JP2017215744A - Program and server - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide a program and a server that can securely manage a password to decrypt an encrypted file when an email with the attached encrypted file is transmitted to a destination.SOLUTION: A password is set as disclosure if disclosure instructions on the password are received from a sender, and a password is set as nondisclosure if nondisclosure instructions on the password are received from a sender.SELECTED DRAWING: Figure 2

Description

  The present invention relates to a program and a server.

  Conventionally, electronic mail has been used as a communication tool, and there is an MTA (Mail Transfer Agent) that accepts an electronic mail from a MUA (Mail User Agent) and delivers (distributes, transmits, and forwards) the electronic mail. To do.

  Here, the MUA is a client program used to send and receive e-mails at terminals on the Internet, and the MTA receives and delivers e-mails on the network via SMTP (Simple Mail Transfer Protocol). A server (mail server).

  As a prior art, for example, when an attached file exists in an e-mail, there is a mail system that encrypts the attached file and delivers the e-mail attached with the encrypted file to a destination (Patent Document 1).

  For example, according to the first embodiment shown in Patent Document 1, the terminal 24 on the receiving side inquires the attached file encryption apparatus 17 for a password for decrypting the encrypted file, and attaches it. When authentication is successful in the file encryption device 17, the password is transmitted to the terminal 24, and the terminal 24 can decrypt the encrypted file with the received password (see FIG. 2 of Patent Document 1).

  Further, according to the second embodiment shown in Patent Document 1, the terminal 16 on the transmission side accesses the designated URL (URL is an abbreviation for Uniform Resource Locator; the same applies hereinafter), thereby attaching the attached file encryption. The control device 57 transmits the password to the destination terminal 24. The terminal 24 receives a password for decrypting the encrypted file from the attached file encryption device 57, and the terminal 24 can decrypt the encrypted file with the received password (Patent Document). (See Fig. 11 in Fig. 1)

JP 2008-187280 A

  However, in the first embodiment of the prior art, the sender (sender) sends an e-mail or password with an attached file and then notices the wrong transmission or provides the password for a given circumstance. If you want to cancel, you could not cancel the provision of the password, and there was a risk that a third party could view the contents of the attached file.

  Also in the second embodiment of the prior art, the notification of the password cannot be canceled after the sender (sender) clicks the URL for notifying the password (destination) of the password. There is a risk that a third party can view the contents of the attached file.

The present invention has been made in view of the above-described problems, and when sending an e-mail attached with an encrypted file to a destination, a password for decrypting the encrypted file is more secure. It is to provide a manageable program and server.

(1) The present invention
A program for a server that sends an email addressed to a destination,
A receiver for receiving an email sent from the sender;
An encryption processing unit that performs processing for generating an encrypted file by encrypting the attached file and processing for generating a password for decrypting the encrypted file when the attached file exists in the e-mail When,
An encrypted file email in which the encrypted file is attached instead of the attached file, and a transmission unit that transmits password inquiry information associated with the password to the destination;
In association with the password, a password control unit that sets whether the password is public or private,
When the password inquiry information is received and the password is set to be public, the computer functions as a password providing unit that provides the password,
The password control unit
The present invention relates to a program for setting the password to be public when an instruction to disclose the password is received from the sender, and setting the password to be private when an instruction to disclose the password is received from the sender.

  The present invention also relates to an information storage medium storing the above program. Moreover, this invention relates to the server comprised as said each part.

  According to the present invention, when a password disclosure instruction is received from the sender, the password is set to public, and when a password secret instruction is received from the sender, the password is set to secret. Can be managed flexibly at the will of the sending user.

  For example, even if the password is set to public, if the password is set to private before the sender user knows the password, the password is provided even after sending the encrypted file e-mail. The content of the attached file can be made unviewable by preventing the third party from decrypting the encrypted file.

(2) The program, information storage medium, and server of this application example are
When the transmission of the encrypted file electronic mail is completed, the computer may further function as a transmission completion notification unit that notifies the transmission source of a transmission completion notification mail including information related to the password.

  According to the present invention, since the sender receives the transmission completion notification mail, the sender can be aware of the necessity of setting whether the password is disclosed or not, and changes the password from public to private. Alternatively, it is possible to make settings without forgetting to change the password from private to public.

(3) The program, information storage medium, and server of this application example are
The transmitter is
The encrypted file e-mail and the inquiry information e-mail including the password inquiry information may be individually transmitted to the destination.

  According to the present invention, since the encrypted file electronic mail and the inquiry information electronic mail are individually transmitted to the destination, the encrypted file electronic mail and the inquiry information electronic mail can be controlled separately.

(4) The program, information storage medium, and server of this application example are
The transmitter is
The inquiry information electronic mail may be transmitted after a predetermined period from the time of transmitting the encrypted file electronic mail.

  According to the present invention, since the inquiry information e-mail is transmitted after a predetermined period from the time when the encrypted file e-mail is transmitted, the sender user sets the password disclosure / non-disclosure setting until the predetermined period ends. You can grace to review and reset. On the other hand, since the destination user receives the encrypted information after receiving the encrypted file, the destination user receives the encrypted file email attached with the encrypted file, and then decrypts the encrypted file. It is possible to naturally perform a series of operations of obtaining and decrypting the password.

(5) The program, information storage medium, and server of this application example are
The transmitter is
The encrypted file e-mail including the password inquiry information may be transmitted to the destination.

  According to the present invention, since the password inquiry information is included in the encrypted file e-mail, the destination user can clearly recognize the correspondence between the password inquiry information and the encrypted file e-mail. In addition, the destination user can prevent the password inquiry information from being lost.

(6) The program, information storage medium, and server of this application example are
The password control unit
The number of times the password inquiry information is received may be counted, and the password may be set to be private when the number of times exceeds a predetermined number.

  According to the present invention, when the number of times the password inquiry information is received exceeds a predetermined number, the password is set to be private, so that the disclosure of the password can be restricted and unnecessary leakage of the password is prevented. be able to.

(7) The program, information storage medium, and server of this application example are
The password control unit
When there are a plurality of destinations of the e-mail, the password may be set public or private for each destination.

  According to the present invention, it is possible to set password disclosure or non-disclosure for each destination, and therefore it is possible to manage passwords according to users.

The example of the functional block of the server of this embodiment. The figure which showed the outline | summary of the process of the server of this embodiment. The figure which shows an example of the text of the inquiry information email of this embodiment. An example of the information memorize | stored in the password memory | storage part 173 of this embodiment. An example of the mail list screen of the password control object of this embodiment. An example of the password public / private setting screen of the present embodiment. An example of the password public / private setting screen of the present embodiment. 8A and 8B are examples of the password browsing screen of the present embodiment. An example of the text of the transmission completion notification mail of this embodiment. FIG. 10A shows a schematic diagram of the encrypted file e-mail Ms and the inquiry information e-mail Mp of the present embodiment. FIG. 10B shows a schematic diagram of the encrypted file e-mail Ms of this embodiment. The flowchart figure which shows the flow of the process of this embodiment. The flowchart figure which shows the flow of the process of this embodiment. The flowchart figure which shows the flow of the process of this embodiment.

  Hereinafter, this embodiment will be described. In addition, this embodiment demonstrated below does not unduly limit the content of this invention described in the claim. In addition, all the configurations described in the present embodiment are not necessarily essential configuration requirements of the present invention.

1. Configuration FIG. 1 is an example of a functional block diagram of a server 10 according to the present embodiment. Note that the server 10 according to the present embodiment does not have to include all the units illustrated in FIG. 1 and may have a configuration in which some of the units are omitted.

  The storage unit 170 stores a program and various data for causing the computer to function as each unit of the processing unit 100 and functions as a storage area of the processing unit 100.

  The storage unit 170 includes a temporary storage area and storage. A storage is a hard disk, an optical disk, a flash memory, a magnetic tape, or the like, and refers to a device that permanently stores data. The storage unit 170 may store programs and data stored in the information storage medium 180.

  The storage unit 170 of this embodiment includes a main storage unit 171 used as a work area, a user information storage unit 172, and a password storage unit 173. Note that some of these may be omitted.

  The main storage unit 171 can be realized by a RAM or the like. The main storage unit 171 is a storage area used in the processing of this embodiment. The user information storage unit 172 stores user information (user account, password, email address, etc.). The user information storage unit 172 may be configured by a DB (DB is an abbreviation for database, the same applies hereinafter). The password storage unit 173 stores a password and information on disclosure or non-disclosure of the password. The password storage unit 173 may be configured by a DB.

  The information storage medium 180 (computer-readable medium) stores programs, data, and the like, and functions as an optical disk (CD, DVD), magneto-optical disk (MO), magnetic disk, hard disk, and magnetic tape. Alternatively, it can be realized by a memory (ROM). The information storage medium 180 is a storage.

  Further, the information storage medium 180 can store a program for causing a computer to function as each unit of the present embodiment (a program for causing a computer to execute processing of each unit).

  The processing unit 100 performs various processes of this embodiment based on programs and data stored in the storage unit 170 and the information storage medium 180.

  The processing unit 100 includes an e-mail processing unit (MTA) 110 and a web processing unit 120.

  The e-mail processing unit 110 receives and delivers e-mail over the network via SMTP. The e-mail processing unit 110 of this embodiment includes a receiving unit 111, a transmitting unit 112, a password control unit 113, a password providing unit 114, a transmission completion notification unit 115, an analysis unit 116, and an encryption processing unit 117.

  The receiving unit 111 performs processing for receiving an e-mail that is transmitted by the MUA 22 of the sending terminal 20 and has an envelope destination specified.

  The transmission unit 112 performs processing for transmitting (delivery, distribution, transfer) the electronic mail received by the reception unit 111 to a destination.

  In particular, when the attached file is included in the email received by the receiving unit 111, the transmission unit 112 according to the present embodiment includes the encrypted file email in which the encrypted file is attached instead of the attached file, and the encryption The inquiry information including the password inquiry information associated with the password for decrypting the file is transmitted to the destination.

  The transmission unit 112 may individually transmit the encrypted file electronic mail and the inquiry information electronic mail including the inquiry information to the destination. For example, the sending unit 112 may send the inquiry information email after a predetermined period (for example, after 5 minutes) from the time of sending the encrypted file email.

  Further, the transmission unit 112 may transmit the encrypted file electronic mail including the inquiry information to the destination.

  The password control unit 113 sets password disclosure or non-disclosure in association with a password for decrypting the encrypted file. For example, when the password control unit 113 receives a password disclosure instruction from the sender, the password control unit 113 sets the password to public. Further, when the password control unit 113 receives a password non-disclosure instruction from the sender, the password control unit 113 sets the password to non-disclosure.

  Further, the password control unit 113 may count the number of times the password inquiry information has been received, and may set the password to be private when the number of times exceeds a predetermined number.

  In addition, when there are a plurality of e-mail destinations, the password control unit 113 may set whether to disclose or hide a password for each destination.

  The password providing unit 114 provides the password when the password inquiry information is received and the password is set to be public. For example, the password providing unit 114 provides a password to the user when the password inquiry information is received from the user's terminal and the password is set to public.

  Here, “providing” a password includes both a method of notifying the password by an e-mail and controlling the browsing by a Web server.

  When the transmission of the encrypted file electronic mail is completed, the transmission completion notification unit 115 notifies the sender of a transmission completion notification mail including information related to the password.

  The analysis unit 116 performs processing for analyzing the received electronic mail. For example, processing for analyzing an envelope destination, an envelope sender, a message header, and a body part of a message body is performed. For example, a process for extracting a domain from the envelope destination, a process for extracting To, Cc, Bcc, Subject, Message-ID from the header of the message, a process for extracting the body from the body part of the message, Performs processing to extract the attached file from the body part.

  The encryption processing unit 117 performs encryption processing of the attached file when the attached file is present in the e-mail received by the receiving unit 111, and a password for decrypting the encrypted file and the encrypted file. And generate

The Web processing unit 120 transmits HTML (Hyper Text Markup) in response to a request from client software such as the Web browser 21 installed in the terminal 20 through HTTP (Hypertext Transfer Protocol).
Language) A process of transmitting (providing) data such as a document and an image, and a process of receiving data received by the Web browser 21 of the terminal. Then, the server performs mail processing, DB update processing, and the like based on information received from the administrator and user terminals.

  The administrator UI unit 121 performs processing for transmitting (providing) management setting data and the like to the administrator's terminal 20 in response to an access request from the Web browser 21 of the administrator's terminal 20. Process to receive.

  That is, the manager UI unit 121 performs addition, deletion, update processing, and the like of each data on the DB based on an input from the manager. Note that only the administrator is authorized to access the Web page (URL) of the administrator UI.

  The user UI unit 122 performs a login process or a process for controlling browsing of a web page of information related to the logged-in user in response to a request from the web browser 21 of the terminal 20.

  For example, the user UI unit 122 controls password reference information and a Web page for accepting a password disclosure instruction or non-disclosure instruction in response to a request from the Web browser 21 of the terminal 20.

  The database processing unit 130 performs processing for registering, updating, and deleting data stored in a database (DB). For example, the database processing unit 130 performs processing for updating the database based on the data received from the terminal 20 in the administrator UI unit 121 and the user UI unit 122.

  Note that the e-mail processing unit 110, the web processing unit 120, the database processing unit 130, and the storage unit 170 may be executed by a single device, or may be distributed to different devices and executed in accordance with the use of the processing. You may do it.

2. Overview FIG. 2 shows an overview of the processing flow of the server (mail server) 10 of this embodiment. The server according to the present embodiment has an MTA function for receiving an electronic mail including an envelope destination, an envelope sender, and a message and delivering the electronic mail. The server 10 is also referred to as a “relay device” or “information processing device” that performs relay control of electronic mail.

  First, the server 10 according to the present embodiment receives an electronic mail transmitted from the MUA 22 of the terminal 20, analyzes the received electronic mail, and determines whether there is an attached file.

  When the server 10 determines that there is an attached file, the server 10 performs processing for encrypting the attached file, and generates an encrypted file. Further, the server 10 generates a password for decrypting the encrypted file.

  Then, the server 10 transmits, to the destination, an encrypted file electronic mail with an encrypted file attached instead of the attached file and an inquiry information electronic mail including password inquiry information (for example, URL) associated with the password.

  The sending user A instructs password disclosure or non-disclosure in association with the password, and the server 10 sets password disclosure or non-disclosure in association with the password. That is, when the server 10 accepts a password disclosure instruction from the user A's terminal that is the sender, the server 10 sets the password to public, and when the server 10 accepts a password disclosure instruction from the user A's terminal, Set private.

  And the server 10 of this embodiment is a case where password inquiry information is received from the terminal of the user B who is an address | destination, Comprising: When a password is set to public, a password is provided to the user B terminal. For example, since the server 10 functions as a Web server, the server 10 is controlled so that the password can be viewed by the Web browser of the user B terminal.

  As described above, according to the present embodiment, the attached file can be automatically encrypted by the server 10, so that the sending user A can save time and effort for encryption. In addition, it is possible to prevent tampering of attached files and information leakage of attached files.

  User B can click the URL of the password inquiry information and browse the password when the password is set to public.

  In addition, since the user A can make the setting public after the public setting, the password can be made private even when the user A knows later that the information is not desired to be shown to the user B. it can. For example, if the user B is set from public to private before acquiring the password, information leakage of the password and attached file can be prevented.

  Note that the server 10 performs processing for transmitting an e-mail without an attached file as it is.

  Here, the MTA sends an e-mail when a process for sending the received e-mail to another MTA via SMTP, or a local for sending to a user who has an account in the same system where the server 10 operates. This includes a process of transmitting to a delivery agent MDA (Mail Delivery Agent) and a case of transmitting to a user who has an account in the same system where the server 10 operates without going through the MDA.

  In the following description, the user A (A@xxx.com) who is the sender creates an email M with an attached file F, and the destination of the email M is the user B (B@yyy.com). A case will be described as an example.

3. Description of Encryption Process First, when the attached file F exists in the electronic mail M received from the terminal 20-A of the user A, the server 10 encrypts the attached file F and generates an encrypted file Fs. . Further, the server 10 generates a password for decrypting the encrypted file Fs.

  Then, the server 10 transmits the encrypted file electronic mail Ms attached with the encrypted file Fs instead of the attached file F.

  The server 10 generates a password for decrypting the encrypted file Fs based on a given algorithm. In order to prevent the character string of the password from being easily analyzed, the password may be a character string of 20 or more digits including symbols, numbers, uppercase letters, and lowercase letters.

  Then, the server 10 generates an encrypted file Fs in the ZIP format based on the password. That is, the user B who has received the encrypted file electronic mail Ms cannot restore the original file F unless the password is specified.

  As described above, since the server 10 automatically encrypts the attached file, it is possible to prevent a situation in which a sender mistakenly sends an attachment file F without encrypting it. Can do.

  The server 10 may generate the encrypted file Fs by various methods without being limited to the ZIP format. Further, when there are a plurality of attachment files F in the e-mail M, the server 10 compresses the plurality of attachment files F in the ZIP format to generate one encrypted file Fs. One encrypted file Fs may be generated for each file F.

4). Explanation of Password Inquiry Information When sending the encrypted file e-mail Ms, the server 10 sends the inquiry information e-mail Mp including the password inquiry information (for example, URL) associated with the password to the destination (B@yyy.com). Send.

  The password inquiry information is information for inquiring the password of the encrypted file Fs, and is, for example, the URL of the server 10. The password inquiry information (URL) is a URL associated with the password. The password inquiry information (URL) may be a URL associated with identification information (for example, message ID) of the encrypted file electronic mail Ms.

  FIG. 3 shows an example of the text of the inquiry information email Mp received by the destination user B. For example, the text of the inquiry information e-mail Mp includes a subject Ba, a date Bb, an explanation Bc indicating how to obtain a password, and password inquiry information Bd of the encrypted file e-mail Ms.

  The password inquiry information Bd is associated with a password and indicates the URL of a Web site where the password can be viewed.

  Further, the server 10 may transmit the inquiry information email Mp to the destination (B@yyy.com) after a predetermined period (for example, after 5 minutes) from the transmission time T1 of the email Ms. In this way, until the predetermined period ends, sender A can review the password disclosure / non-disclosure setting and reset it. Note that the server 10 may set the length of the predetermined period based on the setting instruction for the predetermined period of the user A as the sender.

5. Description of Information Regarding Password In the present embodiment, the password is set to be public or private in association with the password. FIG. 4 is an example of information stored in the password storage unit 173 of the server 10. For example, the password storage unit 173 stores the source, destination, password, public flag F, expiration date, and access count K of the encrypted file e-mail in association with the ID for identifying the encrypted file e-mail. Remembered.

  For example, the ID is identification information that can uniquely identify an encrypted file electronic mail, for example, a Message-ID of the electronic mail. Further, the sender indicates the envelope From. The destination indicates the envelope To. The password is a password used for decrypting the encrypted file. The public flag F indicates whether the password is public or private. For example, the disclosure flag F = 1 means that the password is disclosed, and the password disclosure flag F = 0 means that the password is not disclosed.

  In the example of FIG. 4, for the encrypted file e-mail with ID 0001, the public flag F = 1, so that user B at the destination (B@yyy.com) can obtain the password, but the ID For an encrypted file e-mail with 0003, since the public flag F = 0, the user G at the destination (G@zzz.com) cannot obtain a password.

  The expiration date indicates the date and time of the expiration date from which the password can be acquired. The access count K is the number of times password inquiry information has been received. In other words, it indicates the number of times password inquiry information (URL) for acquiring a password is accessed.

  Note that the password stored in the password storage unit 173 may be a character string (hash value or the like) for obtaining the password, instead of the password itself.

6). Description of setting whether password is public or private For example, when the server 10 of this embodiment receives a password public instruction from the sender, the server 10 sets the password to public and accepts a password private instruction from the sender. If this happens, set the password private.

  The server 10 sets the initial value of the public flag F associated with the password to 1 as an initial state. That is, in the initial state, the password is made public. When the “non-public” instruction (F = 0) is received from the sending user, the value of the public flag F is updated to zero.

  When the terminal of the sending user A logs in based on the input of the user A, a list screen GA for setting password disclosure / non-disclosure is displayed by the Web browser as shown in FIG.

  On the list screen GA, a list of encrypted file e-mails from which user A (A@xxx.com) is sent is displayed. For example, when user A clicks on the subject, it is possible to refer to the contents (header, text, attached file, etc.) of the encrypted file e-mail that has been sent from user A and has been sent.

  For example, when the detail button Ea is clicked on the list screen GA, the screen is shifted to the password disclosure / non-disclosure setting screen GB.

FIG. 6 shows an example of the password disclosure / non-disclosure setting screen GB. For example, on the password disclosure / non-disclosure setting screen GB, an outline Ca of the encrypted file email Ms, a disclosure check box Cb, and a confirmation button Cc are displayed. In FIG. 6, since the box Cb for checking the disclosure of the encrypted file electronic mail is checked, it indicates “public”.

  For example, when the user A unchecks the public check box Cb and clicks the confirm button Cc, the terminal 20 of the user A sends a private instruction (F = 0) to the server 10 in association with the password “df8godfsioh”. To do. When the server 10 receives a non-public instruction (F = 0) associated with the password “df8godfsioh” from the terminal 20 of the user A, the server 10 sets the value of the public flag F associated with the password “df8godfsioh” to 0. (Update.

  On the other hand, if the current state of the encrypted file e-mail is “unpublished”, that is, if the check box Cb of the check box is not checked, clicking the confirm button Cc and checking the user A's The terminal 20 transmits a disclosure instruction (F = 1) to the server 10 in association with the password “df8godfsioh”. When receiving the password disclosure instruction (F = 1) associated with the password “df8godfsioh” from the terminal 20 of the user A, the server 10 sets the value of the disclosure flag F associated with the password “df8godfsioh” to 1. Set (update).

  Further, the server 10 may set the initial value of the public flag F associated with the password “df8godfsioh” to 0 as an initial state. That is, in the initial state, the password “df8godfsioh” is set to a private state. The value of the disclosure flag F may be updated to 1 when an instruction (F = 1) for setting the password “df8godfsioh” from the sender A to “public” is received.

  When the initial state of password disclosure / non-disclosure is set to the public state, that is, when the initial value of the public flag F is set to 1, it is possible to reduce the trouble of the sending user A instructing the disclosure from private to public. Can do. However, when the sending user A wants to change from a public state to a non-public state, the destination user B may be able to obtain a password before the change.

  On the other hand, when the initial state of the password disclosure / non-disclosure is set to non-public, that is, when the initial value of the public flag F is set to 0, the user A who is the sender has the trouble of instructing the disclosure from private to public. Although it occurs, the user A who is the sender can surely perform password disclosure / non-disclosure control. In other words, if user A wants to cancel the disclosure of the attached file after sending the encrypted file e-mail Ms to destination user B, at least attach the password to user B by keeping the password private. You can make it impossible to view the contents of the file.

  Note that when there are a plurality of e-mail destinations, the server 10 may set whether to disclose or hide a password for each destination.

  For example, as shown in FIG. 7, when there are two destinations B@yyy.com and C@yyy.com, public checks Cb1 and Cb2 are provided for each destination, and the user A who is the sender sends a password It is possible to give instructions for public or private. In this way, password management suitable for the destination user can be performed.

7). Explanation of Password Provision The server 10 provides a password when it receives password inquiry information and the password is set to be public.

For example, when the public / non-public status of the password for the encrypted file e-mail Ms with ID 0001 is public (when public flag F = 1), the user B at the destination (B@yyy.com) Can get a password. That is, the destination user B can access the password browsing screen GC and browse the password “df8godfsioh” as shown in FIG. 8A by clicking the password inquiry information Bd (for example, URL) in FIG. be able to.

  As shown in FIG. 8A, on the password screen GC, in addition to the password of the encrypted file electronic mail Ms, various information such as the subject Da and the date Db regarding the encrypted file electronic mail Ms may be displayed.

  On the other hand, if the password disclosure / non-disclosure state for the encrypted file e-mail Ms with ID 0001 is private (when the public flag F = 0), the user B at the destination (B@yyy.com) Can not view the password. That is, when the destination user B clicks the password inquiry information Bd (for example, URL) in FIG. 3, as shown in FIG. 8B, the password cannot be browsed as shown in the password screen GD. Information Dd to be displayed is displayed.

  In the present embodiment, a user (for example, user C, user D, etc.) who is not the destination user B can access the password inquiry information (URL). For example, when the password is disclosed, the user C can browse the password inquiry information (URL) by teaching the user C the password inquiry information (URL). Further, the server 10 may notify an access code for accessing the password inquiry information (URL) by inquiry information e-mail, and may authenticate with the access code when accessing the password inquiry information (URL). . In this way, only the user who knows the access code in addition to the password inquiry information (URL) can access.

8). Description of Delivery Completion Notification Mail In this embodiment, when transmission of the encrypted file e-mail Ms is completed, a transmission completion notification mail Me including information related to the password is notified to the terminal 20 of the user A who is the sender. May be. User A can be alerted to the password disclosure / non-disclosure setting. User A once again changes the password from public to private, or changes the password from private to public. This is because it can be recognized and set again.

  FIG. 9 shows an example of the text of the transmission completion notification mail Me. The transmission completion notification mail Me includes information such as the subject name Fa and the transmission date Fb of the encrypted file electronic mail Ms.

  Also, as shown in FIG. 9, passwords such as information Fc indicating the password status (public or non-public), and URL information Fd of the website for changing the password from public to private or private to public. Display information about.

  For example, when the user A clicks on the password-related information Fd, the screen shifts to the password disclosure / non-disclosure setting screen GB shown in FIG. In this way, the user A can quickly set the password to be public / private.

9. Example of Encrypted File E-mail Ms As shown in FIG. 10A, the server 10 of this embodiment individually transmits an encrypted file e-mail Ms and a query information e-mail Mp including password query information Bd. In the example described above, the encrypted file e-mail Ms including the password inquiry information Bd may be transmitted to the destination user B terminal.

  For example, as shown in FIG. 10B, the server 10 attaches the encrypted file Fs and the password inquiry information file Fp including the password inquiry information Bd to the encrypted file e-mail Ms. In this way, the destination user B can clearly recognize the correspondence between the password inquiry information Bd and the encrypted file Fs, so that the password for decrypting the encrypted file Fs can be obtained. The trouble of searching for the password inquiry information Bd can be prevented. Note that the server 10 may describe the password inquiry information Bd in the header or body of the encrypted file e-mail Ms without attaching the password inquiry information file Fp.

10. Control based on the number of times password inquiry information is received The server 10 of this embodiment sets the initial value of the number K of password inquiry information received to 0, and counts the number K each time password inquiry information is received. When the number of times K becomes a predetermined number or more, the password may be set to be private.

  For example, the server 10 automatically sets the password to be private when the number K of times password inquiry information is received is 1 or more (K ≧ 1). In this way, it is possible to limit the number of accesses to the password inquiry information (URL), and to reduce the chance of password information leakage as much as possible.

  Also, the sending user A notices that the encrypted file e-mail has been sent to an unintended partner, and when trying to make the password private from now on, the security status can be made easier by referring to the number K. Can be determined. That is, when the number of times K is 0, the sending user A can determine that the content of the encrypted file can be prevented from leaking information and that the situation is in time for ensuring security, and the number of times K is 1 or more. In some cases (when the number of times K is not 0), it is possible to determine that the situation is too late because leakage of information cannot be prevented.

  That is, if the number of times K is 0, the sender user A can determine that the password has not been referenced by anyone yet and the encrypted file cannot be decrypted. It can be determined that there is a possibility that the password has already been referred to by the user such as the destination user B and the decryption is possible.

11. Flowchart The processing flow of this embodiment will be described with reference to FIGS. 11A, 11B, and 11C.

  First, as illustrated in FIG. 11A, the terminal 20-A of the user A (A@xxx.com) on the transmission side transmits an attached file electronic mail (step S1). The destination of the attached file e-mail is user B (B@yyy.com).

  When the server 10 receives the attached file e-mail (step S11), the server 10 encrypts the attached file (step S12) and generates an encrypted file e-mail (step S13).

In addition, the server 10 transmits the encrypted file electronic mail to the destination (step S14). Then, the terminal 20-B of the destination user B receives the encrypted file electronic mail (step S100).
In addition, the server transmits a transmission completion notification mail to the sender (step S15). The terminal 20-A of the sending user A receives the transmission completion notification mail (step S2).

  Then, the server transmits the inquiry information electronic mail to the destination (step S16). The terminal 20-B of the destination user B receives the inquiry information electronic mail (step S101).

  11B, the terminal 20-B of the destination user B accesses password inquiry information (URL) (step S102).

  Upon receiving the password inquiry information (step S17), the server 10 determines whether or not the password is disclosed (step S18).

  If the password is disclosed (Y in step S18), the password can be viewed and a web page is generated (step S19). On the other hand, if the password is not disclosed (N in step S18), the password is not viewable and a web page is generated (step S20). For example, a web page without a password is generated.

  When the password can be browsed, the terminal 20-B of the destination user B browses the password (step S103), and performs a process of decrypting the encrypted file with the password (step S104). Note that the terminal 20-B cannot decrypt the encrypted file when the password cannot be viewed.

  It should be noted that the terminal 20-A of the sending user A can issue a password disclosure / non-disclosure instruction after step S2. As illustrated in FIG. 11C, when there is a password disclosure instruction (Y in step S3), the terminal 20-A transmits a password disclosure instruction to the server 10 (step S4).

  Upon receiving the password disclosure instruction (step S21), the server 10 sets the password to be public (step S22).

  In addition, when there is a password non-disclosure instruction (Y in step S5), the terminal 20-A transmits a password non-disclosure instruction to the server 10 (step S6).

  When the server 10 accepts the password non-disclosure instruction (step S23), the server 10 sets the password private (step S24). This is the end of the process.

12 Application example (1) Application example of password disclosure or non-disclosure control In the present embodiment, an example in which the user A of the sender sets the password disclosure or non-disclosure has been described. You may make it set private.

  For example, the server 10 sets a group including a plurality of users in advance. For example, it is assumed that the group G1 to which the user A, the user E, and the user F belong is defined. Then, when the server 10 receives a password disclosure instruction from the user E and user F in the same group G1 as the sender user A, the server 10 sets the password to public, and the user in the same group G1 as the sender user A E When the password non-disclosure instruction is received from the user F, the password may be set to non-disclosure.

  In this way, when the users E and F in the same group G1 as the sending user A notice that they are sending an encrypted file that should not be sent to the destination, the password of the encrypted file to the destination Can be prevented from being released.

  In addition, when the superior of the sending user A (“superior” is also referred to as “auditor” or “specific user”) is set in advance, the server 10 discloses the password from the superior or You may make it receive a non-public instruction | indication. In other words, the server 10 may set the password to be public when receiving a password disclosure instruction from the superior, and may set the password to private when receiving a password disclosure instruction from the superior. .

  Further, the server 10 is the same as the source user A (A@xxx.com) designating a plurality of destinations (for example, user B (B@yyy.com), user J (J@xxx.com)). When sending a report email, the user J who owns an email address that includes the same domain name (xxx.com) as the sender (A@xxx.com) included in the broadcast email issues a password disclosure or non-disclosure instruction. You may make it accept. That is, the server 10 may set the password to be public when receiving a public instruction from the user J, and may set the password to private when receiving a password private instruction from the user J.

  The server 10 is a case where, for example, a user B (B@yyy.com) and a user K (k@xxx.com) are registered in the mailing list (ML@xxx.com), and the sender 10 When User A sends an e-mail addressed to the mailing list (ML@xxx.com), the domain name (xxx.com) registered in the mailing list and the same as the sender (A @ x xx.com) You may make it receive the instruction | indication of the disclosure of a password from the user K who owns the mail address (k@xxx.com) containing "." That is, the server 10 may set the password to public when a password disclosure instruction is received from the user K, and may set the password to private when a password disclosure instruction is received from the user K. .

  Note that the server 10 does not accept password disclosure instructions from users other than the sender (for example, users E, E, senior manager, user J, user K, etc.), and only provides password secret instructions from users other than the sender. May be accepted.

(2) Others The electronic mail of this embodiment is not limited to SMTP, but may be transmitted / received by a given protocol.

  The data of the present embodiment, for example, e-mail data, attached file data, and encrypted file data may be stored in a storage area on the Internet called a cloud.

  Further, the server 10 according to the present embodiment may encrypt all the attached files of the received e-mail, or, for e-mails satisfying a given rule, encrypt the attached file of the e-mail. You may control. For example, the server 10 may set rule conditions based on input information from an administrator or a user in advance.

10 servers, 20 terminals,
100 processing unit, 110 e-mail processing unit (MTA), 111 receiving unit, 112 transmitting unit, 113 password control unit, 114 password providing unit, 115 transmission completion notifying unit, 116 analyzing unit, 117 encryption processing unit, 120 Web processing , 121 Administrator UI section, 122 User UI section, 130 Database processing section, 170 Storage section, 171 Main storage section, 172 User information storage section, 173 Password storage section, 180 Information storage medium, 21 Web browser, 22 MUA

Claims (8)

A program for a server that sends an email addressed to a destination,
A receiver for receiving an email sent from the sender;
An encryption processing unit that performs processing for generating an encrypted file by encrypting the attached file and processing for generating a password for decrypting the encrypted file when the attached file exists in the e-mail When,
An encrypted file email in which the encrypted file is attached instead of the attached file, and a transmission unit that transmits password inquiry information associated with the password to the destination;
In association with the password, a password control unit that sets whether the password is public or private,
When the password inquiry information is received and the password is set to be public, the computer functions as a password providing unit that provides the password,
The password control unit
When the password disclosure instruction is received from the sender, the password is set to public, and when the password secret instruction is received from the sender, the password is set to secret. Program. In claim 1,
A program that further causes a computer to function as a transmission completion notification unit that notifies a transmission completion notification mail including information on the password to the sender when transmission of the encrypted file electronic mail is completed. In claim 1 or 2,
The transmitter is
A program characterized by individually transmitting the encrypted file e-mail and the inquiry information e-mail including the password inquiry information to the destination. In claim 3,
The transmitter is
A program for transmitting the inquiry information e-mail after a predetermined period from the time of transmitting the encrypted file e-mail. In claim 1 or 2,
The transmitter is
A program characterized in that the encrypted file electronic mail including the password inquiry information is transmitted to the destination. In any one of Claims 1-5,
The password control unit
A program that counts the number of times the password inquiry information is received, and sets the password to be private when the number of times exceeds a predetermined number. In any one of Claims 1-6,
The password control unit
A program characterized in that, when there are a plurality of destinations of the electronic mail, the password is set to be public or private for each destination. A server that sends an email addressed to
A receiver for receiving an email sent from the sender;
An encryption processing unit that performs processing for generating an encrypted file by encrypting the attached file and processing for generating a password for decrypting the encrypted file when the attached file exists in the e-mail When,
An encrypted file email in which the encrypted file is attached instead of the attached file, and a transmission unit that transmits password inquiry information associated with the password to the destination;
In association with the password, a password control unit that sets whether the password is public or private,
A password providing unit that provides the password when the password inquiry information is received and the password is set to be public;
The password control unit
When the password disclosure instruction is received from the sender, the password is set to public, and when the password secret instruction is received from the sender, the password is set to secret. Server.

Images