JP2010146337A - Apparatus and method for processing information and program - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To perform suitable communication control of data communication for the service of transmitting one message by a plurality of times of data communication. <P>SOLUTION: A message transmitted to a data communication regulation service is managed as message detail information for each session. Then, when relaying the data communication transmitted to the data communication regulation service newly, the entire message including even information already transmitted in the session is applied to a data communication regulation rule, and the permission/denial of the relay of the data communication is determined. <P>COPYRIGHT: (C)2010,JPO&INPIT

Description

  The present invention relates to a communication control technique for data communication transmitted from an internal network to an external network, and more particularly to a communication control technique for a series of data communication including a plurality of different communications.

  With the development of network technology, it is possible to exchange information very easily and efficiently. For example, it is possible to attach materials to be used for a meeting to an e-mail and send them to participants in advance without trouble and trouble. However, while network technology has been developed in this way and information exchange has become easier, the degree of danger that important confidential information can easily flow outside has increased.

  From the standpoint of preventing information leakage, it is important to take measures against unauthorized access from the outside, and to take measures against inadvertent transmission of important data from the inside. ing. The cause of information leakage is that information is leaked due to internal carelessness or illegal behavior rather than being stolen by unauthorized access. .

  In addition to this background, the enforcement of the Personal Information Protection Law, etc. has required companies to handle information properly. For example, as a countermeasure against information leakage at companies, electronic Introduce a system that checks the contents of the mail (for example, text information of the destination and text, contents of the attached file) and prohibits the e-mail from being sent outside the company if the specified conditions are met. Yes. This reduces the risk that important confidential information will be leaked from inside the company or that information that is disadvantageous to the company will be leaked.

  On the other hand, the risk of leaking information or leaking disadvantageous information via the network is not limited to e-mail transmission. For example, leakage of confidential information due to posting on a bulletin board on the Internet or leakage of disadvantageous information can be considered. Services using the Internet have been diversified, and companies have been required to deal with information leakage for each service.

For example, Patent Document 1 is disclosed as a technique for preventing leakage of confidential information due to posting on the bulletin board and outflow of information that is inconvenient for a company. According to such technology, a specific service on the Internet is specified by a URL (Uniform Resource Locator), and the transmission of information is controlled only for the service, so that the protocol (HTTP) is different from that of conventional electronic mail (SMTP). It is also possible to take measures against information leakage without compromising the convenience of the Internet.
JP 2004-348202 A

  In the invention disclosed in Patent Document 1, only data communication in one communication is considered. For example, in a service capable of transmitting one piece of information by a plurality of data communication such as a web-based chat service (hereinafter referred to as “web chat”), it is possible to prevent leakage of information only by performing communication control of one communication. If not, it will happen. This is because the content of the data transmitted in each data communication is low in confidentiality, but there is a case where the information is confidential by combining them.

  For data communication for such a service, when trying to perform transmission control of data communication based on information (message) to be transmitted, not only one message but the session in which the message is transmitted Therefore, it is necessary to perform communication control including information transmitted / received in the past.

  In the present invention, in view of the problems as described above, communication control is performed for a service in which a message is transmitted by a plurality of data communications based on information included in the entire message transmitted by the plurality of data communications. The purpose is to make it possible to do.

In order to solve the above problems, an information processing apparatus of the present invention has the following configuration. That is,
An information processing apparatus that is connected to a server apparatus that provides a service and performs communication control of data communication from a client apparatus that uses the service to the server apparatus,
First storage means for storing a plurality of first rules that are rules applied to communication control of transmission of the data communication;
Second storage means for storing service specifying information which is information for specifying data communication from the client device to the server device;
In accordance with the service specifying information, out of data communication from the client device, specifying means for specifying data communication for performing communication control applying the first rule;
Storage means for storing session identification information and messages included in the data communication specified by the specifying means as communication history data;
Generation means for acquiring communication history data related to data communication specified by the specifying means from the storage means, and generating inspection object data;
Communication control means for performing communication control of the data communication according to the first rule,
Each of the plurality of first rules includes setting of data communication conditions to which the first rules are applied and action information executed when the conditions are satisfied,
The communication control unit applies a first rule to the inspection target data, and when the communication rule matches the first rule, an action associated with the first rule for the data communication Communication control for permitting or prohibiting the relay of the data communication from the client device to the server device is performed by executing the process indicated by the information for the data communication.

Moreover, in order to solve the said subject, the information processing method of this invention is equipped with the following structures. That is,
An information processing method performed by an information processing device that is connected to a server device that provides a service and performs communication control of data communication from a client device that uses the service to the server device,
A first storage step of storing a plurality of first rules, which are rules to be applied to communication control of transmission of the data communication, in a storage device;
A second storage step of storing, in a storage device, service specifying information that is information for specifying data communication from the client device to the server device;
In accordance with the service specifying information, out of data communication from the client device, a specifying step of specifying data communication for performing communication control applying the first rule;
An accumulation step of accumulating session identification information and a message included in the data communication identified in the identification step in a storage device as communication history data;
A communication history data related to the data communication specified in the specifying step is acquired from the storage device, and a generation step for generating inspection target data;
A communication control step of performing communication control of the data communication according to the first rule,
Each of the plurality of first rules includes setting of data communication conditions to which the first rules are applied and action information to be executed when the conditions are satisfied,
The communication control step applies the first rule to the inspection target data, and when the first rule is matched, the action associated with the first rule for the data communication By performing the process indicated by the information for the data communication, communication control for permitting or prohibiting the relay of the data communication from the client device to the server device is performed.

  According to the present invention, in the communication control of data communication with respect to an external server device that provides a service constructed so that a single data communication can be performed by a plurality of data communication, the entire message transmitted by the data communication As a result, it is possible to perform transmission control of data communication, and it is possible to reduce the risk of information leakage.

  Hereinafter, the present invention will be described in detail according to preferred embodiments with reference to the accompanying drawings.

  FIG. 1 is a diagram illustrating an example of a system configuration according to an embodiment of the present invention.

  As shown in FIG. 1, the system according to the present embodiment includes a proxy server 101, a communication control DB 102, client terminals 103-1 to 103-3 (hereinafter collectively referred to as “client terminal 103”), a LAN (local area network). ) 104, service providing servers 105-1 and 105-2 (hereinafter collectively referred to as "service providing server 105"), wide area network 106 (hereinafter referred to as network 106), and external terminal 107. Hereinafter, those constituting the system according to the present embodiment will be described.

  The proxy server 101 is a device that functions as an information processing device of the present invention, and relays data communication between the client terminal 103 and the service providing server 105.

  Further, the proxy server 101 is used for specifying communication to the service providing server 105, and provides communication control such as service providing server information for identifying the service providing server 105 and permitting / rejecting data communication relay. The communication control DB 102 in which data communication restriction rules, which are rules used for the communication, are registered.

  Further, the proxy server 101 further has a web server function for providing a setting page for registering, modifying, etc., information set in the communication control DB 102. The communication control DB 102 may be provided in the proxy server 101 or may be installed in another computer.

  The client terminal 103 is a terminal device used by a user who uses a service provided by the service providing server 105. For example, when the service providing server 105 provides a web chat service, the client terminal 103 can perform a web chat via the service providing server 105 with an external terminal.

  The LAN 104 connects the proxy server 101 and the client terminal 103 to each other so that data communication is possible.

  The service providing server 105 is a server device installed by a provider that provides a web service. In this embodiment, the service providing server 105 is a server device for providing at least a web chat service.

  The wide area network 106 is a network for connecting the apparatus and the external terminal 107 so that they can communicate with each other.

  The external terminal 107 is a terminal device used by a user who uses a service provided by the service providing server 107 as with the client terminal 103, and is connected to a network different from the LAN 104.

  FIG. 2 is a block diagram illustrating a hardware configuration of the proxy server 101.

  In FIG. 2, reference numeral 201 denotes a CPU that controls the proxy server 101 as a whole using programs and data stored in a RAM 202 and a ROM 203, and executes each process to be described later performed by the proxy server 101.

  A RAM 202 temporarily stores programs and data loaded from the HDD (hard disk drive) 204 and the recording medium drive 206 and programs and data received from other devices via the network I / F (interface) 205. Various areas such as an area to be used and a work area used when the CPU 201 executes various processes can be provided as appropriate.

  A ROM 203 stores setting data of the proxy server 101, a boot program, and the like.

  Reference numeral 204 denotes an HDD, which stores an OS (Operating System) and programs and data for causing the CPU 201 to execute processes described later performed by the proxy server 101, and these are loaded into the RAM 202 as appropriate under the control of the CPU 201. The CPU 201 is a processing target.

  Reference numeral 205 denotes a network I / F for connecting the proxy server 101 to the LAN 104 and the wide area network 106. The proxy server 101 is connected to the LAN 104 and the wide area network 106 via the network I / F 205. Perform data communication with the device.

  Reference numeral 206 denotes a recording medium drive that reads programs and data recorded on a recording medium such as a CD-ROM, CD-R / RW, DVD-ROM, DVD-R / RW, and DVD-RAM, and outputs them to the RAM 202 and HDD 204. To do. A part of the data held by the HDD 204 may be stored in these recording media.

  Reference numeral 207 denotes a keyboard, and 208 denotes a pointing device configured by a mouse, a joystick, or the like, and functions as an input unit that inputs various instructions to the CPU 201 when operated by an operator of the proxy server 101.

  Reference numeral 209 denotes a display device, which includes a CRT, a liquid crystal screen, and the like, and functions as a display unit that displays a processing result by the CPU 201 as an image or text.

  Reference numeral 210 denotes an external device connection I / F, which is a port for connecting peripheral devices to the proxy server 101. The proxy server 101 performs data communication with peripheral devices via the external device connection I / F 210. The external device connection I / F 210 is configured by USB, IEEE 1394, or the like, and usually has a plurality of external device connection I / Fs 210. The connection form with the peripheral device may be wired or wireless.

  Reference numeral 211 denotes a bus that connects the above-described units 201 to 210.

  The hardware configuration of the proxy server 101 will be described as having the configuration shown in FIG. 2, but is not necessarily limited to having the configuration shown in FIG. 2, and various processes described below performed by the proxy server 101 are executed. If possible, the configuration of the proxy server 101 may be changed as appropriate.

  The hardware configurations of the client terminals 103-1 to 103-3, the service providing servers 105-1 and 105-2, and the external terminal 107 also apply general computers to these, and as is well known, The configuration shown in FIG.

  FIG. 3 is a diagram illustrating a functional configuration of the proxy server 101.

  As shown in FIG. 3, the proxy server 101 includes a data communication restriction rule receiving unit 301, a data communication restriction rule recording unit 302, a restriction rule application data communication specifying unit 303, a data communication relay control unit 304, a communication relay permission / rejection response. A transmission unit 305 and a data communication restriction target service setting unit 306 are provided.

  The data communication restriction target service setting means 306 sets (registers, modifies, deletes, etc.) information (details will be described later in FIG. XX) for specifying the service providing server in the communication control DB 102.

  The data communication restriction rule accepting unit 301 accepts an input of a data communication restriction rule for the CPU 201 of the proxy server 101 to determine permission / rejection of data communication relay. The data communication restriction rule recording unit 302 registers the rule received by the data communication restriction rule accepting unit 301 (details will be described later in FIG. YY) in the communication control DB.

  The restriction rule application data communication specifying unit 303 is data using the restriction rule received by the data communication restriction rule receiving unit 301 based on the information set in the data communication restriction target service setting unit 306 and registered in the communication control DB 102. The communication subject to communication relay control processing is specified. The data communication relay control unit 304 performs the data communication relay control process by applying the communication restriction rule registered in the communication control DB 102 to the data communication specified by the restriction rule application data communication specifying unit 303. .

  The relay permission / rejection response transmission unit 305 transfers a response from the service providing server 105 to the client terminal 103 that has performed data communication permitted to be relayed by the data communication relay control unit 304, or the data communication relay control unit 304 The client terminal 103 that has performed data communication for which relay is rejected is notified that data communication has not been relayed (relay has been rejected).

  The HDD 204 of the proxy server 101 includes a data communication restriction rule receiving unit 301, a data communication restriction rule recording unit 302, a restriction rule application data communication specifying unit 303, a data communication relay control unit 304, a relay permission / rejection response transmission unit 305. A program for controlling the proxy server 101 as the data communication restriction target service setting unit 306 is recorded. The CPUs 201 of the proxy server 101 load these programs into the RAM 202 and execute them, so that the above-described units 301 to 306 are realized.

  Next, processing performed by the proxy server 101 shown in FIG. 1 will be described with reference to FIG.

  FIG. 4 is a flowchart showing an example of the first control process in the present invention, and corresponds to a flowchart showing an outline of the overall process performed by the proxy server 101. Note that the processing of this flowchart is realized by the CPU 201 of the proxy server 101 loading a program stored in the HDD 204 into the RAM 202 and executing it.

  First, the CPU 201 determines whether or not a setting change request for a data communication restriction target service has been received from a user (step S401). If it is determined that a setting change request has been received (Yes in step S401), the CPU 201 performs processing for setting a data communication restriction target service (step S402). Details of the process in step S402 will be described later with reference to FIG. Then, when the process of step S402 ends, the CPU 201 advances the process to step S403.

  On the other hand, if it is determined that a setting change request has not been received (No in step S401), the CPU 201 proceeds to step S403 as it is.

  In step S403, the CPU 201 determines whether or not a data communication restriction rule setting change request has been accepted. If it is determined that a setting change request has been received (Yes in step S403), the CPU 201 performs a data communication restriction rule setting process (step S404). Details of the process in step S404 will be described later with reference to FIG. Then, when the process of step S404 ends, the CPU 201 advances the process to step S405.

  On the other hand, if it is determined that a setting change request has not been received (No in step S403), the CPU 201 proceeds to step S405 as it is.

  In step S405, the CPU 201 transmits data for data communication transmitted to the wide area network 106 transmitted from the client terminal 103 based on the data communication restriction target service information set in step S402 and the data communication restriction rule set in step S404. Communication control processing is performed (step S405). Details of the process in step S405 will be described later with reference to FIG. Then, when the process of step S405 ends, the CPU 201 advances the process to step S406.

  In step S406, the CPU 201 determines whether an instruction to end the data communication control process has been received. If it is determined that an instruction to end the data communication control process has not been received (No in step S406), the CPU 201 returns the process to step S401.

  On the other hand, if it is determined that an instruction to end the data communication control process has been received (Yes in step S406), the CPU 201 ends the process of this flowchart as it is. That is, the CPU 201 repeats the above-described processing of S401 to S405 until receiving an instruction to end the data communication control processing (until it is determined Yes in step S406).

  Hereinafter, the setting process of the data communication restriction target service shown in step S402 of FIG. 4 will be described in detail with reference to FIG.

  FIG. 5 is a flowchart showing an example of the second control process in the present invention, and corresponds to the flowchart showing details of the data communication restriction target service setting process in step S402 of FIG. That is, this process is performed by the CPU 201 of the proxy server. When this processing is performed, the CPU 201 loads a program for causing the proxy server 101 to function as the data communication restriction target service setting unit 306 from the HDD 204 to the RAM 202, and performs the following processing based on the control of the program. Will be done.

  First, the CPU 201 of the proxy server 101 transmits a data communication restriction target service setting screen 900 as shown in FIG. 9 to the client terminal 103 that has transmitted the setting change request for the data communication restriction target service (step S501). . Here, the data communication restriction target service setting screen 900 will be described.

  FIG. 9 is a diagram illustrating an example of a data communication restriction target service setting screen 900.

  In FIG. 9, reference numeral 901 denotes a registered data communication restriction target service display unit, which displays data communication restriction target service information already registered in a data communication restriction target service table in the communication control DB 102 described later. .

  Here, the data communication restriction target service table 1100 will be described with reference to FIG.

  FIG. 11 is a diagram illustrating an example of a data configuration of the data communication restriction target service table 1100 registered in the communication control DB 102.

  In the figure, reference numeral 1101 denotes an ID, in which a unique ID for uniquely identifying a service subject to data communication restriction is registered.

  In the figure, reference numeral 1102 denotes a service name, in which the service name of the data communication restriction target service is registered.

  In the figure, reference numeral 1103 denotes a URL, in which URL information of a service providing server that provides the service is registered.

  In the figure, reference numeral 1104 denotes a session identifier, in which data setting information used for specifying communication in the same session is registered. As a session identifier, for example, when a value of a variable in transmission data is used as session identification information, information on the variable is registered in this column.

  The above is an example of the data configuration of the data communication restriction target service table 1100.

  Returning to the description of FIG. In the ID display column 901-1 in the registered data restriction target service display unit 901, ID information (registered in 1101) of the data communication restriction target service already registered in the data communication restriction target service table 1100 is stored. Is displayed.

  In the service name display column 901-2, service name information (registered in 1102) of the data communication restriction target service already registered in the data communication restriction target service table 1100 is displayed.

  In the URL display column 901-3, URL information (registered in 1103) of the data communication restriction target service already registered in the data communication restriction target service table 1100 is displayed.

  In the operation instruction button display field 901-4, an “edit” button 902 for instructing editing of the already registered data communication restriction service and a “delete” button 903 for instructing deletion are set. . When the edit button 902 is pressed, a data communication restriction target service information input screen 1000 to be described later is displayed on the display device of the client terminal 103 in order to edit the data communication restriction service. Details of the data communication restriction target service information input screen 1000 will be described later with reference to FIG. When an instruction to press the delete button 903 is received, the proxy server 101 is instructed to delete the corresponding data communication restriction target service information. Then, the CPU 201 of the proxy server 101 deletes the corresponding data from the data communication restriction target service table 1100 according to the deletion instruction.

  In the figure, reference numeral 904 denotes an “add new service” button. When this button is pressed, a data communication restriction target service information input screen to be described later is received in order to accept input of data communication restriction target service information to be newly registered. 1000 is displayed on the display device of the client terminal 103. Details of the data communication restriction target service information input screen 1000 will be described later with reference to FIG.

  In the figure, reference numeral 905 denotes an “end” button. When this button is pressed, the display of the data communication restriction target service setting screen 900 is ended.

  The above is the description of the data communication restriction target service setting screen 900.

  Returning to the description of FIG. Next, it is determined whether a request for changing the data communication restriction target service has been received (step S502). When a new service addition button 904 or an edit button 902 in the data communication restriction target service setting screen 900 displayed on the display device of the client device 103 is pressed, the proxy server 101 is notified of the data communication restriction target service. It is possible to make a change request. When a new service addition button 904 is pressed, a new service addition request is sent to the proxy server 101, and when an edit button 902 is pressed, an existing service edit request is sent to the proxy server 101. Become. When a request for changing the data communication restriction target service is received (Yes in step S502), the data communication restriction target service information input screen 1000 is transmitted to the client terminal 103 that has made the request. On the other hand, if it is determined that a request for changing the data communication restriction target service has not been received (NO in step S502), the process proceeds to step S508.

  FIG. 10 is a diagram illustrating an example of a data communication restriction target service information input screen.

  In the figure, reference numeral 1001 denotes a service ID display field, which displays ID information for uniquely identifying a service. This ID information is not duplicated and registered. This information is registered in the ID 1101 of the data communication restriction target service table 1100.

  Reference numeral 1002 denotes a service name input field that accepts an input of a service name of a service subject to data communication regulation. Information input in this field is registered in the service name 1102 of the data communication restriction target service table 1100.

  Reference numeral 1003 denotes a URL input field, which accepts an input of a URL of a service subject to data communication regulation. The information input in this field is registered in the URL 1103 of the data communication restriction target service table 1100.

  Reference numeral 1004 denotes a session identifier input field that accepts input of session identification information of the service in this input field. The information input in this input field is registered in the session identifier 1104 of the data communication restriction target service table 1100.

  When a change request for a data communication restriction target service is made by pressing the edit button 902, the above-described information 1001 to 1004 is displayed in a state in which already set information is input as initial data. Will be.

  Reference numeral 1005 denotes an OK button, and when a required item is input and the pressing of this button is detected, various information input on this screen is registered in the data communication restriction target service table 1100. .

  Reference numeral 1006 denotes a cancel button. When this button is pressed, this screen is terminated. In that case, the information input in each input column of this screen is not registered in the data communication restriction target service table 1100.

  The above is the description of the data communication restriction target service information input screen 1000.

  Returning to the description of FIG. After that, the CPU 201 of the proxy server 101 has received an input cancel instruction from the client terminal 103 (the cancel button 1006 of the data communication restriction target service information input screen 1000 displayed on the display device of the client device 103 has been pressed). Whether information has been accepted) (step S504). If it is determined that a cancel instruction has been accepted (Yes in step S504), the process proceeds to step S502. In the step S502, the data communication restriction target service setting screen 900 is displayed on the display device of the client device 103.

  If it is determined that the cancel instruction has not been received (No in step S504), it is determined whether the input information input from the client terminal 103 to the data communication restriction target service information input screen 1000 has been received (step S505). The input information is transmitted from the client terminal 103 to the proxy server 101 when the OK button 1005 in the data communication restriction target service information input screen 1000 displayed on the client terminal 103 is pressed. Become. If it is determined that input information has not been received (No in step S505), the process proceeds to step S504. On the other hand, if it is determined that the input information has been received, the data communication restriction target service table is updated based on the received input information (step S506). Then, a data communication restriction target service setting screen 900 including the updated content is transmitted to the client device 103 (step S507). Thereafter, the process proceeds to step S502.

  Until the setting completion instruction is received from the client device 103 (until “Yes” is determined in step S508), specifically, in the data communication restriction target service setting screen 900 displayed on the client device 103. The above processing is repeated until a press notification of the end button 905 is received.

  The above is the detailed description of the setting process of the data communication restriction target service shown in step S402 of FIG.

  Next, details of the data communication restriction rule setting process shown in step S404 of FIG. 4 will be described with reference to FIG.

  FIG. 6 is a flowchart showing an example of the third control process in the present invention, and corresponds to the flowchart showing details of the data communication restriction rule setting process in step S404 of FIG. That is, this process is performed by the CPU 201 of the proxy server. When this processing is performed, the CPU 201 loads a program for causing the proxy server 101 to function as the data communication restriction rule accepting unit 301 and the data communication restriction rule recording unit 302 from the HDD 204 to the RAM 202 and controls the program. Based on this, the following processing is performed.

  First, the CPU 201 of the proxy server 101 transmits a data communication restriction rule setting screen 1200 to the client terminal 103 that has transmitted the data communication restriction rule setting change request in step S403 of FIG. 4 (step S601). The data communication restriction rule setting screen 1200 will be described in detail with reference to FIG.

  FIG. 12 is a diagram illustrating an example of the data communication restriction rule setting screen 1200.

  In FIG. 12, reference numeral 1201 denotes a registered data communication restriction rule display unit, which displays data communication restriction rule information already registered in a data communication restriction rule table in the communication control DB 102 described later.

  Here, the data communication restriction rule table 1400 will be described with reference to FIG.

  FIG. 14 is a diagram illustrating an example of a data configuration of the data communication restriction rule table 1400 registered in the communication control DB 102.

  In the figure, reference numeral 1401 denotes an ID in which a unique ID for uniquely identifying the data communication restriction rule is registered.

  In the figure, 1402 is an explanation, and information for explaining the data communication restriction rule is registered.

  In the figure, reference numeral 1403 denotes a group condition, in which information regarding a group to which the data communication restriction rule is applied is registered. Data for which a transmission instruction is given by a user is subjected to relay control according to a data communication restriction rule applied to a group to which the user belongs.

  In the figure, 1404 is a keyword condition, and the keyword condition in the data communication restriction rule is registered. The keyword condition 1404 includes an inspection presence / absence 1405 indicating whether or not the keyword condition is set, a search range 1406 indicating which range of data is subjected to relay control to which the keyword condition is applied, and data communication. A condition 1407 is set to indicate what keyword is included if the condition is met.

  In the figure, reference numeral 1408 denotes an operation in which designation of how to relay control data communication that matches the condition is registered. “Relay” is set when relaying is permitted, and “prohibited” is set when relaying is not permitted.

  The above is an example of the data configuration of the data communication restriction rule table 1400.

  Returning to the description of FIG. The ID display column 1201-1 in the registered data communication restriction rule display unit 1201 displays the ID information (registered in 1401) of the data communication restriction rule already registered in the data communication restriction rule table 1400. The

  In the group display column 1201-2, group condition information (registered in 1403) of data communication restriction rules already registered in the data communication restriction rule table 1200 is displayed.

  In the operation display column 1201-3, the operation information (registered in 1408) of the data communication restriction rule already registered in the data communication restriction rule table 1200 is displayed.

  In the explanation display column 1201-4, explanation information (registered in 1402) of the data communication restriction rule already registered in the data communication restriction rule table 1200 is displayed.

  In the operation instruction button display field 1201-5, an “edit” button 1202 for instructing editing of a registered data communication restriction rule and a “delete” button 1203 for instructing deletion are set. . When the edit button 1202 is pressed, a data communication restriction rule information input screen 1300 described later is displayed on the display device of the client terminal 103 in order to edit the data communication restriction rule. Details of the data communication restriction rule information input screen 1300 will be described later with reference to FIG. When an instruction to press the delete button 1203 is received, the proxy server 101 is instructed to delete the corresponding data communication restriction rule. Then, the CPU 201 of the proxy server 101 deletes the corresponding data from the data communication restriction rule table 1400 according to the deletion instruction.

  In the figure, reference numeral 1204 denotes an “add” button. When this button is pressed, a data communication restriction rule information input screen 1300 (to be described later) is displayed on the client terminal 103 in order to accept input of a data communication restriction rule to be newly registered. It will be displayed on the display device. Details of the data communication restriction rule information input screen 1300 will be described later with reference to FIG.

  In the figure, reference numeral 1205 denotes an “end” button. When this button is pressed, the display of the data communication restriction rule setting screen 1200 is ended.

  The above is the description of the data communication restriction rule setting screen 1200.

  Returning to the description of FIG. Next, it is determined whether a detailed setting request for data communication restriction rules has been accepted (step S602). By pressing an add button 1204 or an edit button 1202 in the data communication restriction rule setting screen 1200 displayed on the display device of the client apparatus 103, a detailed setting request for data communication restriction rules is made to the proxy server 101. It is possible. When the add button 1204 is pressed, a request to add a new data communication restriction rule is sent to the proxy server 101 when the edit button 1202 is pressed. Will be. When a request for detailed setting of data communication restriction rule is received (Yes in step S602), the data communication restriction rule detailed setting screen 1300 is transmitted to the client device 103 that has made the request (step S603). . On the other hand, if it is determined that the data communication restriction rule detailed setting request has not been received (No in step S602), the process proceeds to step S608.

  FIG. 13 is a diagram illustrating an example of a data communication restriction rule detail setting screen.

  An ID information display field 1301 is set in the ID information display field in the figure. This ID information is for uniquely identifying the data communication regulation rule, and is not registered in duplicate. This information is registered in the ID 1401 of the data communication restriction rule table 1400.

  An explanation information input field 1302 is set in the explanation information display section in the figure. The information received in the input field is registered in the description 1402 of the data communication restriction rule table 14.

  In the group condition setting unit in the figure, controls for setting user conditions to apply the rules input via this screen are set. When all the user selection radio buttons 1303 are selected, the data communication for which all users have instructed transmission becomes the application target of this rule. When the group designation radio button 1304 is selected, this rule applies to data communication in which a user belonging to the group selected in the group selection list 1305 has instructed transmission. The group is defined separately and registered in the communication control DB 102.

  In the keyword condition setting unit in the figure, a control for setting a keyword condition used for relay control of data communication is set. When the radio button 1306 that is not inspected is selected, the keyword condition is not set. On the other hand, when the radio button 1307 to be inspected is selected, the inspection range and conditions are input. The inspection range is to check only the message being sent by keyword (select the message radio button being sent 1308), or use the keyword for all data communication performed in a session with web chat. It is possible to set whether to check (select the whole conversation radio button 1309). In addition, as a condition, it is possible to perform a setting for checking based on the number of appearances of terms registered in the keyword set specified in the keyword set list 1310 (set in the appearance number specification edit 1311). Note that the keyword set is created separately and registered in the communication control DB 102.

  In the operation setting unit in the figure, a control for setting a relay control method for data communication that matches the conditions set by the group condition setting unit and the keyword condition setting unit is set. When the relay radio button 1312 is selected, data communication that matches the data communication restriction rule set on this screen is relayed. When the prohibition radio button 1313 is selected, the data set on this screen The CPU 201 of the proxy server 101 performs relay control to prohibit data communication relaying that matches the communication regulation rule.

  Reference numeral 1314 denotes an OK button. When a required item is input and the pressing of this button is detected, various information input on this screen is registered in the data communication restriction rule table 1400.

  Reference numeral 1315 denotes a cancel button. When this button is pressed, this screen is terminated. In that case, the information input in each input column of this screen is not registered in the data communication restriction rule table 1400.

  The above is the description of the data communication restriction rule detailed setting screen 1300.

  Returning to the description of FIG. After that, the CPU 201 of the proxy server 101 has received an input cancel instruction from the client device 103 (information that the cancel button 1315 of the data communication restriction rule detailed setting screen 1300 displayed on the display device of the client device 103 is pressed) Is received) (step S604). If it is determined that a cancel instruction has been accepted (Yes in step S604), the process proceeds to step S602. In step S602, the data communication restriction rule setting screen 1200 is displayed on the display device of the client device.

  If it is determined that the cancel instruction has not been received (No in step S604), it is determined whether the input information input from the client terminal 103 to the data communication restriction rule detailed setting screen 1300 has been received (step S605). This input information is transmitted from the client terminal 103 to the proxy server 101 when the OK button 1314 in the data communication restriction rule detailed setting screen 1300 displayed on the client terminal 103 is pressed. If it is determined that input information has not been received (No in step S605), the process proceeds to step S604. On the other hand, if it is determined that the input information has been received, the data communication restriction rule table 1400 is updated based on the received input information (step S606). Then, the data communication restriction rule setting screen 1200 including the updated content is transmitted to the client device 103 (step S607). Thereafter, the process proceeds to step S602.

  Until the setting completion instruction is received from the client device 103 (until “Yes” is determined in step S608), specifically, in the data communication restriction rule setting screen 1200 displayed on the client device 103. The above processing is repeated until a notification of pressing the end button 1205 is received.

  The above is the detailed description of the data communication restriction rule setting process shown in step S404 of FIG.

  Next, the details of the data communication control process shown in step S405 of FIG. 4 will be described with reference to FIG.

  FIG. 7 is a flowchart showing an example of the fourth control process in the present invention, and corresponds to the flowchart showing details of the data communication control process in step S405 of FIG. That is, this process is performed by the CPU 201 of the proxy server 101. When this processing is performed, the CPU 201 stores a program for causing the proxy server 101 to function as the restriction rule application data communication specifying unit 303, the data communication relay control unit 304, and the relay permission / rejection response transmission unit 305 from the HDD 204 to the RAM 202. And the following processing is performed based on the control of the program.

  Data communication transmitted from the client device 103 is transmitted to the network 106 via the proxy server 101.

  The CPU 201 of the proxy server 101 transmits data to the wide area network from the client device 103 (step S721). When the data is acquired (Yes in step S701), the CPU 201 analyzes the content of the acquired data communication (step S702). If it is determined as a result of the data analysis in step S702 that the message is transmitted to the data communication restriction target service (Yes in step S703), a message information table described later is updated (step S704).

  FIG. 15 is a block diagram illustrating an example of a message information table. The message information table includes a session management table 1500 and a message detail table 1510.

  The session management table 1500 includes a service ID registration unit 1501, a session identifier registration unit 1502, and a message detail table pointer registration unit 1503.

  The service ID registration unit 1501 registers a service ID of a service that provides the data communication service. This information is registered based on the URL information of the data transmission destination obtained by the data analysis processing in step S702 of FIG.

  The session identifier registration unit 1502 registers session information of the data communication. As this information, a value associated with the information set as the session identifier of the service corresponding to the URL information obtained by the data analysis processing in step S702 of FIG. 7 is registered. Note that the CPU 201 identifies communication of the same session with the service ID and session identifier information. If the set of URL information and session identification information obtained as a result of the data analysis processing in step S702 in FIG. 7 is not registered in the session management table 1500, the information is newly registered.

  The message detail table pointer registration unit 1503 registers pointer information of a message detail table in which the contents of data communication performed so far in the data communication are registered.

  The message detail table 1510 includes a From information registration unit 1511, a To information registration unit 1512, and a message registration unit 1513.

  The From information registration unit 1511 registers data sender information, and the To information registration unit 1512 registers data receiver information. If the result of data analysis in step S702 in FIG. 7 (the same applies to the data analysis process in step S710 in FIG. 7 described later) and the From information and To information cannot be acquired, these data need not be registered. I do not care.

  In the message registration unit 1513, the contents of the message transmitted and received by the data communication acquired as a result of the data analysis in step S702 in FIG. 7 (the same as the data analysis process in step S710 in FIG. 7 described later) are registered. The message detail management table 1510 is created for each communication session.

  The above is the description of the message information table.

  Returning to the description of FIG.

  In step S704, if the information regarding the session specified as a result of the data analysis processing in step S702 is already registered in the session management table 1500 in the message information table, the CPU 201 indicates the pointer information of the session management record. From information, To information, and a message are registered in the message detail management table 1510. On the other hand, when the information regarding the session is not registered in the session management table 1500 in the message information table, a record indicating the session is newly added to the session management table 1500. Then, a message detail management table for registering a message transmitted and received by communication in the session is generated, and the pointer information is registered in the message detail table pointer registration unit 1503. Then, the transmission message obtained as a result of the data analysis processing in step S702 is registered in the message detail management table indicated by the pointer information.

  Thereafter, a communication inspection process is performed. This process will be described in detail with reference to FIG.

  FIG. 8 is a flowchart showing an example of the fifth control process in the present invention, and corresponds to the flowchart showing the details of the communication inspection process in step S705 of FIG. That is, this process is performed by the CPU 201 of the proxy server 101. When this processing is performed, the CPU 201 performs the following processing based on control of a program for causing the proxy server 101 to function as the data communication relay control unit 304.

  First, the CPU 201 determines whether the data communication that is the target of the communication inspection process is data communication to a data communication restriction target service (step S801). If it is determined that the data communication is not a data communication restriction service (No in step S801), the process proceeds to step S814. In step S814, communication control is performed using a data communication restriction rule different from the data communication restriction rule according to the present invention. For example, communication control for electronic mail (by SMTP), communication control for communication with a web mail service, and communication control for communication with a bulletin board service are performed in this processing step.

  On the other hand, if it is determined in step S801 that the data communication is to the data communication restriction target service (Yes in step S801), the data communication is still in accordance with the data communication restriction rule managed in the data communication restriction rule table 1400. It is determined whether there is a data communication restriction rule that has not been applied to (Step S802). If it is determined that there is an unapplied rule (Yes in step S802), a restriction rule having the highest priority among the unapplied data communication restriction rules is acquired from the data communication restriction rule table 1400 (step S803). ). Then, it is determined whether the data communication subject to communication inspection is subject to communication control based on the data communication restriction rule acquired in step S803. First, it is determined whether a user condition is set in the data communication restriction rule acquired in step S803 (step S804). If the user condition is not set (No in step S804), the process proceeds to step S806. On the other hand, if the user condition is set (Yes in step S804), it is determined whether the transmission user of the data communication subject to communication inspection satisfies the user condition set in the data communication restriction rule (step S805). ). If it is determined that the user condition is not satisfied (No in step S805), the process proceeds to step S802. If it is determined that the user condition is satisfied (Yes in step S805), the process proceeds to step S806.

  In step S806, the CPU 201 determines whether a keyword condition is set in the data communication restriction rule acquired in step S803. If it is determined that no keyword condition is set (No in step S806), the process proceeds to step S812. On the other hand, if it is determined that the keyword condition is set (Yes in step S806), the process proceeds to step S807, and the message being transmitted is set as the application range of the keyword condition, or the entire conversation is Determine if it is set. If it is determined that the message is being transmitted (“message being transmitted” in step S807), a message transmitted by the data communication is acquired (step S808). If it is determined that the conversation is the entire conversation (the entire conversation in step S807), the entire message transmitted / received so far is acquired from the message detail management table 1510 of the current session in the message information table (step S809). Then, the data communication restriction rule is applied to the message acquired in step S808 or the entire message acquired in step S809, and keyword inspection is performed (step S810). If it is determined as a result of the keyword check in step S810 that the keyword condition is not met (No in step S811), the process proceeds to step S802. On the other hand, if it is determined that the keyword condition is met (Yes in step S811), the process proceeds to step S812 to perform data relay control that applies the operation set in the data communication restriction rule. Will be determined.

  The above processing is repeated until it is determined in step S812 to perform data relay control to which an operation based on any data communication restriction rule is applied, or until it is determined No in step S802. If NO is determined in step S802, the process proceeds to step S813, and data relay control is performed by applying a default operation, which is a rule applied when none of the data communication regulation rules is met. To decide.

  The above is the details of the communication inspection process in step S705 of FIG.

  Returning to the description of FIG. As a result of the communication inspection process in step S705, if the determined relay control operation is relay permission, the process proceeds to step S708, and the data received from the client apparatus 103 is transferred to the server apparatus ( (The service providing server 105 is included therein) (step S708). On the other hand, if it is relay rejection (prohibition) (No in step S706), data communication indicating that relay rejection has been performed is performed to the client apparatus 103 (step S707).

  Then, when receiving the data communication relayed from the proxy server (Yes in step S731), the CPU of the service providing server 105 executes a predetermined service (step S732) and transmits the execution result data of the service (step S732). S733). For example, the execution result data includes the content of a message transmitted to the service providing server 105 from the external terminal 106 that performs web chat communication with the client device 103 via the service providing server 105.

  When the CPU 201 of the proxy server 101 receives the data from the service providing server 105 (step S709), the CPU 201 analyzes the received data (step S710). This analysis process is almost the same as in step S702. If it is determined as a result of the data analysis process that a message from the data communication restriction target service has been received (Yes in step S711), the message information table is updated based on the information (step S712). . The data received from the service providing server 105 is relayed to the client device 103 (step S713).

  The client device 103 receives the data transmitted from the proxy server 101 in step S707 or step S713 (step S722), and performs display processing based on the received data. The proxy server 101 performs the above process every time data communication from the client apparatus 103 is received.

  In the present invention, when a message is transmitted by a plurality of requests like web chat, the contents transmitted and received in the data communication are managed for each session, and the data communication regulation rule is applied to a series of messages. It is possible to perform message relay control. It is possible to control communication appropriately even for transmission of messages divided into multiple communications that cannot be prevented only by applying data communication regulation rules with only a single message, and there is a risk of information leakage Can be reduced.

  It should be noted that the configuration and contents of the various data described above are not limited to this, and it goes without saying that the various data and configurations are configured according to the application and purpose.

  Although one embodiment has been described above, the present invention can take an embodiment as, for example, a system, apparatus, method, program, or recording medium, and specifically includes a plurality of devices. The present invention may be applied to a system including a single device.

  The configuration of a data processing program that can be read by the information processing apparatus (proxy server 101) according to the present invention will be described below with reference to the memory map shown in FIG.

  FIG. 16 is a diagram for explaining a memory map of a recording medium (storage medium) that stores various data processing programs readable by the information processing apparatus (proxy server 101) according to the present invention.

  Although not specifically shown, information for managing a program group stored in the recording medium, for example, version information, creator, etc. is also stored, and information depending on the OS on the program reading side, for example, a program is identified and displayed. Icons may also be stored.

  Further, data depending on various programs is also managed in the directory. In addition, when a program or data to be installed is compressed, a program to be decompressed may be stored.

  The functions shown in FIGS. 4 to 8 in this embodiment may be performed by a host computer by a program installed from the outside. In this case, the present invention is applied even when an information group including a program is supplied to the output device from a recording medium such as a CD-ROM, a flash memory, or an FD, or from an external recording medium via a network. Is.

  As described above, a recording medium in which a program code of software for realizing the functions of the above-described embodiments is recorded is supplied to the system or apparatus, and the computer (or CPU or MPU) of the system or apparatus is stored in the recording medium. It goes without saying that the object of the present invention can also be achieved by reading and executing the program code.

  In this case, the program code itself read from the recording medium realizes the novel function of the present invention, and the recording medium storing the program code constitutes the present invention.

  As a recording medium for supplying the program code, for example, a flexible disk, hard disk, optical disk, magneto-optical disk, CD-ROM, CD-R, DVD-ROM, magnetic tape, nonvolatile memory card, ROM, EEPROM, A silicon disk or the like can be used.

  Further, by executing the program code read by the computer, not only the functions of the above-described embodiments are realized, but also an OS (operating system) or the like running on the computer based on the instruction of the program code. It goes without saying that a case where the function of the above-described embodiment is realized by performing part or all of the actual processing and the processing is included.

  Furthermore, after the program code read from the recording medium is written in a memory provided in a function expansion board inserted in the computer or a function expansion unit connected to the computer, the function expansion is performed based on the instruction of the program code. It goes without saying that the case where the CPU or the like provided in the board or the function expansion unit performs part or all of the actual processing and the functions of the above-described embodiments are realized by the processing.

  Further, the present invention may be applied to a system composed of a plurality of devices or an apparatus composed of a single device. Needless to say, the present invention can be applied to a case where the present invention is achieved by supplying a program to a system or apparatus. In this case, by reading a recording medium storing a program represented by software for achieving the present invention into the system or apparatus, the system or apparatus can enjoy the effects of the present invention.

  Furthermore, by downloading a program represented by software for achieving the present invention from a server, database, etc. on a network using a communication program and reading it, the system or apparatus can enjoy the effects of the present invention. It becomes.

  In addition, all the structures which combined each embodiment mentioned above and its modification are also included in this invention.

  According to the present invention, it is possible to perform transmission control of data communication using the entire message transmitted to the other party even for communication in which a message is transmitted to a specific party by dividing the communication into a plurality of times. Play.

It is a figure which shows an example of the system configuration | structure which concerns on embodiment of this invention. 2 is a block diagram showing a hardware configuration of a proxy server 101. FIG. 2 is a diagram illustrating a functional configuration of a proxy server 101. FIG. 3 is a flowchart showing an overview of overall processing performed by a proxy server 101. It is a flowchart which shows the detail of the setting process of the data communication control object service of step S402 of FIG. It is a flowchart which shows the detail of the setting process of the data communication control rule of step S404 of FIG. It is a flowchart which shows the detail of the data communication control process of FIG.4 S405. It is a flowchart which shows the detail of the communication test | inspection process of step S705 of FIG. It is a figure which shows an example of a data communication regulation object service setting screen. It is a figure which shows an example of a data communication regulation object service information input screen. It is a figure which shows an example of a data structure of a data communication control object service table. It is a figure which shows an example of a data communication regulation rule setting screen. It is a figure which shows an example of a data communication regulation rule information input screen. It is a figure which shows an example of a data structure of a data communication control rule table. It is a block diagram which shows an example of a message information table. It is a figure explaining the memory map of the recording medium (storage medium) which stores the various data processing program which can be read by the information processing apparatus (proxy server 101) which concerns on this invention.

Explanation of symbols

101 proxy server 102 communication control DB
103-1, 103-2, 103-3 Client terminal 104 LAN (local area network)
105-1 and 105-2 service providing server 106 wide area network 107 external terminal

Claims (6)

An information processing apparatus that is connected to a server apparatus that provides a service and performs communication control of data communication from a client apparatus that uses the service to the server apparatus,
First storage means for storing a plurality of first rules that are rules applied to communication control of transmission of the data communication;
Second storage means for storing service specifying information which is information for specifying data communication from the client device to the server device;
In accordance with the service specifying information, out of data communication from the client device, specifying means for specifying data communication for performing communication control applying the first rule;
Storage means for storing session identification information and messages included in the data communication specified by the specifying means as communication history data;
Generation means for acquiring communication history data related to data communication specified by the specifying means from the storage means, and generating inspection object data;
Communication control means for performing communication control of the data communication according to the first rule,
Each of the plurality of first rules includes setting of data communication conditions to which the first rules are applied and action information executed when the conditions are satisfied,
The communication control unit applies a first rule to the inspection target data, and when the communication rule matches the first rule, an action associated with the first rule for the data communication An information processing apparatus that performs communication control for permitting or prohibiting relaying of the data communication from the client apparatus to the server apparatus by executing processing indicated by information for the data communication. The storage means stores data communication transmitted from the client device to the server device and communication history data of data communication transmitted from the server device to the client device in response to the data communication. The information processing apparatus according to claim 1. Update means for updating the first rule;
The information processing apparatus according to claim 1, wherein the first storage unit stores the first rule updated by the update unit. The information processing apparatus according to any one of claims 1 to 3, wherein the first rule sets at least one of a user condition or a keyword condition as the condition. An information processing method performed by an information processing device that is connected to a server device that provides a service and performs communication control of data communication from a client device that uses the service to the server device,
A first storage step of storing a plurality of first rules, which are rules to be applied to communication control of transmission of the data communication, in a storage device;
A second storage step of storing, in a storage device, service specifying information that is information for specifying data communication from the client device to the server device;
In accordance with the service specifying information, a specifying step of specifying data communication for performing communication control applying the first rule among data communication from the client device;
An accumulation step of accumulating session identification information and a message included in the data communication identified in the identification step in a storage device as communication history data;
A communication history data related to the data communication specified in the specifying step is acquired from the storage device, and a generation step for generating inspection target data;
A communication control step of performing communication control of the data communication according to the first rule,
Each of the plurality of first rules includes setting of data communication conditions to which the first rules are applied and action information executed when the conditions are satisfied,
The communication control step applies the first rule to the inspection target data, and when the first rule is matched, the action associated with the first rule for the data communication An information processing method comprising performing communication control for permitting or prohibiting relaying of the data communication from the client device to the server device by executing a process indicated by information for the data communication.   A computer program for causing a computer to execute the information processing method according to claim 5.