will no longer function, and it will become meaningless data. Therefore, the data processing apparatus 1 will not be intruded illegally.

    [0195] The data processing apparatus 1 can edit and encrypt the information from the facility/installation control system 17 and write the information through the I/O port 72 to the second partition 9. The network connection terminal 2 uses a read only I/O port 62 of the two-port storage apparatus 5 to monitor the second partition 9 arbitrarily, and if a new file is added, it transmits the same through the network 4 to the server 3.

    [0196] The functions of the I/O port 61, the I/O port 71 and the I/O port 62 are restricted by hardware or firmware in the two-port storage apparatus.

    [0197] As described, the file transmitting and receiving system illustrated in FIG. 8 realizes a strong security by a means that clearly has no fear of being breached in transmitting and receiving files through the network 4.

    Eleventh Embodiment

    [0198] A drone control system that adopts the file transmitting and receiving system according to FIG. 1 will be described with reference to FIG. 8.

    [0199] A drone 17 controlled and operated by the data processing apparatus 1 of FIG. 1 receives update files and command files of control software through the network 4 from the server 3, and returns information files acquired as a result of execution of the files through the data processing apparatus 1 to the server 3.

    [0200] The drone control system can be used to monitor and operate the drone 17 at a remote location through the network 4.

    [0201] The operation of the file transmitting and receiving system illustrated in FIG. 1 constituting the present drone control system is similar to that described in [0071], as described below.

    [0202] A manufacturer of the drone 17 encrypts a maintenance file and a command file using its own server 3, and transmits the same to the network 4.

    [0203] The network connection terminal 2 of the file transmitting and receiving system writes the received encrypted maintenance file and the encrypted command file to the first partition 8 of the two-port storage apparatus 5. Since the function of the I/O port 61 used for writing data is restricted to additional write only, the network connection terminal 2 will not be infected with a virus unless it has a readable/writable storage.

    [0204] The data processing apparatus 1 reads and processes the maintenance file and the command file from the two-port storage apparatus 5 through the I/O port 71 whose function is restricted to decryption and read only.

    [0205] Since the code is decrypted before the data processing apparatus 1 receives the maintenance file and the command file, a correct file will be decrypted and will function normally, but an unauthorized file will be destroyed and will no longer function, and it will become meaningless data. Therefore, the data processing apparatus 1 will not be intruded illegally.

    [0206] The data processing apparatus 1 can edit and encrypt the information from the drone 17 and write the information through the I/O port 72 to the second partition 9. The network connection terminal 2 uses a read only I/O port 62 of the two-port storage apparatus 5 to monitor the second partition 9 arbitrarily, and if a new file is added, it transmits the same through the network 4 to the server 3.

    [0207] The functions of the I/O port 61, the I/O port 71 and the I/O port 62 are restricted by hardware or firmware in the two-port storage apparatus.

    [0208] As described, the file transmitting and receiving system illustrated in FIG. 8 realizes a strong security by a means that clearly has no fear of being breached in transmitting and receiving files through the network 4.

    REFERENCE SIGNS LIST

    [0209] 1 Data processing apparatus [0210] 2 Network connection terminal [0211] 3 Server [0212] 4 Network [0213] 5 Two-port storage apparatus [0214] 61 I/O port A: additional write only (or additional write after description only) [0215] 62 I/O port A: read only [0216] 71 I/O port B: decryption, read and delete only (or read/write) [0217] 72 I/O port B: read/write [0218] 8 First partition [0219] 9 Second partition [0220] 10 Smartphone [0221] 11 Wearable device [0222] 12 Personal computer, smartphone [0223] 13 Webserver [0224] 14 Reader [0225] 15 Navigation device (GPS, map) [0226] 16 Navigation auxiliary terminal [0227] 17 IoT device (medical device control, electric appliance control, home security, monitoring camera control, facility/installation control, drone)