JP2011138228A - Apparatus and method for processing information, and computer program - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To permit connection to an information resource which is not permitted by a URL filtering rule only in a fixed period to a specific user without making indefinite a period when the release of URL filtering is performed. <P>SOLUTION: When it is determined that relay is not permitted as the result of relay control processing performed by applying a relay control rule to communication between terminal equipment and an external server device, a first relay control rule as a relay control rule applied to the communication is transmitted to the terminal equipment, and the release request of the pertinent first relay control rule is accepted. Then, in response to the accepted release request, a release entry to which the release period for releasing the first relay control rule is set is created. When the relay of communication is not permitted as the result of the application of the relay control rule to the communication, whether or not the release entry for releasing the release control rule is generated is further determined, and when the release entry is generated, and it is determined that it is within the release period set to the release entry, the release of communication is permitted. <P>COPYRIGHT: (C)2011,JPO&INPIT

Description

  The present invention relates to a technology for performing relay control of communication between a terminal device of an internal network and a server device that provides information resources such as a home page on an external network such as the Internet.

  With the development of network technology, it is possible to exchange information very easily and efficiently. For example, it is possible to attach materials used for a conference to an e-mail in advance and send them to participants in advance without trouble and trouble. However, while network technology has been developed in this way, information exchange can be easily performed, but important confidential information can easily be leaked to the outside, and harmful information such as computer viruses can be leaked from the outside. The degree of danger of inflow is also increasing.

  Therefore, companies have taken measures such as prohibiting access to servers that provide information not directly related to business. For example, by introducing a computer device that performs URL filtering, which is communication control that prohibits access to a specific URL, and does not forward a request for a URL that is not permitted to access to an external server that provides the information resource indicated by the URL, The information resource indicated by the URL cannot be accessed.

  In the case of performing URL filtering, a white list that is a list of URLs that are permitted to access and a black list that is a list of URLs that are prohibited to access are created, and control over them, that is, registered in the white list. A request for a certain URL is relayed for the communication, and a request for a URL registered in the black list is controlled not to relay the communication.

  For example, Patent Document 1 discloses an invention that facilitates whitelist registration editing for URL filtering. According to the present invention, it is easy for an administrator to perform URL filter setting. In addition, in communication control by URL filtering, it is difficult to create a rule that satisfies all user requests. For example, regardless of the URL filtering rule, filtering is canceled by inputting a predetermined password, for example. There are also URL filtering applications that have a function of permitting connection to URLs registered in the black list.

JP 2009-277156 A

  As described above, when performing access control to information resources on the Internet by URL filtering, it can be said that it is almost impossible to create a rule that satisfies all users. However, if all URL filtering is canceled with a specific password, if the password is leaked, URL filtering will not make sense in the first place.

  In particular, in URL filtering within a company, access to information resources such as websites that cannot be accessed when filtering rules are applied and from which information deemed necessary for business can be obtained is granted for a certain period of time, and information is obtained during that period. It is only necessary to give an opportunity to do so, and it is not necessary to continue the cancellation state of the filtering rule.

  Therefore, in view of the above-described problems, the present invention does not set a period for canceling URL filtering indefinitely, and allows a specific user to connect to an information resource that is not permitted by a URL filtering rule only for a certain period. It is an object of the present invention to provide an information processing apparatus, an information processing method, and a computer program that can be performed.

  In order to achieve the above object, an information processing apparatus of the present invention has the following configuration. That is, information that includes storage means for storing a relay control rule for relay control of communication between a terminal device and an external server device, and performs relay control of communication between the terminal device and the external server A processing device that obtains communication between the terminal device and the external server device, and applies the relay control rule to the communication obtained by the obtaining device, whereby the communication A determination unit that determines whether or not to permit relaying, and a relay control rule that is applied to the terminal device by the determination unit when the determination unit determines that relaying is not permitted. A transmission unit that transmits a relay control rule; a first reception unit that receives a cancellation request for the first relay control rule including the cancellation period information of the first relay control rule from the terminal device; of In accordance with a cancellation request received by the appending means, a creation means for creating a cancellation entry in which the cancellation period for canceling the first relay control rule is set is provided, and the determination means includes If the applied relay control rule is one that does not permit relaying, it is further determined whether a release entry for releasing the relay control rule is generated, and the release entry is generated and set in the release entry. If it is determined that it is within the release period, it is determined that relaying of the communication is permitted.

  In order to achieve the above object, the information processing method of the present invention has the following configuration. That is, information including a storage device that stores a relay control rule for relay control of communication between a terminal device and an external server device, and performing relay control of communication between the terminal device and the external server An information processing method performed by a processing device, wherein an acquisition step of acquiring communication between the terminal device and the external server device, and the relay control rule applied to the communication acquired in the acquisition step A determination step for determining whether or not to permit relaying of the communication, and relay control applied in the determination step for the terminal device when it is determined that relaying is not permitted in the determination step. A transmission step of transmitting a first relay control rule that is a rule, and a request for canceling the first relay control rule including release period information of the first relay control rule from the terminal device And a creation step for creating a release entry in which the release period for releasing the first relay control rule is set according to the release request received in the first reception step, and the determination step includes: When the relay control rule applied to the communication in the determination step does not permit relay, it is further determined whether a cancel entry for canceling the relay control rule is generated, and a cancel entry is generated. If it is determined that it is within the cancellation period set in the cancellation entry, it is determined that relaying of the communication is permitted.

  In order to achieve the above object, the computer program of the present invention has the following configuration. That is, a computer having storage means for storing a relay control rule for relay control of communication between a terminal device and an external server device is controlled by the computer, and relay control of communication between the terminal device and the external server is performed. A computer program for causing an information processing device to perform, the computer having an acquisition unit that acquires communication between the terminal device and the external server device, and communication acquired by the acquisition unit And applying the relay control rule to determine whether to permit relaying of the communication, and when determining that the relay is not permitted by the determining unit, The transmission means for transmitting the first relay control rule that is the relay control rule applied by the determination means, and the release period information of the first relay control rule from the terminal device A first accepting unit that accepts a cancellation request for the first relay control rule, and a release period for canceling the first relay control rule is set according to the release request accepted by the first accepting unit Functioning as creation means for creating a release entry, and the determination means cancels the relay control rule when the relay control rule applied by the determination means to the communication does not permit relaying. It is further determined whether an entry has been generated, and if it is determined that a cancellation entry has been generated and is within the cancellation period set in the cancellation entry, it is determined that relaying of the communication is permitted.

  According to the present invention, it is possible to permit a specific user to connect to an information resource that is not permitted by the URL filtering rule only for a certain period without making the period for canceling URL filtering indefinite. An information processing apparatus, an information processing method, and a computer program can be provided.

1 is a diagram illustrating an example of a system configuration of an information processing system according to an embodiment of the present invention. It is a figure which shows an example of the hardware constitutions of the information processing apparatus applicable to the proxy server 101 of FIG. It is a figure which shows an example of a function structure of the proxy server 101 of FIG. It is a flowchart which shows the outline | summary of the process performed by the proxy server 101 of FIG. It is a flowchart which shows the detail of the relay control rule setting process of step S402 of FIG. 6 is a flowchart showing details of an access block release password setting process in step S404 of FIG. It is a flowchart which shows the detail of the proxy process of FIG.4 S406. It is a flowchart which shows the detail of the access block cancellation | release password determination process of FIG.4 S408. It is a flowchart which shows the detail of the access block and prohibition cancellation application registration process of step S410 of FIG. 5 is a flowchart showing details of access block / prohibition cancellation application determination processing in step S412 of FIG. 4. It is a flowchart which shows the detail of the relay control rule application process of step S707 of FIG. It is a flowchart which shows the detail of the cancellation | release determination process by the password of step S709 of FIG. It is a flowchart which shows the detail of the cancellation | release determination processing by approval of step S711 of FIG. It is a figure which shows an example of a structure of relay control rule DB (database) 311 of FIG. FIG. 4 is a diagram illustrating an example of a configuration of an access block release password DB (database) 312 in FIG. 3. It is a figure which shows an example of a structure of access block and access prohibition cancellation application DB (database) 313 of FIG. FIG. 4 is a diagram illustrating an example of a configuration of an access block / access prohibition release entry DB (database) 314 in FIG. 3. It is a figure which shows an example of a structure of the relay control rule list screen 1800 displayed on the display part of client PC102. 6 is a diagram illustrating an example of a configuration of a relay control rule details screen 1900 displayed on a display unit of a client PC 102. FIG. It is a figure which shows an example of a structure of the relay control rule movement screen 2000 displayed on the display part of client PC102. It is a figure which shows an example of a structure of the access block cancellation | release password list screen 2100 displayed on the display part of client PC102. It is a figure which shows an example of a structure of the access block cancellation | release password detail screen 2200 displayed on the display part of client PC102. It is a figure which shows an example of a structure of the access block screen 2300 displayed on the display part of client PC102. It is a figure which shows an example of a structure of the access block cancellation | release application screen 2400 displayed on the display part of client PC102. 6 is a diagram illustrating an example of a configuration of an access block / access prohibition release application list screen 2500 displayed on a display unit of a client PC 102. FIG. 6 is a diagram showing an example of a configuration of an access block / access prohibition release application detail screen 2600 displayed on the display unit of the client PC 102. FIG. It is a figure which shows an example of a structure of the access prohibition screen 2700 displayed on the display part of client PC102.

  Hereinafter, an embodiment of an information processing system according to the present invention will be described with reference to the drawings. FIG. 1 is a diagram showing an example of a system configuration of an information processing system according to the present invention. As shown in FIG. 1, the information processing system according to this embodiment includes a proxy server 101, client PCs 102-1 to 102-3 (hereinafter collectively referred to as “client PCs 102”), a LAN 103, a wide area network 104, and a web server 105-. 1 to 105-3 (hereinafter collectively referred to as “web server 105”). Hereinafter, each apparatus which comprises the information processing system of this invention is demonstrated.

  The proxy server 101 is a device that functions as an information processing device of the present invention, and relays data communication between the client PC 102 and the web server 105. The proxy server 101 permits (relays) / rejects (not relays) relay of data transmitted from the client PC 102 to the web server 105 in accordance with a relay control rule described later. A function to perform data communication control (relay control), such as permitting / rejecting relay of data transmitted to the network, and various setting pages used to register, modify, delete, etc. the relay control rule Web server function provided by

  The client PC 102 is a terminal device used by a user who uses various services (such as browsing a home page) provided by the web server 105. The LAN 103 is a network that connects the proxy server 101 and the client PC 102 so as to allow data communication with each other.

  The web server 105 is a server device installed by a service provider that provides various web services. Examples of the services provided here include, but are not limited to, a homepage browsing service, a product sales service, an airline ticket, a reservation service for hotels, and the like. The proxy server 101 and the web server 105 are connected to each other via a wide area network 104 such as the Internet so that data communication is possible. The above is an example of the configuration of the information processing system according to the present invention.

  Next, an example of the hardware configuration of the information processing apparatus applicable to the proxy server 101 in FIG. 1 will be described with reference to FIG.

  In the figure, a CPU 201 comprehensively controls each device and controller described later connected to a system bus 204. Further, the ROM 203 or the external memory 211 is necessary for the BIOS (Basic Input / Output System) or an operating system program (hereinafter referred to as OS) that is a control program of the CPU 201 or the proxy server 101 to execute various processes described later. Various programs and data are stored. The RAM 202 functions as a main memory, work area, and the like for the CPU 201.

  The CPU 201 implements various processes to be described later by loading a program or the like necessary for executing the process into the RAM 202 and executing the program. An input controller (input C) 205 controls input from an input device 209 configured with a keyboard, a pointing device, and the like. A video controller (VC) 206 controls display on a display device such as the display device 210. The display device 210 is composed of, for example, a CRT display or a liquid crystal display.

  A memory controller (MC) 207 is a hard disk (HD), floppy disk (registered trademark FD) or PCMCIA card slot for storing boot programs, browser software, various applications, font data, user files, editing files, various data, and the like. Controls access to an external memory 211 such as a compact flash memory connected via an adapter.

  A communication I / F controller (communication I / FC) 208 is connected to and communicates with an external device via a network, and executes communication control processing in the network. For example, Internet communication using TCP / IP is possible.

  Note that the CPU 201 enables display on the display device 210 by executing outline font rasterization processing on a display information area in the RAM 202, for example. Further, the CPU 201 enables a user instruction with a mouse cursor (not shown) on the display device 210. The above is the description of the hardware configuration of the information processing apparatus applicable to the proxy server 101. However, the hardware configuration illustrated in FIG. Needless to say, it doesn't matter.

  Next, the functional configuration of the proxy server 101 in FIG. 1 will be described with reference to FIG. As shown in FIG. 3, the proxy server 101 includes a relay control rule setting unit 301, an access block release password setting unit 302, a proxy processing unit 303, an access block release password determination unit 304, an access block / access prohibition release application registration unit 305, An access block / access prohibition release application determination unit 306 is provided.

  The relay control rule setting unit 301 is a functional unit that performs a relay control rule setting process to be described later. The access block release password setting unit 302 is a functional unit for performing an access block release password setting process to be described later.

  The proxy processing unit 303 is a functional unit that performs proxy processing to be described later. The access block cancellation password determination unit 304 is a functional unit that performs an access block cancellation password determination process described later. The access block / access prohibition release application registration unit 305 is a functional unit that performs an access block / access prohibition release application registration process described later. The access block / access prohibition release application determination unit 306 is a functional unit that performs an access block / access prohibition release application determination process described later.

  Further, the proxy server 101 includes a relay control rule DB 311 for storing data used when performing various processes described later, an access block release password DB 312, an access block / access prohibition release application DB 313, and an access block / access prohibition release entry DB 314. ing.

  14, 15, 16, and 17, the relay control rule DB 311, the access block release password DB 312, the access block / access prohibition release application DB 313, and the access block / access prohibition release shown in FIG. The data structure of the entry DB 314 will be described.

  FIG. 14 is a diagram illustrating an example of a data configuration of the relay control rule DB 311 in FIG. As shown in FIG. 14, in the relay control rule DB 311, a request rule table 1400 storing request rules used for relay control of data (request data) transmitted from the client PC 102 to the web server 105, and transmitted from the client PC 102. And a response rule table 1410 storing response rules used for relay control of data (response data) transmitted from the web server 105 to the client PC 102 according to the request data.

  In the request rule table 1400, ID 1401, description 1402, URL 1403, category 1404, keyword 1405, MIME type 1406, size 1407, size condition 1408, and operation 1409 are set as data items.

  Identification information for uniquely identifying the request rule is registered in the ID 1401. In the description 1402, information input in the description input field 1902 of the rule detail input screen 1900 of FIG. In the URL 1403, a URL condition for applying the rule is registered. In the category 1404, a category of a web service to which the rule is applied is registered. Information indicating to which category (for example, a shopping site, a travel site, a bulletin board, a web mail, etc.) a web service provided by each web server 105 belongs is registered in a category DB (not shown). If no information is registered in either the URL 1403 or the category 1404, it indicates that the relay control rule is applied to communication with all the web servers 105.

  A keyword condition for applying the rule is registered in the keyword 1405. When a character string registered in the keyword condition included in the request data transmitted to the web server 105 is included, this rule is applied. A MIME type condition is registered in the MIME type 1406. When a file corresponding to the MIME type condition is included in data transmitted to the web server 105, this rule is applied to communication of the request data. For example, image / jpeg is registered in this MIME type 1406 in a request rule applied to communication of request data including a JPEG file.

  In size 1407, threshold conditions for the data size to be transmitted are registered, and in size condition 1408, matching conditions such as above, below and below are registered. For example, in a request rule applied to data communication with a data size of 1 MB or more, “1 MB” and “above” are registered in the size 1407 and the size condition 1408, respectively.

  In the operation 1409, processing to be performed for data communication that matches the set conditions from the URL 1403 to the size condition 108 is registered. When “relay” is registered, the request data matching the rule is relayed to the designated web server 105 (relay is permitted). If “block” is registered, the request data is not relayed to the web server (rejecting the relay), and the access block screen 2300 shown in FIG. 23 is returned to the client PC 102. If “prohibited” is registered, the request data is not relayed to the web server 105 (relay is rejected), and an access prohibition screen 2700 shown in FIG. 27 is returned to the client PC 102.

  The response rule 1410 is also configured to have the same data items as the request rule 1401, and therefore a detailed description thereof is omitted. In this description, the example in which the request rule 1400 and the response rule 1410 are managed by different data tables has been described. However, the present invention is not limited to this, and for example, the relay control rule specified by the rule ID is a request rule, a response rule. It is possible to specify whether the relay control rule is a request rule or a response rule by setting a data item for registering information indicating whether the relay control rule is a request rule or a response rule by referring to the value set in the data item Of course, it is possible to manage with one data table.

  FIG. 15 is a diagram showing an example of the data configuration of the access block release password DB 312 of FIG. As shown in FIG. 15, in the access block release password DB 312, ID 1501, description 1502, password 1503, release time 1504, and validity period 1505 are set as data items.

  Identification information for uniquely identifying the access block release password data is registered in the ID 1501. In the description 1502, information input in the description input field 2202 of the access block cancellation password details screen 2200 shown in FIG. 22 described later is registered as the description of the access block cancellation password data. In the password 1503, password information used for temporarily canceling the relay control rule is registered.

  In the description of the present embodiment, “cancel (invalidate)” a relay control rule means that the relay control rule is set even if “block” and “prohibit” are set in the relay control rule (that is, relay is not permitted). This means that the proxy server 101 executes data relay control for “relaying” data communication that matches the rule.

  For example, by inputting a password 1503 for canceling the relay control rule displayed in the applied rule display field 2301 in the cancel password input field 2302 of the access block screen 2300 to be described later, and pressing the cancel button 2303 to instruct the proxy. The server 101 can be instructed to cancel the relay control rule displayed in the application rule display field 2301 of the access block screen 2300.

In the release time 1504, the release time is registered. Once a certain relay control rule (rule 1 is set, “block” is set in the operation 1409 or 1419 of this rule 1) by using the access block release password, the web server 105 is accessed. After the time registered for the release time has elapsed, if an attempt is made to access the web server 105 whose relay is blocked again under the condition of rule 1, the proxy server 101 does not relay the request and accesses again. The block screen 2300 is returned to the client PC 102.

  In the validity period 1505, validity period information of the unlock password data is registered. For the access block release password DB, for example, a data item indicating an invalid rule ID is added to release only a specific rule (if no rule is specified, all rules are released). It doesn't matter. A data item for specifying a user may be added to the data item so that only a user who can use the password effectively can use the password to cancel the relay control rule (when no user is specified). Needless to say, is valid for all users.

  FIG. 16 is a diagram showing an example of the data configuration of the access block / access prohibition release application DB 313 of FIG. As shown in FIG. 16, in the access block / access prohibition release application DB 313, ID 1601, application date 1602, authentication name 1603, IP address 1604, rule type 1605, rule ID 1606, and application reason 1607 are set as data items. ing.

  Identification information for uniquely identifying the access block / access prohibition release application data is registered in the ID 1601. The application date and time 1602 stores date and time information when the access block / access prohibition release application data is registered. In the authentication name 1603, the authentication name of the user who instructed the application of the access block / access prohibition release application data is registered. In the IP address, the IP address of the client PC 102 used when the access block / access prohibition release application is made is registered.

  In the rule type 1605, the type of relay control rule (request rule, response rule) to be canceled is registered. In the rule ID 1606, the ID of the relay control rule to be canceled is registered. In 1607, the reason for applying for cancellation is registered.

  FIG. 17 is a diagram showing an example of the data configuration of the access block / access prohibition release entry DB 314. As shown in FIG. As shown in FIG. 17, the access block / access prohibition release entry DB 314 includes a password release entry table 1700 and an approval release entry table 1710 used for data relay control between the client PC 102 and the web server 105. It has. In either case, in the relay control of data using the relay control rule by the proxy server 101, data communication in which transmission from the client PC 102 to the web server 105 (or from the web server 105 to the client PC 102) is blocked or prohibited is performed. Is used for temporarily exceptionally relaying (permitting communication).

  First, the data structure of the password cancellation entry table 1700 will be described. The release entry data by password is release entry data created when it is determined that the password is valid in the access block release password determination process (details are shown in FIG. 8) in step S408 in FIG. As shown in FIG. 17, an authentication name 1701, an IP address 1702, and an entry expiration time 1703 are set as data items in the password cancellation entry table 1700.

  In the authentication name 1701, an authentication name of a user to which the cancellation entry by the password is applied is registered. When the proxy server 101 performs proxy authentication, information is registered in the authentication name 1701. Registered in the IP address 1702 is the IP address of the client PC 102 to which the cancellation entry by the password is applied. When the authentication name 1701 is registered, it is not necessary to register data in this item. In the entry expiration time 1703, date / time information when the release entry data based on the password expires is registered.

  Next, the data structure of the release entry table 1710 by approval will be described. The release entry data by the approval is release entry data created when the release application is approved by the administrator in the access block / access prohibition application determination process (detailed in FIG. 10) in step S412 of FIG. 4 to be described later. . As shown in FIG. 17, ID 1711, approval name 1712, IP address 1713, rule type 1714, rule ID 1715, and release time 1716 are set in the release entry table 1710 by approval.

  In the ID 1711, identification information for uniquely identifying release entry data by approval is registered. In the authentication name 1712, an authentication name of a user to which the release entry by the approval is applied is registered. When the proxy server 101 performs proxy authentication, information is registered in the authentication name 1712. In the IP address 1713, the IP address of the client PC 102 to which the release entry by the approval is applied is registered. When the authentication name 1712 is registered, it is not necessary to register data in this item.

  In the rule type 1714, information indicating the rule type of the request rule and the response rule is registered. A rule ID is registered in the rule ID 1715. Based on the information registered in the rule type 1714 and the rule ID 1715, the relay control rule to be canceled (invalidated) is specified. In the cancellation period 1716, date / time information indicating the cancellation period of the relay control rule specified by the rule type 1714 and the rule ID 1715 is registered.

  The details of the various data change processing described with reference to FIGS. 14 to 17 and the data relay control processing performed by the proxy server 101 using the various data will be described later.

  Next, an overview of processing performed by the CPU 201 of the proxy server 101 in FIG. 1 will be described with reference to FIG. A program used to cause the CPU 201 to perform the processing shown in FIG. 4 is stored in the external memory 211. The CPU 201 loads the program into the RAM 202 as necessary, and performs this processing according to the control. .

  The proxy server 101 of the present invention includes a relay control rule setting process performed by the relay control rule storage unit 301 illustrated in FIG. 3, an access block cancellation password setting process performed by the access block cancellation password setting unit 302, and a proxy performed by the proxy unit 303. Processing, access block cancellation password determination processing performed by the access block cancellation password determination unit 304, access block / access prohibition cancellation application registration processing, access block / access prohibition cancellation application determination performed by the access block / access prohibition cancellation application registration unit 305 When the access block / access prohibition release application determination processing performed by the unit 306 and each processing request are received from the client PC 102, processing by each functional unit shown in FIG. 3 is performed.

  In step S <b> 401, the CPU 201 determines whether a relay control rule setting request has been received from the client PC 102. This relay control rule setting request is made by the client PC 102 to the proxy server 101 by accessing a web page for setting the relay control rule among the web pages provided by the proxy server 101 to the client PC 102. become.

  If the CPU 201 determines that a relay control rule setting request has been received (YES in step S401), the process proceeds to step S402 to perform a relay control rule setting process. In this relay control rule setting process, additional registration, change, deletion and the like of the relay control rule used when performing relay control of data communication performed between the client PC 102 and the web server 105 are performed. Details will be described later with reference to FIG.

  In step S <b> 403, the CPU 201 determines whether an access block release password setting request has been received from the client PC 102. The access block release password setting request is made to the proxy server 101 by the client PC 102 accessing a web page for setting the access block release password among the web pages provided by the proxy server 101 to the client PC 102. It will be.

  If the CPU 201 determines that an access block release password setting request has been received (YES in step S403), the process proceeds to step S404, and an access block release password setting process is performed (step S404). In this access block release password setting process, a password setting process for temporarily relaying communication that is blocked from being relayed is performed in the relay control process to which a normal relay control rule is applied. Details of this processing will be described later with reference to FIG.

  In step S405, the CPU 201 determines whether a proxy processing request has been accepted. The CPU 201 acquires request data transmitted from the client PC 102 to the web server 105, or acquires response data returned from the web server 105 to the client PC 102 in response to data communication from the client PC 102. It is determined that the proxy request has been accepted.

  If the CPU 201 determines that a request for proxy processing has been received (YES in step S405), the process proceeds to step S406 to perform proxy processing. In this proxy process, the CPU 201 of the proxy server 101 performs data relay control in accordance with the relay control rule 311. Details of this processing will be described later with reference to FIG.

  In step S407, the CPU 201 determines whether an access block release password has been received from the client PC. The client PC 102 inputs to the release password input field 2302 by receiving an instruction to press the access block screen 2300 release button 2300 that is transmitted to the client PC 102 in accordance with the result of the proxy processing in step S606 and displayed on the display device of the client PC 102. The transmitted information is transmitted to the proxy server 101 as an access block release password.

  If the CPU 201 determines that the access block release password has been received (received) (YES in step S407), the process proceeds to step S408 to perform an access block release password determination process. Details of this processing will be described later with reference to FIG.

  In step S409, the CPU 201 determines whether an access block / access prohibition release application has been accepted. Click instruction to access block release application request anchor 2304 in access block screen 2300 sent to client PC 102 according to the result of proxy processing in step S606 and displayed in the display measure of client PC 102, access prohibited in access prohibited screen 2700 When the access to the access block / access prohibition cancellation application provided by the proxy server 101 by the client PC 102 is received by receiving a click instruction for the cancellation application request anchor 2702, the CPU 201・ It will be judged that the access prohibition release application has been accepted.

  If the CPU 201 determines that an access block / access prohibition release application has been received (YES in step S409), the process proceeds to step S410, and an access block / access prohibition release application registration process is performed. Details of this processing will be described later with reference to FIG.

  In step S411, the CPU 201 determines whether an access block / access prohibition release application determination request has been received. The access block / access prohibition release application determination request is when the access from the client PC 102 is accepted to the web page for performing the approval / denial processing for the access block / access prohibition cancellation application registered in step S410. In addition, the CPU 201 determines that the access block / access prohibition release application determination request has been received.

  If the CPU 201 determines that an access block / access prohibition release application determination request has been received (YES in step S411), the process proceeds to step S412 to perform an access block / access prohibition release application determination process. Details of this processing will be described later with reference to FIG.

  Then, the above process is performed until an end instruction input is received (YES in step S413). The above is the outline of the processing performed by the proxy server 101 of the present invention.

  Next, details of the relay control rule setting process in step S402 of FIG. 4 will be described with reference to FIG. In this process, the CPU 201 edits a relay control rule used for data relay control in a proxy process to be described later according to control of a program for causing the CPU 201 to function as the relay control rule setting unit 301, and generates a relay control rule DB ( Database) 311 is updated.

  First, the CPU 201 creates relay control rule list screen information, which is information for displaying a later-described relay control rule list screen 1800, and transmits it to the client PC 102 (step S501). The client PC 102 that has received this relay control rule list screen information displays the relay control rule list screen 1800 shown in FIG. 18 on the display unit, for example, according to the control of the browser application.

  Here, the configuration of the relay control rule list screen 1800 will be described with reference to FIG. FIG. 18 is a diagram illustrating an example of the configuration of the relay control rule list screen displayed on the display unit of the client PC 102 that has received the relay control rule list screen information from the proxy server 101.

  As shown in FIG. 18, the relay control rule list screen 1800 includes a list display unit (request rule list display unit 1810, response rule list display unit 1820) for each relay rule control rule type (request rule, response rule). Is set. In each list display section, ID 1801, description 1802, and operation 1803 are set as detailed data display sections of the relay control rule data, and the operation button display section 1804 has each relay control rule data. Update buttons 1805-1 and 1805-2, delete buttons 1806-1 and 1806-2, and move buttons 1807-1 and 1807-2 are added buttons 1808-1 and 1808-2 for updating, deleting, moving, and adding. Is set.

  ID 1801 is a display unit for displaying the ID of the relay control rule. Data displayed in the ID 1801 is registered in the ID 1401 (or ID 1411) of the relay control rule DB 311 in FIG. A description 1802 is a display unit for displaying a description of the relay control rule. The data displayed in the description 1802 is registered in the description 1402 (or description 1412) of the relay control rule 311 in FIG. An operation 1803 is a display unit that displays processing performed by the proxy server 101 for data that matches the rule. The data displayed in this operation 1803 is registered in the operation 1409 (or operation 1419) of the relay control rule 311 in FIG.

  Update buttons 1805-1 and 1805-2 are controls used to transmit a detailed setting change request for the relay control rule data to the proxy server 101. The delete buttons 1806-1 and 1806-2 are controls used to transmit a request to delete the relay control rule data to the proxy server 101.

  The move buttons 1807-1 and 1807-2 are controls used to transmit a request for moving relay control rule data (change of priority) to the proxy server 101. Add buttons 1808-1 and 1808-2 are controls for transmitting a relay control rule addition request to the proxy server in order to register a new relay control rule. The above is the description of the configuration of the relay control rule list screen shown in FIG.

  Returning to the description of FIG. After transmitting screen information for causing the client PC 102 to display the relay control rule list screen 1800, the CPU 201 determines whether a request rule detailed setting request has been received from the client PC 102 (step S502). The request rule detailed setting request is issued to the proxy server 101 when the client PC 102 receives an instruction to press the update button 1805-1 or the add button 1808-1 in FIG.

  If the CPU 201 determines that a request rule detail setting request has been received (YES in step S502), the CPU 201 transmits screen information for displaying the relay control rule detail screen 1900 shown in FIG. 19 to the client PC. (Step S503). When the client PC 102 makes this request to the proxy server 101 by accepting the pressing of the update button 1805-1, screen information including details of the request rule to be updated is created, It is transmitted to the client PC 102.

  Here, the configuration of the relay control rule detail screen 1900 will be described with reference to FIG. FIG. 19 is a diagram illustrating an example of a configuration of a relay control rule details screen 1900 displayed on the display unit of the client PC 102 that has received the relay control rule details screen information from the proxy server 101.

  The relay control rule details screen 1900 includes a type display unit 1901, an ID display unit 1902, an explanation input field 1903, a URL condition (URL, category) designation unit 1904, a URL input field 1905, a category selection unit 1906, and a keyword condition input field 1907. , MIME type condition input field 1908, size threshold value input field 1909, size condition designation unit 1910, operation designation unit 1911, update button 1912 and cancel button 1913 are set.

  The type display unit 1901 is a display unit for displaying the types of relay control rules, that is, request rules and response rules. When the request rule is displayed here, the relay control rule created in the response rule table 1410 is registered in the request rule table 1400 of FIG. 14 and when the response rule is displayed.

  The ID display unit 1902 is a display unit for displaying identification information for uniquely identifying the relay control rule. Data displayed on the ID display unit 1902 is registered in the ID 1401 (or ID 1411) of the relay control rule DB 311 shown in FIG. The description input column 1903 is an input column for inputting a description of the relay control rule, and information input in the description input column 1903 is registered in the description 1402 (or description 1412) of the relay control rule DB 311.

  A URL condition (URL, category) designation unit 1904 is a designation unit that designates whether URL input is valid or category selection is valid as a URL condition. When a URL is specified in this specification section, a URL input field 1905 described later is valid and the URL can be input. When a category is designated, a category selection unit 1906, which will be described later, is enabled, and a web service category can be designated.

  A URL input field 1905 is an input field for inputting the URL of the web server. Information input in the URL input field 1905 is registered in the URL 1403 (or URL 1413) of the relay control rule DB 311 shown in FIG. The proxy server 101 performs relay control processing using this relay control rule for data communication with the web server 105 specified by this URL (or data communication from the web server 105).

  The category designation unit 1906 is a designation unit that designates a category of service provided by the web server. Information specified by the category specifying unit 1906 is registered in the category 1404 (or 1414) of the relay control rule DB 311 shown in FIG. The proxy server 101 performs relay control processing using this relay control rule for data communication with the web server 105 classified into the designated service category (or data communication from the web server 105).

  A keyword input field 1907 is an input field for inputting a keyword. Information input in the keyword input field 1907 is registered in the keyword 1405 (or keyword 1415) of the relay control rule DB 311. The proxy server 101 performs relay control processing using this relay control rule for data communication including this keyword in transmission data.

  The MIME type input field 1908 is an input field for inputting a MIME type. Information input in the MIME type input field 1908 is registered in the MIME type 1406 (or MIME type 1416) of the relay control rule DB 311. The proxy server 101 performs relay control processing using the relay control rule for data communication including file type data specified by the MIME type.

  The size threshold value input field 1909 is an input field for inputting a size threshold value. The information input in this size threshold value input field 1909 is registered in the size 1407 (or size 1407) of the relay control rule 311. The size condition designation unit 1910 is a designation unit for designating size conditions (above, below, etc.). The information specified by the size condition specifying unit 1910 is registered in the size condition 1408 (or the size condition 1418) of the relay control rule 311. When the data size matches the condition derived from the information input in the size threshold value input field 1909 and the designation in the size condition designation unit 1910, the proxy server 101 performs the relay control process using this relay control rule. Will do.

  The operation designating unit 1911 is a designating unit that designates processing to be performed by the proxy server 101 when it matches the created relay control rule. The information specified by the operation specifying unit 1911 is registered in the operation 1409 (or operation 1419) of the relay control rule DB 311.

  The update button 1912 is used to transmit update information for updating (adding or changing) the relay control rule DB 311 with information input via the relay control rule detail screen 1900 to the proxy server 101. Control. A cancel button 1913 is a control used to cancel the relay control rule update process via the relay control rule details screen 1900. The above is the description of the relay control rule details screen 1900 of FIG.

  In the present invention, it is possible to set different relay control rules for the request rule that is the relay control rule that applies the relay control rule to the HTTP request data in this manner and the response rule that applies to the HTTP response data. . Therefore, it is possible to create a relay control rule according to the characteristics of each data. Even when the security policy for transmitting data to the outside differs from the security policy for acquiring data from the outside, it is possible to create a relay control rule in accordance with each security policy.

  Returning to the description of FIG. In step S504, the CPU 201 determines whether a request rule movement request has been received from the client PC. This request rule move request is issued by the client PC 102 to the proxy server 101 when the move button 1807-1 on the relay control rule list screen 1800 is pressed.

  If the CPU 201 determines that a request rule movement request has been received (YES in step S504), it transmits screen information for displaying the relay control rule movement screen 2000 shown in FIG. 20 to the client PC 102 (step S504). S505).

  Here, the configuration of the relay control rule moving screen 2000 will be described with reference to FIG. FIG. 20 is a diagram illustrating an example of the configuration of the relay control rule movement screen displayed on the display unit of the client PC 102 that has received the relay control rule movement screen information from the proxy server 101.

  In the rule movement screen 2000, a relay control rule type display field 2001, a rule movement destination input field 2002, a rule movement destination designation unit 2003, a movement button 2004, and a cancel button 2005 are set.

  In the relay control rule type display column 2001, either the request rule or the response rule is displayed. The rule movement destination input column 2002 is an input column for inputting a relay control rule designation as to which relay control rule the relay control rule to be moved is moved to. The rule movement destination designation unit 2003 is a designation field for designating a position (upper or lower) of the relay control rule input in the rule movement destination input field 2002. The move button 2004 displays update information for causing the proxy server 101 to perform processing for moving the rule to be moved to the position specified by the input information to the rule move destination input field 2002 and the rule move destination designation unit 2003. Control used to transmit. A cancel button 2005 is a control used to cancel the transfer process of the relay control rule via this screen.

  It should be noted that the priority order of the relay control rules to be applied to the data subject to the relay control process can be changed by the relay control rule moving process. The above is the description of the relay control rule movement screen 2000 in FIG.

  Returning to the description of FIG. In step S506, the CPU 201 determines whether a response rule detail setting request has been accepted. The detailed response rule setting request is issued to the proxy server 101 when the client PC 102 receives an instruction to press the update button 1805-2 or the add button 1808-2 in FIG.

  If the CPU 201 determines that a response rule detail setting request has been received (YES in step S506), the CPU 201 transmits screen information for displaying the relay control rule detail screen 1900 shown in FIG. 19 to the client PC 102. (Step S507). In addition, when the client PC 102 makes this request to the proxy server 101 by accepting the pressing of the update button 1805-2, screen information including details of the response rule to be updated is created, It is transmitted to the client PC 102.

  In step S <b> 508, the CPU 201 determines whether a response rule movement request has been received from the client PC 102. This response rule move request is issued by the client PC 102 to the proxy server 101 when the move button 1807-2 on the relay control rule list screen 1800 is pressed.

  If the CPU 201 determines that the response rule movement request has been received (YES in step S508), the CPU 201 transmits screen information for displaying the relay control rule movement screen 2000 shown in FIG. S509).

  Thereafter, in step S510, the CPU 201 determines whether update information of the relay control rule DB 311 has been received from the client PC 102. As the update information of the relay control rule DB 311 transmitted from the client PC 102, the relay control rule deletion transmitted by the client PC 102 when the delete button 1806-1 on the relay control rule list screen 1800 or the delete button 1806-2 is pressed is received. Update information for relay, relay control rule addition, change update information transmitted by accepting pressing of update button 1912 on rule detail screen 1900, relay transmitted by receiving press of move button 2004 on move screen 2000 Update information of control rule movement.

  When the CPU 201 of the proxy server 101 determines that the update information from the client PC 102 has been received (YES in step S510), the relay control rule DB 311 is updated according to the received update information (step S511), and the relay after the update is performed. A relay control rule list screen 1800 including control rules is transmitted to the client PC 102 (step S512). The above is the details of the relay control rule setting process of step S402 in FIG.

  Next, with reference to FIG. 6, the details of the access block release password setting process in step S404 of FIG. 4 will be described. The CPU 201 performs this process according to control of a program for causing the CPU 201 to function as the access block release password setting unit 302.

  First, the CPU 201 creates access block release password list screen information, which is information for displaying an access block release password list screen 2100 described later, and transmits it to the client PC 102. The client PC 102 that has received the access block release password list screen information displays the access block release password list screen 2100 on the display unit according to the control of the browser application, for example.

  Here, with reference to FIG. 21, the structure of the access block cancellation password list screen 2100 will be described. FIG. 21 is a diagram illustrating an example of an access block release password list screen displayed on the display unit of the client PC 102 that has received the access block release password list screen information from the proxy server 101.

  As shown in FIG. 21, ID 2101, description 2102, and validity period 2103 are set in the access block release password list screen 2100 as the detailed data display unit of the access block release password data, and the operation button display unit 2104. Are set an update button 2105, a delete button 2106, and an add button 2107 for updating, deleting, and adding access block release password data.

  ID 2101 is a display unit for displaying the ID of the access block release password. The data displayed in the ID 2101 is registered in the ID 1501 of the access block release password DB 312 in FIG. Description 2102 is a display unit for displaying an explanation of the access block release password. The data displayed in the description 2102 is registered in the description 1502 of the access block release password DB 312. The validity period 2103 is a display unit for displaying the validity period of the access block release password. The data displayed in the validity period 2103 is registered in the validity period 1503 of the access block release password DB 312.

  An update button 2105 is a control used to make a request for setting an access block release password to the proxy server 101. The delete button 2106 is a control used to transmit update information indicating an access block release password deletion request to the proxy server 101. The add button 2107 is a control used to make a detailed setting request for an access block release password to the proxy server in order to register a new access block release password. The above is the description of the configuration of the access block release password list screen 2100 in FIG.

  Returning to the description of FIG. After transmitting screen information for displaying the access block release password list screen to the client PC 102, the CPU 201 determines whether a request for setting an access block release password in detail has been received from the client PC 102 (step S602). The detailed setting request for the access block release password is issued to the proxy server 101 when the client PC 102 receives an instruction to press the update button 2105 or the add button 2107 in FIG.

  If the CPU 201 determines that the detailed setting request for the access block cancellation password has been received (YES in step S602), the screen information for causing the client PC 102 to display the access block cancellation password detail screen 2200 shown in FIG. Is transmitted (step S603). When the client PC 102 makes this request to the proxy server 101 by accepting the pressing of the update button 2105, screen information including details of the access block release password to be updated is created, and the client PC 102 Will be sent to.

  Here, the access block cancellation password details screen 2200 will be described with reference to FIG. FIG. 22 is a diagram showing an example of the configuration of the access block cancellation password details screen 2200 displayed on the display unit of the client PC 102 that has received the access block cancellation password details screen information from the proxy server 101.

  The access block cancellation password details screen 2200 includes an ID display unit 2201, an explanation input column 2202, a password input column 2203, a cancellation time input column 2204, an effective period designation unit 2205, an effective period input column 2206, an update button 2207, and a cancel button 2208. Is set.

  The ID display unit 2201 is a display unit for displaying identification information for uniquely identifying the access block release password. Data displayed on the ID display unit 2201 is registered in the ID 1501 of the access block release password DB 312 shown in FIG. The description input field 2202 is an input field for inputting a description of the access block release password, and the information input in the description input field 2202 is registered in the description 1502 of the access block release password DB 312.

  The password input field 2203 is an input field for inputting an access block release password, and information input in the password input field 2203 is registered in the password 1503 of the access block release password DB 312. The release time input field 1504 is an input field for inputting the time when the relay control rule based on the access block release password is released. The information input in the release time input field 1504 is used to release the access block release password DB 312. Registered at time 1504.

  The validity period designation unit 2205 is a designation part for designating the validity period of the access block release password. When “no validity period designation (unlimited)” is designated, the validity period is designated as “no validity period” When “with period” is designated, the valid period input field 2206 is validated and the valid period input is accepted. The validity period input field 2206 is an input field for inputting the validity period of the access block release password. Here, input of information is accepted in the form of “from when” to “when”. It is not necessary to input either “from when” or “until”. The effective period determined by the input to the effective period specifying unit 2205 and the effective period input field 2206 is set as the effective period 1505 of the access block release password DB 312.

  The update button 2207 is a control used to transmit update information for updating (adding or changing) the access block cancellation password DB 312 with information input via this screen to the proxy server 101. A cancel button 2208 is a control used for canceling the update process of the access block release password via this screen. The above is the description of the access block cancellation password details screen 2200 in FIG.

  Returning to the description of FIG. In step S <b> 604, the CPU 201 determines whether update information of the access block release password DB 312 has been received from the client PC 102. As the update information of the access block release password DB 312 transmitted from the client PC 102, update information for deleting the access block release password transmitted by the client PC 102 upon receiving a press of the delete button 2106 on the access block release password list screen 2100 is received. The access block release password details screen 2200 includes an update information on addition or change of an access block release password that is transmitted when the update button 2207 is pressed.

  When the CPU 201 of the proxy server 101 determines that update information from the client PC 102 has been accepted (YES in step S604), the access block release password DB 312 is updated according to the received update information (step S605), and the updated information is updated. The access block release password list screen 2100 including the access block release password is transmitted to the client PC 102 (step S606). The above is the details of the access block release password setting process in step S404 in FIG.

  Next, details of the proxy processing in step S406 of FIG. 4 will be described with reference to FIG. The CPU 201 performs this process according to control of a program for causing the CPU 201 to function as the proxy processing unit 303.

  When the CPU 201 receives data via the network (LAN 103, wide area network 104) (step S701), the data is the data (HTTP request) transmitted from the client PC 102 to the web server 105, or the client In response to the HTTP request from the PC 102, it is determined whether the data is the data (HTTP response) transmitted from the web server 105 to the client PC 102 (step S702).

  If it is determined that the request is an HTTP request (“request” in step S702), the process proceeds to step S703, the request header included in the HTTP request data is analyzed (step S703), and the request body is analyzed (step S704). Do. In these processes, the HTTP request acquired in step S701 is directed to which user (client PC 102) is transmitted, to which web server 105, the size of the HTTP request data, the web Information transmitted to the server 105, a file, the type of the file, and the like are acquired.

  On the other hand, if it is determined that the response is an HTTP response (“response” in step S702), the process proceeds to step S705, the response header included in the HTTP response data is analyzed (step S705), and the response body is analyzed (step S706). )I do. The processes in steps S705 and S706 are substantially the same as the processes in steps S702 and S703.

  After that, when the process of step S704 or S706 ends, the relay control rule application process is performed based on the various types of information acquired in step S703, S704, or steps S705 and 706 (step S707). Details of this processing will be described with reference to FIG.

  FIG. 11 is a flowchart showing details of the relay control rule application processing in step S707 of FIG.

  In step S1101, the CPU 201 determines whether there is a relay control rule that has not been applied to the HTTP data acquired in step S701 among the relay control rules stored in the relay control rule DB 311. If it is determined that there is an unapplied relay control rule in this determination process (YES in step S1101), the process proceeds to step S1102, and according to the type of relay control rule (request, response) and application priority, A relay control rule to be applied to the transmission data is determined, and the relay control rule is acquired. Here, the proxy server performs relay control by applying a request rule when the HTTP data acquired in step S701 is an HTTP request, and applying a response rule when the HTTP data is an HTTP response.

  Then, it is determined whether the HTTP data to be processed meets the conditions registered in the size condition 1408 (or the URL condition 1413 to the size condition 1418) of the relay control rule acquired in step S1102 (step S1103). If it is determined that the condition is met (YES in step S1103), the process proceeds to step S1104, and it is determined to execute the process registered in operation 1409 (or operation 1419) of the relay control rule.

  On the other hand, if it is determined in step S1103 that they do not match (NO), the CPU 201 advances the processing to step S1101, and determines whether there are still unapplied relay control rules. If it is determined that there is still a process, the processing from step S1102 is performed. If it is determined in step S1101 that there is no unapplied rule (NO), the process proceeds to step S1105, and it is determined that a default operation is to be executed. In the present invention, one of “relay”, “block”, and “prohibition” is set in advance as a default operation, that is, an operation when all the relay control rules are not met. The above is the details of the relay control rule application processing in step S707 of FIG.

  Returning to the description of FIG. After the relay control rule application process in step S707 is completed, if it is determined in the relay control rule application process that the data (HTTP data) acquired in step S701 is relayed (YES in step S708), the process proceeds to step S714. . On the other hand, if it is determined that it is not a relay (NO: that is, block or prohibited), the process proceeds to step S709, and a password release determination process is performed. In the process of step S709, it is determined whether the relay control rule applied in step S709 has been canceled (invalidated) based on the access block cancellation password. Details of this processing will be described later with reference to FIG.

  If it is determined in step S709 that the applied relay control rule has been released with the access block release password (YES in step S710), the process proceeds to step S713, and the operation on the HTTP data acquired in step S701 is set to relay. Set.

  On the other hand, when it is determined in step S710 that the password is not released (NO in step S710), the process proceeds to step S711, and it is determined whether the access prohibition release process based on the approval is performed. In the process of step S711, it is determined whether or not the relay control rule applied in the relay control rule application process of step S707 has been canceled (invalidated) based on the approval for the access prohibition release application performed in advance. Details of this processing will be described later with reference to FIG.

  If it is determined in the release determination process by the approval in step S711 that the access prohibition release by the approval has been performed (YES in step S712), the process proceeds to step S713, and the operation on the HTTP data acquired in step S701 is performed. Set as relay. On the other hand, if it is determined that the release has not been performed (NO in step S712), the process proceeds to step S714.

  In step S714, the CPU 201 performs the operation set in the relay control rule applied to the HTTP data in the relay rule application process in step S707 or the operation (relay) set in step S713 on the HTTP data. Execute.

  If the operation to be performed is relay, a process of relaying the HTTP data acquired in step S701 to the designated destination is performed. When the operation to be performed is “block”, if the data acquired in step S701 is an HTTP request, the HTTP response is transmitted to the client PC 102 that has transmitted the HTTP request. The access block screen information for displaying the access block screen 2300 of FIG. 23 on the display unit of the client PC 102 is transmitted to the client PC 102 that is the destination of the transmission.

  If the operation to be executed is “prohibited”, if the data acquired in step S701 is an HTTP request, the HTTP response is transmitted to the client PC 102 that has transmitted the HTTP request. Access prohibition screen information for displaying the access prohibition screen 2700 shown in FIG. 27 on the display unit of the client PC 102 is transmitted to the client PC 102 that is the destination of the transmission. The above is the details of the proxy processing in step S406 in FIG.

  By performing this processing, in the present invention, it is possible to perform relay control of data in accordance with a relay control rule that has been obtained and set in advance, and also to an access block for the web server 105 that is normally prohibited from accessing. Flexible data relay control, such as permitting access, can be made by approval of a cancellation password or access prohibition cancellation application. In addition, not only data transmitted from the inside (client PC 102) to the outside (web server 105) but also data transmitted from the outside to the inside is subjected to communication control using the rules defined in the relay control rule. Can be done. As a result, for example, it is possible to create not only a match between the data size and the attached file data, but also a relay control rule that combines them. In addition, since it is possible to create a response rule applied to communication from the outside in a form (URL designation, category designation) in which the web server to which the rule is applied is specified, for example, the web server provides It is also possible to perform relay control processing according to the service.

  Next, the configuration of the access block screen 2300 will be described with reference to FIG. FIG. 23 shows an access block screen displayed on the display unit of the client PC 102 that has received the access block screen information transmitted from the proxy server 101 when the data communication block operation is performed as a result of the proxy processing by the proxy server 101. It is a figure which shows an example of a structure of.

  As shown in FIG. 23, in the access block screen 2300, an applicable relay control rule display unit 2301, a release password input field 2302, a release button 2303, and a block release application request anchor 2304 are set.

  The applied relay control rule display unit 2301 is a display unit that displays information on relay control rules applied to data communication. For example, the relay control rule ID 1401 (or 1411), description (1402 (or 1412), and the like are displayed.

  The access block cancel password input field 2302 is an input field for inputting a password for canceling (invalidating) the relay control rule displayed on the relay control rule display unit 2301. The cancel button 2303 is a button used to transmit the password input in the access block cancel password input field 2302 to the proxy server 101. Upon accepting the pressing of the release button 2303, the client PC 102 transmits an access block release password to the proxy server. The proxy server 101 that has received the access block release password determines that it has received the access block release password (YES in step S407 in FIG. 4), and performs access block release password determination processing (step S408).

  The access block release application request anchor 2304 is an anchor used to make an access block release application to the proxy server 101. The proxy server 101 that has received this access block release application determines that it has received an access block / access prohibition release application (YES in step S409 in FIG. 4), and performs access block / access prohibition release application registration processing (step S410). Will do. The above is the description of the access block release screen 2300 in FIG.

  Next, the configuration of the access prohibition screen 2700 will be described with reference to FIG. FIG. 27 shows the access prohibition screen displayed on the display unit of the client PC 102 that has received the access prohibition screen information transmitted from the proxy server 101 when the data communication prohibition operation is performed as a result of the proxy processing by the proxy server 101. It is a figure which shows an example of a structure of.

  As shown in FIG. 27, the access prohibition screen 2700 is set with an applicable relay control rule display unit 2701 and an access prohibition release application request anchor 2702.

  The applied relay control rule display unit 2701 is a display unit that displays information on relay control rules applied to data communication. For example, the relay control rule ID 1401 (or 1411), description (1402 (or 1412), and the like are displayed.

  The access prohibition release application request anchor 2702 is an anchor used for making an access prohibition release application to the proxy server 101. The proxy server 101 that has received the access prohibition release application determines that the access prohibition release application has been received (YES in step S409 in FIG. 4), and performs an access block / access prohibition release application registration process (step S410). Become. The above is the description of the access prohibition screen 2700 in FIG.

  Next, the details of the access block release password determination process (step S408 in FIG. 4) performed by the proxy server 101 when the access block release password is received from the client PC 102 will be described with reference to FIG. The CPU 201 performs this process according to control of a program for causing the CPU 201 to function as the access block cancellation password determination unit 304.

  First, the CPU 201 determines whether or not the received password is correct by comparing the data transmitted as the access block release password from the client PC 102 with the access block release password data registered in the access block release password DB 312. (Step S801).

  If the CPU 201 determines that the data transmitted as the unblocking password from the client PC 102 is correct as the unblocking password (YES in step S801), the process proceeds to step S802. Then, the validity period 1505 of the access block cancellation password is compared with the time at that time to determine whether the access block cancellation password data is within the validity period. If it is determined in step S802 that the access block release password received from the client PC 102 is within the valid period, the user who operates the client PC 102 that has instructed the transmission of the access block release password next. It is determined whether proxy authentication is performed (step S803). At this time, if the proxy server 101 is set to perform proxy authentication, authentication is performed from the Proxy-Authorization field set in the HTTP header of the HTTP request transmitted from the client PC 102 to the proxy server 101. A name is acquired, and it is determined whether proxy authentication is performed using the authentication name.

  If it is determined that proxy authentication is performed (YES in step S803), a new entry (data) is added to the password release entry table 1700, and the authentication information acquired from the HTTP header in the authentication name 1701 If it is determined that proxy authentication has not been performed (NO in step S804), a new entry is added to the password cancellation entry table 1700, and the IP address of the client device is set. The IP address 1702 is set (step S805).

  Then, in the entry expiration time 1703 added in step S804 or S805, the expiration time calculated from the time when the access block cancellation password is received and the cancellation time 1504 set in the access block cancellation password is registered ( Step S806). After that, the URL information set in the request URL of the HTTP header blocked by the proxy processing of the proxy server (the URL of the web server 105 to be accessed by the communication) is set in the Location of the HTTP header, and the redirect response Is transmitted to the client PC 102 (step S807). The client PC 102 that has received this redirect response transmits HTTP data to the URL set in the Location under the control of the browser application.

  Communication control of HTTP data transmitted by the client PC 102 in response to the redirect reception will be described. When the proxy server 101 receives HTTP data from the client PC 102 in response to the redirect response (determined as YES in step S405 in FIG. 4), the proxy server 101 performs proxy processing in step S406 in FIG. In the relay control rule application process in step S707 of FIG. 7 showing the detailed process of the proxy process, the rule applied to the HTTP data transmission to the web server 105 performed prior to the HTTP data is applied again. The proxy server 101 makes a determination to block communication of the HTTP data. Therefore, it is determined NO in the subsequent determination process in step S708 of FIG. 7, and a password release determination process (step S709) is performed.

  Here, with reference to FIG. 12, the cancellation determination process using a password in step S709 of FIG. 7 will be described. FIG. 12 is a flowchart showing details of the password release determination process in step S709 of FIG.

  The CPU 201 determines whether proxy authentication information is included in the HTTP data received in step S701 (step S1201). If it is determined that the password is included (YES in step S1201), it is determined whether or not the password release entry table 1700 includes the authentication information (password entry with a matching authentication name) (step S1202). If the CPU 201 determines that proxy authentication information is not included in the HTTP data (NO in step S1201), the process proceeds to step S1203 to determine whether there is a release entry with a password that matches the IP address (step S1201). S1203).

  If it is determined in step S1202 or step S1203 that there is a release entry with a matching password, the release entry with the password is valid, that is, the expiration time of the release entry with the password is set. It is determined whether the time has passed (step S1204). If it is determined that the password release entry is valid, it is determined that the password entry is being released.

  If it is determined in the determination processing in steps S1202 and S1203 that there is no cancellation entry with a matching password, or in the determination processing in step S1204, if it is determined that the cancellation entry with a password has expired, the process proceeds to step S1206. It is determined that the password is not released (not released). The above is the detailed description of the cancellation determination process using a password in step S711 in FIG.

  When communication with the web server 105 is performed by receiving the redirect, the cancellation entry with the password for invalidating the relay control rule that has been previously refused to relay the communication in the cancellation entry table 1700 with the password. Is registered, it becomes possible to access the web server 105 that was previously refused to relay data, and the client PC 102 can enjoy the service provided by the web server 105. It becomes. In addition, unlike the conventional release password, since the password validity period can be set, exceptional access to the web server 105 over a long period of time can be prevented.

  Next, an access block / access prohibition release application registration process performed by the proxy server 101 when an access block / access prohibition cancel application is received from the client PC 102 will be described with reference to FIG. When a click instruction is accepted for the access block cancellation application request anchor 2304 included in the access block screen 2300 of FIG. 23, a click instruction is accepted for the prohibition cancellation application request anchor 2702 included in the access prohibition screen 2700 of FIG. In this case, the client PC 102 requests the proxy server for this access block / access prohibition release application. The CPU 201 performs this processing according to control of a program for causing the CPU 201 to function as the access block / prohibition cancellation application receiving unit 305.

First, the CPU 201 transmits block release application screen information for displaying the access block release application screen 2400 shown in FIG. 24 on the display unit to the client PC 102 (step S901). This access block release application screen information includes information (rule type and rule ID) for specifying a relay control rule applied when communication is prohibited by proxy processing of the proxy server 101. Information for specifying the relay control rule is, for example, <input type = "hidden" name = "id"
As shown in value = "6a549df2f6b371bf45eadd9027d91d6a">, the proxy server 101 manages the rule type and rule ID applied by the proxy server 101 and a random ID that cannot be guessed by the user assigned to it. Enter a valid ID. It is desirable to make it possible to recognize which rule has been applied using a random ID instructed from the client PC 102 via the access block release application screen. When the client PC 102 receives this access block release application screen information, the access block release application screen 2400 is displayed on the display unit by the function of the browser application.

  FIG. 24 is a diagram illustrating an example of a configuration of an access block release application screen displayed on the display unit of the client PC 102 that has received the access block release application screen information from the proxy server 101. As shown in FIG. 24, an access block release application reason input field 2401, an application button 2402, and a cancel button 2403 are set on the access block release application screen.

  The access block release application reason input field 2401 is an input field for inputting an access block release application reason. The information input here is registered in the application reason 1607 of the access block / access prohibition release application DB 313 shown in FIG. The application button 2402 is a control used for transmitting an access block release application to the proxy server 101. When the client PC 102 accepts pressing of the application button 2402, the client PC 102 proxies the application reason data input in the application reason input field 2401 and information for specifying the relay control rule included in the access block release application screen information. By transmitting to the server 101, an access block cancellation application is made. A cancel button 2403 is a control used to end the process on this screen. The above is the description of the access block release application screen 2400 in FIG. The access prohibition cancellation application screen used for the access prohibition cancellation application has the same configuration as the access block cancellation application screen, and a detailed description thereof will be omitted.

  Returning to the description of FIG. After the access block release application screen information is transmitted to the client PC 102, when the input of the access block release application information is received from the client PC 102 (YES in step S902), new data is added to the access block / access prohibition release application DB 313 and received. Each data item is registered in accordance with the information (step S903). The above is the details of the access block / access prohibition release processing in step S410 of FIG. In addition, although this process was demonstrated here taking the access block cancellation | release application as an example, it is substantially the same also about an access prohibition | release cancellation application. When this process is completed, the user (approver) having the authorization authority for this application is notified of the approval request by e-mail or the like.

  Next, details of the access block / access release application determination processing in step S412 of FIG. 4 will be described with reference to FIG. The CPU 201 performs this processing according to control of a program for causing the CPU 201 to function as the access block / access prohibition release application determination processing unit 306.

  When an access block / access prohibition cancellation application determination request is received from the client PC 102 (YES in step S411 in FIG. 4), the access block / access prohibition cancellation application list screen 2500 in FIG. 25 is displayed on the display unit of the client PC 102. Access block / access prohibition release application list screen information is transmitted to the client PC 102 (step S1001). The access block / access prohibition cancellation application list screen information includes application data in the access block / access prohibition cancellation application DB 313 to be approved by the user using the client PC 102.

  Here, the configuration of the access block / access prohibition release application list screen 2500 will be described with reference to FIG. FIG. 25 is a diagram illustrating an example of an access block / access prohibition release application screen displayed on the display unit of the client PC 102 that has received the access block / access prohibition release application screen information from the proxy server 101.

  As shown in FIG. 25, in the access block / access prohibition release application list screen, as detailed data display parts of each access block / access prohibition release application data, ID 2501, application date / time 2502, authentication name 2503, IP address 2504, The application rule 2505 is set, and the operation button display unit 2506 requests the access block / access prohibition release application details screen 2600 to input a determination (approval / denial) for the access block / access prohibition release application. A determination button 2507 is set.

The ID 2501 is a display unit for displaying the ID of the access block / access prohibition release application data. The data displayed in the ID 2501 is registered in the ID 1601 of the access block / access prohibition release application DB 313. The application date and time 2502 is a display unit for displaying the time when the access block / access prohibition release application is made. The data displayed on the application date / time 2502 is registered in the application date / time 1602 of the access block / access prohibition release application DB 313. The authentication name 2503 is an access block
This is a display field for displaying the authentication name of the user who made the access prohibition release application. The data displayed in the authentication name 2503 is registered in the authentication name 1603 of the access block / access prohibition release application DB 313. The IP address 2504 is a display field in which the IP address of the client PC 102 used when making an access block / access prohibition release application is displayed. The data displayed at the IP address 2504 is registered in the IP address 1604 of the access block / access prohibition release application DB 313. An application rule display field 1605 is a display field for displaying information on a relay control rule to be canceled by this application. In this display column, information (for example, ID 1401, description 1402, etc.) of the relay control rule specified from the information registered in the rule type 1605 and the rule ID 1606 of the block release application DB 313 is displayed.

  When an instruction to press the determination button 2507 is accepted, the client PC 102 makes a determination request to the proxy server 101. The above is the description of the access block / access prohibition release application list screen in FIG.

  Returning to the description of FIG. After the access block / access prohibition release application list screen information is transmitted to the client PC 102, it is determined whether a determination request has been received from the client PC 102 (step S1002). If it is determined that the determination request has been accepted, the access block / access prohibition cancellation application for displaying the access block / access prohibition cancellation application details screen 2600 including the access block cancellation application data or access prohibition cancellation application data to be determined The detailed screen information is transmitted to the client PC 102 (step S1003).

  Here, the configuration of the access block / access prohibition cancellation application detail screen 2600 will be described with reference to FIG. FIG. 26 is a diagram illustrating an example of the configuration of an access block / access prohibition release application detail screen displayed on the display unit of the client PC 102 that has received the access block / access prohibition cancellation application detail screen information.

  As shown in FIG. 26, the access block / access prohibition release application detail screen 2600 includes an application data detail display portion 2601, a confirmation button 2602, a transmission message input field 2603, a release time input field 2604, an approval button 2605, and a denial button 2606. , And a cancel button 2607 are set.

  The application data detail display unit 2601 is a display unit that displays details of the access block / access prohibition release application data that is to be approved / denied. The confirmation button 2602 is a control for confirming the details of the relay control rule that is the application rule. When receiving the button press instruction, the client PC 102 requests the proxy server 101 for screen information for displaying a relay control rule detail screen (not shown) for displaying the details of the applied rule. When the screen information is acquired from the proxy server 101, the client PC 102 displays a relay control rule detail screen (not shown) on the display unit. As a result, the user who approves the access block / access prohibition release application can confirm the details of the application rules and then issue an approval / denial input instruction. The affiliation and user name of the application data display unit 2601 are acquired from a user information table (not shown) using the authentication name or IP address as a key and displayed.

  A transmission message input field 2603 is an input field for inputting a comment to be described in the determination result transmission mail. The cancellation time input field 2604 is an input field for inputting a time for canceling the relay control rule displayed in the application rule display portion of this screen. As shown in FIG. 26, it is possible to input the time in the form of a start time (“from when”) and an end time (“until”). If no entry is made in the release time input field 2604, the release period is indefinite.

  The approval button 2605 is a control used to transmit “approval” determination information to the proxy server 101. When receiving an instruction to press the approval button 2605, the client PC 102 transmits the ID, information input in the transmission message input field 2603, and information input in the release time input field 2604 to the proxy server 101. In addition, when the access block release application is approved, it is determined whether to release with a password or to release with approval. When it is determined that the password is to be canceled, the access block cancellation password is transmitted from the proxy server 101 to the user who has made the application by e-mail or the like. At that time, the CPU 201 of the proxy server 101 causes the access block release password newly created according to the administrator's instruction or the access block release password selected according to the administrator's instruction among the already registered access block release passwords. Send. Of course, it is possible to use a method in which the CPU 201 of the proxy server 101 generates a random numerical value, registers the password in the access block cancellation password DB 312 and transmits the password by e-mail. When release by approval is selected for the access block release application and when approval is made for the access prohibition release application, a release entry is added to the release entry table by approval.

  The denial button 2606 is a control used to transmit “denial” determination information to the proxy server 101. When receiving an instruction to press the denial button 2606, the client PC 102 transmits the information input in the ID and transmission message input field 2603 to the proxy server 101.

  A cancel button 2607 is a control used to end the determination process via this screen. The above is the description of the access block / access prohibition release application details screen 2600 of FIG.

  Returning to the description of FIG. After transmitting screen information for displaying the unblocking application details screen 2600, it is determined whether determination information has been received from the client device 102 (step S1004). If it is determined that the determination information has been received (YES in step S1004), the process proceeds to step S1005 to determine whether the determination result is approval. When it is determined that the determination result is approval, a new entry (data) is added to the release entry table 1710 by approval, or an access block release password is transmitted to the applicant. When a new entry (data) is added to the release entry table 1710 by approval, information (for example, release period information) received as determination information from the client PC 102 is registered in the new entry (step S1006).

  After completion of step S1006 or when it is determined as NO (NO) in step S1005, the process proceeds to step S1007, and the user (applicant who applied for the determination result by the approver by a method such as email transmission) ) (Determination notification mail transmission: step S1007). Thereafter, the access block release application data or access prohibition release application data that has received the determination information is deleted from the access block / access prohibition release application DB 313 (step S1008). The above process is repeated until it is determined in step S1009 that an end instruction has been received. The above is the details of the access block / access prohibition release application determination processing in step S412 of FIG.

  Next, as a result of proxy processing by the proxy server 101 for HTTP data communication from the client PC 102 to a web server 105 (web server 1), a relay control rule (relay control) whose operation is set to "prohibited" is set. When HTTP data communication is performed again from the client PC 102 to the web server 1 when an application for access block / access prohibition release is approved after the rule 1) is met (that is, the relay is rejected). A proxy process performed by the proxy server 101 will be described.

  When the data communication with respect to the web server 1 is acquired from the client PC 102, the proxy server 101 performs the proxy process in step S406 of FIG. Here, since the application process of the relay control rule 1 is performed in the same manner as when transmission is prohibited, the operation resulting from the application of the relay control rule is determined to be prohibited in step S709 of FIG. Therefore, NO is determined in the process of step S710, and the cancellation determination process using the password in step S711 is performed. However, in this case, since the rule is not invalidated by inputting the release password after the operation is blocked, it is determined that the result of the process in step S711 is not released.

  Therefore, in the determination process of step S712, the CPU 201 determines NO, advances the process to step S713, and performs a release determination process by approval. Details of the release determination process by this approval will be described with reference to FIG.

  FIG. 13 is a flowchart showing details of the release determination process based on the approval in step S713 of FIG. First, the CPU 201 determines whether the data acquired in step S701 in FIG. 7 includes data including proxy authentication information (step S1301). If it is determined that there is proxy authentication information (YES in step S1301), the process proceeds to step S1302, and the authentication name 1712 that is the same as the authentication name included in the data acquired in step S701 is stored in the release entry table 1710 by approval. It is determined whether there is an entry (data) having On the other hand, if NO is determined in step S1301, the process proceeds to step S1303, and the IP address that is the same as the IP address of the client PC 102 that has transmitted the data (HTTP data) received in step S701 to the release entry table 1710 by the approval. It is determined whether there is an entry (data) having an address 1713.

  If it is determined in step S1302 and step S1303 that there is an entry (YES), the process proceeds to step S1304, and it is determined whether the rule types (request rule, response rule) match. If it is determined that they match (YES in step S1304), the process advances to step S1305 to determine whether the rule ID matches the ID of the relay control rule applied in the relay control rule application process. If it is determined that they match (YES in step S1305), it is determined from the information set in the validity period information and the time information at that time whether the release entry by the approval is valid (step S1306). If it is determined that the entry is valid (YES in step S1306), the CPU 201 determines that the entry is being released due to approval (step S1307).

  When it is determined NO in any of the determination processes in steps S1302, S1303, S1304, S1305, and S1306, the process proceeds to step S1308, and it is determined that it has not been released. The above is the detail of the cancellation | release determination process by approval of FIG.7 S713.

  Since the release entry for canceling the relay control rule 1 for the client PC 102 is registered in the release entry table 1710 by the approval due to the approval of the access prohibition release application, the release by the approval is performed in step S713 of FIG. It will be judged that it was performed, and it will be judged as YES by the judgment processing of subsequent step S714. As a result, the CPU 201 moves the process to step S715, so that the operation determined as “prohibited” in step S709 is changed to “relay”. Therefore, data communication from the client PC 102 to the web server 1 is relayed regardless of the relay control rule 1. As a result, the proxy server 101 can perform flexible data communication control.

  In this embodiment, an example in which the relay control rule is canceled by approval has been described. However, the present invention is not limited to this, and information (information indicating the transmission source) indicating the user (or client PC 102) in the approval cancellation entry, web An approval cancellation entry corresponding to the URL information (transmission destination information) of the server 105 is created, and even if the data communication is in accordance with a certain relay control rule and prohibited from being relayed, it matches the approval cancellation entry entry. Of course, relay control that permits relaying may be performed.

  Also, an object of the present invention is to supply a recording medium (or storage medium) in which a program code of software that realizes the functions of the above-described embodiments is recorded to a system or apparatus, and a computer (or CPU or CPU) of the system or apparatus. Needless to say, this can also be achieved when the MPU) reads and executes the program code stored in the recording medium. In this case, the program code itself read from the recording medium realizes the functions of the above-described embodiment, and the recording medium on which the program code is recorded constitutes the present invention.

  Further, by executing the program code read by the computer, not only the functions of the above-described embodiments are realized, but also an operating system (OS) running on the computer based on the instruction of the program code. It goes without saying that a case where the function of the above-described embodiment is realized by performing part or all of the actual processing and the processing is included.

  Furthermore, after the program code read from the recording medium is written into a memory provided in a function expansion card inserted into the computer or a function expansion unit connected to the computer, the function is determined based on the instruction of the program code. It goes without saying that the CPU or the like provided in the expansion card or the function expansion unit performs part or all of the actual processing and the functions of the above-described embodiments are realized by the processing.

  When the present invention is applied to the recording medium, program code corresponding to the flowchart described above is stored in the recording medium.

101 Proxy server 102-1, 102-2, 102-3 Client PC
103 LAN (Local Area Network)
104 Wide area network 105-1, 105-2, 105-3 Web server 201 CPU
202 RAM
203 ROM
204 System bus 205 Input controller 206 Video controller 207 Memory controller 208 Communication I / F controller 209 Input device 210 Display device 210
211 External memory

Claims (5)

Information processing apparatus comprising storage means for storing relay control rules for relay control of communication between a terminal device and an external server device, and performing relay control of communication between the terminal device and the external server Because
Obtaining means for obtaining communication between the terminal device and the external server device;
Determining means for determining whether to permit relaying of the communication by applying the relay control rule to the communication acquired by the acquiring means;
A transmission unit that transmits a first relay control rule, which is a relay control rule applied by the determination unit, to the terminal device when the determination unit determines not to permit relay;
First receiving means for receiving a request for canceling the first relay control rule including the cancellation period information of the first relay control rule from the terminal device;
In accordance with a cancellation request received by the first reception unit, a creation unit that creates a cancellation entry that sets the cancellation period for canceling the first relay control rule,
The determination unit further determines whether a release entry for canceling the relay control rule is generated when the relay control rule applied by the determination unit to the communication does not permit relaying, An information processing apparatus, characterized in that when it is determined that a cancellation entry is generated and within a cancellation period set in the cancellation entry, relaying of the communication is permitted. A second accepting means for accepting an approval for the release request accepted by the first accepting means;
The information processing apparatus according to claim 1, wherein the generation unit generates the release entry when the second reception unit receives an approval for the release request. The second receiving means further accepts release period information of the release entry generated by the generating means,
The generation unit sets the release time information received by the second reception unit as the release period information of the release entry when the release period information of the release entry is received by the second reception unit. The information processing apparatus according to claim 2. Information processing apparatus comprising a storage device for storing a relay control rule for relay control of communication between a terminal device and an external server device, and performing relay control of communication between the terminal device and the external server An information processing method performed by
An acquisition step of acquiring communication between the terminal device and the external server device;
A determination step of determining whether to permit relaying of the communication by applying the relay control rule to the communication acquired in the acquisition step;
A transmission step of transmitting a first relay control rule, which is a relay control rule applied in the determination step, to the terminal device when it is determined that relay is not permitted in the determination step;
A first accepting step of accepting a release request for the first relay control rule including the release period information of the first relay control rule from the terminal device;
In accordance with the cancellation request received in the first reception step, comprising a creation step of creating a cancellation entry in which the cancellation period for canceling the first relay control rule is set,
The determination step further determines whether a release entry for canceling the relay control rule is generated when the relay control rule applied to the communication in the determination step does not permit relaying, An information processing method comprising: determining that the relay of the communication is permitted when it is determined that the cancellation entry is generated and within the cancellation period set in the cancellation entry. Information for performing relay control of communication between the terminal device and the external server using a computer having storage means for storing relay control rules for relay control of communication between the terminal device and an external server device A computer program for functioning as a processing device,
The computer,
Obtaining means for obtaining communication between the terminal device and the external server device;
Determining means for determining whether to permit relaying of the communication by applying the relay control rule to the communication acquired by the acquiring means;
A transmission unit that transmits a first relay control rule, which is a relay control rule applied by the determination unit, to the terminal device when the determination unit determines not to permit relay;
First receiving means for receiving a request for canceling the first relay control rule including the cancellation period information of the first relay control rule from the terminal device;
In accordance with the release request received by the first receiving means, function as a creation means for creating a release entry that sets the release period for releasing the first relay control rule,
The determination unit further determines whether a release entry for canceling the relay control rule is generated when the relay control rule applied by the determination unit to the communication does not permit relaying, A computer program, characterized in that, when it is determined that a cancellation entry is generated and within the cancellation period set in the cancellation entry, it is determined that relaying of the communication is permitted.

Images