JP2011124698A - Electronic mail transmission apparatus, electronic mail transmitting method, and program for electronic mail transmission - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To reliably transmit encrypted e-mail while suppressing a load to a network without making a user have to preregister a public key of a transmission destination of the e-mail in an e-mail transmitter. <P>SOLUTION: Upon receiving instructions to prepare, encrypt and transmit e-mail, the e-mail transmitter prepares e-mail (step S10) and determines whether a public key for encryption is stored (step S20). If it is stored (YES upon determination), the prepared e-mail is encrypted with the public key (step S50), and transmitted (step S60). If not stored (NO upon determination), the prepared e-mail is stored in an untransmitted state (step S30). After that, when receiving the public key (step S40), the stored e-mail is encrypted with a received public key (step S50), and transmitted (step S60). <P>COPYRIGHT: (C)2011,JPO&INPIT

Description

  The present invention relates to an e-mail transmission device, an e-mail transmission method, and an e-mail transmission program, and more particularly to an e-mail transmission device, an e-mail transmission method, and an e-mail transmission program capable of encrypting an e-mail to be transmitted.

  In recent years, transmission / reception of electronic mail via a computer network has been frequently performed. When sending and receiving such e-mail, as one of the safety measures against problems such as eavesdropping and unauthorized third party intervention, the e-mail is encrypted, and only users with appropriate keys can decrypt the encrypted e-mail. The technology to make it possible is spreading.

  When an e-mail is encrypted and transmitted, the e-mail is usually encrypted and transmitted (or stored in a waiting state for transmission) after the creation of the e-mail is completed. The operation for sending an email cannot be completed until the transmission or storage after encryption is completed. Therefore, in order to complete the operation for transmission, the key used for encryption is required. It becomes. Therefore, it is generally necessary to register a public key corresponding to a transmission destination in an electronic mail transmission device (or an LDAP (Lightweight Directory Access Protocol) server) before creating an electronic mail to be transmitted.

  When a user uses an information terminal that is normally used as an e-mail transmission device, the public key acquired by the user is often registered in the e-mail transmission device itself, so that the public key is registered again. No operations are required.

  On the other hand, when creating and transmitting an e-mail using an apparatus different from the information terminal normally used by the user as an e-mail transmitting apparatus, the user sends the e-mail transmitting apparatus from the information terminal in advance (or The public key must be registered in the LDAP server). If it is not registered, the user once returns to the information terminal and registers the public key in the middle of the process of creating the e-mail in the e-mail transmission device, and then completes the creation of the e-mail. In order to operate the transmission instruction, it is necessary to return to the mail transmission device and operate again.

  Note that Patent Document 1 (Japanese Patent Laid-Open No. 2000-49850) discloses that a user completes an operation for creating and sending an e-mail even when a public key is not registered in the mail creating apparatus in advance. Techniques that can be implemented are disclosed. Specifically, in Patent Document 1, if the public key corresponding to the transmission destination of the electronic mail that is being created does not exist in the own apparatus, the e-mail creating apparatus creates its own encryption key, The e-mail that has been completed is encrypted with the encryption key of the own device and temporarily stored. Here, the user can end the operation in the electronic mail creation apparatus. Then, when the online state is established, the mail creation device transmits the encrypted email temporarily stored as described above, and searches the public key corresponding to the destination of the email through the network. To do. Then, the encryption key created as described above is encrypted with the public key acquired by the search and transmitted to the transmission destination.

JP 2000-49850 A

  According to the technique described in Patent Document 1, even if the user does not register the public key in the mail creation apparatus (or LDAP server) in advance, if the user registers it afterwards, the user can create and send an email. Operation can be completed.

  However, in the technique described in Patent Document 1, the mail creation device searches the public key via the connected network for the email temporarily stored as described above after the online state. Execute the process to obtain. Therefore, it is considered that such a search process places a load on the network. In addition to transmitting an encrypted electronic mail, the electronic mail transmitting apparatus is considered to apply a load to the network by encrypting and transmitting the encryption key created by the apparatus with the public key.

  Furthermore, according to the technique described in Patent Document 1, if the mail creation device fails to search for the public key, the encryption key created by the mail creation device cannot be encrypted with the public key. As a result, the electronic mail destination encrypted as described above cannot decrypt the electronic mail. Therefore, it is assumed that the contents of the electronic mail cannot be reliably transmitted to the transmission destination.

  The present invention has been conceived in view of such circumstances, and its purpose is to reliably and network without requiring the user to pre-register the e-mail transmission destination public key in the e-mail transmission apparatus. It is to provide an e-mail transmission apparatus, an e-mail transmission method, and an e-mail transmission program capable of transmitting an encrypted e-mail while suppressing a load on the e-mail.

  An e-mail transmission device according to the present invention includes a creating unit that creates an e-mail, a receiving unit that receives an input of an instruction to encrypt and send the created e-mail, a storage unit that stores an electronic certificate, A receiving unit that receives information from another device and a specific electronic certificate that is an electronic certificate including a public key of a destination of the created e-mail when an instruction is input is stored in the storage unit The encrypted transmission means for storing the created e-mail in an unsent state when the received e-mail is not sent, and the encrypted transmission means is stored on condition that the receiving means has received the specific electronic certificate. The encrypted e-mail is encrypted with the public key included in the specific electronic certificate and transmitted.

  Further, in the electronic mail transmitting apparatus of the present invention, when the receiving means receives the electronic certificate, the encrypted transmitting means includes the mail address described in the received electronic certificate and the destination of the stored electronic mail. When the mail addresses match, it is determined that the receiving means has received the specific electronic certificate.

  In the electronic mail transmitting apparatus of the present invention, the receiving means receives the electronic certificate as an attached file of the electronic mail or by uploading from the information terminal.

  Further, in the electronic mail transmitting device of the present invention, the encrypted transmitting means, when the receiving means receives the electronic certificate as an attached file of the electronic mail in order to determine that the receiving means has received the specific electronic certificate, If it is further necessary that the email address of the sender of the received email matches the email address of the saved email sender, and the receiving means receives the electronic certificate by uploading from the information terminal, It is further necessary that the information specifying the sender of the received electronic certificate matches the information specifying the sender of the stored electronic mail.

  In the electronic mail transmitting apparatus according to the present invention, the storage means stores the information for identifying the individual in association with the mail address, and the encrypted transmission means receives the electronic certificate by the receiving means uploading from the information terminal. In this case, in order to determine that the receiving means has received the specific electronic certificate, the mail address associated with the sender of the received electronic certificate and stored in the storage means, and the sender of the stored electronic mail Further need that the email addresses match.

  An e-mail transmission method according to the present invention is a method in which an e-mail transmission apparatus provided with a storage means transmits an e-mail, wherein the e-mail is created, and the created e-mail is encrypted and transmitted. A step of accepting an input of an instruction, a step of determining whether or not a specific electronic certificate that is an electronic certificate including a public key of a destination of the generated electronic mail is stored in the storage unit, and the specific electronic certificate Is stored in the storage means, the step of saving the e-mail in an unsent state, the step of determining whether or not the specific electronic certificate has been received, and the case of receiving the specific electronic certificate And encrypting the stored electronic mail with a public key included in the specific electronic certificate and transmitting the encrypted electronic mail.

  An e-mail transmission program according to the present invention is a program that is executed in an e-mail transmission device that includes a storage unit. The e-mail transmission device includes a step of creating an e-mail in the e-mail transmission device, A step of accepting an input of an instruction to encrypt and transmit, a step of determining whether or not a specific electronic certificate that is an electronic certificate including a public key of a destination of the created electronic mail is stored in the storage unit; , When the specific electronic certificate is not stored in the storage means, storing the electronic mail in an untransmitted state, determining whether the specific electronic certificate has been received, and the specific electronic certificate Is received, the stored electronic mail is encrypted with the public key included in the specific electronic certificate and transmitted.

  According to the present invention, in the electronic mail transmitting device, when an instruction to encrypt and transmit the generated electronic mail is input and the public key of the transmission destination of the electronic mail is not stored, The e-mail is stored in an unsent state. Thereafter, when the e-mail transmitting apparatus receives the e-mail transmission destination public key stored in an untransmitted state, the e-mail is encrypted with the public key and transmitted.

  Therefore, according to the present invention, even when the public key to be used for encryption of the created email is not registered, after the created email is stored in an unsent state, The encrypted data is transmitted without requiring any user operation. As a result, during the operation of creating an e-mail in the e-mail transmission apparatus, it is necessary for the user to return to the e-mail transmission apparatus after the public key is registered in the e-mail transmission apparatus afterwards. There is no.

  Also, according to the present invention, when it is determined that an appropriate public key has been received, the electronic mail transmitting apparatus encrypts an electronic mail stored in an untransmitted state with the public key and transmits the encrypted electronic mail. Therefore, the public key that should originally be used is used for encryption of the e-mail, and the encryption key that is originally created is not used. For this reason, it is possible to avoid a situation in which the e-mail cannot be decrypted and the contents cannot be acquired at the e-mail transmission destination.

  Further, according to the present invention, the e-mail transmission device does not need to execute a process of searching the public key for encrypting the e-mail on the network, and the load on the network is increased by such a search process. Can avoid the situation.

  Further, according to the present invention, there is no need to create a key for decrypting a document encrypted with the created encryption key by the electronic mail transmitting apparatus, and the key needs to be transmitted separately from the electronic mail. Therefore, it is possible to avoid a situation in which the load on the network increases.

It is a figure for demonstrating the outline | summary of the electronic mail transmitter of this invention. It is a figure which shows typically an example of a structure of the electronic mail transmission system containing MFP (Multi Function Peripheral) of 1st Embodiment of the electronic mail transmission apparatus of this invention. FIG. 3 is a control block diagram of the MFP of FIG. 2. 3 is a flowchart of an e-mail transmission process executed by the MFP of FIG. FIG. 3 is a diagram schematically showing an example of a configuration of an electronic certificate including a public key used for electronic mail encryption in the MFP of FIG. 2. It is a flowchart of the subroutine of the transmission standby process of FIG. 4 of this invention. It is a flowchart of the modification of the transmission stand-by process of FIG. It is a figure which shows typically the aspect in which MFP of 3rd Embodiment of the electronic mail transmission apparatus of this invention receives a public key. 8 is a flowchart of a transmission standby process executed by the MFP of FIG.

First, the outline of the electronic mail transmitting apparatus of the present invention will be described.
FIG. 1A shows the appearance of an MFP (Multi Function Peripheral) which is an embodiment of an electronic mail apparatus. The MFP 100 creates an electronic mail based on an instruction from the outside, encrypts it, and transmits it. FIG. 1B shows a flowchart of processing executed when creating and sending an email in MFP 100.

  Referring to FIG. 1B, upon receiving an instruction from outside to create an e-mail and encrypt and send the e-mail, the e-mail is created (step S10). Then, it is determined whether or not a public key for encrypting the electronic mail (a public key of an electronic mail transmission destination) is stored in the own apparatus (or an apparatus that can be referred to by the own apparatus) (step S20). If stored (when YES is determined), the created electronic mail is encrypted using the public key (step S50) and transmitted (step S60).

  On the other hand, if the public key is not accumulated (NO in step S20), MFP 100 stores the created electronic mail in an untransmitted state (step S30). After that, when receiving the public key (step S40), the MFP 100 encrypts the electronic mail stored in step S30 using the public key (step S50) and transmits it (step S60).

  Embodiments of an electronic mail transmission apparatus according to the present invention will be described below in detail with reference to the drawings. In the drawings, the same components are denoted by the same reference numerals, and detailed description of common features will not be repeated.

[First Embodiment]
(Overall system configuration)
FIG. 2 schematically shows the overall configuration of an e-mail transmission system using an MFP (Multi Function Peripheral) according to the first embodiment of the present invention.

  Referring to FIG. 2, the electronic mail transmission system includes MFP 100, authentication server 200, mail server 300, LDAP server 400, and personal computer (PC) 500. These devices are connected to a network, and the network is connected to a public communication network such as the Internet via a gateway (not shown).

The PC 500 is an information processing terminal used by each user.
The authentication server 200 is a server that refers to user information when the MFP 100 receives a login request to the MFP 100 from the PC 500 or the like.

  Mail server 300 is a server that executes transmission / reception operations with respect to an external network for electronic mail transmitted / received by MFP 100. MFP 100 transmits and receives electronic mail via mail server 300.

  The LDAP server 400 is used when searching for and acquiring a destination e-mail address (hereinafter simply referred to as “mail address”) or a certificate when transmitting an e-mail from the MFP 100.

(MFP configuration)
FIG. 3 shows a control block of MFP 100 in FIG.

  Referring to FIG. 3, MFP 100 includes a CPU (Central Processing Unit) 101 that controls the entire apparatus, a RAM (Random Access Memory) 102 that temporarily stores data, and a ROM (ROM) that stores programs, constants, and the like. Read Only Memory) 103, a hard disk drive (HDD) 104 for storing image data and the like, a communication interface (I / F) 105 for connecting to a network configured by the e-mail transmission system of FIG. 2, and a user An operation panel 106 that accepts an input operation from the image forming apparatus and an engine 107 that executes an image forming operation and an image reading operation. Engine 107 includes, for example, a printer that performs an image forming operation and a scanner that performs an image reading operation.

(E-mail transmission process in MFP)
In the present embodiment, MFP 100 can create and send an e-mail. Further, MFP 100 can encrypt and send an e-mail according to the setting content input by the user's operation on operation panel 106.

  Here, as an example of the e-mail transmission process in MFP 100, an e-mail transmission process by the Scan to Email function will be described with reference to FIG. 4 which is a flowchart of the process. Note that the Scan to Email function refers to the MFP 100 that performs settings such as a transmission destination for email transmission and then executes a scan operation on the engine 107, and uses the image data created by the scan operation as an attached file as an electronic file. This is a function to send mail.

  Referring to FIG. 4, in the e-mail transmission process, first, in step SA10, CPU 101 activates a mailer (an e-mail transmission application installed in MFP 100) and inputs via operation panel 106. In response to the input of setting information regarding the Scan to Email function, the process proceeds to step SA20. Here, the setting contents include the setting contents such as the e-mail address of the e-mail transmission destination, the resolution in the scanning operation, the necessity of encrypted transmission (whether the e-mail is encrypted and transmitted) or the like.

  In step SA <b> 20, CPU 101 causes engine 107 to execute a scan operation of the document set on the document table of MFP 100 to generate image data of the document. Further, an e-mail is created based on the setting information received in step SA10, and the process proceeds to step SA30.

  In step SA30, the CPU 101 determines whether or not the transmitted e-mail is required to be encrypted in the setting contents accepted in step SA10. If the CPU 101 determines that it is set to be encrypted, the process proceeds to step SA40. If it is determined that such a setting has not been made, the process proceeds to step SA80.

  In step SA80, an e-mail transmission process using the image data (image file) created in step SA20 as an attached file is executed, the mailer is terminated, and the e-mail transmission process is terminated. Specifically, sending an e-mail means sending the e-mail from the MFP 100 to the mail server 300.

  On the other hand, in step SA40, the CPU 101 searches the area for storing the electronic certificate in the HDD 104, thereby storing the electronic certificate including the public key corresponding to the e-mail transmission destination set in step SA10. If not, the process proceeds to step SA70. If not, the process proceeds to step SA50.

  In the present embodiment, encryption of electronic mail is performed using a public key included in an electronic certificate. Whether or not the electronic certificate includes a public key corresponding to the destination of the e-mail is determined based on, for example, an e-mail address included as information on the owner of the public key in the information included in the electronic certificate. The determination is made based on whether or not the destination mail address set in SA10 matches.

  Here, referring to FIG. 5, as an example of the configuration of the electronic certificate, the standard X.3 defined by ITU (International Telecommunication Union) or ISO (International Organization for Standardization) is used. A schematic configuration of the electronic certificate according to 509 will be described.

  Referring to FIG. 5, the electronic certificate mainly includes a pre-signature certificate, a digital signature algorithm, and a digital signature body. The pre-signature certificate is information to be digitally signed. The digital signature algorithm is an algorithm used when signing a pre-signature certificate. The digital signature body is the digital signature itself applied to the pre-signature certificate.

  The pre-signature certificate includes the version of the standard followed by the electronic certificate, the serial number of the electronic certificate, the digital signature algorithm, the issuer of the electronic certificate, and the start date of the expiration date of the electronic certificate. Information indicating the owner of the public key included in the electronic certificate, the algorithm of the public key, the data constituting the public key body, and the item indicating the importance of the electronic certificate Expansion items such as Extension items can be omitted. The information specifying the owner of the public key (“owner of public key” in FIG. 5) includes the mail address of the owner of the public key.

  Returning to FIG. 4, if it is determined in step SA40 that the electronic certificate corresponding to the transmission destination is stored, in step SA70, the CPU 101 uses the public key included in the electronic certificate to perform steps SA10 and The electronic mail generated by the process of SA20 is encrypted, and the process proceeds to step SA80.

  In step SA80, the process of transmitting the encrypted e-mail created in step SA70 is executed, the mailer is terminated, and the e-mail transmission process is terminated.

  On the other hand, in step SA50, CPU 101 stores the e-mail created in steps SA10 and SA20 in HDD 104, terminates the mailer, and proceeds to step SA60.

  In step SA60, a process (certificate reception process) for receiving the electronic certificate of the e-mail transmission destination stored in the untransmitted state in step SA50 is executed, and the process proceeds to step SA70. Details of the contents of the certificate reception process will be described later.

  In step SA70, the electronic mail stored in the untransmitted state in step SA50 is encrypted with the public key included in the electronic certificate received in step SA60, and the process proceeds to step SA80.

  In step SA80, the CPU 101 transmits the encrypted e-mail created in step SA70, ends the mailer, and ends the e-mail transmission process. In the above description, the e-mail is created in step SA20, but other modes are also conceivable. That is, in step SA10, the received setting information is saved, in step SA20, image data of the read original is generated, in step SA50, the setting information and the image data are associated and saved, and in step SA70, You may create the electronic mail encrypted using these.

(Receiving process of electronic certificate in MFP)
FIG. 6 is a flowchart of a subroutine for certificate reception processing in step SA60 of FIG.

  Referring to FIG. 6, in the certificate reception process, when CPU 101 detects that I / F 105 has received an electronic mail with an electronic certificate as an attached file (step SB10), the process proceeds to step SB20. Note that the reception of an e-mail with an electronic certificate as an attached file is recognized when the extension of the attached file corresponds to the electronic certificate (for example, “.cer”).

  In step SB20, CPU 101 determines whether there is an unsent e-mail stored in HDD 104. If it is determined that there is an e-mail, the process proceeds to step SB30.

  In step SB30, the CPU 101 determines whether or not the email address of the sender of the email stored in the unsent state matches the email address of the sender of the email determined to have been received in step SB10. If it is determined that they match, the process proceeds to step SB40.

  In step SB40, the CPU 101 sends the e-mail destination address of the e-mail stored unsent in the HDD 104 and the “public key owner” of the electronic certificate that is the attached file of the e-mail received in step SB10. The mail address described as “” is determined to match, and if it matches, the process proceeds to step SB50.

  In step SB50, the CPU 101 activates the mailer and returns the process to step SA70 in FIG.

(Explanation of the effect of this embodiment)
In the MFP 100 according to the present embodiment described above, a CPU 101 that executes a program (mailer) stored in the ROM 103 to generate an email constitutes a creation unit that creates an email. The programs executed by the CPU 101, including the mailer, are stored in the ROM 103. However, the programs may be stored in the HDD 104, and the CPU 101 is detachable from the MFP 100 that can read and write data. It may be recorded on a recording medium. Programs stored in the ROM 103 and the HDD 104 may be installed via a network. The CPU 101 can also execute a program stored in another storage device that can be connected via a network.

  In the present embodiment described above, processing for creating an email is executed in MFP 100 by the processing in steps SA10 and SA20. In step SA10, the operation panel 106 is operated to accept an instruction to encrypt and send the created electronic mail. That is, the operation panel 106 and the CPU 101 constitute an accepting unit. It should be noted that an instruction for encryption / transmission of the created electronic mail may be input to MFP 100 through a network instead of a user operation. In this case, the communication I / F 105 and the CPU 101 constitute an accepting unit.

  In the present embodiment, a storage unit that stores the electronic certificate is configured by a predetermined storage area in the HDD 104. If the electronic certificate including the public key corresponding to the mail address set as the transmission destination of the electronic mail in step SA10 is not stored in the storage area, the electronic mail created as described above is The data is stored in the HDD 104 in an untransmitted state. The electronic certificate and the unsent e-mail may be stored in a recording medium that can be attached to and detached from MFP 100. Also, the electronic certificate is stored in the LDAP server 400, and the CPU 101 may read the public key from the LDAP server 400 and encrypt the email when encrypting the email. In this case, the recording means and the LDAP server 400 constitute storage means of the e-mail transmission apparatus.

  In this embodiment, as described above, the electronic mail to be transmitted after being encrypted is stored in the HDD 104 in an untransmitted state without being encrypted. As a result, even if the public key used for encryption is not in a state where the MFP 100 can be used at the time of creation of the email, the created email is stored in an unsent state (waiting for encryption). The mailer activated at the start of the e-mail transmission process can be terminated.

  Note that the e-mail file saved in the HDD 104 or the like in an untransmitted state is preferably saved in a manner that cannot be viewed by a user other than the user who created the e-mail. That is, the unsent e-mail file is stored in association with the user name logged in to MFP 100 when the processes in steps SA10 and SA20 are executed, for example, when other users log in to MFP 100. It is preferably stored in the HDD 104 or the like in an incapable state.

  In the present embodiment described above, the MFP 100 uses the public key of the destination of the email stored in the unsent state as described above as an attached file of the email received via the communication I / F 105. When the electronic certificate including the electronic certificate is received (when YES is determined in step SB30 and step SB40), the CPU 101 encrypts the electronic mail stored in an unsent state with the public key included in the electronic certificate. (Step SA70) and transmit (step SA80).

  According to the present embodiment described above, the user who operates MFP 100 can execute steps SA10 and SA20 even when the MFP 100 does not store the public key necessary for encrypting the email in HDD 104 when creating the email. If the MFP 100 performs an operation for the above process, after creating the e-mail, a public key (electronic certificate) necessary for encrypting the created e-mail may be transmitted to the MFP 100 afterwards.

  In MFP 100 according to the present embodiment, whether or not a public key used for encryption of an e-mail stored in an unsent state has been received is determined as MFP 100 with reference to FIG. Is determined by determining whether or not the received electronic certificate is an electronic certificate (specific electronic certificate) including the public key.

  Specifically, the CPU 101 matches the email address of the sender of the email stored in an unsent state with the email address of the sender of the received electronic certificate of the email (when YES is determined in step SB30). When the e-mail address stored in an unsent state matches the e-mail address described in the electronic certificate that is the attached file of the received e-mail (when YES is determined in step SB40) ), It is determined that the above-mentioned specific electronic certificate has been received.

  When determining that the electronic certificate received by the MFP 100 is the specific electronic certificate, the CPU 101 activates the mailer (step SB50), and the electronic mail stored in the unsent state is encrypted (step SA70). An encrypted electronic mail is transmitted (step SA80).

  An electronic certificate that includes a public key that should be used to encrypt an email stored in an unsent state (hereinafter referred to as “unsent email” as appropriate). Whether or not it is a certificate (specific electronic certificate) is determined based on the sender's mail address of the unsent stored mail (step SB30), as described with reference to FIG. However, the confirmation mode in the present embodiment is not limited to this, although it is necessary to confirm both of the determinations based on the destination mail address (step SB40).

  For example, step SB30 may be omitted and only the determination in step SB40 may be made. That is, when the MFP 100 receives an e-mail with an electronic certificate as an attached file, the e-mail address of the owner of the public key described in the electronic certificate is the e-mail address of the transmission destination of the unsent stored mail Only when it matches, the electronic certificate is determined to be a specific electronic certificate, and at step SA70, the unsent mail is encrypted using the public key of the electronic certificate. Also good. As a result, an electronic certificate including a public key corresponding to the destination of the e-mail stored as an unsent stored mail is transmitted to the MFP 100 as an attached file of the e-mail from a person other than the creator of the unsent stored mail. Even in such a case, it is possible to encrypt the stored unsent mail.

  In MFP 100 of the present embodiment described above, an e-mail is stored in an unsent state because the public key is not stored in MFP 100 or the like, and then the public key is transmitted from PC 500 to MFP 100. Before, the user can create another email. When the other electronic mail is also encrypted and transmitted, and the public key for encrypting the other electronic mail is not stored in the MFP 100 or the like, the other electronic mail is Saved unsent. Thus, the user can save a plurality of electronic mails in MFP 100 in an unsent state. Then, after returning to the PC 500, the user transmits a public key (electronic certificate) for each of the plurality of unsent unsent mails stored in this manner to the MFP 100, whereby a plurality of unsent unsent mails are sent to the MFP 100. Can be encrypted and transmitted. That is, the user can perform an operation for creating an e-mail and an operation for transmitting a public key to MFP 100 collectively for a plurality of e-mails.

[Second Embodiment]
The MFP 100 according to the second embodiment of the electronic mail transmitting apparatus of the present invention has the same hardware configuration as the MFP 100 according to the first embodiment.

  In the first embodiment, in MFP 100, if the public key to be used for encryption is not stored in HDD 104 or the like for the electronic mail instructed to be encrypted and transmitted, the electronic mail has not been received. The MFP 100 is stored in a transmission state, and the MFP 100 waits until the public key is transmitted.

  When the public key to be used for encryption is not stored in HDD 104, MFP 100 according to the present embodiment provides MFP 100 with the public key necessary for encryption to the sender of the electronic mail to be encrypted. It is also possible to execute processing for requesting transmission.

  In MFP 100 according to the present embodiment, CPU 101 executes the processes of steps SA10 to SA30 in the e-mail transmission process described with reference to FIG. If it is determined that the electronic certificate (specific electronic certificate) including the URL is not stored in the HDD 104 (NO in step SA40), the created e-mail is assigned to the transmission of the e-mail in step SA50. The data is stored in the HDD 104 or the like in association with the job ID. In the present embodiment, MFP 100 is installed with a program for managing jobs such as assigning an ID for each job to be executed, and CPU 101 performs job management by executing the program. And

Then, the CPU 101 executes certificate reception processing (step SA60).
FIG. 7 is a flowchart of a certificate reception process subroutine executed by CPU 101 of MFP 100 according to the present embodiment.

  In the certificate receiving process, first, in step SC10, the CPU 101 transmits an e-mail notifying the job ID associated with the stored e-mail to the sender of the e-mail stored in step SA50. The transmission destination of the email sent here is the email address of the sender of the email stored in step SA50.

  The user who created the e-mail at step SA10 receives the e-mail transmitted at step SC10 by the PC 500 (step SD10). In response to this, as a reply to the received e-mail, the user attaches an electronic certificate including a public key used for encrypting the e-mail stored unsent as described above as an attached file. An e-mail is transmitted to MFP 100 (step SD20).

  Returning to the certificate receiving process, the MFP 100 receives the electronic mail transmitted in step SD20, so that the MFP 100 includes the job ID notified by the electronic mail transmitted in step SC10 and includes the electronic certificate as an attached file. A mail is received (step SC20).

  Then, the CPU 101 sends the destination mail address of the unsent mail stored in association with the job ID described in the e-mail received in step SC20 and the e-mail attached to the e-mail received in step SC20. If it is determined that the mail address described as the owner of the public key matches the certificate (step SC30), the mailer is activated in step SC40, and the process returns to FIG. As a result, the e-mail stored in the untransmitted state in step SA50 is encrypted in step SA70, transmitted in step SA80, the mailer is terminated, and the e-mail transmission process is terminated.

  If the public key used to encrypt the created electronic mail is not stored, MFP 100 according to the present embodiment stores the electronic mail in an unsent state before encrypting the electronic mail, and at step SC10. The user can be prompted to send the public key (electronic certificate) by sending an e-mail.

[Third Embodiment]
The MFP 100 according to the third embodiment of the electronic mail transmitting apparatus of the present invention has the same hardware configuration as the MFP 100 according to the first embodiment.

  In the first embodiment described above, the public key (electronic certificate) used for encryption is transmitted to MFP 100 as an email attachment file.

  In the present embodiment, such an electronic certificate can be uploaded to MFP 100 via a web browser.

  Referring to FIG. 8, in the present embodiment, the user performs an operation for executing steps SA10 and SA20 on MFP 100, and then returns to PC 500 to provide the specific electronic certificate to MFP 100. Perform operations to upload.

  Specifically, the user logs in to MFP 100 from PC 500. Then, a web browser is activated on PC 500 and an operation for uploading a file to MFP 100 is performed. The upload screen 500A is an example of a screen displayed on the PC 500 at this time. Then, when the user performs an operation for uploading a specific electronic certificate (for example, an electronic certificate file having the file name “cert1.cer” displayed on the upload screen 500A) to the PC 500, the MFP 100 from the PC 500 The electronic certificate file is uploaded.

  FIG. 9 is a flowchart of a certificate reception process subroutine executed by CPU 101 of MFP 100 according to the present embodiment.

  In the certificate reception process, the CPU 101 first accepts a user login in step SE10, and advances the process to step SE20.

  In step SE20, CPU 101 accepts the upload of the electronic certificate and proceeds to step SE30.

  In step SE20, for example, if the CPU 101 determines that the extension of the uploaded file corresponds to the extension of the electronic certificate (for example, “.cer”), the process proceeds to step SE30. .

  In step SE30, the CPU 101 determines whether or not the owner of the unsent mail stored in step SA50 is the same as the user who accepted the login in step SE10, and if it is determined, the process proceeds to step SE40. To proceed. In step SE30, for example, the CPU 101 matches the user name of the login user to the MFP 100 when creating the unsent mail stored in step SA50 (steps SA10 and SA20) and the user name that accepted the login in step SE10. In this case, it is determined that the owner of the unsent stored mail matches the login user.

  In step SE40, the CPU 101 is described as the owner of the public key in the destination mail address of the unsent mail stored in step SA50 (see FIG. 4) and the electronic certificate accepted for upload in step SE20. It is determined whether or not the mail addresses match. If it is determined that the mail addresses match, the process proceeds to step SE50.

  In step SE50, the CPU 101 activates the mailer and returns the process to FIG. As a result, the e-mail stored in the untransmitted state in step SA50 is encrypted in step SA70, transmitted in step SA80, the mailer is terminated, and the e-mail transmission process is terminated.

  In the present embodiment described above, the CPU 101 confirms that the electronic certificate accepted in step SE20 is an electronic certificate including a public key to be used for encryption of unsent stored mail. In step SE40, the mail address of the transmission destination of the untransmitted stored mail is determined. It should be noted that such a determination in two stages is not necessarily required, and at least the determination regarding the mail address of the transmission destination of the unsent stored mail in step SE40 may be made. In addition, as a result of the determination being made in only one stage, users other than the logged-in user (the owner of the unsent stored mail) at the time of creating the unsent stored mail correspond to the destination of the unsent stored mail Even when the electronic certificate including the public key to be uploaded is uploaded to the MFP 100, the MFP 100 can execute encryption and transmission of the unsent stored mail.

[Other variations]
In the third embodiment, in step SE30, it is determined whether or not the login user at the time of creating the unsent mail is the same as the user who uploaded the electronic certificate. Note that the user name and the mail address may be stored in association with each other in the HDD 104 or the LDAP server 400 of the MFP 100. Then, in step SE30, the CPU 101 determines whether or not the mail address of the sender of the unsent stored mail matches the mail address associated with the user name logged in in step SE10. The process proceeds to step SE40.

  In each of the embodiments described above, the e-mail in the e-mail transmission apparatus has been described as using the Scan to Email function in the MFP 100. However, the creation of the e-mail according to the present invention is not limited to this. In other words, the transmitted e-mail is not limited to an image file generated by scanning an image in the e-mail transmission apparatus as an attached file. For example, even in the case of an e-mail with only a body consisting of text, when the e-mail transmitting apparatus is instructed to be encrypted and transmitted, the e-mail is encrypted as in the embodiments. If it is determined whether there is a public key to be stored, and if it is not stored, the e-mail is stored in an untransmitted state and waits until a public key is received.

  The embodiment disclosed this time should be considered as illustrative in all points and not restrictive. The scope of the present invention is defined by the terms of the claims, rather than the description above, and is intended to include any modifications within the scope and meaning equivalent to the terms of the claims. Moreover, each embodiment is intended to be implemented alone or in combination as much as possible.

  100 MFP, 101 CPU, 102 RAM, 103 ROM, 104 HDD, 105 communication I / F, 106 operation panel, 107 engine, 200 authentication server, 300 mail server, 400 LDAB server, 500 PC.

Claims (7)

A creation means for creating an email;
Receiving means for receiving an input of an instruction to encrypt and send the created e-mail;
Storage means for storing an electronic certificate;
Receiving means for receiving information from other devices;
When the instruction is input, and the specific electronic certificate that is an electronic certificate including the public key of the destination of the generated electronic mail is not stored in the storage unit, the generated electronic certificate An encrypted transmission means for storing the email in an unsent state,
The encrypted transmission means transmits the stored e-mail encrypted with the public key included in the specific electronic certificate on condition that the receiving means has received the specific electronic certificate. Transmitter device.   The encrypted transmission means, when the receiving means has received an electronic certificate, when the mail address described in the received electronic certificate matches the mail address of the destination of the stored electronic mail, The electronic mail transmitting apparatus according to claim 1, wherein the receiving unit determines that the specific electronic certificate has been received.   The e-mail transmission device according to claim 1, wherein the receiving unit receives an electronic certificate as an attached file of an e-mail or by uploading from an information terminal. The encrypted transmission means determines that the reception means has received the specific electronic certificate.
If the receiving means receives an electronic certificate as an email attachment, it further requires that the email address of the sender of the received email matches the email address of the sender of the stored email. ,
When the receiving means receives an electronic certificate by uploading from the information terminal, the information specifying the sender of the received electronic certificate matches the information specifying the sender of the stored e-mail The electronic mail transmitting device according to claim 3, further comprising: The storage means stores information identifying an individual and an email address in association with each other,
The encrypted transmission means receives the electronic certificate to determine that the receiving means has received the specific electronic certificate when the receiving means receives the electronic certificate by uploading from the information terminal. 5. The e-mail transmission device according to claim 4, further comprising: an e-mail address associated with a sender of the e-mail stored in the storage means and a mail address of a sender of the stored e-mail match. . An e-mail transmission device comprising a storage means is a method for transmitting an e-mail,
Creating an email; and
Receiving an instruction to encrypt and send the created email;
Determining whether a specific electronic certificate that is an electronic certificate including a public key of a destination of the created electronic mail is stored in the storage unit;
When the specific electronic certificate is not stored in the storage means, storing the electronic mail in an untransmitted state;
Determining whether the specific electronic certificate has been received;
And a method of transmitting the stored electronic mail by encrypting the stored electronic mail with a public key included in the specific electronic certificate when the specific electronic certificate is received. A program to be executed in an electronic mail transmission device provided with storage means,
In the e-mail transmission device,
Creating an email; and
Receiving an input of an instruction to encrypt and send the created email;
Determining whether a specific electronic certificate that is an electronic certificate including a public key of a destination of the created electronic mail is stored in the storage unit;
When the specific electronic certificate is not stored in the storage means, storing the electronic mail in an untransmitted state;
Determining whether the specific electronic certificate has been received;
An e-mail transmission program that, when receiving the specific electronic certificate, executes the step of encrypting and transmitting the stored electronic mail with a public key included in the specific electronic certificate.

Images