JP2002288087A - Information processor and method therefor, information processing system and control method thereof, and program - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide an information processor and method therefor capable of efficiently realizing the promotion of information sharing and prevention of leakage in mail transfer, an information processing system and control method thereof, and a program. SOLUTION: A mail management program 203 determines the permission/non- permission of the transfer of a mail corresponding to a mail transfer request issued by an application in reference to a mail transfer management table 2036 for determining the permission/non-permission of mail transfer. When the transfer of the mail is permitted as a result of the determination, the control of the transfer of the mail is transferred to an operating system 210 to execute the transfer of the mail, and when the transfer of the mail is not permitted, the transfer of the mail is prohibited.

Description

DETAILED DESCRIPTION OF THE INVENTION

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to an information processing apparatus and method for controlling mail transfer, an information processing system and its control method, and a program.

[0002]

2. Description of the Related Art With the spread of the Internet, an environment in which data managed within an organization such as a company is shared, and data can be easily transferred to an intra network within the organization or to the Internet connected to the intranet. Has become.

[0003]

In the above-mentioned environment, data managed in an organization includes data such as confidential information that cannot be found outside the organization. For such data, a general-purpose OS (for example, Windows (registered trademark), U.S.A.) installed in a terminal having a storage device stores the data.
NIX (registered trademark)), it is possible to perform a certain degree of access control (for example, prohibition of deletion or movement). However, if the data itself is attached to a mail (e-mail), the data may easily leak out of the organization. In addition, the same was true for the email body.

[0004] In a terminal equipped with a mailer for creating a mail, the mailer's filter function can restrict mail transfer to some extent. However, the filter function is specialized for a mailer. And lacked safety.

In a general mail server that controls transmission and reception of mail, it is possible to control the execution of mail transfer based on the mail address of the destination described in the mail. Is managed by a provider such as a provider outside the organization, transfer of mail from the mail server can be prohibited, but transfer from a terminal inside the organization to mail server outside the organization cannot be prohibited. Data was leaked out of the organization.

SUMMARY OF THE INVENTION The present invention has been made to solve the above-described problems, and an information processing apparatus and method, an information processing system, and an information processing method capable of efficiently promoting information sharing and preventing leakage in mail transfer. An object of the present invention is to provide a control method and a program therefor.

[0007]

An information processing apparatus according to the present invention for achieving the above object has the following arrangement.
That is, an information processing device that controls mail transfer,
Storage means for storing a mail transfer management table for determining permission / non-permission of mail transfer; and referring to the mail transfer management table, permission / non-permission of mail transfer corresponding to a mail transfer request issued by the application. Determining means for determining permission; and, as a result of the determination by the determining means, when transfer of the mail is permitted, transferring control of transfer of the mail to an operating system to execute transfer of the mail, and transferring the mail. Control means for prohibiting the transfer of the mail when is not permitted.

[0008] Preferably, the determination means determines whether the transfer of the mail is permitted or not based on at least a domain address in the mail address of the mail.

[0009] Preferably, the determination means determines permission / non-permission of transfer of the mail based on attached data of the mail.

[0010] Preferably, the apparatus further comprises setting means for setting permission / non-permission of retransmission of the mail corresponding to the mail transfer request to the mail.

Preferably, the apparatus further comprises output means for setting a transfer approval request of the mail corresponding to the mail transfer request to the mail, and outputting the request to an approval request destination of the mail.

Preferably, the apparatus further comprises an approval unit for executing an approval process for the mail.

Preferably, the apparatus further comprises notifying means for notifying an approval request source or an approval request destination of the transfer of the mail or both of the result of the approval of the approval means. Preferably, when the approval request destination of the approval request set in the mail is a predetermined approval request destination, the control unit forwards the mail without outputting the mail to the predetermined approval request destination. I do.

An information processing method according to the present invention for achieving the above object has the following configuration. In other words, this is an information processing method for controlling mail transfer, which refers to a mail transfer management table for determining permission / non-permission of mail transfer and performs mail transfer corresponding to a mail transfer request issued by an application. A determination step of determining permission / non-permission; and, as a result of the determination in the determination step, when the transfer of the mail is permitted, transferring control of the transfer of the mail to an operating system to execute the transfer of the mail. A control step of prohibiting the transfer of the mail when the transfer of the mail is not permitted.

An information processing system according to the present invention for achieving the above object has the following configuration. That is, an information processing system in which a plurality of terminal groups are mutually connected via a network, wherein each of the plurality of terminal groups has a mail transfer management table for determining permission / non-permission of mail transfer. Storage means for storing the mail transfer management table, and referring to the mail transfer management table, permitting / removing the mail corresponding to the mail transfer request issued by the application.
Determining means for determining non-permission; and, as a result of the determination by the determining means, when the transfer of the mail is permitted, transferring control of transfer of the mail to the operating system to execute transfer of the mail, and performing transfer of the mail. And control means for prohibiting the transfer of the mail when the transfer is not permitted.

An information processing system according to the present invention for achieving the above object has the following configuration. That is, an information processing system configured by mutually connecting a terminal that issues a mail transfer request and an approval terminal that approves a mail corresponding to the mail transfer request via a network, wherein the terminal includes: Generating means for generating a mail including a request for approval of transfer of mail, and transmitting means for transmitting to the approval terminal generated by the generating means, the approval terminal including a request for approval for transfer of the mail Receiving means for receiving the e-mail from the terminal, an approval means for executing the approval processing of the mail, and a notifying means for notifying an approval result of the approval means.

A method for controlling an information processing system according to the present invention for achieving the above object has the following configuration. That is, a method for controlling an information processing system configured by mutually connecting a terminal that issues a mail transfer request and an approval terminal that approves a mail corresponding to the mail transfer request via a network, A generating step of generating an email including an approval request for the transfer of the email at the terminal, an approval step of executing the approval processing of the email including the approval request of the transfer of the email on the approval terminal, and notifying an approval result of the approval step; Notification step.

A program according to the present invention for achieving the above object has the following configuration. That is, a program that causes a computer to perform information processing for controlling mail transfer, and refers to a mail transfer management table for determining permission / non-permission of mail transfer and responds to a mail transfer request issued by an application. A program code of a judging step of judging permission / non-permission of the transfer of the e-mail to be transferred, and if the result of the judgment in the judging step is that the transfer of the e-mail is permitted, the control of the transfer of the e-mail is passed to the operating system and And a program code of a control step for performing the transfer of the mail and, when the transfer of the mail is not permitted, prohibiting the transfer of the mail.

A program according to the present invention for achieving the above object has the following configuration. That is, a program that causes a computer to control an information processing system configured by connecting a terminal that issues a mail transfer request and an approval terminal that approves an email corresponding to the mail transfer request via a network. A program code of a generating step of generating an email including a request for approval of transfer of mail at the terminal, and an approval step of executing an approval process of the mail including a request for approval of transfer of mail at the approval terminal. It is provided with a program code and a program code of a notification step for notifying an approval result of the approval step.

[0020]

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS Preferred embodiments of the present invention will be described below in detail with reference to the drawings.

FIG. 1 is a diagram showing the configuration of the mail management system of the present invention.

In the mail management system shown in FIG. 1, a group of terminals 101a to 101c, a DNS server 200, and a mail server 300 connected to a network 400 such as the Internet are connected via a wired / wireless LAN (local area network) 102. They are connected to each other.

Note that the DNS server 300 and the mail server 400 are not on the LAN 102 but on the network 40
0. Also, the DNS server 30
0 and the mail server 400 may be realized in the same terminal.

Each of the terminal groups 101a to 101c has the same configuration. Here, the configuration of the terminal 101a will be described focusing on the terminal 101a.

In the terminal 101a, reference numeral 1012 denotes a personal computer (PC), and a printer 1014,
External device 1 such as an external storage device, an image input device, and a communication device
015, display 101 composed of CRT, liquid crystal, etc.
3. It has a hard disk (HD) 1011. The hard disk (HD) 1011 stores a mail management program, which will be described later, and various programs including a mailer. Further, the terminal groups 101a to 101c further include:
Keyboard, mouse, CPU, RAM, ROM not shown
And other various components of a general-purpose computer. Similarly, the DNS server 300 and the mail server 400 also
Keyboard, mouse, CPU, RAM, ROM not shown
And other various components of a general-purpose computer.

Reference numeral 200 denotes a DNS server,
A predetermined domain is allocated to the terminal groups 101a to 101c connected to the terminal group 2 and managed. A mail server 300 manages a mail account for each terminal of the terminal groups 101a to 101c and controls transmission and reception of mail to and from each terminal.

In such a configuration, generally, in order for an application to access a resource managed by the OS, transfer an e-mail attached with the resource, or perform a simple e-mail transfer, an API (API) provided by the OS is required.
Application Program Interfa
ce). The method of using the API is determined by the OS, and the OS can determine the execution code part that uses the API. According to the present invention, a monitoring routine for monitoring all APIs necessary for accessing resources and transferring mail is provided, and before an application uses an API, the execution code part is changed or the entrance of API processing is defined as a monitoring routine. By replacing, the monitoring routine is used when the API is used. The monitoring routine processes the API required by the application or returns the result to the application as an illegal command without processing the API. The management of the mail transfer right extended by the mail management program of the present invention is managed by the mail management program separately from the management of the OS, and a monitoring routine is provided for each type of the mail transfer right. In this way, an application (mailer) that forwards emails with illegally attached resources or forwards emails other than the specified address,
Restrict that mail transfer. The mail transfer described in the present invention will be described as including both mail transmission, which is an operation of creating a new mail and transmitting it, and mail transfer, which is an operation of further transmitting a received mail.

Next, the configuration of the mail management program of the present invention will be described with reference to FIG.

FIG. 2 is a diagram showing a configuration of a mail management program according to the present invention.

The mail management program 203 includes an API monitoring controller (API monitoring CTRL) 2031 and an APL
Monitoring controller (APL monitoring CTRL) 2032, mail transfer control controller (mail transfer control CTRL)
2033.

The mail management program 203 is a user environment 20 composed of a general application including an application (mailer) 2021 for making a mail transfer request or attaching a resource to a mail and making a mail transfer request.
2 and the general-purpose OS 201, and monitors mail transfer requested by the application 2021.

The general-purpose OS 201 includes resources 2011 (for example, files, network resources, displays, and external devices) managed by the OS, and an API group 2012 provided by the OS to the application 2021.

AP in mail management program 203
The I monitoring CTRL 2031 is a module that monitors all APIs necessary for performing mail transfer control and access control. The APL monitoring CTRL 2032 is
This is a module that stores resources held by the application 2021. Mail transfer control CTRL20
Reference numeral 33 denotes a module that determines whether or not mail transfer is permitted, and includes an access right management table 2035 and a mail transfer management table 2036.

Here, the access right management table 2035
And the configuration of the mail transfer management table 2036,
This will be described with reference to FIG.

The access right management table 2035 is shown in FIG.
As shown in (a), resource designation information 20351, condition 20352, n pieces of access right information 20353 to 20353
35n can be registered for each resource.

The resource designation information 20351 is a general-purpose OS
Among the resources managed by 201, this is information for specifying a specific resource. For example, in the case of a file, information such as a file name and a file ID is registered. In the case of communication data, a host name, a port number, an IP address and the like are registered. In the case of a memory, an object name and an address indicating the object are registered. In the case of an external output device, a device name indicating the device driver is registered.

The condition 20352 indicates a condition or a combination thereof for which the access right is valid. For example, a mail transfer permission / non-permission flag, a user name / ID,
The group name / ID, time, application used, and the like are registered.

Access right information 20353-2035n
Indicates the authority added to the specified resource among the extended access rights that are not defined in the existing environment. For example, the authority to transfer mail to another medium, the authority to move to another medium, the permission to move to another medium The right to copy, the right to print, the right to read into the shared memory (such as the clipboard in Windows), the right to hardcopy the screen, and the limitation of the application to be used (prohibition of use other than the specific application and prohibition of mail attachment) are registered.

Generally, access to resources is as follows:
It may be performed by a plurality of APIs, in which case the resource designation information may be converted to an ID (handle, etc.) managed by the OS. In this case, in the mail management program 203, the resource designation information and its ID are regarded as the same.

On the other hand, the mail transfer management table 2036
Are mail information 20361, as shown in FIG.
Condition 20362, n mail transfer right information 20363-
2036n can be registered for each mail information.

The mail information 20361 is a domain name managed by the domain server 200 or a mail address managed by the mail server 300. In addition, it may be an IP address assigned to each network segment or terminal.

The condition 20362 indicates conditions for validating the mail transfer right or a combination thereof. For example, the mail transfer right, user name / ID, group name / I
D, time, application used, and the like are registered.

Mail transfer right information 20363-2036n
Indicates the right added to the specified mail information among the extended mail transfer rights that are not defined in the existing environment. For example, the right to transfer mail to another medium, the right to re-forward mail to another medium And the right to request approval of mail transfer to the system administrator.

The setting of the access right management table 2035 and the mail transfer management table 2036 may be performed by the user for each terminal, or may be configured only by a system administrator who has been given the setting authority. May be. Alternatively, a file server that stores the access right management table 2035 and the mail transfer management table 2036 is constructed, and the file server periodically updates the access right management table 2035 and the mail transfer management table 2036 stored in each terminal. You may comprise. Further, when the mail transfer is controlled in each of the terminals 101a to 101c, the access right management table 2035 and the mail transfer management table 2036 stored in the file server may be referred to.

The processing of the mail management program 203 having such a configuration will be described in accordance with the information transmission procedure shown in FIGS.

Application (mailer) 2021
If there is a mail transfer request from, mail transfer control CTRL
Tell 2033.

When performing a mail transfer authority check, the mail transfer control CTRL 2033 transmits, from the APL monitor CTRL 2032, information on resources (resources attached to the transfer target mail) held by the application 2021 as necessary. get.

There are two conditions for prohibiting mail transfer. Under the first condition A (mail transfer prohibition A), a mail transfer authority check is performed for the above mail transfer request. If the user does not have the right, the API 202 does not process the API issued by the application 2021 and returns an access violation error as a result.

Under the second condition B (mail transfer prohibition B), a mail transfer authority check is performed for the mail request. If the user does not have the mail transfer authority and cannot return an error as a result of the API issued by the application 2021, the mail management program 203 does not perform the process related to the mail transfer requested by the application 2021, and the dummy mail prepared by the mail management program 203 in advance. An API process is performed instead of the access request to the resource.

As a result, the application 2021 operates as if the mail transfer request was successful, but the requested mail transfer is not actually executed.

As a result of performing the mail transfer authority check on the above mail transfer request, if the user has the mail transfer authority, the API process issued by the application 2021 is transmitted to the general-purpose OS 201 as it is, and the result is returned to the application 2021.

By the above processing, the API succeeds, and the API
1 holds the resource, the APL monitor CTRL2
Tell 032. The APL monitoring CTRL 2032 registers the correspondence between the application 2021 and the held resource.

If the application 2021 issues a resource release request and its API succeeds,
Notify the PL monitoring CTRL 2032. APL monitoring CTR
L2032 deletes the correspondence between the application 2021 and the held resource.

In the present invention, the following four types of control methods for controlling permission / non-permission of execution of mail transfer will be described.

1. 1. Control of mail transfer based on mail address 2. Control of mail transfer based on mail attached data 3. Control of retransmission of mail Control of mail transfer based on approval Each control method will be described below. <1. Control of mail transfer based on mail address> FIG.
A indicates the exchange of the application 2021, the mail management program 203, and the general-purpose OS 201 until the mail transfer is completed when the user has the mail transfer authority.
It is a sequence diagram of monitoring and control of Pl.

In this sequence diagram, when there is a mail transfer request from the application 2021 (step 4)
01), the mail management program 203 checks whether the mail to be processed has a mail transfer right (step 4).
02). As a result of the check, if the user has the mail transfer authority (step 403), the API issued by the application 2021 is transmitted to the general-purpose OS 201 as it is. General purpose O
In step S201, the original API processing of the OS is performed (step 404).

If the API succeeds, the mail management program 203 registers information that the application 2021 executes mail transfer (step 405).
Then, the API result from the general-purpose OS 201 is directly returned to the application 2021 (step 406). Thus, the mail transfer is completed (step 40).
8).

FIG. 5 shows an example of the application 20 until the mail transfer is prohibited when the user does not have the mail transfer authority.
21 is a sequence diagram of API monitoring and control showing exchanges of the mail management program 203 and the general-purpose OS 201.

In this sequence diagram, when there is a mail transfer request from the application 2021 (step 5)
01), the mail management program 203 checks whether the mail to be processed has a mail transfer right (step 50).
2). If there is no mail transfer right (step 503), a transfer violation error is returned to the application 2021 (step 504). This completes the mail transfer (step 505).

On the other hand, if the application 2021 does not respond to the mail transfer violation error and there is a mail transfer request from the application 2021 (step 506), the mail management program 203 sets the mail transfer right of the mail to be processed. (Step 507). As a result of the check, if there is no mail transfer right and the application 2021 does not correspond to the mail transfer violation error (step 508), the mail management program 203 replaces it with a dummy mail transfer request prepared in advance and passes it to the general-purpose OS 201. (Step 509).

The general-purpose OS 201 performs the original API processing of the OS (step 510). Email management program 2
03 returns the API result from the general-purpose OS 201 to the application 2021 as it is (step 511). As a result, the mail transfer is completed, but practically nothing is performed because of the dummy mail transfer (step 51).
2). <2. Controlling email forwarding based on email attachments>
FIG. 6 shows the exchange of the application 2021, the mail management program 203, and the general-purpose OS 201 until the transfer of the mail is completed when the data attached to the mail has the access right (the right to transfer the mail to another medium). It is a sequence diagram of monitoring and control of API.

In this sequence diagram, when there is a mail transfer request from the application 2021 (step 6)
01), the mail management program 203 checks whether or not the mail to be processed has a mail transfer right (step 6).
02). As a result of the check, if the user has the mail transfer authority (step 603), it is checked whether the user has the access right to the attached data of the processing target mail (step 604).
As a result of the check, if there is an access right to the attached data (step 605), the API issued by the application 2021 is transmitted to the general-purpose OS 201 as it is. General purpose O
In step S201, the API processing of the OS is performed (step 606).

The mail management program 203 registers information that the application 2021 executes the mail transfer when the API succeeds (step 60).
7). Then, the API result from the general-purpose OS 201 is directly returned to the application 2021 (step 60).
8). Thereby, the mail transfer is completed (step 609).

FIG. 7 shows the monitoring and control of the API indicating the exchange of the application 2021, the mail management program 203, and the general-purpose OS 201 until the transfer of the mail is prohibited when the data attached to the mail does not have an access right. FIG.

In this sequence diagram, when there is a mail transfer request from the application 2021 (step 7)
01), the mail management program 203 checks whether the mail to be processed has a mail transfer right (step 70).
2). If the user has the mail transfer right (step 703), it checks whether the user has the access right to the attached data of the mail to be processed (step 704). If the result of the check indicates that there is no access right to the attached data (step 705), a transfer violation error is returned to the application 2021 (step 706). Thereby, the mail transfer is completed (step 707).

On the other hand, if the application 2021 does not respond to the mail transfer violation error and there is a mail transfer request from the application 2021 (step 708), the mail management program 203 sets the mail transfer right of the mail to be processed. Is checked (step 709). As a result of the check, if the user has the mail transfer right (step 710), it is checked whether the user has the access right to the attached data of the processing target mail (step 7).
11). As a result of the check, if the user has no access right to the attached data and the application 2021 does not correspond to the mail transfer violation error (step 712), the mail management program 203 replaces the request with a dummy mail transfer request prepared in advance, and the general-purpose OS 201 (Step 713).

The general-purpose OS 201 performs the original API processing of the OS (step 714). Email management program 2
03 returns the API result from the general-purpose OS 201 to the application 2021 as it is (step 715). As a result, the mail transfer is completed, but practically nothing is performed because of the dummy mail transfer (step 71).
6). <3. Control of mail re-forwarding> The above-described mail transfer restriction is simply to refer to a domain address in a mail address of a mail transfer destination and determine whether or not the domain address is a designated address, and to determine whether or not the mail address is a designated address. Transfer restricted. If data is attached to the e-mail, the e-mail transfer is determined by referring to the access right of the data and determining whether the access right has the right to transfer the e-mail to another medium. Restricted.

In addition to the above mail transfer restriction, when a first user transfers mail to a second user, a restriction is imposed on the retransmission of mail transferred to the second user (mail retransmission right). May be added.

Thus, for example, the mail can be transferred only to a limited user in a certain organization, and the mail can be prevented from being transferred again to a user who is not related outside or in the organization. Actually, the mail management program 20
3 detects a mail transfer request, displays, for example, an e-mail re-transfer authority determination screen as shown in FIG. The message is described in the header of the mail to be transferred, and the mail is transferred to the transfer destination. Then, when re-forwarding the mail from the transfer destination, the mail management program 203 refers to the header of the mail, and controls the re-forwarding of the mail based on the presence or absence of the mail re-forwarding right.

Here, the mail retransfer authority determination screen shown in FIG. 8 will be described.

In FIG. 8, reference numeral 801 denotes a mail transfer destination area, on which a mail address indicating the transfer destination of the mail to be transferred is displayed. 802 is an attached data information area,
The presence or absence of attached data of the mail to be forwarded is indicated by a radio button, and if there is attached data, the file name of the data is displayed. Reference numeral 803 denotes a “Yes” button that is pressed when the re-forwarding right is given. When the “Yes” button 803 is pressed, the mail re-forwarding right is described in the header of the mail to be transferred. An “absence” button 804 is pressed when the retransfer right is not granted.
When the button 804 is pressed, the mail retransmission right is not described in the header of the mail to be transferred.

The sequence diagram of the monitoring and control of the API indicating the exchange of the application 2021, the mail management program 203, and the general-purpose OS 201 in the mail re-transfer is shown in FIG. 4 and FIG. The details are omitted because they are described by replacing the rights. <4. Control of Mail Transfer Based on Approval> A configuration in which a general user who performs mail transfer requests approval of the mail transfer to be transferred from a system administrator.

As a result, the permission / non-permission of the execution of the mail transfer is normally determined by the approval program installed in the terminal of the system administrator or the judgment of the system administrator even if the mail transfer is restricted. Can be controlled. In order to realize such control, for example, referring to the configuration of FIG. 1, a terminal 101a of a general user who issues a mail transfer request and a mail based on the mail transfer request issued from the terminal 101a are received. ,
A terminal 101b of a system administrator for controlling permission / non-permission of execution of the mail transfer is configured. Alternatively, if an approval program is installed in the terminal 101a, the transfer of the mail to be transferred can be approved in one terminal.

The terminal 10 requesting approval of the mail transfer
In 1a, each time a mail is created, a mail transfer approval request right and a mail address indicating the approval destination are described in the header of the mail. As a result, the mail corresponding to the mail transfer request issued by the terminal 101a is transferred to the terminal 101b of the system administrator, where an approval process for the mail transfer is executed. In addition, there may be more than one system administrator terminal (authorization terminal) that performs the approval process. In this case, the mail to be approved is forwarded to the approval terminal specified in advance as the terminal that requests approval for mail transfer. Then, an approval process is executed. In addition, in order to simplify the approval process, out of a plurality of approval terminals, the mail to be approved at a predetermined approval terminal is treated as approved and the mail to be approved is not forwarded to the predetermined approval terminal without being forwarded. You may make it transfer to a transfer destination.

Hereinafter, the mail based on the mail transfer request issued by the general user 101a is transferred to the terminal 101b of the system administrator, and the terminal 101b of the system administrator is transferred.
A description will now be given of a process for controlling permission / non-permission of execution of the mail transfer of the mail.

FIG. 9 shows, for example, a terminal 101 of a general user.
If the mail transfer request issued in (a) has the mail transfer authority and the transfer target mail has the approval request right, the application 2021, the mail management program 203, and the general-purpose OS 2 until the mail transfer is completed.
It is a sequence diagram of monitoring and control of API showing exchange of 01.

In this sequence diagram, when there is a mail transfer request from the application 2021 (step 8)
01), the mail management program 203 checks whether the mail to be processed has a mail transfer right (step 8).
02). As a result of the check, if the user has the mail transfer authority (step 803), it is checked whether the mail to be processed has the approval request right (step 804). As a result of the check, if there is an approval request right (step 805), the general-purpose O
API issued by application 2021 in S201
Tell as it is. The general-purpose OS 201 is an OS-specific AP
I processing is performed (step 806).

If the API succeeds, the mail management program 203 registers information that the application 2021 has issued an approval request to execute mail transfer at the management terminal (step 807). And general-purpose OS2
API result from 01
21 (step 808). Thus, the mail transfer is completed (step 809).

Thereafter, the mail corresponding to the mail transfer request issued by the terminal 101a is sent to the terminal 1 of the system administrator.
01b, and based on the result of executing the approval program for the mail on the terminal 101b or the content of the mail to be transferred by the system administrator of the terminal 101b, the mail transfer is permitted. 4 or the mail transfer is executed in accordance with the sequence of FIG. On the other hand, when the mail transfer is not permitted, the mail transfer is prohibited according to the sequence shown in FIGS. When mail transfer is prohibited, a message or mail notifying the fact may be transferred to the terminal 101a that has issued the mail transfer request, or a transfer target mail may be returned as transfer prohibited.

The above-mentioned approval of the mail transfer is, for example, as follows.
The configuration is executed by mounting the configuration shown in FIG. 10 below on the terminal 101b of the system administrator, but may be mounted on the terminal 101a of a general user.

FIG. 10 shows an example in which the mail managed by the mail management program 203 is transferred to the approval management program 601 and the approval database (DB) is created based on the mail.
With reference to 602, the transfer of the mail to be transferred is approved. Also, if necessary, especially when the system administrator approves the mail transfer, a mail transfer approval screen as shown in FIG. 11 is displayed, and the system administrator operates the mail transfer approval screen. Based on this, the transfer of the mail to be transferred is approved.

The approval management program 601 and the approval D
B602 is realized by various programs for realizing a general-purpose workflow and a security manager, and details thereof will be omitted. For example, a user unit, a terminal unit, a mail address unit, a group set on the network, Whether or not to approve the e-mail transfer is determined for each unit such as a unit or a position in the organization.

Here, the mail transfer approval screen of FIG. 11 will be described.

In FIG. 11, reference numeral 1101 denotes a mail sender area, which displays the mail address of the user of the terminal which has issued the mail transfer approval request. 1102, a mail address indicating the transfer destination of the mail to be transferred is displayed. Reference numeral 1103 denotes an attached data information area, in which presence / absence of attached data of the mail to be transferred is indicated by a radio button. If there is attached data, a file name of the data is displayed. Reference numeral 1104 denotes a mail text reference button, which is pressed when referring to the mail text to be approved.
An “Allow” button 1105 is pressed to permit the transfer of the mail to be transferred.
When 05 is pressed, the transfer of the mail to be transferred is executed. Reference numeral 1106 denotes a "disallow" button that is pressed when transfer of the transfer target mail is not permitted. When the "disallow" button 1106 is pressed, transfer of the transfer target mail is prohibited.

Returning to the description of FIG.

The report program 603 sends a message to the system administrator's terminal when an unauthorized mail transfer is made.
Unauthorized mail transfer notification screen 70 with contents as shown in (b)
2 is displayed. When notifying the terminal of the user who has issued the mail transfer approval request that the unauthorized mail transfer has been requested, the error screen 7 shown in FIG.
01 is transmitted to the terminal and displayed.

Although four types of mail transfer control have been described above, it is needless to say that the mail transfer control can be realized by a control in which the above controls are arbitrarily combined.

In the above-described mail transfer control, a specific method for inhibiting mail transfer is as follows.

First, 1. In this control, the domain address of the mail address of the mail to be transferred is referred to. Specifically, data of the SMTP protocol or an equivalent protocol is monitored, and a domain address of a mail address described in a header portion thereof is acquired. Next, it is determined whether or not the acquired domain address is registered in the mail transfer management table 2036.
As a result of the determination, if the domain address is not registered in the mail transfer management table 2036, it is determined that the transfer of the mail is prohibited.

Also, 2. Control, that is, if the mail to be transferred has attached data, In addition to the checking of the mail transfer right in the control of the above, the mail transfer right of the attached data to another medium is checked with reference to the access right management table 2035. As a result of the check,
If the user does not have the authority to transfer the attached data to another medium, it is determined that the transfer of the mail is prohibited.

Also, 3. Control, that is, when the user is requested to acquire the mail re-forwarding authority for the mail to be forwarded, A check similar to the check of the mail transfer right in the control of (1) checks the mail re-forwarding right described in the header portion of the mail. As a result of the check,
If the e-mail re-transfer right cannot be obtained, it is determined that the transfer of the e-mail is prohibited.
On the other hand, if it can be obtained, it is determined that mail retransmission is not prohibited. That is, the presence / absence of the mail re-forwarding right is determined based on whether the mail re-forwarding right is acquired.

Also, 4. Control, that is, in the case of approving the transfer of the mail to be forwarded, the approval / disapproval of the execution of the transfer of the mail is performed by the terminal of the system administrator having the approval program for approving the transfer of the mail. Alternatively, it is determined by the judgment of the system administrator. The forwarding of the mail is prohibited based on the result of the decision.

As described above, according to the present embodiment, a mail transfer request from an application such as a mailer is captured before it is actually executed, and the mail transfer right is assigned to the mail corresponding to the captured mail transfer request. It is determined whether or not there is a mail transfer right, and if there is a mail transfer right, the mail transfer request is passed to the operating system according to the mail transfer request, and the result is returned to the application that requested the mail transfer. On the other hand, if the e-mail corresponding to the captured e-mail transfer request does not have the e-mail transfer right, the e-mail request is prohibited, so that the OS or process (a program running under the OS,
(E.g., applications and daemons), it is possible to restrict mail transfer operations for users who do not have mail transfer rights.

Further, only by incorporating the mail management program into the existing environment, it is possible to restrict the transfer of various kinds of unauthorized mails as described above, and it is possible to extend the range of the existing mail transfer right. That is, mail transfer control can be executed safely and reliably without depending on an application such as a mailer or the OS.

Further, even when the requesting application does not have a function to cope with the mail transfer violation, the request is converted into a dummy mail transfer operation request and passed to the operating system. It is possible to cope with an application that does not have a function corresponding to a violation.

Further, by setting the mail re-forwarding right of the mail to be forwarded and controlling the re-forwarding of the mail based on the set contents, for example, the re-forwarding of the mail is permitted only within the organization, It is possible to prohibit the re-forwarding of mail to outside. This makes it possible to maintain communication within the organization while preventing leakage outside the organization.

Also, by approving the transfer of the mail to be transferred, it is also possible to maintain communication within the organization while preventing leakage outside the organization.

In the above embodiment, if there is attached data in the mail to be transferred, the presence or absence of the access right is determined by referring to the access right management table 2035 for the attached data. It is also possible to determine whether or not the user has the access right by referring to the access right information that is described in the resource and specifies the extended access right that is not defined in the existing environment.

The network resources used in the above description relate to the network among resources managed by the OS, such as communication media, devices, access points, digital television channels, communication data or contents. .

The mail management program is a CD-R
It can be installed or loaded into a computer through various media such as a disk storage such as an OM, a semiconductor memory, and a communication network. Further, it can be provided to a computer user as a program product alone.

The APIs exemplified in the embodiments are merely examples, and it goes without saying that the APIs can be easily dealt with even if they are added by upgrading the OS.

It is to be noted that an object of the present invention is to supply a storage medium storing a program code of software for realizing the functions of the above-described embodiments to a system or an apparatus, and to provide a computer (or CPU or MPU) of the system or apparatus. Can also be achieved by reading and executing the program code stored in the storage medium.

In this case, the program code itself read from the storage medium realizes the functions of the above-described embodiment, and the storage medium storing the program code constitutes the present invention.

As a storage medium for supplying the program code, for example, a floppy disk, hard disk, optical disk, magneto-optical disk, CD-ROM, CD
-R / RW, DVD-ROM / RAM, magnetic tape, non-volatile memory card, ROM and the like can be used.

When the computer executes the readout program code, not only the functions of the above-described embodiment are realized, but also the OS (Operating System) running on the computer based on the instruction of the program code. ) May perform some or all of the actual processing, and the processing may realize the functions of the above-described embodiments.

Further, after the program code read from the storage medium is written into a memory provided in a function expansion board inserted into the computer or a function expansion unit connected to the computer, based on the instructions of the program code, It goes without saying that the CPU included in the function expansion board or the function expansion unit performs part or all of the actual processing, and the processing realizes the functions of the above-described embodiments.

When the present invention is applied to the storage medium, the storage medium stores program codes corresponding to the flowcharts described above.

[0108]

As described above, according to the present invention,
An information processing apparatus and method, an information processing system, a control method thereof, and a program capable of efficiently realizing information sharing and preventing leakage in mail transfer can be provided.

[Brief description of the drawings]

FIG. 1 is a diagram showing a configuration of a mail management system of the present invention.

FIG. 2 is a diagram showing a configuration of a mail management program according to the present invention.

FIG. 3 is a diagram showing a configuration of an access right management table and a mail transfer management table according to the present invention.

FIG. 4 is a sequence diagram of a mail transfer control based on a mail address according to the present invention.

FIG. 5 is a sequence diagram of a mail transfer control based on a mail address according to the present invention.

FIG. 6 is a sequence diagram of a mail transfer control based on mail attached data according to the present invention.

FIG. 7 is a sequence diagram of mail transfer control based on mail attached data according to the present invention.

FIG. 8 is a diagram showing an example of a mail retransfer authority determination screen according to the present invention.

FIG. 9 is a sequence diagram of control of mail transfer based on the approval of the present invention.

FIG. 10 is a diagram showing a configuration of a program installed in a terminal that approves mail transfer according to the present invention.

FIG. 11 is a diagram showing an example of a mail transfer approval screen of the present invention.

FIG. 12 is a diagram showing an example of a message screen of the present invention.

[Explanation of symbols]

 101a to 101c Terminal 102 LAN 200 DNS Server 300 Mail Server 400 Network 1011 HD 1012 PC 1013 Display 1014 Printer 1015 External Device 201 OS 202 User Environment 203 Mail Management Program 2011 Resources 2012 API Group 2021 Application 2031 API Monitoring Control 2032 APL Monitoring Control 2033 Access control control 2035 Access right management table 2036 Mail transfer management table

 ──────────────────────────────────────────────────の Continuing on the front page (72) Inventor Takahiro Shima 1-2-13-1 Tsukishima, Chuo-ku, Tokyo Inside Hamming Goodheads Co., Ltd. In company

Claims (23)

[Claims] 1. An information processing apparatus for controlling mail transfer, comprising: a storage unit for storing a mail transfer management table for determining permission / non-permission of mail transfer; and Determining means for determining whether or not to permit transfer of a mail corresponding to a mail transfer request issued by an application; and controlling the transfer of the mail when the result of the determination by the determining means indicates that the transfer of the mail is permitted. And transferring the mail to the operating system to execute the transfer of the mail. If the transfer of the mail is not permitted, the control unit prohibits the transfer of the mail. 2. The information processing apparatus according to claim 1, wherein the determination unit determines permission / non-permission of transfer of the mail based on at least a domain address in a mail address of the mail. . 3. The information processing apparatus according to claim 1, wherein the determination unit determines permission / non-permission of transfer of the mail based on data attached to the mail. 4. The information processing apparatus according to claim 1, further comprising setting means for setting permission / non-permission of retransmission of the mail corresponding to the mail transfer request to the mail. 5. The apparatus according to claim 1, further comprising: output means for setting an approval request for transfer of the mail corresponding to the mail transfer request to the mail and outputting the request to an approval request destination of the mail. An information processing apparatus according to claim 1. 6. The information processing apparatus according to claim 5, further comprising an approval unit that executes an approval process for the mail. 7. The information processing apparatus according to claim 6, further comprising notification means for notifying an approval result of the approval means to at least one of an approval request source and an approval request destination of the transfer of the mail. . 8. When the approval request destination of the approval request set in the mail is a predetermined approval request destination, the control means forwards the mail without outputting the mail to the predetermined approval request destination. The information processing apparatus according to claim 5, wherein: 9. An information processing method for controlling a mail transfer, wherein a mail corresponding to a mail transfer request issued by an application is referred to by referring to a mail transfer management table for determining permission / non-permission of the mail transfer. A determination step of determining whether the transfer of the mail is permitted or not; and, as a result of the determination in the determination step, when the transfer of the mail is permitted, the control of transfer of the mail is passed to the operating system to execute the transfer of the mail. And a control step of prohibiting the transfer of the mail when the transfer of the mail is not permitted. 10. The method according to claim 1, wherein the determining step includes:
10. The information processing method according to claim 9, wherein permission / non-permission of the transfer of the mail is determined. 11. The information processing method according to claim 9, wherein the determining step determines permission / non-permission of transfer of the mail based on data attached to the mail. 12. The information processing method according to claim 9, further comprising: setting a permission / non-permission of retransmission of the mail corresponding to the mail transfer request to the mail. 13. The method according to claim 9, further comprising an output step of setting an approval request for transfer of the mail corresponding to the mail transfer request to the mail and outputting the request to an approval request destination of the mail. The information processing method described. 14. The information processing method according to claim 13, further comprising an approval step of executing an approval process for the mail. 15. The method according to claim 14, further comprising a notification step of notifying an approval request source and / or an approval request destination of the transfer of the mail of an approval result of the approval step. Information processing method. 16. The control step, when the approval request destination of the approval request set in the mail is a predetermined approval request destination, forwards the mail without outputting the mail to the predetermined approval request destination. The information processing method according to claim 13, wherein: 17. An information processing system comprising a plurality of terminal groups connected to each other via a network, wherein each of the plurality of terminal groups has a mail for determining permission / non-permission of mail transfer. A storage unit that stores a transfer management table; a determination unit that refers to the mail transfer management table to determine whether to permit or disallow transfer of a mail corresponding to a mail transfer request issued by an application; As a result, when the transfer of the mail is permitted, the transfer of the mail is transferred to the operating system to execute the transfer of the mail, and when the transfer of the mail is not permitted, the transfer of the mail is prohibited. An information processing system comprising: 18. An information processing system comprising a terminal for issuing a mail transfer request and an approval terminal for approving a mail corresponding to the mail transfer request, which are mutually connected via a network, The terminal includes: a generation unit configured to generate a mail including a request for approval of transfer of mail; and a transmission unit configured to transmit to the approval terminal generated by the generation unit. The approval terminal includes a request for approval of transfer of the mail. An information processing system comprising: a receiving unit that receives a mail including the following from the terminal; an approval unit that executes approval processing of the mail; and a notification unit that notifies an approval result of the approval unit. 19. The information processing system according to claim 18, wherein said notifying unit notifies an approval result of said approval unit to at least one of said terminal and said approval terminal. 20. A method for controlling an information processing system comprising a terminal for issuing a mail transfer request and an approval terminal for approving a mail corresponding to the mail transfer request, which are mutually connected via a network. A generating step of generating, in the terminal, a mail including a request for approval of transfer of mail, an approval step of executing, in the approval terminal, a process of approval of the mail including a request for approval of transfer of mail, and approval of the approval step; And a notifying step of notifying a result. 21. The notification step, wherein an approval result of the approval step is notified to one or both of the terminal and the approval terminal.
The control method of an information processing system according to claim 1. 22. A program for causing a computer to perform information processing for controlling mail transfer, the mail transfer being issued by an application with reference to a mail transfer management table for determining permission / non-permission of mail transfer. A program code of a judging step for judging permission / non-permission of the transfer of the mail corresponding to the request; A program code for a control step of transferring the e-mail and transferring the e-mail when the transfer of the e-mail is not permitted. 23. A computer for controlling an information processing system in which a terminal for issuing a mail transfer request and an approval terminal for approving a mail corresponding to the mail transfer request are connected to each other via a network. A program that causes the terminal to execute, in the terminal, a program code of a generation step of generating an email including a request to approve an email transfer, and an approval process of an email including an approval request to forward the email in the terminal. A program comprising: a program code for an approval process; and a program code for a notification process for notifying an approval result of the approval process.