JP2009116512A - Confidential information protection system - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide a confidential information protection system for preventing an entry person from peeking confidential information when a visitor enters a room, and approaches a computer terminal in the room. <P>SOLUTION: This confidential information protection system is provided with: an entry information receiving part for receiving entry information from a management device; an entry person level determination part for determining the security level of the entry person; a risk storage part; an operation screen information processing part for extracting character information included in operation screen information displayed by the display device of each client terminal; a risk determination part for determining the risk of the character information or the client terminal of operation screen information including the character information by referring to the risk storage part by using the extracted character information; and a control determination part for determining the client terminal fulfilling prescribed conditions by comparing the security level of the entry person with the determined risk of the character information or the client terminal. <P>COPYRIGHT: (C)2009,JPO&INPIT

Description

In the case of approaching a computer terminal in a room such as a visitor entering a room where a computer terminal is installed (hereinafter referred to as “room”) in a laboratory or office of a company, The present invention relates to a confidential information protection system which prevents confidential information from being viewed by a room occupant by controlling the screen display of a computer terminal displaying confidential information.

  In recent years, information leakage of confidential information has become a problem in companies and the like. For this reason, problems such as information leakage occur due to operation management at the computer terminal used during work, that is, recording and managing what work is being done at which computer terminal. I try not to. The following Patent Document 1 and Patent Document 2 disclose inventions related to such a remote monitoring system.

JP 2005-44226 A JP 2006-108947 A

  However, the problem of information leakage does not always leak from the operation of the computer terminal. For example, it may occur when a visitor enters a room where a computer terminal that handles confidential information is installed and looks at the screen of confidential information displayed on the computer terminal. In particular, those who work on computer terminals that handle confidential information are often enthusiastic about the work, and those who enter the room enter the room and look at the screen on which confidential information is displayed. Attention may not be paid to this.

  Therefore, for example, when handling important confidential information such as customer information on a computer terminal, the screen of the computer terminal can be seen when passing immediately behind the person performing the work. It is also assumed that. As a result, a part of customer information which is confidential information may be seen.

  In order to prevent this, conventionally, countermeasures have been taken by introducing an entrance / exit management system in which a visitor cannot enter a room that handles confidential information. However, for example, visitors may be allowed to enter the room for maintenance work such as cleaning or electrical work, or for inspections or special meetings. In that case, particularly when entry is permitted during working hours, the above-mentioned situation is assumed to occur, and there is a problem that it is not perfect to protect confidential information from visitors by the entrance / exit management system.

  Further, even if the employee is in the same company, the access authority is defined for files and programs that handle confidential information, and an employee without access authority cannot view the confidential information file or program. An employee who does not have access authority may enter the room for some reason (for example, deliver a document) and touch the screen of the employee's computer during work, thereby touching confidential information. In this case, since the person who entered the room (hereinafter referred to as “the person who entered the room”) is an employee in the same company, the employee who is working is also forgiven, and files and programs with confidential information are displayed on the screen. The risk of information leakage increases because there is a high possibility that the information will remain untouched. This cannot be protected by a conventional entrance / exit management system.

  Furthermore, even if the remote monitoring system of the above-mentioned patent document is used, it only records and monitors what kind of work is being performed on the computer terminal, and the room occupant is in the room. It is not something that can be controlled by entering the room.

  Therefore, the present inventor controls the display of the computer terminal that handles confidential information when the user enters the room, such as when entering the room, to control the display of the computer terminal that handles the confidential information. We have invented a confidential information protection system that can protect confidential information even when entering a room.

  The invention of claim 1 is a confidential information protection system for protecting confidential information displayed on a display device of a client terminal installed in a predetermined area from a person entering the area, wherein the confidential information protection system includes: An entry information receiving unit for receiving entry information indicating entry of the entry person into the area from a management device for managing entry into the area; and a risk degree storage unit for storing character information and its risk level Based on operation screen information displayed on the display device of the client terminal, an operation screen information processing unit that extracts character information included in the operation screen information, and character information extracted by the operation screen information processing unit are used. The risk level determination unit for determining the risk level of the client terminal of the character information or the operation screen information including the character information by referring to the risk level storage unit; A control determination unit for determining a client terminal satisfying a predetermined condition among the client terminals by comparing the security level with the character information determined by the risk determination unit or the risk of the client terminal; It is a confidential information protection system.

  With the configuration of the present invention, when an outsider enters a predetermined area, for example, a room, confidential information is displayed on the display device among the client terminals installed in the room. The client terminal can be determined. As a result, the file displayed on the client terminal can be prevented from being looked into.

  In the invention of claim 2, the risk storage unit further stores file identification information as the character information, and the risk determination unit uses the extracted character information to store the risk storage unit. When the character information stored in the risk storage unit is file identification information, the file identification information is extracted by comparing with part or all of the character information in the corresponding file. This is a confidential information protection system that determines the risk level of the client terminal of character information or operation screen information including the character information.

  When personal information is targeted for judging the degree of risk, the amount of data can be enormous. In that case, personal information may be stored as character information one by one, but this takes time. Therefore, as in the present invention, by associating file identification information such as a file name storing personal information with a risk level, a part or all of the information included in the file corresponding to the file identification information Can be stored together as the degree of risk.

  According to a third aspect of the present invention, the confidential information protection system further includes a control instruction unit that transmits a predetermined control instruction to the client terminal determined by the control determination unit.

  It is preferable not only to specify the client terminal but also to cause the client terminal to execute a control instruction so that the file cannot be seen by the room occupant.

  5. The confidential information protection according to claim 4, wherein the client terminal that has received the control instruction as the predetermined control instruction in the control instruction unit executes a control process for making the displayed file unreadable or difficult to read. System.

  There are various types of control in the client terminal, but it is preferable to use the control as in the present invention.

  According to a fifth aspect of the present invention, there is provided a computer terminal that stores character information and its risk level in a storage device in association with each other from a management device that manages entry into a predetermined area to indicate entry into the area by a person entering the room. An entry information receiving unit for receiving information, an operation screen information processing unit for extracting character information included in the operation screen information based on the operation screen information displayed on the display device of the client terminal, and the operation screen information processing unit A risk determination unit that determines the risk of the client terminal of the operation screen information including the character information or the character information by referring to the risk storage unit using the character information extracted in By comparing the security level with the character information determined by the risk level determination unit or the risk level of the client terminal, the security level of each client terminal is compared. A secret information protection program to function as the control determination unit determines a client terminal that satisfies a predetermined condition.

  By executing the program of the present invention on a predetermined computer, the above-described confidential information protection system can be realized.

According to the present invention, when a person entering the room approaches the computer terminal (client terminal) on which confidential information is displayed, such as entering the room, the display of the computer terminal handling the confidential information is controlled to enter the room. Even if a person enters the room, confidential information can be protected.

  A conceptual diagram of the confidential information protection system 1 of the present invention is shown in FIG. 1, and a conceptual diagram of the system configuration is shown in FIG. In the present specification, the term “file” includes “program”. In that case, “file” may be read as “program”.

  The confidential information protection system 1 is realized by executing a program or a module for realizing the confidential information protection system 1 in the management server 2. Each client terminal 4 has a function of capturing a screen displayed on the display device 22 of the client terminal 4 and transmitting it to the management server 2 regularly or irregularly.

  In order to capture a screen (operation screen information) displayed on the display device 22, for example, screen information displayed on the display device 22 from a display information storage device that stores information displayed on the display device 22 such as a VRAM. May be read and transmitted as operation screen information.

  The management server 2 and the client terminal 4 include a calculation device 20 such as a CPU that executes calculation processing of a program, a storage device 21 such as a RAM or a hard disk that stores information, a processing result of the calculation device 20, and a storage device 21. It has at least a communication device 24 that transmits and receives information to be stored via a network such as the Internet or a LAN. Each function (each unit) realized on the computer is executed when a unit (program, module, etc.) for executing the process is read into the arithmetic unit 20. When using the information stored in the storage device 21 in the processing, each function reads the corresponding information from the storage device 21 and uses the read information for processing in the arithmetic device 20 as appropriate. The computer may include an input device 23 such as a keyboard, a mouse, and a numeric keypad, and a display device 22 such as a display (screen). FIG. 3 schematically shows an example of the hardware configuration of the management server 2 and the client terminal 4.

  Each means in the present invention is only logically distinguished in function, and may be physically or practically the same area. Moreover, the management server 2 may be comprised by one server, and the function may be distributed by several servers.

  The management server 2 can transmit / receive information to / from the entry / exit management device 3 that manages entry into the room in which the client terminal 4 is installed, and each client terminal 4. The entrance / exit management device 3 is a device that detects that a person entering the room (such as a room) in which the client terminal 4 is installed. For example, it is a device that detects entry into a room by controlling the opening and closing of the door of the room with an IC tag or a magnetic card attached to the admission card. In addition to the entrance / exit management device 3, for example, a device that detects the entrance to a room by recognizing a face image and controlling the opening and closing of a door based on an image taken by a camera, It may be a device that detects entry into a room by controlling the opening and closing of the door based on various biometric information such as palm prints, irises, and vein patterns. In addition to the entrance / exit management device 3, the device detects and manages intrusion into a predetermined area (not limited to a room, for example, a floor, a building, etc.) where the client terminal 4 is installed. Also good.

  The management server 2 includes a room entry information receiving unit 5, a room occupant level determination unit 6, a security level storage unit 7, an operation screen information processing unit 8, a risk level determination unit 9, a risk level storage unit 10, a control determination unit 11, and a control instruction. Part 12.

  The room entry information receiving unit 5 enters and exits information (room entry information) indicating that a room entrant has entered a predetermined area (a room is preferred, but not limited to) where the client terminal 4 is installed. It is means for receiving from the management apparatus 3. This room entry information includes the room visitor identification information read by the room entry / exit management device 3 from the room entry card. The identification information includes, for example, information for identifying an admission card (such as an employee card). In addition, identification information that identifies you as an outsider is included in the admission card that is given to an outsider. Identification information such as an employee number is included in the admission card (such as an employee ID card) that is passed to an insider. Depending on its attributes, such as identification information identifying the security officer on the admission card given to the person, identification information identifying it on the admission card given to the cleaning person, etc. The type of identification information may be different. In other words, it may be information for identifying “who” or “who” entered the room.

  The occupant level determination unit 6 is means for determining the security level of the occupant by referring to a security level storage unit 7 described later based on the identification information in the occupancy information received by the occupancy information receiving unit 5. For example, when the person entering the room is an outside person, it is shown as identification information (for example, in the case of a visitor, an admission card storing “Z1” is given as identification information). With reference to the security level storage unit 7 described later, it is determined that the security level of the room occupant is “1”. When an employee number or the like is received as identification information in the room entry information, the security level storage unit 7 is referenced based on the employee number to determine the security level of the employee who has entered the room. In addition to regular employees, employees such as contract employees, temporary employees, etc. may be any person who has the right to enter the company, regardless of the type of employment.

  The security level storage unit 7 includes identification information of a user who may create, edit, and use a file used in each client terminal 4, a person who may enter each room (a person entering the room), security It is memorized in comparison with the level. FIG. 5 schematically shows an example of the security level storage unit 7. FIG. 5 shows a case where the attribute information of the person who possesses the information and the security level are associated with each other based on the identification information stored in the admission card or the like.

  In FIG. 5, information about employees and non-employees is shown in one table, but they may be divided into a plurality of pieces. For example, the correspondence between the identification information and the security level may be stored in different tables for employees, security personnel, cleaning personnel, and visitors.

  The operation screen information processing unit 8 receives the operation screen information of each client terminal 4 installed in the room when the room entry information receiving unit 5 receives the room entry information (at which time the operation screen of which client terminal 4 is operated). And identification information for identifying the client terminal 4 that identifies whether the information is information), and character information (character information includes numbers, symbols, pictograms, marks, etc.) from each operation screen information The character information included in the operation screen information is specified by extraction through processing. FIG. 7 schematically shows an example of the operation screen information.

  The risk determination unit 9 uses the operation screen information processing unit 8 to identify character information included in the operation screen information displayed on each client terminal 4, and then performs a risk storage unit 10 based on the identified character information. By referring to (described later), the risk level of each character information is determined, and the risk level of the client terminal 4 is determined.

  The risk storage unit 10 stores character information and the risk of the character information in association with each other. FIG. 6 schematically shows an example of the risk storage unit 10.

  For example, when the operation screen information processing unit 8 specifies “confidential” as character information from the operation screen information of a certain client terminal 4, the risk determination unit 9 stores the risk storage unit 10 based on the character information “confidential”. By referencing, it is determined that the risk level of the character information is “3”. If the operation screen information of the client terminal 4 includes only “confidential” as character information, the risk level of the client terminal 4 is determined as “3”.

  In addition, when “HR information”, “HR evaluation”, and “Salary” are specified as character information from the operation screen information of another client terminal 4, the risk determination unit 9 sets the character information “HR information”, “HR evaluation”. By referring to the risk level reference section based on “salary”, it is determined that the risk level of the character information is “5”, “5”, “4”. The highest risk level of the client terminal 4 may be determined as “5”, or the average risk level may be determined as “4, 7”, or the total value thereof. It is also good. Alternatively, it may be determined as “5”, “5”, “4” as the respective risk levels of the character information in the operation screen information (that is, there are three specified character information items, and each risk level is “5”). , “5”, “4”).

  FIG. 6 shows an example of character information included in a file that is not preferably viewed as character information. In addition to this, by specifying the file name itself as character information, it is included in the file. It is also possible to specify all or part of the character information at once. In this case, for example, if the file name “customer personal information file.xls” is stored in the risk storage unit 10 as the risk “5”, the name and address of the customer included in the “customer personal information file.xls”. This means that each piece of character information of predetermined personal information such as a telephone number is registered as character information having a risk level of “5”.

  Further, the risk determination unit 9 determines whether there is a character information string satisfying a predetermined condition for the character information specified from the operation screen information. If there is, the risk determination unit 9 determines the risk of the character information. Also good. The predetermined condition is preferably a character arrangement condition peculiar to personal information and the like, for example, an address, a telephone number, an e-mail address, a date of birth, and the like.

  If it is an address, it is arranged in order of prefecture name, municipality name, etc., so a storage unit (not shown) for storing these names is stored on the management server 2 or a predetermined server, and the risk level This can be done by determining the coincidence between the character information string specified by the determination unit 9 and the information stored in the storage unit. If the phone number is arranged in a predetermined number of digits (it may be determined that the symbol “-” is located in a predetermined digit. The stored area code or the like is the first predetermined number. It can be determined whether it is included in the number of digits), it can be determined that it is a phone number, and the e-mail address contains alphanumeric characters and “@” “.”, The last of which is “co.jp”, “ com ”,“ ac.jp ”, etc., it can be determined that it is an e-mail address, and the date of birth is a number of digits or 2 or 4 digits after the era. If there is a number, and it is arranged next to “year”, a number with a predetermined number of digits, “month”, a number with a predetermined number of digits, and “day”, it can be determined that the date of birth.

  For the character information string of the personal information determined in this way, for example, if it is “name”, the risk level is “5”, if it is an e-mail address, the risk level is “4”, etc. Determine the risk.

  The control determination unit 11 compares the security level of the room occupant determined by the room occupant level determination unit 6 with the risk level of each client terminal 4 determined by the risk level determination unit 9, and the control level is higher than the security level of the room occupant. The client terminal 4 having a high risk level is determined. For example, when there are three client terminals 4 and the respective risk levels are “2”, “1”, “5”, and the security level of the occupant is “3”, the client terminal 4 with the risk level “5”. Is above the security level of the resident. That is, it can be determined that there is information in the client terminal 4 that cannot be accessed (is not visible) at the security level of the room occupant. The client terminal 4 with the risk level “5” is specified based on the identification information of the client terminal 4.

  The client terminal 4 to be controlled may be determined as described above. However, when the risk level is determined for each character information in the operation screen information of each client terminal 4, the security level of the occupant is exceeded. It counts how many character information of the risk level exists, and when the number of character information of the risk level exceeding the security level of the occupant exceeds a predetermined value, it is determined that the client terminal 4 is a control target. You may comprise as follows.

  Further, in this case, a predetermined value of the degree of danger exceeding the security level may be set according to the security level of the occupant. For example, when the security level is “1”, the predetermined value may be set to “3”, and when the security level is “3”, the predetermined value may be set to “5”. In the former case, when the security level of the room occupant is “1”, when the character information having a risk level exceeding the security level “1” is operation screen information of “three” or more, the client terminal 4 is the control target. This is a case where it is determined that the client terminal 4 is used. In the latter case, when the security level of the occupant is “3”, the character information having a risk level exceeding the security level “3” is “5” or more. In the case of screen information, it is a case where it is determined that the client terminal 4 is the client terminal 4 to be controlled.

  The control instruction unit 12 transmits a predetermined control instruction to the client terminal 4 determined by the control determination unit 11. As this control instruction, a warning information is displayed on the display device 22 of the client terminal 4, a screen saver is displayed on the display device 22 of the client terminal 4, and a file including character information that is a risk level exceeding the security level of the occupant is entered. For example, the window is erased, minimized, or filled with a predetermined color (for example, black).

  Processing such as erasing, minimizing, or filling in a predetermined color (for example, black) a window of a file containing character information that is at a risk level exceeding the security level of the resident is recognized by the operation screen information processing unit 8. With regard to the character information specified when processing, the position information of where the character information was displayed in the operation screen information is specified, so that the risk level exceeding the security level of the occupant can be determined. The display position of the character information on the display device 22 can be specified. By including the information on the display position in the control instruction and transmitting it to the client terminal 4, the client terminal 4 deletes or minimizes the window including the display position, or displays the display position in a predetermined color. It is possible to perform a process of painting. Further, since the display position of the window is controlled by the OS of each client terminal 4, it can be determined by that.

  Next, an example of the processing process of the confidential information protection system 11 of the present invention will be described with reference to the flowchart of FIG. 4 and the conceptual diagrams of FIGS.

  First of all, when an outsider enters the company, the entrance procedure is performed at the reception. At that time, an IC tag, a magnetic card, etc. in which identification information for identifying the outsider is stored An admission card will be issued. In addition, in the case of a resident who is an employee, he has an entrance card (employee card) in which an employee number is stored as identification information.

  When entering the room, the person entering the room causes the entrance / exit management device 3 to read an entrance card or the like. The entrance / exit management device 3 that has read the entrance certificate reads the identification information stored therein, includes the identification information in the entrance information, and transmits the entrance information to the management server 2. In other words, the entrance / exit management device 3 transmits to the management server 2 entrance information notifying who the entrance person is.

  The room entry information transmitted from the room entry / exit management device 3 is received by the room entry information receiving unit 5 of the management server 2 (S100). When the room entry information is received by the room entry information receiving unit 5, the room occupant level determination unit 6 refers to the security level storage unit 7 using the identification information in the room entry information and determines the security level of the room occupant (S110).

  For example, when the identification information in the room entry information is identification information indicating that the person is outside the company, the security level is determined as “1” with reference to the security level storage unit 7. If the identification information in the room entry information is employee information, the security level is determined based on the employee information.

  Further, when the operation screen information processing unit 8 receives the room entry information by the room entry information receiving unit 5, each client terminal 4 monitored by the management server 2, that is, the display device 22 of each client terminal 4 in the room where the room entry person has entered. Request transmission of the operation screen information displayed in. Each client terminal 4 that has received this transmits the operation screen information displayed on the display device 22 to the management server 2. At this time, in order to identify which client terminal 4 is the operation screen information, it is preferable to transmit the identification information of the client terminal 4 in association with the operation screen information.

  When the operation screen information processing unit 8 receives the operation screen information of each client terminal 4, the character information included in the operation screen information is specified by executing the character recognition process for each operation screen information. .

  Then, by referring to the risk storage unit 10 based on the character information specified from the operation screen information of each client terminal 4, the risk of each specified character information is specified, and thereby the risk of each client terminal 4 is determined. Determine (S120).

  In this way, the security level of the occupant and the risk level of the operation screen information displayed on the display device 22 of each client terminal 4 to be monitored by the management server 2 (the risk level of each client terminal 4) are determined. Then, the control determination unit 11 compares these pieces of information and determines the client terminal 4 that needs predetermined control (S130).

  For example, when the security level of the room occupant is “1”, it is determined that the client terminal 4 having a higher security level and the security control for the client terminal 4 are necessary.

  If the security level of the room occupant (the room occupant) is “3”, it is determined that the security level is higher for the client terminal 4 having a higher security level and the security for the client terminal 4 is required.

  In this way, the control instruction unit 12 transmits a predetermined control instruction to each client terminal 4 for the client terminal 4 that has been determined by the control determination unit 11 that security control is necessary (S140). .

  When each client terminal 4 receiving each control instruction described above receives a control instruction indicating that security control is required, the client terminal 4 executes control corresponding to the control instruction (S150). ).

  For example, the security level of the room occupant is controlled so that the display device 22 of the client terminal 4 displays warning information such as “an outsider is entering the room” or the screen saver is displayed on the display device 22 of the client terminal 4. Display control such as erasing, minimizing, or filling a predetermined color (for example, black) a window of a file including character information having a risk level exceeding the threshold level is performed.

  By executing the processing as described above, the confidential information displayed on the display device 22 of each client terminal 4 is not seen even when there is a room occupant.

  In addition, about the control instruction | command transmitted to each client terminal 4 from the above-mentioned management server 2, when the user of the client terminal 4 performs predetermined | prescribed operation, or the control cancellation instruction | command is transmitted from the management server 2 to the client terminal 4, It is preferable that the above-described control instruction is canceled by receiving it. When the control release instruction is transmitted from the management server 2, when the information indicating that the occupant has left the room is received from the room entry / exit management device 3, or after entering the room (after receiving the room entry information by the room entry information receiving unit 5), It is also possible to transmit at a timing such as when a predetermined time has passed.

  In the first embodiment, the operation screen information processing unit 8 receives the operation screen information of each client terminal 4 and executes character recognition processing on the operation screen information, thereby specifying the character information included in the operation screen information. However, this processing may be executed for each client terminal 4.

  That is, when the entrance information receiving unit 5 receives the entrance information, the operation screen information processing unit 8 requests each client terminal 4 to acquire character information from the operation screen information displayed on the display device 22. . Each client terminal 4 that has received this acquisition request executes character recognition processing on the operation screen information displayed on the display device 22 or acquires it from each application program by a predetermined method and manages it. It is transmitted to the server 2 together with the identification information of the client terminal 4.

  The operation screen information processing unit 8 of the management server 2 stores character information from each client terminal 4 and identification information of the client terminal 4. Accordingly, the risk determination unit 9 determines the risk of each client terminal 4.

  By executing the above processing, it is not necessary to transmit operation screen information to the management server 2, and the load on the management server 2 is reduced.

  Next, an example of a processing process in another embodiment of the confidential information protection system 1 of the present invention will be described.

  In the first embodiment and the second embodiment described above, the security level of the occupant in the occupant level determination unit 6 is referred to the security level storage unit 7 using the identification information in the occupancy information received by the occupancy information reception unit 5. By doing so, the security level of the resident is determined.

  Therefore, in this embodiment, when the identification information is employee information, the security level of the extracted occupant is determined based on the information indicating the job title extracted from the security level information storage unit by the occupant level determination unit 6. May be multiplied by a coefficient K.

  The value of the coefficient K to be multiplied at this time is changed according to the job title. FIG. 8 schematically shows an example of the coefficient K.

  For example, when the security level of the room occupant as a result of referring to the security level storage unit 7 using the identification information in the room entrance information received by the room entrance information receiving unit 5 and the attribute information based on the identification information is further identified. If the information is employee information and the title in the attribute information is “section manager”, the room occupant level determination unit 6 has a coefficient K = corresponding to the determined security level “2” corresponding to the section “section manager”. By multiplying 1.3, the occupant level determination unit 6 determines the final security level of the occupant as “2.6”. Then, the determined “2.6” is passed to the control determination unit 11 as the security level of the room occupant.

  If the security level of the occupant as a result of referring to the security level storage unit 7 using the identification information in the occupancy information received by the occupancy information receiving unit 5 is “3”, the attribute information is employee information. If the job title in the attribute information is “Head Manager”, the occupant level determination unit 6 multiplies the determined security level “3” by a coefficient K = 1.8 corresponding to the job title “Head Manager”. Then, the occupant level determination unit 6 determines the final security level of the occupant as “5.4”. Then, the determined “5.4” is given to the control determination unit 11 as the security level of the room occupant.

  Thus, the control determination unit 11 compares the security level of the occupant calculated with the coefficient K and the risk determined by the risk determination unit 9 to prevent peeping of confidential information. It can also be configured.

  Further, in the first to third embodiments, as shown in FIG. 9, by installing a plurality of position information detection devices such as IC tag readers in the room, it is possible to enter the room users regularly or at a predetermined timing. Position information in the room may be detected, and the management server 2 may transmit a control instruction so as to perform display control only for the client terminal 4 close to the position information. In that case, position information of each client terminal 4 installed in the room is stored. Then, the position information of the room occupant in the room is received from an IC tag reader or the like, and the position information of each client terminal 4 is compared. As a result of the comparison, the client terminal 4 within a predetermined range (for example, within 2 meters) is extracted from the position information in the room of the room occupant, and the extracted client terminal 4 in the above-described first to third embodiments. Execute the process.

  In addition to the IC tag as the position information detection device, if the entrance card or the like has a GPS function, the position information of the occupant may be detected thereby.

  By performing such processing, when the room is large, it is possible to control only the client terminal 4 near the occupant rather than controlling all the client terminals 4 in the room. It becomes.

  In the first to fourth embodiments, the management server 2 is configured to transmit a control instruction to the client terminal 4. However, the function may be distributed between the management server 2 and the client terminal 4. For example, the entrance information receiving unit 5, the occupant level determination unit 6, and the security level storage unit 7 are provided in the management server 2, and the risk determination unit 9, the control determination unit 11, and the control instruction unit 12 are provided in each client terminal 4. It can also be configured as follows.

  In this case, the occupant level determination unit 6 determines the security level of the occupant based on the entrance information received by the entrance information receiving unit 5. The determined security level of the occupant is transmitted to each client terminal 4. When each client terminal 4 receives the security level of the occupant, each client terminal 4 extracts character information from the operation screen information displayed on the display device 22 and determines the risk level of the extracted character information. Then, the risk level of the client terminal 4 is determined. By comparing the risk level of the client terminal 4 with the security level of the occupant, it is determined whether information that cannot be seen at the security level of the occupant is present in the client terminal 4. When there is information that cannot be seen, predetermined control is executed in the client terminal. In addition, the client terminal 4 may notify the management server 2 of the determination result in the control determination unit 11.

  In addition to the above, there are various methods for distributed arrangement, and any form may be adopted.

  In these cases, when each function of the management server 2 is used at the time of processing in each client terminal 4, an inquiry is made from the client terminal 4 to the management server 2, and the result is sent to the client terminal 4. Used for processing. Then, the processing result is executed by the client terminal 4. In this case, since the control determination is performed in each client terminal 4, processing for transmitting the result to the other client terminals 4 becomes unnecessary. Further, since the processing in the control instruction unit 12 may be performed in the client terminal 4, the control instruction may be passed to the arithmetic device 20 of the client terminal 4.

  In the above-described first to fifth embodiments, the occupant level determination unit 6 determines the security level of the occupant based on the occupancy information received by the occupancy information reception unit 5. A security level may be included. For example, the identification information of the occupant and the security level information of the occupant are stored in the employee ID, and when the occupant reads the employee ID etc. into the entrance / exit management device 3, the entrance / exit management device 3 At the same time, it is read and transmitted to the management server 2 as entry information indicating that the entry person has entered the room, including at least identification information and security level information. When such a configuration is adopted, the occupant level determination unit 6 becomes unnecessary.

By using the confidential information protection system 1 of the present invention, a computer that handles confidential information when a person entering the room approaches the computer terminal (client terminal 4) on which confidential information is displayed, such as entering the room. By controlling the display on the terminal, it is possible to protect confidential information even when a user enters the room.

1 is an overall conceptual diagram of the present invention. It is a conceptual diagram which shows typically an example of the system configuration | structure of this invention. It is a conceptual diagram which shows an example of a hardware configuration typically. It is a flowchart which shows an example of the process of this invention typically. It is a figure which shows typically an example of the security level memory | storage part. It is a figure which shows an example of a risk memory | storage part typically. It is an example of operation screen information. It is a figure which shows typically the coefficient with respect to the post. It is a figure which shows the case of Example 4 typically.

Explanation of symbols

1: Confidential information protection system 2: Management server 3: Entrance / exit management device 4: Client terminal 5: Entrance information receiving unit 6: Entering person level determination unit 7: Security level storage unit 8: Operation screen information processing unit 9: Risk level Determination unit 10: Risk level storage unit 11: Control determination unit 12: Control instruction unit 20: Computing device 21: Storage device 22: Display device 23: Input device 24: Communication device

Claims (5)

A confidential information protection system for protecting confidential information displayed on a display device of a client terminal installed in a predetermined area from a person entering the area,
The confidential information protection system includes:
An entry information receiving unit for receiving entry information indicating entry of the entry person into the area from a management device that manages entry into the area;
A risk storage unit for storing character information and its risk,
An operation screen information processing unit that extracts character information included in the operation screen information based on the operation screen information displayed on the display device of the client terminal;
A risk determination unit that determines the risk of the client terminal of the operation screen information including the character information or the character information by referring to the risk storage unit using the character information extracted in the operation screen information processing unit When,
Control for determining a client terminal satisfying a predetermined condition among the client terminals by comparing the security level of the occupant with the character information determined by the risk determination unit or the risk of the client terminal. A determination unit;
A confidential information protection system characterized by comprising: The risk storage unit further includes:
File identification information is stored as the character information,
The risk determination unit
When referring to the risk storage unit using the extracted character information, if the character information stored in the risk storage unit is file identification information, the character information of the file corresponding to the file identification information By comparing with a part or all of the extracted character information or the risk level of the client terminal of the operation screen information including the character information,
The confidential information protection system according to claim 1. The confidential information protection system further includes:
A control instruction unit that transmits a predetermined control instruction to the client terminal determined by the control determination unit;
The confidential information protection system according to claim 1, wherein the confidential information protection system is provided. As a predetermined control instruction in the control instruction unit,
In the client terminal that has received the control instruction, control processing to make the displayed file unreadable or difficult to read is executed.
The confidential information protection system according to claim 3. A computer terminal that stores character information and its risk level in a storage device in association with each other,
An entrance information receiving unit for receiving entrance information indicating entry of the entrance person into the area from a management device that manages entry into the predetermined area;
An operation screen information processing unit that extracts character information included in the operation screen information based on the operation screen information displayed on the display device of the client terminal,
A risk determination unit that determines the risk of the client terminal of the operation screen information including the character information or the character information by referring to the risk storage unit using the character information extracted in the operation screen information processing unit ,
Control for determining a client terminal satisfying a predetermined condition among the client terminals by comparing the security level of the occupant with the character information determined by the risk determination unit or the risk of the client terminal. Judgment part,
A confidential information protection program characterized by functioning as

Images