JP2019068180A - Mail monitoring device and mail monitoring program - Google Patents

Abstract

To make it possible to decrypt an encrypted file attached to an email without entering a password at a receiving side as much as possible.SOLUTION: If an encryption determination unit 111 determines that a file attached to an email is encrypted, a decryption unit 112 functions and decrypts the file using a password stored in a password storage unit 103. A password update unit 115 processes the password used by the decryption unit 112 so that the password storage unit 103 updates it. A virus checking unit performs a virus check on the file decrypted by the decryption unit 112 and an uninfected file can be provided.SELECTED DRAWING: Figure 1

Description

  The present invention relates to an apparatus and program for monitoring received e-mail and making it possible to use only safe e-mail that is not infected with computer virus, for example, in a company or the like.

  Email attachments such as e-mails that have been encrypted using a password can not be checked for viruses by e-mail monitoring devices such as Unified Threat Management devices. This is because even if virus checking is performed on an encrypted file, an appropriate check can not be made, so decryption must be performed. Therefore, Patent Document 1 described later discloses an invention related to a mail monitoring apparatus etc. which decrypts an attached file and executes a virus check to provide an attached file without any problem.

  At the time of transmission of the e-mail attached with the encrypted attached file, a password for decryption is separately notified to the other party by e-mail, telephone, facsimile or the like. For this reason, in the mail monitoring device disclosed in Patent Document 1, first, when the electronic mail attached with the encrypted attached file is received, only the encrypted attached file is temporarily stored. Then, in the e-mail monitoring apparatus, for the e-mail excluding the temporarily stored attached file, a message requesting notification of a link information (link destination information) for linking the storage destination of the attached file and a password is received. It appends and transmits to a transmission destination (destination).

  Then, the mail monitoring apparatus receives provision of a password for decrypting decryption from the receiving user of the electronic mail linked (connected) to the storage destination of the attached file using the link information. Using the password received, the stored encrypted attached file is decrypted, virus check is performed, and only the attachment file having no problem is provided to the receiving apparatus on the receiving user side. In this way, the recipient of the email attached with the encrypted attachment downloads only the attachment that has no problem with virus check, from the specified link separately from the email where the attachment was attached. I am able to do that.

JP, 2016-63443, A

  Passwords for encryption and decryption should be changed in each transmission of e-mail in order to keep the confidentiality as high as possible, and if it is fixed in order to prevent the password from being lost at a later date There is. Also, even when the password is changed in a fluid manner, for example, there is a case where it is set completely at random using a tool that applies encryption compression automatically to the attached file. In addition, there are cases where fixed information such as the date of transmission is used, or a plurality of passwords are determined in advance and used in rotation.

  Here, in the case where the password is determined at random each time the e-mail is sent, there is no choice but to have to enter the password on the receiving side for virus check each time the e-mail is received. It is. However, in the case where the password is fixedly fixed, inputting the password for the attached file for virus check each time the e-mail is received is time-consuming for the user on the receiving side. In addition, when fixed information such as date is used as part of the password, or when a plurality of passwords are determined in advance and used in rotation, the password to be used can be predicted on the receiving side. Even if the password can be predicted, it is desirable to avoid entering the password each time an e-mail is received.

  In view of the above, according to the present invention, the decryption of the file encrypted and attached to the e-mail can be performed while the password on the receiving side is prevented as much as possible, thereby saving time and effort and keeping the password confidential. Aim to keep high.

In order to solve the above problems, the mail monitoring device of the invention according to claim 1 is
A storage unit that stores transmission source identification information, reception destination identification information, and a password in association with each other;
Encryption determination means for determining whether an encrypted file is attached to the received e-mail;
A first decryption unit that acquires an available password from the storage unit and decrypts the encrypted password when the encryption determination unit determines that the encrypted file is attached;
First updating means for processing to update the storage means with respect to the password used in the first decryption means;
And a first check unit for checking a computer virus with respect to the file decrypted by the first decryption unit.

  According to the mail monitoring apparatus of the first aspect of the present invention, the first decryption unit functions when the encryption determination unit determines that the file attached to the electronic mail is encrypted. Decryption using the password stored in the storage means. The first update means processes to update the storage means with the password used in the first decryption means. Then, the first check unit performs a virus check on the file that has been decrypted by the first decryption unit.

  As a result, for files that are encrypted and attached to e-mail, in principle, decryption is attempted by obtaining an available password from the storage means, so it is not necessary to input the password each time. It will be possible. Also, the password used for decryption is updated in the storage means, and the usage history is grasped.

  According to the present invention, by using the password stored in the storage means, decryption is performed on the file encrypted and attached to the e-mail while the password on the receiving side is as small as possible. it can. As a result, it is possible to save the trouble of the user on the receiving side and keep the password confidential.

It is a block diagram for demonstrating the structural example of the mail monitoring apparatus of embodiment. It is a figure for demonstrating the example of the storage data of a password memory | storage part. It is a flowchart which shows a mail monitoring process. It is a flowchart following FIG. It is a figure which shows the example of the reception electronic mail to which the message was added. It is a flow chart which shows offer processing of an attachment file saved temporarily. It is a flowchart following FIG. It is a figure which shows the example of a password input screen. It is a figure which shows the example of the notification of deletion of an attached file.

  Hereinafter, an embodiment of an apparatus and a program of the present invention will be described with reference to the drawings.

[Configuration Example of Mail Monitoring Device 1]
FIG. 1 is a block diagram for explaining a configuration example of the mail monitoring apparatus according to this embodiment. As shown in FIG. 1, for the mail monitoring device 1, a plurality of user PCs (Personal Computers) 2 (1),..., 2 (n), which are information processing devices via a LAN (Local Area Network) 3. Is connected to configure a mail monitoring system. This mail monitoring system is formed, for example, in a company, and each of the user PCs 2 (1), 2 (2),..., 2 (n) is a business PC used by an employee.

  Also, the mail monitoring device 1 is connected to the communication network 4. The communication network 4 is mainly the Internet, but a telephone network connecting various information processing apparatuses having communication functions to the Internet, a mobile telephone network, and a wireless LAN (Local Area Network) of the Wi-Fi (registered trademark) standard. And so on. That is, to the communication network 4, various information processing apparatuses provided with communication functions such as IP telephone terminals, personal computers, tablet PCs (Personal Computers), smart mobile phones called smart phones and the like can be connected.

  Further, a mail server device 5 that mediates transmission and reception of electronic mail is connected to the communication network 4. As well known, electronic mail is transmitted and stored in a mail server apparatus mailbox specified by an electronic mail address of a desired destination (transmission destination). The user of the other party accesses the mail server apparatus 5 through the information processing apparatus of his own, downloads the e-mail addressed to himself from the mail box of his own, and uses it.

  A case is considered where, for example, the user of the user PC 2 (1) subordinate to the mail monitoring device 1 acquires and uses an electronic mail (received electronic mail) addressed to him / her. The e-mail includes an e-mail text only and an e-mail text attached with an attached file. Here, in the case of an e-mail consisting only of text without an attached file, although there is something that leads to a malicious web page, a so-called computer virus (hereinafter simply referred to as a virus) is simply described. Can not be trained. For this reason, it can be said that electronic mail consisting only of text is relatively safe.

  However, the attached file can be loaded with a virus that is activated upon opening it, so a virus check is required. Some of the attachments are attached as they are to an e-mail when the amount of data is relatively small. Also, in the case of an attached file with a large amount of data, there is one that is attached to an e-mail after data compression. Also, in order to transmit the data to the other party with higher confidentiality, it is also practiced to further encrypt the data-compressed file and attach the encrypted compressed file to an electronic mail.

  In the case of non-compressed attachments, virus checks can be properly performed. Also, in the case of an attached file that is data-compressed, a virus check can be appropriately performed after compression and decompression. Also, in the case of an attached file that is data-compressed and further-encrypted, the virus check can not be properly performed only after decryption and further decompression.

  However, in order to perform a virus check appropriately for data compressed and encrypted attachments, for example, a password used in a fixed manner is input each time an email with an attached file is received. It is bothersome to do. Therefore, the mail monitoring device 1 of this embodiment stores a password that may be used on a predetermined recording medium, and uses this to perform decryption without bothering the user as much as possible. I am able to do it.

  Specifically, an e-mail attached with a compressed and encrypted attached file from a certain transmission source and an e-mail (without an attached file) notifying a password for decryption are users of user PC 2 (1) It is assumed that the e-mail address of has been sent as the destination. In this example, the two e-mails sent are received by the mail server 5 and stored in the mailbox specified by the e-mail address of the user of the user PC 2 (1).

  The user of the user PC 2 (1) starts up a mailer in the user PC 2 (1) in order to obtain the received e-mail addressed to him / her, and sends an e-mail acquisition request (reception request) addressed to him / her to the mail monitoring apparatus 1. Send. Mailer (e-mail software) is software used to perform various processes for handling e-mail, such as receiving an e-mail addressed to you or creating and sending an e-mail to the other party. is there.

  The e-mail monitoring device 1 accesses the e-mail server device 5 in response to the e-mail acquisition request from the user PC 2 (1), and the e-mail identified by the e-mail address assigned to the user of the user PC 2 (1) Get (download) incoming e-mail from the box. Then, the mail monitoring device 1 determines whether the encrypted attached file is attached to the acquired received electronic mail.

  Then, when the encrypted attached file is attached, an available password is obtained from a predetermined recording medium, decrypted, decompressed and decompressed, and a virus check is performed. Then, the attached file having no problem in the virus check is provided to the user of the user PC 2 (1) that is the transmission destination. However, it is assumed that there is no password that can be used for decryption on a predetermined recording medium, or that the password can not be decrypted using the password held on the predetermined recording medium.

  In this case, as described above, the provision of the password notified by another e-mail is received from the user of the user PC 2 (1), the attached file is decrypted and decompressed, and the virus check is performed. Do. Then, it confirms that there is no problem and provides the user of the user PC 2 (1). In this case, the information on the password used for decryption is updated to a predetermined recording medium. The update in this case is to add if there is no corresponding data, and to update if there is no corresponding data. In this way, it is possible to prepare a password for decrypting the encrypted attached file attached to the e-mail sent after that.

  Further, even if decryption of the attached file is successfully performed using the password held in the predetermined recording medium, the information on the password held in the predetermined recording medium is updated, and the password is updated. You will be able to understand the situation of use of In this way, the password for decryption and its use status are managed in the mail monitoring device 1.

  A configuration example of the mail monitoring device 1 having such a function will be described. The mail monitoring device 1 includes a connection end 101 T to the communication network 4, a communication I / F (interface) 101, and a control unit 102. The communication I / F 101 performs processing of converting data sent to the own device through the communication network 4 into data of a format that can be processed by the own device and taking in the data. Further, the communication I / F 101 converts data to be transmitted from the own device to the other party into data of a transmission format, and transmits the data to the intended other party through the communication network 4. Therefore, communication with a server device or the like connected to the communication network 4 is performed through the connection end 101T and the communication I / F 101.

  Although not illustrated, the control unit 102 is a microprocessor configured by connecting a central processing unit (CPU), a read only memory (ROM), a random access memory (RAM), and a non-volatile memory via a CPU bus. The control unit 102 realizes a function of controlling each unit of the mail monitoring device 1. The password storage unit 103 includes, for example, a recording medium such as a hard disk and its driver, and stores and holds information on a password for decrypting the encrypted attached file attached to the received electronic mail.

  FIG. 2 is a diagram for explaining an example of data stored in the password storage unit 103. As shown in FIG. 2, the password, the number of times of use, the date of update, and other information are stored for each of the transmission source address and the transmission destination address. The sender address is an email address assigned to the sender (sender) of the email. The destination address is an e-mail address assigned to a recipient (destination) of the e-mail.

  Therefore, in the data stored in the password storage unit 103 shown in FIG. 2, the transmission source address is the transmission source (sender) who has transmitted the e-mail to the user PC 2 (1),..., 2 (n). The email address of Further, the transmission destination address is an electronic mail address assigned to the user PC 2 (1),..., 2 (n) subordinate to the mail monitoring apparatus 1.

  The password is a password used for decrypting the attached file which has been encrypted and attached to the e-mail transmitted from the sender to the receiver. The number of times of use is the number of times the password has been used for decryption and decryption has succeeded. The update date indicates the date when the password is added or the number of times of use is updated. As other information, it is possible to record necessary information such as the date (registration date) the password was registered, the number of unsuccessful decryption attempts (the number of failures) using the password, for example. It will be.

  Then, in the case of the example shown in FIG. 2, in the case of an E-mail from the transmission source address "aaaaa @ ..." to the transmission destination address "bbbbb @ ...", the password "sakurasaku" is used to encrypt the attached file. It is shown that it is used fixedly. In the case of e-mail from the sender address "ccccc @ ..." to the destination address "ddddd @ ...", the character "xxxx" and the date of the date of sending "date 2 years lower 2 digits month 2" for encryption of the attached file It is shown that a password formed by "two digits" is used. Also, in the case of an e-mail from the sender address "xxxxx @ ..." to the destination address "yyyyy @ ...", some attachments such as "bosslion", "stardust", "littlebear", ... It is shown that the password of is repeatedly used.

  The attached file storage unit 104 includes, for example, a recording medium such as a hard disk and a driver thereof, and temporarily stores an attached file which can not be decrypted. The attached file in this case is one that could not be deciphered because the usable password is not stored in password storage unit 103, and one that could not be deciphered with the password stored in password storage unit 103. Including both.

  The compression / decompression unit 105 performs compression / decompression processing on the attached file that has not been encrypted and data compressed, and restores the attached file in a state before data compression. The compressed and decompressed attached file can be properly checked for viruses. The virus check unit 106 checks whether the attached file is infected with a computer virus.

  In the virus check unit 106, the attached files to be subjected to the virus check are not only data compressed originally, data compressed but compressed and decompressed, data compressed and encrypted. Including those decrypted and decompressed. Then, the virus check unit 106 provides an attached file not infected with the computer virus to the transmission destination, and when the computer virus is infected, the attached file is not provided to the transmission destination. Inform the destination of the reason why it can not be provided.

  Further, the mail monitoring device 1 includes a LAN connection end 107T to the LAN 3 and a LAN I / F 107. The LAN I / F 107 converts data sent through the LAN 3 into data that can be processed by the device itself and takes in the data. Further, the LAN I / F 107 converts data to be provided to a subordinate terminal connected to the LAN 3 into data of a transmission format, and transmits the data to a target destination through the LAN 3.

  The mail monitoring device 1 communicates with each of the user PCs 2 (1),..., 2 (n) connected to the LAN 3 through the LAN I / F 107 and the LAN connection terminal 107T. Then, each of the user PCs 2 (1),..., 2 (n) is connected to the communication network 4 via the mail monitoring device 1, and can send and receive electronic mail via the mail monitoring device 1. It has become.

  The mail monitoring device 1 registers and manages in the non-volatile memory in the control unit 102 what kind of terminal is connected to the LAN 3. Specifically, information capable of uniquely identifying each terminal such as an IP (Internet Protocol) address or a MAC (Media Access Control address) address as a port number or a terminal ID is associated and managed. Also, information required for sending and receiving e-mails such as mail server name (POP server name, SMTP server name), user name (account name), etc. is also input in advance as mailer setting information by the user, and the non-volatile memory It is kept in memory.

  The encryption determination unit 111 determines whether the electronic mail (received electronic mail) downloaded from the mail server device 5 is one to which the encrypted attached file is attached. When the encryption determination unit 111 determines that the encrypted attached file is attached, the decryption unit 112 stores and holds the encrypted attached file in the password storage unit. Decrypt using the possible password. Further, in this embodiment, the decryption unit 112 also decompresses and decrypts the decrypted attached file so that virus check can be appropriately performed. For the attached file that has been decrypted by the decryption unit 112, virus checking is performed by the virus check unit 106 described above.

  The storage processing unit 113 temporarily stores only the encrypted attached file in the attached file storage unit when the encrypted attached file can not be decrypted by the decryption unit 112. Do. Here, for the attached file that could not be deciphered, the one that could not be deciphered because the usable password was not stored in the password storage unit 103 and the password stored in the password storage unit 103 can be deciphered Including both that was not. Further, the storage processing unit 113 provides the transmission destination with the e-mail added with a message indicating that the attached file can not be provided because the attached file is deleted from the e-mail and the virus check can not be performed. It also processes.

  The stored file decryption unit 114 decrypts the encrypted attached file temporarily stored in the attached file storage unit 104 by the storage processing unit 113, from the user of the destination of the electronic mail, by providing the password, and decrypting the decrypted attached file. I do. Further, in this embodiment, the storage file decryption unit 114 also performs compression and decompression processing on the decrypted attached file so that virus check can be appropriately performed. With regard to the attached file that has been decrypted by the stored file decryption unit 114, virus checking is performed by the virus check unit 106 described above.

  The password updating unit 115 causes the decryption unit 112 or the saved file decryption unit 114 to update the information related to the password used for decryption in the password storage unit 103. In the decryption unit 112, if decryption is successful, decryption is possible using the password in the password storage unit 103. Therefore, the number of times of use of the corresponding data in the password storage unit 103 and the update date are updated. Do.

  When the decryption is unsuccessful in the decryption unit 112, the decryption can not be performed using the password of the password storage unit 103. In this case, when the number of unsuccessful decryptions of the decryption of the corresponding data in the password storage unit 103 is managed, the number of failures and the date of update are updated.

  When the decryption is successful in the storage file decryption unit 114, the decryption can be performed using the password provided by the user PC 2 (1),..., 2 (n). Therefore, the password update unit 115 refers to the stored data of the password storage unit 103 using the transmission source address, the transmission destination address, and the password as key information. Then, if there is no corresponding data, the password updating unit 115 compensates for the number of times of use and date of update, additionally records the data, and if there is any corresponding data, the number of times of use and update Perform processing to update the date.

  In the stored file decryption unit 114, if decryption is not successful, decryption is not possible with the password provided by the user PC 2 (1),..., 2 (n). . In this case, since the password notified from the user is likely to be incorrect, the user is required to enter a correct password. Therefore, if the decryption is not successful in the storage file decryption unit 114, the password is not updated.

  Thus, the mail monitoring device 1 exists between the mail server device 5 and the user PC 2 (1),..., 2 (n) used by the user of the transmission destination. Then, the mail monitoring device 1 appropriately decrypts the encrypted attached file, and then performs virus check to delete the attached file infected with the computer virus, and the attached file without any problem. To provide to the destination.

[Details of email monitoring process]
3 and 4 are flowcharts for explaining the mail monitoring process performed by the mail monitoring device 1. It is assumed that the mailer is launched in subordinates of the user PCs 2 (1),..., 2 (n) connected to the mail monitoring apparatus via the LAN 3 and an email reception request is sent. In this case, in the mail monitoring device 1 that has received the reception request, the control unit 102 mainly functions and executes the processing shown in the flowcharts of FIGS. 3 and 4. In the following, in order to simplify the description, the user PCs 2 (1),..., 2 (n) will be collectively referred to as the user PC 2 unless it is necessary to distinguish them.

  The control unit 102 accesses the mail server device 5 and acquires the received electronic mail requested to be received (step S101). Specifically, the control unit 102 uses the e-mail address having the e-mail address assigned to the user of the user PC 2 of the request source stored and held in its own nonvolatile memory as the e-mail as the reception e-mail server. Acquired from the device 5. Then, the control unit 102 determines whether an attached file is attached to the acquired received electronic mail (step S102).

  When it is determined in the determination process of step S102 that an attached file is attached to the acquired received electronic mail, the control unit 102 determines whether the attached file is data-compressed (step S103). When it is determined in the determination process of step S103 that the attached file is compressed, whether or not the encryption determination unit 111 functions under the control of the control unit 102 to encrypt the attached file. Is determined (step S104).

  When it is determined in the determination process of step S104 that the attached file is not encrypted, the compression / decompression unit 105 executes compression / decompression processing for the attached file attached to the received electronic mail, and attachment before data compression is performed. The file is restored (step S105). Thereafter, the virus check unit 106 executes a virus check on the compressed and decompressed attached file (step S106), and determines whether or not it is infected with a virus (step S107).

  If it is determined in the determination process of step S107 that the virus has not been infected, the virus check unit 106 provides the received electronic mail with the attached file attached as it is to the transmission destination (step S108). When it is determined in the determination process of step S107 that the virus is infected, the virus check unit 106 deletes the attached file from the received electronic mail and then provides the received electronic mail to the transmission destination. (Step S109). In step S109, since the attached file is infected with a virus, the transmission destination is notified that the file has been deleted.

  When it is determined in the determination process of step S102 that the attached file is not attached to the obtained received electronic mail, the control unit 102 performs the process from step S108 to provide the received electronic mail to the transmission destination. To do. When it is determined in the determination process of step S103 that the attached file is not compressed, the control unit 102 performs a virus check on the attached file (step S107). Then, if there is no problem in the virus check, the electronic mail is provided as it is to the receiver (step S108), and if there is a problem, the attached file is deleted from the electronic mail and then the electronic mail is used as the receiver. It provides (step S109).

  When it is determined in the determination process of step S104 that the attached file is encrypted, the control unit 102 performs the process from step S110 of FIG. In this case, the decryption unit 112 functions under the control of the control unit 102. Then, the decryption unit 112 refers to the data stored in the password storage unit 103 using the e-mail address of the transmission source of the received e-mail and the e-mail address of the transmission destination as key information, and the usable password is stored. It is determined whether or not (step S110).

  In step S110, first, it is checked whether the transmission source e-mail address and the transmission destination e-mail address match, and there is password data whose number of times of use exceeds a predetermined threshold. For example, since it is considered that a password with a usage count of 10 or more is fixedly used, it is checked whether there is a password with a usage count of 10 or more.

  In addition, when there is no password data whose number of times of use exceeds a predetermined threshold value, it is checked whether there is a password that can be predicted from password data in which the email address of the sender and the email address of the receiver match. . For example, when the transmission address in FIG. 2 is "ccccc @ ..." and the transmission destination address is "ddddd @ ...", the password is predicted to be "XXXXX" as the transmission date "two digits in the Christian year, two digits in the month, two digits" Because it can, it can be determined that a predictable password exists.

  If there is neither a password having a usage frequency equal to or more than a threshold nor a predictable password, it is checked whether there is password data in which the e-mail address of the transmission source matches the e-mail address of the transmission destination. For example, as in the case where the transmission address in FIG. 2 is "xxxxx @ ..." and the transmission destination address is "yyyyy @ ...", there are cases where some determined passwords are used in rotation, etc. .

  Then, when it is determined in the determination process of step S110 that the available password is stored, the decryption unit 112 acquires the available password (step S111). That is, when the transmission source electronic mail address and the transmission destination electronic mail address match and there is password data whose number of times of use exceeds a predetermined threshold value, the password is acquired.

  If there is no password data whose number of times of use exceeds a predetermined threshold value, if there is a password that can be predicted from password data in which the e-mail address of the transmission source and the e-mail address of the transmission destination match, the predictable password get. Therefore, in the case of the example shown in FIG. 2, the decryption unit 112 generates and acquires a password consisting of today's date (two digits in the Christian year and two digits in the month) on "XXXXX". If none of them exist, the decryption unit 112 acquires a password in which the e-mail address of the transmission source matches the e-mail address of the transmission destination.

  Next, under the control of the control unit 102, the decryption unit 112 decrypts the attached file attached to the received e-mail to be provided to the transmission destination using the password acquired in step S111, and further performs decryption. A compression and decompression process is performed (step S112). By the process of step S112, if decryption and decompression are properly performed, the attached file in a state where virus check can be appropriately performed is restored.

  Then, the control unit 102 controls the password updating unit 115 to update the information on the currently used password in the password storage unit 103 (step S113). The update process of step S113 is performed not only when the decryption is successful but also when the decryption fails. Thereafter, in step S112, the control unit 102 determines whether the decryption and the decompression have been properly performed (step S114). When it is determined in the determination process of step S114 that decryption and decompression have not been properly performed, the process from step S110 is repeated, and if there is a next available password, decryption and compression are performed using this. Make it unzip.

  If it is determined in the determination process of step S114 that the decryption and decompression are properly performed, the process from step S106 of FIG. 3 is performed. Therefore, a virus check is performed on the attached file that has been decrypted and decompressed in step S112 (step S106). Then, as a result of the virus check in step S106, it is determined whether or not the virus is infected (step S107).

  If it is determined that the virus has not been infected as a result of the determination process of step S107, the virus check unit 106 provides the electronic mail attached with the attached file as it is to the transmission destination (step S108). Also, if it is determined that the virus is infected as a result of the virus check in step S106, the virus check unit 106 deletes the attached file from the e-mail and provides the e-mail to the transmission destination (step S109). After the process of step S108 and after the process of step S109, the processes of FIGS. 3 and 4 end.

  Further, in the determination process of step S110 shown in FIG. 4, it is assumed that the decryption unit 112 determines that there is no usable password. In this case, the control unit 102 controls the storage processing unit 113 to temporarily store in the attached file storage unit 104 only the attached file that could not be deciphered by the password stored in the password storage unit 103 (step S115). ). The attached file temporarily stored in the attached file storage unit 104 is allocated a URL (uniform resource locator) by the storage processing unit 113, and access is enabled by the URL.

  Thereafter, the storage processing unit 113 deletes the attached file from the received electronic mail (step S116). Then, the storage processing unit 113 adds a message to the effect that the attached file has been deleted because the virus check can not be performed on the text of the received electronic mail, and provides this to the transmission destination (step S117). , And end the processing shown in FIG.

  FIG. 5 is a view showing an example of the received electronic mail to which the message is added at step S117 of FIG. The first half of the received electronic mail is the same as the contents described in the text of the original electronic mail. Then, the message after “***** From the mail monitoring device ***” is a message added in the mail monitoring device 1. The message describes that the attached file is encrypted and can not be decrypted, so that the mail monitoring device 1 temporarily holds the attached file.

  And when downloading the said attached file, it is described that it is necessary to access predetermined | prescribed URL. The URL is assigned to the attached file temporarily stored by the storage processing unit 113 as described above. Therefore, the user of the transmission destination who has received the received e-mail to which the message as shown in FIG. 5 is added has access to the URL described in the received e-mail to download the attached file. become.

  As described above, in principle, decryption is performed using the password stored in the password storage unit 103 by the processing shown in FIGS. 3 and 4. Therefore, it is assumed that the attached file can be decrypted using the password stored in the password storage unit 103 or the password predicted from the password stored in the password storage unit 103. In this case, the user of the user PC 2 normally provides the e-mail text and the attached file that has been checked for viruses and has been checked for security without entering any password. It can be received and used.

  However, the encrypted attached file can be decrypted by the decryption unit 112 with the password stored in the password storage unit 103 or with the password predicted from the password stored in the password storage unit 103. I suppose it was not. In this case, only the attached file is temporarily held in the attached file storage unit 104. Then, as described below, the user of the user PC 2 decrypts and decompresses the attached file by providing the password to the mail monitoring device 1 and there is no problem after the virus check. To be able to receive offers.

Provision processing of temporarily saved attached file
FIGS. 6 and 7 are flowcharts for explaining the process of providing an attached file temporarily stored in the attached file storage unit 104 without being deciphered by the decryption unit 112 and not provided to the transmission destination. In the flowcharts shown in FIGS. 6 and 7, the mail monitoring apparatus is provided when the electronic mail head office to which the message of the mode shown in FIG. 5 is added is provided to the transmission destination in the process of step S117 in the flowcharts of FIG. Mainly executed by the control unit 102.

  First, the control unit 102 receives access to the URL described in the received electronic mail to which the message is added (step S201), and determines whether access to the URL is received (step S202). If it is determined in the determination process of step S202 that the access to the URL is not accepted, the process from step S201 is repeated.

  When it is determined in the determination process of step S202 that access to the URL is accepted, the control unit 102 provides the password input screen to the user PC 2 as the access source (step S203), and accepts input of a password or the like (step S203). S204). FIG. 8 is a diagram showing an example of a password input screen. In the password input screen, the reception date, sender (sender), destination (sender), subject, and attached file name of the received e-mail to which the attached file that the user of the user PC 2 is trying to download is attached is displayed. Be done.

  Further, the password input screen is provided with a password input field, a "delete" button, an "end" button, and an "OK" button. In the password input field, as described above, the password notified by separate e-mail or facsimile is input. The “deletion” button is an operation button for instructing deletion of the temporarily stored attached file, and the “end” button is an operation button for ending the password input process through the password input screen. The “OK” button is an operation button for confirmation input for confirming the input or the button operation after the password is input or after the “delete” button or the “end” button is operated.

  Then, when the “OK” button is operated in step S204, the control unit 102 determines whether the operation to be confirmed is the input operation of the password in the password input field (step S205). If it is determined in step S205 that the operation to be confirmed is not the password input operation, the control unit 102 determines whether the operation to be confirmed is the selection operation of the "end" button. It discriminates (step S206).

  When it is determined in the determination process of step S206 that the operation to be confirmed is the selection operation of the "end" button, a predetermined end process is executed (step S207), and the process shown in FIGS. 6 and 7 is performed. Finish. The predetermined termination process performed in step S207 is to delete the password input screen shown in FIG. 5 and control the user PC 2 (1) to return to the display state before the input screen is displayed, and the connected link It is a series of processing such as cutting.

  When it is determined in the determination process of step S206 that the operation to be confirmed is not the selection operation of the “end” button, the control unit 102 selects the “deletion” button for the operation to be confirmed. It is determined whether or not it is an operation (step S208). When it is determined in the determination process of step S208 that the operation to be determined is not the selection operation of the "delete" button, it is determined that a valid operation that can be determined is not performed, and the process from step S204 is repeated. .

  In the determination process of step S208, it is assumed that it is determined that the operation to be confirmed is the selection operation of the "delete" button. In this case, the control unit 102 executes a predetermined deletion process (step S209), and ends the processes shown in FIGS. In step S209, the attached file to be downloaded is deleted from the attached file storage unit 104, and the password input screen is erased to control the user PC 2 (1) to return to the original display state, and the connected link is A series of processing such as cutting is performed.

  When it is determined in the determination process of step S205 that the operation to be confirmed is the password input operation, the control unit 102 proceeds to the process of step S210 of FIG. 7. The control unit 102 reads the attached file requested from the user PC 2 (1) of the access source from the attached file storage unit 104 (step S210), and supplies this to the storage file decryption unit 114.

  The stored file decryption unit 114 decrypts and decompresses the attached file supplied thereto under the control of the control unit 102 using the password from the user accepted in step S204 (step S211). ). Then, the control unit 102 determines in the storage file decryption unit 114 whether or not the attached file to be processed is appropriately decrypted and decompressed (step S212). It is assumed that it is determined in the determination process of step S212 that the data has been properly decrypted and uncompressed. In this case, since there is a high possibility that the password has been input erroneously, the control unit 102 forms and provides a message requesting that the password be input again (step S213), and from step S203 shown in FIG. Repeat the process of.

  On the other hand, in the determination processing of step S212, it is assumed that it has been determined that the data has been appropriately decrypted and decompressed. In this case, the control unit 102 controls the password updating unit 115 to form password data (FIG. 2) related to the password provided by the user of the user PC 2 (1) this time, and adds this to the password storage unit 103. Processing is performed (step S214). Thereafter, the control unit 102 supplies the attached file that has been decrypted and decompressed by the stored file decryption unit 114 to the virus check unit 106 to execute a virus check (step S215). It is determined whether or not it is (step S216).

  When it is determined in the determination process of step S216 that the virus has not been infected, the virus check unit 106 provides the attached file to the user PC 2 of the access source and performs a process such as releasing the connected link. (Step S217). Further, in the determination processing of step S216, it is assumed that it is determined that the virus is infected. In this case, the virus check unit 106 deletes the attached file from the attached file storage unit 104, provides deletion notification to the user PC 2 of the access source, and performs processing such as releasing the connected link Step S219). After the process of step S <b> 217 and the process of step S <b> 219, the control unit 102 ends the process illustrated in FIGS. 6 and 7.

  FIG. 9 is a diagram showing an example of an attached file deletion notice provided to the access source in step S219. In the notification of deletion of the attached file, as shown in FIG. 9, the received date, sender, address, subject, attachment of the received e-mail to which the attached file which the user of the user PC 2 (1) intends to download is attached. The file name is displayed. Furthermore, a message indicating that the virus has been detected is displayed in the attached file, indicating that the virus has been deleted.

  As a result, the user of the receiving user PC 2 (1) can clearly know when and from where the e-mail attached file was infected with the virus. This makes it possible to take measures such as requesting the sender (sender) to resend an important attached file that is not infected with a virus.

  Then, even if decryption can not be performed by the password stored in the password storage unit 103 by the processing of the flowcharts of FIGS. 6 and 7, the user who is the destination of the electronic mail receives provision of the password and decryption is performed. And compression and decompression are also enabled. Moreover, the password that has been used for decryption and has been decrypted appropriately is updated in the password storage unit 103. In this way, when an encrypted attached file is attached to the e-mail that will be received later, preparation can be made to automatically decrypt and decompress.

[Effect of the embodiment]
According to the mail monitoring device 1 of the embodiment described above, when the encrypted attached file is attached to the received electronic mail, first, the password stored in the password storage unit 103 is used. Decryption is performed. That is, decryption is performed using the password stored in the password storage unit 103 or using a password that can be predicted from the password stored in the password storage unit 103. As a result, when the decryption can be performed according to the password stored in the password storage unit 103, the recipient of the electronic mail performs a virus check without entering the password, and the security is confirmed. Attachments can be retrieved with the email body.

  If the decryption is not possible according to the password stored in the password storage unit 103, the mail monitoring device 1 temporarily stores only the attached file that can not be encrypted. Then, the mail monitoring device 1 receives the provision of the password from the user of the user PC 2 who is the recipient, decrypts the file, decompresses it, checks the virus, and provides the original recipient with no problem with the attached file. it can. Since the password used in this case is updated in the password storage unit 103, it can be used in the case of decrypting the encrypted attached file in the e-mail from the same transmission source (sender).

  Then, at the receiving end, the opportunity to enter the password can be reduced as much as possible, so that it is possible to save trouble when receiving the e-mail, and to keep the confidentiality of the password high.

[Modification]
In the embodiment described above, the attached file that has been encrypted and data-compressed is decrypted, decompressed and virus-checked, and even if the security is confirmed, it is encrypted and data-compressed Provided to the destination user. Therefore, at the destination, the attached file is decrypted, decompressed and used. However, it is not limited to this.

  For example, since the file has been decrypted once, it is possible to attach an attached file in a data-compressed state to an e-mail or to provide only the attached file alone without encrypting it. That is, security is ensured because the mail monitoring device 1 passes from the LAN 3 to the subordinate user PCs 2 (1),..., 2 (n). At the transmission destination, the attached file is to be decompressed and used.

  If there is no problem with the transfer rate, the mail monitoring device 1 can also decrypt and decompress the decompressed attached file to the user PC 2 (1), ..., 2 (n) under the control is there.

  In addition, in the case of attaching an attached file to the e-mail text to be provided to the transmission destination, the e-mail is deciphered and decompressed, and a virus check is performed to confirm that there is no problem. You may add a message that the attached file is attached. Thus, the user of the transmission destination can use the attached file with peace of mind. In addition, even when the temporarily stored attached file is downloaded without being able to decipher using the password of the password storage unit 103, the same notification is sent from the mail monitoring apparatus 1 to the transmission destination. May be

  Also, as described above, even when the decrypted e-mail is provided to the transmission destination, the mail monitoring device 1 sends a notification that the encrypted attached file is to be decrypted and provided to the transmission destination. You may do so. In this case, the user at the destination can be prevented from misunderstanding that the data has been transmitted without being encrypted.

  Further, in the above-described embodiment, among the passwords stored in the password storage unit 103, it is determined that the password having the number of times of use of predetermined times (for example, 10 times) or more can be used. The number of times of use in this case can be set appropriately by the operator of the mail monitoring device 1. Also, the threshold value of the number of times of use can be changed between the transmission source and the transmission destination.

  Also, password types may be managed for each transmission source and transmission destination, and these may be used. In this case, whether the password type used is a password that changes every time, is a fixed password used, is a password such as combining dates, etc., or is multiple passwords used? Indicates another. Depending on the password type, for example, the processing of steps S110 and S111 shown in FIG. 4 can be simplified.

  If a plurality of passwords having the same transmission source and transmission destination but different passwords are registered in the password storage unit 103, priorities may be set for these. Then, when the priority is set, the decryption can be performed by using the passwords with the highest priority in order. In addition, when the number of failed decryption attempts is updated, passwords may be used in order from the least failed password.

  Further, the password stored in the password storage unit 103 may be erased by providing a condition. For example, a password that has been used more than 30 times may be erased, and each user may be urged from the mail monitoring device 1 through the user PC 2 so as to determine a new password. Similarly, the password storage unit 103 also manages the password registration date, deletes the password used for a certain period of time, and prompts each user through the user PC 2 from the mail monitoring device 1 so as to determine a new password. it can. In addition, passwords that have not been updated for a predetermined period can be deleted from the password storage unit 103.

  Further, in the above-described embodiment, in order to simplify the description, it has been described that the number of transmission destinations is one, but as is well known, electronic mail has a so-called "CC (Carbon Copy) function or It is possible to use the BCC (Blind Carbon Copy) function. When these functions are used, the destinations to which e-mails are sent by these functions are separately managed, and attachments to which the e-mails are sent by these functions are also checked for viruses. You can provide a file.

  Also, the mail monitoring function of the mail monitoring device 1 described above may be installed as one of a plurality of different security functions provided to the UTM device in an integrated threat management device called a UTM (Unified Threat Management) device or the like. it can.

  Further, in the above-described embodiment, the encrypted attached file is described as being compressed as well, but the present invention is not limited to this. Attachments that are encrypted and attached to e-mails can be processed in the same manner without data compression. In this case, compression / decompression processing is not performed.

[Others]
As will be understood from the description of the above-described embodiment, the component means of the mail monitoring device in claims and the component part of the mail monitoring device 1 in the embodiment are as follows. The function of the storage means is realized by the password storage unit 103 of the mail monitoring device 1, and the function of the encryption judgment means is realized by the encryption judgment unit 111 of the mail monitoring device 1. Further, the function of the first decryption means is realized by the decryption part 112 of the mail monitoring device 1, and the function of the first update means is realized by the password updating part 115 of the mail monitoring device 1, and the first check is performed. The function of the means is realized by the virus check unit 106 of the mail monitoring device 1.

  Further, the function of the storage means is realized by the storage processing unit 113 of the mail monitoring device 1, and the function of the receiving means is realized by the LAN connection end 107 T and the LAN I / F 107 of the mail monitoring device 1. Further, the function of the second decryption means is realized by the stored file decryption unit 114 of the mail monitoring device 1, and the function of the second updating means is realized by the password update unit 115 of the mail monitoring device 1. Further, the virus check unit 106 of the mail monitoring device 1 realizes the function of the second check means.

  Further, a program for executing the processing performed by the mail monitoring device 1 shown in the flowcharts of FIGS. 3 and 4 is one to which an embodiment of the mail monitoring program of the present invention is applied. Therefore, each function of the compression / decompression unit 105, the virus check unit 106, the encryption determination unit 111, the decryption unit 112, the storage processing unit 113, the storage file decryption unit 114, and the password update unit 115 shown in FIG. The program executed by the control unit 102 can also be realized as a function of the control unit 102.

DESCRIPTION OF SYMBOLS 1 ... Mail monitoring apparatus, 101T ... Connection end to communication network, 101 ... Communication I / F, 102 ... Control part, 103 ... Password storage part, 104 ... Attachment file storage part, 105 ... Compression decompression part, 106 ... Virus check Denoted as 107, LAN I / F, 107 T: LAN connection end, 111: encryption judgment unit, 112: decryption unit, 113: storage processing unit, 114: storage file decryption unit, 115: password update unit, 2: user PC, 3 ... LAN, 4 ... communication network, 5 ... mail server device

Claims (6)

A storage unit that stores transmission source identification information, reception destination identification information, and a password in association with each other;
Encryption determination means for determining whether an encrypted file is attached to the received e-mail;
A first decryption unit that acquires an available password from the storage unit and decrypts the encrypted password when the encryption determination unit determines that the encrypted file is attached;
First updating means for processing to update the storage means with respect to the password used in the first decryption means;
And E-mail monitoring apparatus, comprising: first checking means for checking computer viruses about the file decrypted by the first decrypting means. A mail monitoring apparatus according to claim 1, wherein
A storage for temporarily storing the file in a predetermined file storage means when the available password is not stored in the storage means, or when the decryption is not possible with the password stored in the storage means Means,
Accepting means for accepting provision of a password for decrypting the file stored in the file storage means from the destination of the electronic mail;
A second decryption unit that decrypts the file temporarily stored in the file storage unit using the password received through the reception unit;
Second updating means for processing to update the storage means with respect to the password used in the second decryption means;
Second checking means for performing a check on a computer virus with respect to the file decrypted by the second decrypting means;
An email monitoring apparatus comprising: The mail monitoring device according to claim 1 or 2, wherein
The first update means can update the number of times of use used for decryption for each information in which the transmission source identification information, the reception destination identification information, and the password are associated with each other.
The mail monitoring apparatus according to claim 1, wherein the first decryption unit decrypts the password by acquiring the password whose usage count is equal to or more than a predetermined value as the usable password. The mail monitoring device according to claim 1 or 2, wherein
The first decryption means is characterized in that, when there is a plurality of pieces of information in which only the password differs in the storage means, the plurality of passwords are sequentially used to find a password that can be decrypted. Email monitoring device. The mail monitoring device according to claim 1 or 2, wherein
The first decrypting means predicts a password based on the plurality of pieces of information when there is a plurality of pieces of information different only in the password in the storage means, and uses the predicted password as an available password. E-mail monitoring device that features. A mail monitoring program executed by a computer mounted on a mail monitoring apparatus,
An encryption determination step of determining whether an encrypted file is attached to the received e-mail;
When it is determined in the encryption determination step that the encrypted file is attached, an available password is acquired from a storage unit that stores the sender identification information, the receiver identification information, and the password in association with each other. A decryption step to perform decryption.
Updating to process the storage means to update the password used in the first decryption step;
Checking the computer virus for the file decrypted in the first decryption step;
A mail monitoring program characterized by having:

Images