JP2008098856A - Ciphered mail system and gateway server - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To easily secure the authenticity of electronic mail by monitoring the electronic mail transmitted from respective client terminals to the outside within an intranet and keeping secrecy on a public line. <P>SOLUTION: The ciphered mail system comprises: a first mail server for processing the electronic mail transmitted and received to/from the client terminals on the inner side of the intranet including the client terminals; a second mail server for receiving the electronic mail from the client terminals arranged inside a public line network arranged outside the intranet; and a gateway server arranged at the gate of the intranet between the first and second mail servers. The gateway server comprises: a ciphering processing means for performing the ciphering processing of the electronic mail from the first mail server; a signature information addition means for adding signature information; a deciphering processing means for performing the deciphering processing of the ciphered electronic mail from the public line network; and a signature information verification means for verifying the signature information of the electronic mail with a signature. <P>COPYRIGHT: (C)2008,JPO&INPIT

Description

  The present invention relates to an encrypted mail system and a gateway server.

Conventionally, when sending and receiving e-mail between client terminals via a public network, if you want to keep the contents of the e-mail secret, encrypt the e-mail contents using encryption software installed on each client terminal. The method of transmitting after that is employed (for example, see Patent Document 1).
JP 2001-257710 A (Claims, FIG. 1 etc.)

  In such a method, the encrypted electronic mail is stored in a mail box in a mail server on the recipient side via a public line. The recipient accesses the mail server from his / her client terminal, receives the encrypted e-mail, decrypts it using the encryption software installed in his / her client terminal, and reads the contents of the e-mail .

  In addition, since an e-mail passes through multiple computers from the sender user to the recipient user (recipient), an e-mail is sent by a third party impersonating himself / herself for communication using e-mail. In addition to “spoofing”, there is a risk of “tampering” in which the content of an e-mail is rewritten by a third party, and “eavesdropping” in which a third party steals the content of an e-mail. In order to reduce such a risk, a method for giving an electronic signature to an electronic mail and indicating that the electronic mail sent is from the person is known.

  However, when sending and receiving e-mail between organizations such as companies, the above-described conventional encryption processing may be a problem. In companies, etc., a mail server should be placed on the intranet to check the e-mails sent from each client terminal in the intranet so that the company's trade secrets and electronic files with viruses are not illegally leaked outside the company. There is. In this case, if the e-mail transmitted from each client terminal to the outside is encrypted, only the recipient can decrypt the e-mail, so the contents of the e-mail cannot be checked on the intranet. In this way, e-mail encryption processing can increase the confidentiality of e-mail, but there is a problem that even if the e-mail contains a business secret or an electronic file with a virus, it is difficult to find it. .

  In addition, when an electronic mail with an electronic signature is transmitted / received between a plurality of intranets, it is necessary for the sender to perform an operation of adding an electronic signature at each client terminal, which is troublesome for a sender unfamiliar with electronic mail. is there.

  The present invention has been made to solve the above-described problem, and can monitor an electronic mail transmitted from each client terminal to the outside in an intranet, and can also maintain confidentiality on a public line. At the same time, it is an object of the present invention to ensure the authenticity of e-mail easily.

  In order to achieve the above object, the present invention receives an e-mail transmitted from each client terminal and an e-mail transmitted to each client terminal inside an intranet including one or more client terminals. A first mail server that is outside the intranet and inside the public line network and that receives an email sent from the client terminal and an email sent to the client terminal; An encryption process is provided between the first mail server and the second mail server, and is provided with a gateway server arranged at the gate of the intranet, and the gateway server encrypts the email received from the first mail server. And encrypted electronic mail received from the public network. Decryption processing means for decrypting the mail, signature information adding means for adding signature information to the email in the same intranet received from the first mail server, and email with signature information received from the public line The encrypted mail system includes signature information verification means for verifying the signature information.

  In such an encrypted mail system, since the e-mail transmitted from each client terminal and passing through the first mail server has not been encrypted yet, the contents of the e-mail are monitored by the first mail server. be able to. In addition, since the e-mail is encrypted at the stage through the external public line, the confidentiality of the e-mail can be maintained.

  In another aspect of the present invention, in the previous invention, the signature information adding means is an encrypted mail system that adds one signature information indicating that the electronic mail is transmitted from the same intranet.

  For this reason, it is not necessary to prepare a signature certificate for each client. Even if the number of clients included in the intranet is extremely large, it is only necessary to prepare a single certificate for signing, so that the introduction cost and operation cost required for electronic signature can be reduced.

  Further, according to the present invention, in each of the preceding inventions, a representative mail address assigned to the own intranet gateway and an external intranet gateway are assigned based on the sender information and destination information of the e-mail. Representative email address acquisition means for acquiring an external representative email address is further provided, and the encryption processing means includes transmission source information, transmission destination information, header information including the title of the email, and the content of the email. The encrypted mail system includes an e-mail generation unit that appends the representative e-mail address and the external representative e-mail address to the e-mail instead of the transmission source information and the transmission destination information.

  For this reason, even if a third party steals an electronic mail in the public line network, only the representative electronic mail address assigned to each gateway server of each intranet is known. Therefore, not only the contents of the e-mail but also the e-mail addresses of both the transmission source client and the transmission destination client, and also the e-mail title can be kept confidential.

  Another embodiment of the present invention is a gateway server arranged at an entrance to an external public line in an intranet including one or two or more client terminals, and performs an encryption process of an e-mail received from its own intranet. Encryption processing means, decryption processing means for decrypting encrypted email received from the public line network, and signature information adding means for adding signature information to email received from within its own intranet And a gateway server provided with signature information verification means for verifying signature information of an electronic mail with signature information received from a public line.

  When such a gateway server is adopted, an email sent from each client terminal upstream of the gateway server and passing through the first mail server is still encrypted when it is received by the first mail server. Therefore, the contents of the e-mail can be monitored by the first mail server. Moreover, since the e-mail has already been encrypted by the gateway server at the stage through the external public line, the confidentiality of the e-mail can be maintained.

  In another aspect of the present invention, in the previous invention, the signature information adding means is a gateway server that adds one signature information indicating that the electronic mail is transmitted from the same intranet.

  For this reason, when the gateway server of the present invention is used, it is not necessary to prepare a signature certificate for each client. Even if the number of clients included in the intranet is extremely large, it is only necessary to prepare a single certificate for signing, so that the introduction cost and operation cost required for electronic signature can be reduced.

  Further, according to another aspect of the present invention, in each of the preceding inventions, based on the sender information and destination information of the email, a representative email address assigned to the own gateway, an external representative email address assigned to the external gateway, A representative e-mail address acquisition unit for acquiring the e-mail, and the encryption processing unit performs encryption processing including transmission source information, transmission destination information, header information including an e-mail title, and e-mail content. The gateway server is provided with e-mail generation means for appending the representative e-mail address and the external representative e-mail address to the e-mail instead of the transmission source information and the transmission destination information, respectively.

  For this reason, even if a third party steals an electronic mail in the public line network, only the representative electronic mail address assigned to each gateway server of each intranet is known. Therefore, not only the contents of the e-mail but also the e-mail addresses of both the transmission source client and the transmission destination client, and also the e-mail title can be kept confidential.

  According to the present invention, it is possible to monitor the e-mail transmitted from each client terminal to the outside in the intranet and to keep the confidentiality on the public line, and to easily ensure the authenticity of the e-mail. can do.

  Next, preferred embodiments of an encrypted mail system and a gateway server according to the present invention will be described in detail with reference to the drawings. However, the present invention is not limited to the embodiments described below.

(Configuration of the entire encrypted mail system)
FIG. 1 is a schematic diagram of an encrypted mail system 1 according to an embodiment of the present invention.

  The encrypted mail system 1 includes a plurality of intranets 2, a public line network (hereinafter referred to as the Internet as a representative example of the public line network) 3 that connects the intranets 2, and each intranet 2 and the Internet 3. A second mail server 4 capable of transmitting and receiving e-mails transmitted from each intranet 2, and a signature certificate issuing server 5 connected to the Internet 3 and capable of issuing a signature certificate. ing.

  One or two or more client terminals 10 are connected to each intranet 2. Each client terminal 10 is connected to a first mail server 20 having a function as a host computer. The first mail server 20 receives an electronic mail transmitted from each client terminal 10 connected to its own intranet 2 and also receives an electronic mail transmitted from the external intranet 2 via the Internet 3. It is a mail server that can.

  A gateway server 30 is disposed at the gate portion of each intranet 2 (data entry / exit from each intranet 2 to an external network). The gateway server 30 receives an electronic mail transmitted from each client terminal 10 connected to its own intranet 2, performs processing described later, and then transmits the electronic mail to the second mail server 4. Further, the gateway server 30 receives an e-mail transmitted from each client terminal 10 connected to the external intranet 2 to the client terminal 10 connected to its own intranet 2 from the second mail server 4, and will be described later. After processing, the electronic mail is transmitted to the first mail server 20.

(Configuration of main devices that compose the encrypted mail system)
FIG. 2 is a diagram for explaining a mechanism for transmitting and receiving an electronic mail between two intranets 2 constituting the encrypted mail system 1. Here, a process when an electronic mail is sent from a client terminal (A) 10 connected to a certain intranet 2 to a client terminal (B) 10 connected to another intranet 2 via the Internet 3 will be described.

  The first mail server 20 includes an interface (I / F) 21 serving as a port for data transmission / reception with the outside, a mail transmission / reception unit 22 having an electronic mail transmission / reception function, and a monitoring unit for monitoring the content of the electronic mail 23 and a storage unit 24 for storing keywords relevant to the information in advance in order to monitor information important to an organization such as a company. The monitoring unit 23 stores the received electronic mail in the storage unit 24. The monitoring unit 23 searches the content of the e-mail received from the client terminal 10 in its own intranet 2 and determines whether or not a predetermined number of keywords are included among some keywords stored in the storage unit 24 in advance. To monitor. As a result, when a predetermined number of keywords are included in the email, the monitoring unit 23 prohibits the transmission of the email. On the other hand, when the predetermined number of keywords is not included in the e-mail, the monitoring unit 23 permits transmission of the e-mail. It is also possible to store a computer program for virus checking in the storage unit 24 and to check the virus of the electronic mail in the monitoring unit 23. The I / F 21, the mail transmission / reception unit 22, and the monitoring unit 23 are mainly configured by a central processing unit (CPU). In addition, the storage unit 24 uses a ROM for a memory that simply performs reading, and a storage device such as a RAM or a hard disk for a memory that performs both reading and writing.

  The gateway server 30 includes an interface (I / F) 31 serving as a port for data transmission / reception with the outside, an address selection unit 33, an encryption unit 34, a decryption unit 35, a signature information verification unit 36, and a signature unit. 37, a first storage unit 38, and a second storage unit 39. The I / F 31, the address selection unit 33, the encryption unit 34, the decryption unit 35, the signature information verification unit 36, and the signature unit 37 are mainly composed of a CPU. In addition, as the first storage unit 38 and the second storage unit 39, a storage device such as a RAM or a hard disk is used for a memory that performs only reading and a memory that performs both reading and writing.

  The I / F 31 has a function as an e-mail generation unit that adds a representative e-mail address described later and an external representative e-mail address described later to the e-mail instead of the transmission source information and the transmission destination information, respectively. The address selection unit 33 is based on e-mail transmission source information (mail address of a client using the client terminal (A) 10) and transmission destination information (mail address of a client using the client terminal (B) 10). A representative mail for obtaining a representative mail address assigned to the gateway server 30 of the intranet 2 to which the client (A) 10 belongs and an external representative mail address assigned to the gateway server 30 of the external intranet 2 to which the client terminal (B) 10 belongs. Address acquisition means.

  The encryption unit 34 is an encryption processing unit that performs an encryption process on the electronic mail received from the first mail server 20. The encryption unit 34 includes a mail address of a client that uses the client terminal (A) 10, a mail address of a client that uses the client terminal (B) 10, header information including the title of the email, and the content of the email. And the representative e-mail address and the external representative e-mail address of the client e-mail address using the client terminal (A) 10 and the e-mail address of the client using the client terminal (B) 10, respectively. Add to email instead.

  The decryption unit 35 is decryption processing means for performing decryption processing on the encrypted email received from the Internet 3 via the second mail server 4.

  The signature information verification unit 36 is signature information verification means for verifying signature information of an electronic mail with signature information received from another intranet 2 via the Internet 3. As will be described later, in this embodiment, the signature information verification unit 36 creates a digest using a message digest function based on the content of the e-mail, and adds the digest to the received e-mail. The signature information (the digest created by using the message digest function at the transmission source) is collated, and it is verified whether or not they match.

  The signature unit 37 is signature information adding means for adding signature information to an electronic mail in the same intranet 2 received from the first mail server 20. In this embodiment, the signature unit 37 adds one signature information indicating that the electronic mail is transmitted from the same intranet 2. That is, the signature unit 37 adds signature information as the gateway server 30 regardless of the number of client terminals 10 connected to the intranet 2.

  In addition, the signing unit 37 may be provided with a function for checking whether the expiration date of the certificate of its own domain used at the time of signing and the public key certificate of another domain used at the time of encryption processing has passed. . With this function, it is possible to prevent transmission / reception of electronic mail between untrusted domains using a certificate whose validity period has expired, and to ensure reliable transmission / reception of electronic mail.

  Further, the signing unit 37 may be provided with a function for automatically acquiring a certificate revocation list (CRL) from a CRL distribution point described in a use certificate and performing a check for revocation of the use certificate. good. In addition, a protocol (Online Certificate Status Protocol: OCSP) for confirming the validity in real time may be added as a function for performing a check for discarding a use certificate. Here, the CRL is a list of certificates that have become invalid even though the expiration date has not been reached. Information on a certificate that has expired is not included in the CRL. Therefore, even if the information of a certificate discarded for some reason is once described in the CRL, it is excluded from the CRL when the certificate reaches the expiration date. The automatic acquisition and discard check of the CRL can be executed in accordance with, for example, a setting for a specified minute interval in addition to a specified time for each day and a specified time for a specified day.

  The first storage unit 38 is a part that stores the electronic mail encrypted by the encryption unit 34. The second storage unit 39 stores information necessary for encryption and decryption and information necessary for signature and signature verification. In this embodiment, a public key cryptosystem using a secret key and a public key is employed. Therefore, in the second storage unit 39, the private key of the own client (actually a program necessary for encryption and decryption), and the public key of another client (actually a program necessary for encryption) ) Is stored. The second storage unit 39 also stores a representative email address and an external representative email address. The representative email address and the external representative email address are included in the signature certificate data transmitted from the signature certificate issuing server 5. The signature certificate issuing server 5 stores the public key certificate of each intranet 2 and provides it publicly upon request. As a result, the public key certificate of each intranet 2 can be easily obtained, and secure electronic mail can be exchanged easily and quickly.

  The second storage unit 39 stores a message digest function for creating a digest based on the content of the e-mail. The signature unit 37 reads the message digest function from the second storage unit 39 and creates a digest prior to the e-mail encryption process. For an email received from another intranet 2 via the Internet 3, the signature unit 37 reads the message digest function from the second storage unit 39, and based on the content of the decrypted email Create a digest. Upstream from the gateway server 30 is a secure zone (ZONE 1), and the second mail server 4 is a ZONE 2 between the non-secure zone (ZONE 3) of the unreliable Internet 3 and the ZONE 1, ie, DMZ ( DeMilitarized Zone).

(Main information stored in each storage unit)
FIG. 3 is a diagram for explaining data stored in the storage unit 24 in the first mail server 20.

  The storage unit 24 stores a folder 25 for registering keywords (“ABCD”, “EFG”, “OPQRS”, etc.) for determining whether or not company confidential information is included in the e-mail. ing. In addition, the storage unit 24 stores a folder 26 including an e-mail 27 transmitted from the own intranet 2. As described above, if the e-mail 27 is left in the storage unit 24, the e-mail 27 can be checked later to confirm the presence or absence of company secret information. That is, if the e-mail 27 is left in the storage unit 24, the server administrator can check the e-mail 27 in the storage unit 24 later and leak corporate information to the outside without providing the monitoring unit 23. You can find out who is leaking and who is leaking.

  FIG. 4 is a diagram for explaining data stored in the first storage unit 38 in the gateway server 30.

  The first storage unit 38 stores a folder 40 having an encrypted electronic mail (encrypted mail) 41. Since the e-mail 27 transmitted from its own intranet 2 is stored in an encrypted state, even if a third party hacks into the gateway server 30, the contents of the e-mail 27 cannot be known.

  FIG. 5 is a diagram for explaining data stored in the second storage unit 39 in the gateway server 30.

  The second storage unit 39 stores a folder 42, and is assigned to the private key 43 for the own intranet 2, the public key 46, and the gateway server 30 in the own intranet 2 in the folder 42. The representative email address (for example, “info@aaa.com”) 44 is stored. The second storage unit 39 stores a folder 45, and the public key 46 for each other intranet 2 and the external representative assigned to the gateway server 30 in the other intranet 2 in the folder 45. A mail address (for example, “info@bbb.com”, “info@ccc.com”) 47 is stored. The public key 46 and the external representative email address 47 are downloaded from the signature certificate issuing server 5 to the gateway server 30 and stored in the second storage unit 39. In addition, the administrator of each intranet 2 The external representative mail address 47 described in the signature certificate may be stored in the gateway server 30 and the program data of the public key 46 may be stored in the gateway server 30. Further, the second storage unit 39 stores a folder 49, and a message digest function 51 for creating a digest serving as signature information is stored in the folder 49. The message digest function 51 is a kind of hash function for converting the body of an electronic mail into small data having a fixed length. If the digest 52 is created using the message digest function 51, it cannot be restored to the original text.

(Email processing and flow)
FIG. 6 shows the flow of each process when sending the e-mail 27 from the client terminal (A) 10 (company A client terminal 10) shown in FIG. 2 to the client terminal (B) 10 (company B client terminal 10). FIG.

  In the gateway server 30 of company A, first, a digest 52 is created based on the content (text) of the e-mail 27 by the message digest function 51. This digest 52 corresponds to signature information. Next, the digest 52 is encrypted using the private key 43 of company A, and signer information is added. In this embodiment, the encrypted digest 52 and the added signer information are referred to as an encrypted digest 53. On the other hand, the gateway server 30 of the company A uses the temporarily generated common key 42 to encrypt the encrypted data format 54 in which the e-mail 27 and the encrypted digest 53 are collected. In this embodiment, the encrypted part is referred to as encrypted body information 65. In the gateway server 30 of company A, the temporarily generated common key 42 is encrypted using the public key 46 of company B. In this embodiment, the encrypted common key 42 is referred to as an encrypted common key 55. The encrypted body information 65 and the encrypted common key 55 are transmitted as the encrypted mail 41 from the gateway server 30 of company A to the second mail server 4 via the Internet 3.

  The gateway server 30 of company B receives the encrypted mail 41 from the second mail server 4. In the gateway server 30 of company B, the encryption common key 55 is decrypted using the secret key 43 of company B. Next, the encrypted body information 65 is decrypted with the decrypted common key 42. Further, the encrypted digest 53 in the encrypted reference data format 54 is decrypted by the public key 46 of company A. The public key 46 of company A is described as signer information in the encryption digest 53. As a result, the encrypted digest 53 becomes the digest 52.

  In the gateway server 30 of company B, a digest 52 ′ is created based on the body of the e-mail 27 using the message digest function 51. The gateway server 30 of company B collates the digest 52 sent from company A with the digest 52 ′ created in the gateway server 30 of company B. If the digest 52 matches the digest 52 'as a result of the collation, the signature is recognized as authentic, and the e-mail 27 is sent to the client terminal (B) 10 belonging to the intranet 2 of company B. On the other hand, if the digest 52 and the digest 52 'do not match as a result of the collation, it is recognized that the content of the e-mail 27 has been tampered with, and the e-mail 27 is not transmitted to the client terminal (B) of the B company.

(Encryption processing)
FIG. 7 is a diagram for explaining the encryption process of the e-mail 27.

  The e-mail 27 includes an SMTP protocol 61, envelope information 62 including envelope-from information and envelope-to information, header information 63 including a subject (title), and body information 64 as a body. If there is an attached file, the body information 64 may include it. The signature unit 37 and the encryption unit 34 of the gateway server 30 combine the envelope information 62, the header information 63, and the body information 64 into one, newly combine them into body information, add the signature information 60, and then perform encryption. . The I / F 31 functioning as an e-mail generation unit adds new SMTP protocol 67, new envelope-from information and envelope-to-information 68 including new envelope information 68, and new header information 69 to the encrypted body information 65. Thus, the encrypted mail 41 is created.

  Thus, the envelope information 62, the header information 63, and the body information 64 of the original electronic mail 27 are incorporated in the encrypted mail 41 as the encrypted body information 65. For this reason, even if the encrypted mail 41 is intercepted by a third party in the transmission path, it is the e-mail 27 sent from which client to which client, what kind of subject, and what kind of content is included. The third party does not know what is being done. The third party only knows that the encrypted mail 41 is sent from the company A to the company B.

(Flow of each process when sending e-mail)
FIG. 8 shows the client terminal (A) 10 belonging to the intranet 2 of the company A, when the electronic mail 27 is sent from the client terminal (A) 10 of the company A to the client terminal (B) 10 of the company B. It is a flowchart for demonstrating the flow of the process which the mail server 20 and the gateway server 30 perform.

  The client of company A activates the mail software of the client terminal (A) 10 to create an email 27 (step S101), and transmits the email 27 to the client of company B (step S102). The first mail server 20 of company A acquires the electronic mail 27 (step S103). Next, in the first mail server 20, the monitoring unit 23 collates the body information 64 in the e-mail 27 with the keyword registered in advance in the storage unit 24 (step S104). Whether or not a predetermined number of keywords is included is determined (step S105). As a result, when a predetermined number of keywords are included in the body information 64, the monitoring unit 23 stores the e-mail 27 in the storage unit 24 (step S106) and prohibits external transmission (step S106). S107).

  On the other hand, when the predetermined number of keywords are not included in the body information 64, the mail transmitting / receiving unit 22 transmits the electronic mail 27 to the gateway server 30 of the company A (in-house) (step S108). Next, the address selection unit 33 of the gateway server 30 is assigned to the representative mail address 44 assigned to the gateway server 30 of the company A and the gateway server 30 of the company B based on the domain of the transmission source information and the transmission destination information. The external representative mail address 47 is acquired from the second storage unit 39 (step S109). Next, after creating the digest 52, the signature unit 37 and the encryption unit 34 generate an encrypted contrast data format 54 in which the e-mail 27 and the encrypted digest 53 are combined (step S110). Next, the encryption unit 34 generates a temporary common key 42, encrypts the encrypted control data format 54, encrypts the common key 42 using the public key 46 of company B, envelope information 62, header information. 63 and body information 64 are combined into new body information, and encryption after adding signature information 60 (which forms encrypted body information 65) is executed. (Step S111). Next, the I / F 31 combines the encrypted common key 55 and the encrypted body information 65, and further, a new SMTP protocol 67, new envelope information 68 including envelope-from information and envelope-to information, new envelope information 68, and new envelope information 68. The header information 69 is added and the encrypted mail 41 is generated (step S112). Next, the I / F 31 transmits the encrypted mail 41 to the outside of the intranet 2 of company A (step S113).

(Flow of each process when receiving encrypted mail)
FIG. 9 shows a case where the client terminal (B) 10 of the company B receives the encrypted mail 41 from the client terminal (A) 10 of the company A, the client terminal (B) 10 belonging to the intranet 2 of the company B, the first It is a flowchart for demonstrating the flow of the process which the mail server 20 and the gateway server 30 perform.

  The gateway server 30 of company B acquires the encrypted mail 41 from the second mail server 4 (step S201). Next, the decryption unit 35 in the gateway server 30 of company B decrypts the encrypted common key 55 using the secret key 43 of company B (step S202). Next, the decrypting unit 35 decrypts the encrypted body information 65 using the decrypted common key 42 and also decrypts the encrypted digest 53 using the public key 46 of the company A (step S203).

  Next, the signature information verification unit 36 creates a digest 52 ′ corresponding to the signature information for verification from the electronic mail 27 (step S204), compares the digest 52 and the digest 52 ′ after decryption, and It is determined whether or not the mail 27 is authentic (step S205). As a result, when it is determined that the e-mail 27 is not authentic, the signature information verification unit 36 stores the e-mail 27 in the first storage unit 38 (step S206), and the first information in the intranet 2 of the B company. Transmission to the mail server 20 is prohibited (step S207). On the other hand, if it is determined that the e-mail 27 is authentic, the signature information verification unit 36 transmits the e-mail 27 to the first mail server 20 in the intranet 2 of company B (step S208). ).

(Other embodiments)
The preferred embodiments of the encrypted mail system and the gateway server according to the present invention have been described above. However, the present invention is not limited to the above-described embodiments, and various modifications can be made unless the gist of the present invention is changed. It can be implemented in a modified form.

  For example, the gateway server 30 may add signature information according to the number of clients belonging to the intranet 2 instead of adding one signature information. In such a case, the signature unit 37 in the gateway server 30 in the transmission source intranet 2 reads a message digest function 51 that differs for each client from the transmission source e-mail address from the second storage unit 39, and performs digest (signature information). ) 52 is created. The signature information verification unit 36 in the gateway server 30 in the transmission destination intranet 2 reads out a message digest function 51 that is different for each client from the second storage unit 39 based on the transmission source e-mail address, and performs a digest (signature). Information) 52 ′ is created, and the digest 52 and the digest 52 ′ are collated to determine whether or not the electronic mail 27 is authentic.

  Further, in the above-described preferred embodiment, the encryption unit 34 of the gateway server 30 combines the envelope information 62, the header information 63, and the body information 64 into body information, adds the signature information, and then encrypts it. It is carried out. However, the encryption unit 34 is not limited to the above process, and the encryption process may be performed by combining only the body information 64, the body information 64 and the header information 63, or the body information 64 and the envelope information 62. .

  Intranet generally means an in-company network constructed using Internet standard technology. However, in the present invention, intranet 2 is not limited to the narrow meaning of the above-mentioned in-company network, and is not limited to any intranet. It shall be interpreted broadly in the meaning of network. Thus, an intranet is interpreted in the same meaning as a local area network.

  The present invention can be used for secure communication using electronic mail.

1 is a schematic diagram of an encrypted mail system according to an embodiment of the present invention. It is a figure explaining the mechanism which transmits / receives an electronic mail between the two intranets which comprise the encryption mail system shown in FIG. It is a figure for demonstrating the data memorize | stored in the memory | storage part in the 1st mail server shown in FIG. It is a figure for demonstrating the data memorize | stored in the 1st memory | storage part in the gateway server shown in FIG. It is a figure for demonstrating the data memorize | stored in the 2nd memory | storage part in the gateway server shown in FIG. It is a figure which shows the flow of each process at the time of sending an electronic mail from the client terminal (A) shown in FIG. 2 to a client terminal (B). It is a figure for demonstrating the encryption process of the email performed by the encryption mail system which concerns on embodiment of this invention. Processing performed by the client terminal (A), the first mail server, and the gateway server belonging to the intranet of company A when an electronic mail is sent from the client terminal (A) of company A to the client terminal (B) of company B It is a flowchart for demonstrating the flow of. When the client terminal (B) of company B receives the encrypted mail from the client terminal (A) of company A, processing performed by the client terminal (B), the first mail server, and the gateway server belonging to the intranet of company B It is a flowchart for demonstrating the flow of.

Explanation of symbols

1 Encrypted mail system 2 Intranet 3 Internet (public network)
4 Second mail server 10 Client terminal 20 First mail server 27 E-mail 30 Gateway server 31 I / F (e-mail generating means)
33 Address selection section (representative email address acquisition means)
34 Cryptographic part (encryption processing means)
35 Decoding unit (decoding processing means)
36 Signature information verification unit (signature information verification means)
37 Signature part (signature information adding means)
41 Encrypted mail (encrypted e-mail, e-mail with signature information)
44 Representative email address 47 External representative email address 52 Digest (signature information)
62 Envelop information (including source information and destination information)
63 Header information 64 Body information (content of e-mail)

Claims (6)

A first mail server that is inside an intranet including one or more client terminals and that receives an e-mail transmitted from each client terminal and an e-mail transmitted to each client terminal;
A second mail server outside the intranet and inside the public line network for receiving an email sent from the client terminal and an email sent to the client terminal;
A gateway server located between the first mail server and the second mail server and located at a gate of the intranet;
With
The gateway server
Encryption processing means for performing encryption processing of the email received from the first mail server;
Decryption processing means for decrypting the encrypted email received from the public line network;
Signature information adding means for adding signature information to an email in the same intranet received from the first mail server;
Signature information verification means for verifying signature information of an e-mail with signature information received from the public line;
An encrypted mail system comprising:   2. The encrypted mail system according to claim 1, wherein the signature information adding unit adds one signature information indicating that the electronic mail is transmitted from the same intranet. Based on the source information and destination information of the e-mail, a representative mail address assigned to the gateway server of the intranet and an external representative mail address assigned to the gateway server of the external intranet are acquired. A representative email address acquisition means is further provided,
The encryption processing means performs encryption processing including the transmission source information, the transmission destination information, header information including the title of the email, and the content of the email,
3. The electronic mail generating means for appending the representative email address and the external representative email address to the email instead of the transmission source information and the transmission destination information, respectively. Encrypted mail system. A gateway server disposed at an entrance to an external public line in an intranet including one or more client terminals,
An encryption processing means for performing an encryption process of the e-mail received from the own intranet;
Decryption processing means for decrypting the encrypted email received from the public line network;
Signature information adding means for adding signature information to an e-mail received from within the intranet;
Signature information verification means for verifying signature information of an e-mail with signature information received from the public line;
A gateway server comprising:   5. The gateway server according to claim 4, wherein the signature information adding unit adds one signature information indicating that the electronic mail is transmitted from the same intranet. Representative email address obtaining means for obtaining a representative email address assigned to the gateway server of the electronic mail and an external representative email address assigned to the external gateway server based on the sender information and the destination information of the email And more,
The encryption processing means performs encryption processing including the transmission source information, the transmission destination information, header information including the title of the email, and the content of the email,
6. The e-mail generating means for appending the representative e-mail address and the external representative e-mail address to the e-mail instead of the transmission source information and the transmission destination information, respectively. Gateway server.

Images