JP2016213534A - Electronic file transfer system - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide an electronic file transfer system capable of maintaining the confidentiality of the electronic file, even when an unavailable electronic file, such as an encrypted file, is acquired by an unintended partner.SOLUTION: Upon input of an encryption instruction of an electronic file involving specification of more than one unique ID, out of the unique IDs of a hardware or a software used by a transmission side terminal 5 and one or more reception side terminal 6, the encryption unit 20 of the transmission side terminal 5 encrypts the electronic file by using an encryption key configured to be decrypted only with a decryption key generated based on any one of specified unique ID. Upon input of a decryption instruction of an encrypted electronic file, the decryption unit 30 of the reception side terminal 6 decrypts the encrypted electronic file, by using a decryption key generated based on a unique ID acquired from a hardware or a software used in the reception side terminal 6.SELECTED DRAWING: Figure 2

Description

The present invention relates to transmission / reception of electronic files, and more particularly to a technique for delivering electronic files while maintaining confidentiality of the electronic files.

  In order to maintain the confidentiality of an electronic file, a technique is known that disables the use of the electronic file by using a method such as encryption or password lock.

  For example, an encrypted electronic file (hereinafter sometimes referred to as “encrypted file”) is attached to an e-mail and transmitted to the other party's mail address, and data for decryption (hereinafter referred to as “decryption key”). May be sent to the same e-mail address by another e-mail. According to this method, the electronic file can be delivered while maintaining confidentiality.

  However, since the encrypted file and the decryption key are transmitted via the same transfer path, if the third party monitors the transfer path, the encrypted file and the decryption key are acquired by the third party. There is a danger of being done.

  In order to avoid such danger, the first e-mail address of the other party and the second e-mail address of the same other party having a different domain name are stored in association with each other, and the encrypted file is stored in the first file. There has been proposed an e-mail processing apparatus configured to transmit to a first e-mail address and to transmit a decryption key to a second e-mail address (see paragraph [0006] of FIG. 7, FIG. 7, etc.). . By using this apparatus, it is possible to reduce the possibility that the confidential information of the electronic file leaks on the transfer path.

  However, even if such a device is used, if the sender incorrectly sends the other party, the confidential information leaks to the unintended party, regardless of whether the encrypted file and the decryption key are sent to the same person. There is a danger of doing.

In order to avoid such a risk, after sending the encrypted file to the other party as an email attachment, you can also tell the other party the decryption key using the telephone, or hand the paper with the decryption key directly to the other party. Although it is conceivable, in the former, it is difficult to accurately convey a complex decryption key, and in the latter, it is difficult to realize with a geographically distant partner, and neither method is practical. Furthermore, in any method, if the encrypted file and the decryption key are stolen by any method, there is a risk that the encrypted file is decrypted and confidential information is leaked.

JP 2014-225129 A

The present invention solves such a conventional problem, and even when an electronic file that has been disabled, such as an encrypted file, is acquired by an unintended partner due to human error such as misdelivery or theft, the electronic file It is an object of the present invention to provide an electronic file transfer system and the like that can maintain confidentiality.

  An electronic file transfer system according to the present invention is an electronic file transfer system including a transmission-side terminal device and one or more reception-side terminal devices, wherein the transmission-side terminal device is the transmission-side terminal device. It is accompanied by designation of two or more unique IDs among a unique ID that is an individual identification mark of hardware or software used in the above, and a unique ID of hardware or software used in one or more receiving side terminal devices When an electronic file disable instruction is input, an disable key configured to enable the electronic file only with an enable key generated based on any of the specified unique IDs is used. And a disabling processing unit for disabling the electronic file, and the receiving terminal device receives an instruction to enable the electronic file that has been disabled. Then, a unique ID is acquired from the hardware or software used in the terminal device on the receiving side, and the electronic file is disabled using the enabling key generated based on the acquired unique ID And an enabling processing unit for making the information available.

  In the present invention, unless otherwise specified, the “information communication means” (described later) is for transmitting information such as characters, sounds, images, images, control signals converted into electric signals, optical signals, and the like. The communication means may be either wired or wireless. As information communication means, a computer network such as WAN (Wide Area Network) and LAN (Local Area Network) represented by the Internet, a communication line such as a telephone line (including a mobile phone line), a dedicated line, a communication cable and an infrared ray For example, direct connection by a combination of the above, or a combination of these is exemplified.

  The “terminal device” is a device that executes an electronic file disabling process or enabling process in this system. Examples of the terminal device include personal computers, tablet computers, portable information terminals, and mobile phones represented by so-called smartphones.

  “Hardware used in a terminal device” means the terminal device itself and a device connected to the terminal device by wire or wirelessly. Typically, the device is connected to the terminal device. It is determined that whether or not a specific operation is permitted in the terminal device on the condition that the terminal device is present. A typical example of this is a USB memory.

  The “software used in the terminal device” is software executed in the terminal device and includes an application program and an operating system, and typically includes encryption / decryption software and decryption that constitute the system. Dedicated software.

  The “unique ID” refers to an individual identification mark of the hardware or software, and is exemplified by a serial number, a manufacturing number, or a numerical value / character string corresponding to the serial number and the serial number.

  An “electronic file” refers to a text, image, video, audio, or the like converted into electronic data, and is sometimes called a single electronic file, a plurality of electronic files, or a collection of electronic files (a “folder”). ), A concept including a collection of a plurality of electronic files (a plurality of “folders”).

  “Unusable” is a concept that includes “completely unusable” that makes an electronic file unplayable and “incompletely unusable” that makes some operations on an electronic file unusable. “Completely unusable” includes, for example, the process of making electronic files unplayable through encryption, data compression, and password lock against plaintext. “Incompletely unavailable” includes, for example, prohibition of copying electronic files. (Restriction) processing, printing prohibition (restriction) processing, and storage prohibition processing are included.

  “Disabling key” refers to electronic data used to disable an electronic file, and includes, for example, an encryption key and a password.

  “Enabling” means returning a disabled electronic file to a usable state, returning a completely disabled electronic file to a playable state, or “incompletely unavailable” This includes a process for releasing (restricting restrictions) the operation prohibition (restriction) for the electronic file that has been changed to “reset”.

  “Enabling key” refers to electronic data used to make an electronic file available, and includes, for example, a decryption key and a password.

The features of the present invention can be broadly shown as described above, but the configuration and contents thereof, together with the objects and features, will be further clarified by the following disclosure in view of the drawings.

  An electronic file transfer system according to a first invention of the present application is an electronic file transfer system comprising a transmission-side terminal device and one or more reception-side terminal devices, wherein the transmission-side terminal device is the transmission-side terminal device. Of a unique ID that is an individual identification mark of hardware or software used in the terminal device and a unique ID of hardware or software used in one or more terminal devices on the receiving side. When an instruction for disabling an electronic file with designation is input, the disabling key configured to enable the electronic file only with an enabling key generated based on one of the specified unique IDs , And the terminal device on the receiving side makes the use of the disabled electronic file available. Is input, the unique ID is acquired from the hardware or software used in the terminal device on the receiving side, and is disabled using the enabling key generated based on the acquired unique ID. An enabling processing unit for making an electronic file available is provided.

  As described above, the present system is configured so that the disabled electronic file can be used only with an enabling key generated based on any one of arbitrarily specified unique IDs. The enabling key is obtained from the hardware or software used in the terminal device when the enabling command is input to the receiving terminal device that has received the disabled electronic file. It is generated for the first time based on the unique ID, and is configured so that it cannot be generated based on other methods, for example, based on the disabling key. It is impossible for the enabling key to be stolen.

  For this reason, the electronic file cannot be made available to a terminal device other than the receiving-side terminal device using the hardware or software having the specified unique ID.

  Therefore, an electronic file that has been disabled can be erroneously transmitted to another terminal device on the receiving side, or the electronic file that has been disabled can be moved (for example, depending on the method of attaching an email or transferring a file) The electronic file is not made available even if it is stolen during transmission / reception or transfer by a method of mailing or carrying what is stored in the recording medium.

  In other words, even when an unusable electronic file such as an encrypted file is acquired by an unintended party due to human error such as misdelivery or theft, electronic file transfer that can maintain the confidentiality of the electronic file A system can be realized.

  The information communication system according to the second invention of the present application is the information communication system according to the first invention of the present application, wherein the disabling processing unit further includes a unique ID associated with the terminal device on the transmission side and a unique ID associated with the terminal device on the reception side. Designation of a specific group to which a unique ID related to the terminal device on the transmission side belongs among the groups stored in the group related database and configured to be accessible to a group related database that is classified and stored in one or more groups When an instruction for disabling an electronic file with an input is input, the electronic file can be made usable only with an enabling key generated based on one of the unique IDs constituting the specified group. The electronic file is configured to be disabled using a disabling key.

  For this reason, if it is allowed to share the contents of confidential electronic files only within the same organization, for example, within the same department within the company, the hardware and software used by members belonging to that organization By setting a group whose ID is a component, it is possible to easily prevent the contents of the electronic file from leaking outside the organization.

  In this case, by designating a group, all unique IDs belonging to the group are designated, so in particular when there are a large number of members of the organization, the operation is easier than when individually designated. Moreover, it is possible to prevent omission of specification and erroneous sending.

  The information communication system according to the third invention of the present application is the electronic file transfer system according to the second invention of the present application, wherein the group related database stores a plurality of different groups in association with one unique ID, and the disabling processing unit is In addition, when an electronic file disabling instruction is input with designation of one or more specific groups to which the unique ID related to the transmitting terminal device belongs among the groups stored in the group related database, Disabling an electronic file using a disabling key configured to enable the electronic file only with an enabling key generated based on any unique ID that makes up all the specified groups It is comprised so that it may carry out.

  Therefore, if a member belonging to a certain organization belongs to one or more other organizations, a group of unique IDs related to the hardware and software used by each organization can be set. Depending on the contents of the electronic file, one or more organizations can be arbitrarily selected from a plurality of organizations to which the user belongs, and the disabled electronic file can be delivered.

  For this reason, for example, if a superimposing group that assumes the contents of various electronic files is set for each member, the range of sharing a certain type of electronic file may become wider or narrower than necessary. Can be prevented.

  For this reason, according to the content of an electronic file, the range which can deliver an electronic file can be set finely, maintaining the confidentiality of an electronic file.

  In the information communication system according to the fourth invention of the present application, in the electronic file transfer system according to any one of the first to third inventions of the present application, the disabling processing unit further includes a case where the disabling instruction includes designation of a password. A password lock processing unit that locks the disabled electronic file using a specified password, and the enabling processing unit further includes a case where the disabled electronic file is password-locked. In addition, before making the electronic file available, a password unlock processing unit that acquires the password notified from the terminal device on the transmitting side that performed the password lock, and releases the password lock using the acquired password, Provided.

  Therefore, by password-locking the disabled electronic file using an arbitrary password, for example, even if the disabled electronic file is stolen on the way of delivery, the risk of leakage of confidentiality is further increased. Can be small.

  Also, for example, when an electronic file is disabled by designating the above group, which terminal device is used as long as it is a receiving terminal device corresponding to hardware or software having a unique ID belonging to the group However, it is possible to make an electronic file available only for a receiving terminal device having a specific unique ID among the unique IDs belonging to the group. is there.

  For this reason, according to the content of the electronic file, the confidential range of the transferred electronic file can be set flexibly and appropriately.

  An information communication system according to a fifth invention of the present application is the electronic file transfer system according to any one of the first to fourth inventions of the present application, wherein the electronic file transfer system further includes an external terminal device specified by an e-mail address. , A server device comprising a file ID related database and a server side control unit for controlling access to the file ID related database, between the terminal device on the transmission side and the external terminal device via the information communication means A server device capable of communicating information, and the file ID related database includes a file ID that is an identification mark for identifying an electronic file that has been disabled, and an external mail address that is an electronic mail address of an external terminal device. , And the disabling processing unit further stores the external end by an external mail address. When an instruction for disabling an electronic file accompanied by designation of the device is input, the electronic file is disabled so that the electronic file can be used only by the temporary enabling software provided from the server device. The file ID of the disabled electronic file and the external mail address are associated with each other, stored in the file ID related database via the server device, and addressed to the external mail address attached with the disabled electronic file. Link data for requesting the server device to transmit usable software that can be temporarily used when operated on an external terminal device that has received the email, and is associated with the file ID. Configured to send an e-mail with the link data When the link data is operated, the side control unit obtains a file ID associated with the link data, prompts the external terminal device that has operated the link data to input an e-mail address, If the email address matches the external email address stored in association with the file ID stored in the file ID related database, the external terminal device is subject to prior or subsequent approval by the terminal device on the transmission side. The enabling processing unit of the external terminal device can be temporarily used when an enabling instruction for the disabled electronic file is input. Configured to make unavailable electronic files available using the enabling software, It is characterized by.

  In this way, the e-mail address input from the external terminal device that has requested the server device to transmit the enabling software that can be temporarily used to make the disabled electronic file available is Only when it is a genuine external mail address associated with a disabled electronic file, and can be temporarily used for an external terminal device, subject to prior or subsequent approval by the sending terminal device Sending of enabling software is done.

  By making such a disabled electronic file temporarily usable after such a double check, it does not have the function of the enabling processing unit of the terminal device on the receiving side. The electronic file can also be delivered to the external terminal device while maintaining the confidentiality of the electronic file.

  For this reason, according to the content of the electronic file, the confidential range of the transferred electronic file can be set flexibly and appropriately.

  Note that “transmitting the enabling software that can be temporarily used to the external terminal device” means transmitting the software that can be used in the external terminal device. For example, it includes the case of sending the software that can be used only once (or several times) without conditions, and the usage ID that can be used only once (or several times), not the software itself In addition, a case where the software and the usage ID are transmitted at the same time or separately is also included.

  A server device according to a sixth invention of the present application is a server device used in an electronic file transfer system according to the fifth invention of the present application.

  Therefore, by using this server device for an electronic file transfer system, the same effects as in the fifth aspect of the invention can be obtained.

  A transmission-side terminal device according to the seventh invention of the present application is a transmission-side terminal device used in the electronic file transfer system according to any one of the first to fifth inventions of the present application.

  Therefore, by using these transmission-side terminal devices in the electronic file transfer system, the same effects as in any of the first to fifth inventions can be obtained.

  A terminal device on the receiving side according to the eighth invention of the present application is a terminal device on the receiving side used in the electronic file transfer system according to any one of the first to fifth inventions of the present application, and the external terminal device according to the eighth invention of the present application. These are external terminal devices used in the electronic file transfer system according to the fifth invention of the present application.

  Therefore, by using these receiving terminal devices or external terminal devices in the electronic file transfer system, the same effects as in any of the first to fifth inventions can be obtained.

  The program according to the ninth invention of the present application is a computer, a server-side control unit of a server device according to the sixth invention of the present application, a disabling processing unit of a transmission-side terminal device according to the seventh invention, or a terminal device on the receiving side according to the eighth invention. Or it is a program for functioning as an enabling process part of an external terminal device.

  Therefore, by causing the computer to execute the program, the same effects as those of the sixth invention, the seventh invention, or the eighth invention are achieved.

  A recording medium according to the tenth invention of the present application is a recording medium storing a program according to the ninth invention of the present application.

  Therefore, by causing a computer to execute the program stored in these recording media, the same effects as those of the ninth invention can be obtained.

  An electronic file transfer method according to an eleventh aspect of the present invention is an electronic file transfer method performed using an electronic file transfer system including a transmitting terminal device and one or more receiving terminal devices. A unique ID that is an individual identification mark of hardware or software used in the terminal device on the transmission side, and a unique hardware or software used in one or more terminal devices on the reception side. When an instruction to disable the use of an electronic file with designation of two or more unique IDs is input, the electronic file is used only with an enabling key generated based on one of the designated unique IDs The disabling process step of disabling the electronic file using the disabling key configured to be enabled, and the receiving terminal device When the command for enabling the use of the converted electronic file is input, the unique ID is acquired from the hardware or software used in the terminal device on the receiving side, and the enable is generated based on the acquired unique ID And a enabling process step of making the unavailable electronic file available using a key.

Therefore, by using the method using an electronic file transfer system including a terminal device on the transmission side and one or more terminal devices on the reception side, the same effects as those of the first invention can be obtained.

FIG. 1 is a block diagram showing the overall configuration of an electronic file transfer system 2 according to an embodiment of the present invention. FIG. 2 is a block diagram illustrating the configuration of the server device 4, the transmission-side terminal device 5, and the reception-side terminal device 6 that are main components of the electronic file transfer system 2. FIG. 3 is a block diagram showing an example of the hardware configuration of the server device 4 and the transmission-side terminal device 5 shown in FIG. 2, and each of the server device 4 and the transmission-side terminal device 5 is for one computer. This is an example of the case. FIG. 4 is a flowchart illustrating an example of a process flow in the electronic file transfer system 2. FIG. 5 is a detailed flowchart of the encryption process. FIG. 6 is a detailed flowchart of the decoding process. FIG. 7 is a diagram for explaining the concept of groups in the electronic file transfer system 2. FIG. 8 is a diagram illustrating an example of a display screen displayed on the display device 62 of the terminal device 5 in the processing in the electronic file transfer system 2. FIG. 9 is a diagram illustrating an example of a data configuration of the database 12 provided in the server device 4.

  FIG. 1 is a block diagram showing the overall configuration of an electronic file transfer system 2 according to an embodiment of the present invention.

  In the following example, a case will be described as an example where the electronic file disabling process is realized as an electronic file encryption process. In this case, the encryption in the encryption process corresponds to the disabling in the disabling process, the encryption key corresponds to the disabling key, the decryption to enable, and the decryption key to the enabling key.

  The electronic file transfer system 2 includes a server device 4, a transmission-side terminal device 5, one or more reception-side terminal devices 6, 6,..., An external terminal device 7, and a management terminal device 9. The server device 4 and the terminal devices 5, 6, 7, 9 can communicate information via the information communication means 8.

  FIG. 2 is a block diagram illustrating the configuration of the server device 4, the transmission-side terminal device 5, and the reception-side terminal device 6 that are main components of the electronic file transfer system 2.

  As shown in FIG. 2, the server device 4 includes a server-side control unit 10 and a database 12 as a group-related database and a file ID-related database.

  The server-side control unit 10 controls access to the database 12. Further, when the link data is operated in step S41 described later, the server-side control unit 10 acquires a file ID associated with the link data and sends an e-mail to the external terminal device 7 that has operated the link data. If the input e-mail address matches the external e-mail address stored in association with the file ID stored in the database 12 in advance or subsequent by the terminal device 5 on the transmission side On the condition that the decryption-dedicated software as the enabling software that can be temporarily used is transmitted to the external terminal device 7.

  The database 12 stores the unique ID associated with the terminal device 5 on the transmission side and the unique ID associated with the terminal device 6 on the reception side, classified into one or more groups. The database 12 also stores a plurality of different groups in association with one unique ID. The database 12 also includes a file ID that is an identification mark for identifying an encrypted electronic file (hereinafter, also referred to as “encrypted file”) as an electronic file that has been disabled, and the external terminal device 7. Are stored in association with the external mail address which is the electronic mail address.

  The terminal device 5 on the transmission side includes an encryption processing unit 20 that is a disabling processing unit and a local database 22.

  The encryption processing unit 20 includes a unique ID that is an individual identification mark of hardware or software used in the terminal device 5 on the transmission side, and hardware or software used in one or more terminal devices 6 on the reception side. As an enabling key generated based on one of the specified unique IDs when an encryption command (unusable command) of an electronic file accompanied by specification of two or more unique IDs is input among the unique IDs The electronic file is encrypted (unusable) using an encryption key as a disabling key configured so that the electronic file can be decrypted (usable) only by the decryption key.

  The encryption processing unit 20 is further configured to be accessible to the database 12 and to the terminal device 5 on the transmission side in the group having one or more unique IDs stored in the database 12 as constituent elements. When an encryption command for an electronic file accompanied by a designation of a specific group to which the unique ID belongs is input, the electronic file is stored only with a decryption key generated based on one of the unique IDs constituting the designated group. The electronic file is configured to be encrypted using an encryption key configured to be decrypted.

  The encryption processing unit 20 further receives an electronic file encryption command accompanied by designation of one or more specific groups to which the unique ID related to the terminal device 5 on the transmission side belongs among the groups stored in the database 12. When input, the electronic file is encrypted using an encryption key configured so that the electronic file can be decrypted only with a decryption key generated based on one of the unique IDs constituting all the specified groups. Is configured to

  Further, the encryption processing unit 20 can be decrypted only by the decryption-dedicated software provided from the server device 4 when the encryption command of the electronic file accompanied by the designation of the external terminal device 7 by the external mail address is input. In addition to encrypting the electronic file, the file ID of the encrypted file and the external mail address are associated with each other, stored in the database 12 via the server device 4, and addressed to the external mail address to which the encrypted file is attached. Link data for requesting the server apparatus 4 to transmit decryption-dedicated software when operated on the external terminal device 7 that has received the e-mail, and link data associated with the file ID Is configured to send an e-mail containing

  The encryption processing unit 20 further includes a password lock processing unit 21.

  The password lock processing unit 21 locks the encrypted file using the designated password when the encryption command includes designation of the password.

  The local database 22 is appropriately synchronized so as to have the same content as the database 12 of the server device 4. Therefore, the terminal device 5 is generally configured to reduce the communication load by accessing the local database 22 instead of accessing the database 12.

  The receiving-side terminal device 6 includes a decryption processing unit 30 that is an enabling processing unit and a local database 32.

  The local database 32 has the same configuration as the local database 22.

  When the decryption command of the encrypted file is input, the decryption processing unit 30 acquires a unique ID from the hardware or software used in the terminal device 6 on the receiving side, and based on the acquired unique ID The encrypted file is decrypted using the generated decryption key.

  The decryption processing unit 30 further includes a password lock release processing unit 31.

  When the encrypted file is password-locked, the password lock release processing unit 31 acquires and acquires the password notified from the terminal device 5 on the transmission side that performed the password lock before decrypting the electronic file. The password lock is released using the password that was set.

  The external terminal device 7 shown in FIG. 1 is specified by an e-mail address during the encryption process. The external terminal device 7 includes a decryption processing unit (not shown).

  This decryption processing unit is configured to decrypt the encrypted file using decryption-dedicated software when a decryption command for the encrypted file is input, and decryption processing of the terminal device 6 on the receiving side A password unlock processing unit similar to the password unlock processing unit 31 in the unit 30 is provided.

  The management terminal device 9 shown in FIG. 1 is used to perform grouping of unique IDs stored in the database 12 and other management operations of the system 2.

  In this embodiment, for the sake of convenience, the transmitting-side terminal device 5 and the receiving-side terminal device 6 are described as different terminal devices having different configurations, but in general, a single terminal is used. The apparatus has the functions of both the terminal apparatus 5 on the transmission side and the terminal apparatus 6 on the reception side shown in FIG. 2, and functions as the terminal apparatus 5 on the transmission side when performing the encryption process of the electronic file. When the encrypted file is decrypted, it is configured to function as the receiving side terminal device 6.

  FIG. 3 is a block diagram showing an example of the hardware configuration of the server device 4 and the transmission-side terminal device 5 shown in FIG. 2, and each of the server device 4 and the transmission-side terminal device 5 is for one computer. This is an example of the case.

  Hereinafter, the terminal device 5 on the transmission side, the terminal device 6 on the reception side, the external terminal device 7, and the management terminal device 9 are simplified to be the terminal device 5, the terminal device 6, the terminal device 7, and the terminal device, respectively. It may be 9.

  The server device 4 is not particularly limited, but has the same configuration as a general server computer in this example.

  The server device 4 is a recording medium that stores a program on the server device 4 side of the electronic file transfer system 2, and an auxiliary storage device 55 such as an HDD (hard disk drive) including a hard disk that is also a storage medium of the database 12, an auxiliary storage. A main storage device 54 loaded with a program stored in the device 55; a CPU 51 corresponding to the server-side control unit 10 that executes the program loaded in the main storage device 54; a display device 52 such as an LCD (liquid crystal display device); An input device 53 such as a keyboard, a mouse, and a track pad, and a communication interface 56 for communicating with the terminal devices 5, 6, 7, and 9 via the information communication means 8 are provided.

  The terminal device 5 is not particularly limited, but in this example, has the same configuration as a general personal computer.

  The terminal device 5 is a recording medium that stores a program on the terminal device 5 side of the electronic file transfer system 2, and an auxiliary storage device 65 such as an SSD (solid state drive) equipped with a flash memory that is also a storage medium of the local database 22. A main storage device 64 loaded with a program stored in the auxiliary storage device 65, a CPU 61 for executing the program loaded in the main storage device 64, a display device 62 such as an LCD (liquid crystal display device), input keys, a touch panel, etc. Input device 63 and a communication interface 66 for communicating with the server device 4 via the information communication means 8.

  The basic hardware configuration of the terminal devices 6, 7 and 9 is the same as that of the terminal device 5.

  4 to 6 are flowcharts illustrating an example of the flow of processing in the electronic file transfer system 2. FIG. 7 is a diagram for explaining the concept of groups in the electronic file transfer system 2. FIG. 8 is a diagram showing an example of a display screen (hereinafter simply referred to as “screen”) displayed on the display device 62 of the terminal device 5 in the processing in the electronic file transfer system 2. 9A, FIG. 9B, FIG. 9C, and FIG. 9D are diagrams illustrating an example of a data configuration of a table that configures the database 12 provided in the server device 4.

  As shown in FIGS. 9A, 9B, 9C, and 9D, the database 12 includes four tables.

  FIG. 9A is a diagram illustrating an example of a data configuration of the serial number table 70. FIG. 9B is a diagram illustrating an example of a data configuration of the group member table 71 corresponding to the group related database. FIG. 9C is a diagram illustrating an example of a data configuration of the user table 72. FIG. 9D is a diagram illustrating an example of a data configuration of the file ID table 73 corresponding to the file ID related database.

  The serial number table 70 is a table that stores information relating to serial numbers, and represents the relationship between serial numbers, owner IDs, and user IDs. There is a one-to-one correspondence between serial numbers and owner IDs.

  The group member table 71 is a table that stores the relationship between a group and its constituent members, and represents the relationship between a group ID and an owner ID (equivalent to a serial number).

  The user table 72 is a table that stores information about users, and represents the relationship between user IDs and their mail addresses. The file ID table 73 stores information related to the file ID, and includes a file ID, an owner ID, a password, a password notification mode, an OTUID notification mode (a notification mode for the use ID of the decryption dedicated software), and an external terminal mail address. Represents the relationship.

  A processing procedure in the electronic file transfer system 2 will be described with reference to these drawings.

  FIG. 4 is a flowchart for explaining an outline of the procedure of the file transfer process in the electronic file transfer system 2.

  First, group setting is performed, and a plurality of unique IDs are grouped (step S1).

  In the group setting, first, unique IDs related to the terminal device 5 and the plurality of terminal devices 6 are stored in the database 12 of the server device 4.

  The storage method is not limited. For example, when installing software for executing the present system (hereinafter sometimes referred to as “encryption / decryption software”) on the terminal devices 5 and 6. For example, the serial number of the encryption / decryption software is transmitted to the server device 4 and stored in the serial number table 70 of the database 12 as the unique ID of the terminal devices 5 and 6 (see FIG. 9A). At this time, an owner ID having a one-to-one relationship with the serial number is assigned to each serial number.

  The hardware used in the terminal device other than the terminal devices 5 and 6, such as a USB memory, for example, is connected to the terminal device 5 or 6 at the time of introduction of the present system. The data is transmitted to the server device 4 and stored in the database 12 as a unique ID of the USB memory.

  The unique ID may be any individual identification mark of hardware or software used in the terminal devices 5 and 6, and is not limited to a serial number.

  A method for grouping a large number of unique IDs stored in the database 12 in this way is not particularly limited. For example, an administrator who operates the system 2 uses the management terminal device 9 to This can be done from an administrator website (not shown).

  FIG. 7 illustrates a grouped state.

  In this example, a large number of unique IDs P11, P12, P13,... Are grouped into a large number of groups.

  That is, each of the unique IDs P11, P12, P13,... Is an employee (member) who uses the terminal device 5 or 6 installed with encryption / decryption software having these unique IDs, Focusing on the department to which the employee (member) who uses the USB memory with a unique ID belongs, a plurality of (three in this example) main groups, group G1 (A company head office group), G2 (A company Tokyo branch) Group) and G3 (A company Osaka branch group).

  Each of the main groups, that is, the groups G1, G2, and G3, are subdivided into a plurality of subgroups (all three in this example). For example, the group G1, which is the main group, is divided into three subgroups, that is, a group G10 (general affairs group), a group G11 (planning group), and a group G12 (management group).

  For example, the group G11 is composed of six unique IDs P11, P12,. Although not shown, the subgroup can be further divided into a plurality of groups.

  In addition, a group that crosses multiple groups (multiple main groups and multiple subgroups), for example, a group corresponding to a project team composed of employees selected from multiple departments, is also set. be able to.

  In this example, a group G4 having three unique IDs, that is, a unique ID P11 belonging to the group G11, a unique ID P21 belonging to the group G22, and a unique ID P31 belonging to the group G30 is set.

  Therefore, for example, the unique ID P21 belongs to three groups, that is, groups G2, G22, and G4.

  In this way, group setting is performed. The group setting is changed as needed, and the data in the database 12 is updated along with the change.

  As shown in FIG. 4, the encryption process is executed on the assumption that the group setting (step S1) has been executed (step S2).

  FIG. 5 shows a detailed flowchart in the encryption process.

  The encryption process is performed by transmitting the terminal device 5 on the transmission side installed with the encryption / decryption software having the unique ID belonging to any of the above groups (hereinafter, such expression is referred to as “unique ID belonging to any group”). The terminal device 5 ”may be abbreviated as“.

  As illustrated in FIG. 5, when a program (encryption / decryption software) according to the present system is operated in the terminal device 5, the CPU 61 of the terminal device 5 (hereinafter simply referred to as “terminal device 5”) may be used. ) Starts monitoring the input of a plain text file (electronic file before encryption) (step S20).

  The plain text file is input to the terminal device 5 by, for example, dragging and dropping the icon of the plain text file into the plain text input area of the input screen (not displayed) displayed on the display device 62 of the terminal device 5. Executed. This operation corresponds to an encryption command.

  When the plain text file is input, the terminal device 5 displays the protect condition setting screen 40 on the display device 62 and monitors the input of the protect condition (step S21).

  FIG. 8 illustrates the configuration of the protect condition setting screen 40. The protection condition setting screen 40 displays a password setting area 41, a decryption permission target setting area 45, a decryptable count limit setting area 46, a decryptable period limit setting area 47, a confirmation button 48, and a cancel button 49. Yes.

  A password can be set by checking a check box in the password setting area 41 and inputting an arbitrary password. The password setting area 41 is provided with a password notification mode designation area 41a (not shown), and the password notification mode is designated in the area 41a. The password notification mode is stored in the file ID table 73 of the database 12.

  In this example, as a password notification mode, the server device 4 that has received a password notification request from the receiving terminal device 6 or the external terminal device 7 automatically transmits a password to these terminal devices 6 or 7. There are an automatic notification mode and an approval waiting mode for notifying the terminal device 5 on the transmission side that a password notification request has been issued from these terminal devices 6 or 7, and it is configured so that either password notification mode can be designated. ing.

  When the approval waiting mode is designated as the password notification mode, it is determined whether or not to transmit the password in the terminal device 5 on the transmission side that has received the notification that the password notification request has been received from the server device 4. Only when it is determined to be transmitted, the password is transmitted to the terminal device 6 or 7 via the server device 4.

  In this example, password setting is not indispensable, but it can be configured to require password setting.

  The decryption permission target setting area 45 includes a terminal device limited area 42, a unique ID setting area 43, a group setting area 44, and an external terminal apparatus setting area 50 (not shown). By specifying 43, 44, and 50, it is possible to set a target for which decoding is permitted. In this example, these areas 42, 43, 44, 50 are configured to be selected alternatively, but some or all of these areas 42, 43, 44, 50 can be selected simultaneously. You can also

  When the check box of the terminal device limited area 42 is checked, decoding is permitted only in the terminal 5 and cannot be decoded in other terminal devices 6.

  The unique ID setting area 43 is an area for setting one or more specific unique IDs as a target for which decoding is permitted. By checking the check box in this area and inputting a unique ID that allows decryption, the terminal device 5 on the transmission side, the terminal devices 6 and 7 connected to the USB memory having the unique ID, or the relevant Decryption is allowed only in the terminal devices 6 and 7 that are executing the encryption / decryption software having the unique ID.

  The unique ID that can be specified in the unique ID setting area 43 is not limited. For example, even a unique ID that is not stored in the serial number table 70 or the group member table 71 of the database (unique ID related to an external member) is specified. Is possible.

  In this example, when the check box of the unique ID setting area 43 is checked, the terminal device 5 on the transmission side is automatically allowed to decrypt, but the terminal device 5 on the transmission side is also configured. In order to allow decryption, the unique ID related to the terminal device 5 on the transmission side must be input.

  In this example, the unique ID related to the USB memory and the unique ID related to the encryption / decryption software can be specified at the same time. However, only one of them can be specified.

  The group setting area 44 is an area for setting one or two or more specific groups as targets for which decoding is permitted. By checking the check box in this area and designating a group that allows decryption, all the terminal devices 6 connected to the USB memory having the unique ID belonging to the designated group and the designated group are assigned. Decryption is allowed only in all the terminal devices 6 that are executing the encryption / decryption software having the unique ID to which it belongs.

  In this example, based on the data (corresponding to the group member table 71) stored in the local database 22 synchronized so as to have the same contents as the database 12 of the server device 4, one or two or more to which the terminal device 5 belongs. The group is extracted, and the extracted one or two or more groups are displayed by genre. By selecting one or two or more groups from any one or two or more genres, decoding is allowed. To specify the group to be used.

  The database 12 (local databases 22 and 32) includes a group ID (data representing a group identification mark), a group name (such as “Tokyo branch” and “sales department”), and a company name (such as “A corporation”). ) Are stored in association with each other, and a group name or company name corresponding to the group ID is displayed on the display device 62 such as the terminal device 5.

  The external terminal device setting area 50 (not shown) is an area for setting the external terminal device 7 as a target for which decoding is permitted. The external terminal device setting area 50 may be configured to include, for example, an e-mail address designation area 50a (not shown) and a check box (not shown). The check box in this area is checked, and an external mail address (a known electronic mail address used in the external terminal device 7) is input in the electronic mail address designation area 50a.

  Also, the external terminal device setting area 50 is provided with a notification mode designation area 50b (not shown) of the use ID of the decryption-dedicated software (hereinafter sometimes simply referred to as “use ID”). , The usage ID notification mode is designated. The usage ID notification mode is stored in the “OTUID notification mode” field of the file ID table 73 of the database 12.

  In this example, as a usage ID notification mode, an automatic notification mode in which the server device 4 that has received a usage ID notification request from the external terminal device 7 automatically transmits a usage ID to the external terminal device 7, and an external terminal There is an approval waiting mode for notifying the terminal device 5 on the transmitting side that there has been a usage ID notification request from the device 7, and it is configured so that a notification mode of any usage ID can be designated.

  When the approval waiting mode is designated as the usage ID notification mode, whether or not to transmit the usage ID in the terminal device 5 on the transmission side that has received a notification from the server device 4 that there has been a usage ID notification request. The usage ID is transmitted to the external terminal device 7 via the server device 4 only when it is determined that the transmission is to be performed.

  By checking the check box of the decryptable count limit setting area 46 and specifying the number of times that decryption is possible, the number of times that decryption can be performed in the encryption / decryption software can be limited. In this example, the designation of the number of times that decoding can be performed is not essential, but the designation may be mandatory.

  While the check box of the decryptable period limit setting area 47 is checked, either a time limit or a date limit is selected with a radio button as a limit mode, and a time that can be decrypted in accordance with the selected limit mode Alternatively, by specifying the last date that can be decrypted, the decryptable period can be limited. In this example, it is not essential to specify a period in which decryption is possible, but it may be configured to make the specification mandatory.

  In this way, when the confirmation button 48 is operated after the protection condition is set, for example, a setting item list screen (not shown) is displayed, and the decision button (not shown) is operated. The terminal device 5 executes step S22 shown in FIG. If the cancel button is operated before the confirmation button 48 is operated, the setting of the protection condition is cancelled.

  As shown in FIG. 5, in step S <b> 22, the terminal device 5 determines what the decryption permission target set in the decryption permission target setting area 45 of the protection condition setting screen 40 is.

  When the terminal device 5 determines that the decryption permission target is a specific group of one or more, all the devices belonging to the group are based on the data stored in the local database 22 (corresponding to the group member table 71). The unique ID is read, an encryption key is generated based on all the read unique IDs, and an encrypted file is generated by encrypting the plaintext file using this encryption key (step S23).

  This encryption key is configured such that the plaintext file can be decrypted only with a decryption key generated based on any one of the unique IDs constituting all the groups related to the designation. Of course, the decryption key cannot be generated based on the encryption key. Although the encryption / decryption method is not particularly limited, for example, AES256 can be used.

  In addition, the process in step S23 is not limited to the said method, For example, it can also perform by the following method.

  That is, when determining that the decryption permission target is a specific group of one or more, the terminal device 5 generates an encryption key based on the group ID of the group (see the group member table 71), and this encryption key It is also possible to generate an encrypted file by encrypting a plain text file using. Use of this method is advantageous because the data amount of the encryption key can be reduced even when there are a large number of unique IDs belonging to the group.

  If the terminal device 5 determines in step S22 that the decryption permission target is a specific unique ID, the terminal device 5 generates an encryption key based on all the specified unique IDs, and encrypts the plaintext file using this encryption key. As a result, an encrypted file is generated (step S24).

  This encryption key is configured so that the plaintext file can be decrypted only with a decryption key generated based on any one of the unique IDs related to the designation.

  If the terminal device 5 determines in step S22 that the decryption permission target is its own terminal device 5, the terminal device 5 generates an encryption key based on the unique ID associated with its own terminal device 5, and uses this encryption key. An encrypted file is generated (step S25).

  This encryption key is configured so that the plaintext file can be decrypted only with the decryption key generated based on the unique ID associated with its own terminal device 5.

  When the terminal device 5 determines in step S22 that the decoding permission target is the external terminal device 7, the terminal device 5 can decrypt the data using the dedicated decoding software provided from the server device 4 to the external terminal device 7 later. The electronic file is encrypted to generate an encrypted file (step S26).

  For this reason, no unique ID is used for the encryption in step S26. Of course, protection conditions other than the decryption permission target setting area 45 (see FIG. 8) can be set.

  When the encryption in step S26 is completed, the terminal device 5 uses the file ID of the encrypted file, the external mail address input from the external terminal device setting area 50 (not shown), and the use ID of the decryption dedicated software. The information about the notification mode of the usage ID input from the designated area 50b for the notification mode and the unique ID related to its own terminal device 5 are transmitted to the server device 4 and stored in the database 12 It is stored in the file ID table 73.

  The operator of the terminal device 5 creates an e-mail addressed to the external e-mail address, and transmits it with the encrypted file attached. The link data to the download site of the decryption-dedicated software of the server device 4 is pasted in the body of the e-mail. When pasting link data, the file ID of the encrypted file is automatically added to the link data.

  As shown in FIG. 5, the terminal device 5 next determines whether or not a password is set in the password setting area 41 of the protect condition setting screen 40 (step S28), and the password is not set. Terminates the encryption process as it is, and if a password is set, the encrypted file is password-locked using the specified password, and the password and the notification mode information of the password are stored in the server device 4. Are stored in the file ID table 73 of the database 12 and the encryption process is terminated (step S29).

  In the case where the designated password notification mode is the approval waiting mode and the password is configured to be transmitted directly from the terminal device 5 on the transmission side to the terminal device 6 on the reception side, the password is stored in the server. There is no need to transmit to the device 4 and store it in the file ID table 73.

  Returning to FIG. 4, next, the encrypted file is delivered to the terminal device 6 on the receiving side or the external terminal device 7 (step S3). The method for delivering the encrypted file is not particularly limited, and examples thereof include attachment to an e-mail, file transfer, mailing, and carrying.

  Next, in the receiving terminal device 6 or the external terminal device 7, a decryption process is performed on the delivered encrypted file (step S4).

  FIG. 6 shows a detailed flowchart in the decoding process. The procedure shown in FIG. 6 is an example when the encrypted file is delivered by attachment to an e-mail, but the decryption process is performed in substantially the same manner when delivered by another method. .

  In step S40, when the terminal device that performs the decryption process is the receiving-side terminal device 6, the receiving-side terminal device 6 can use the encryption / decryption software. The process of step S42 is executed.

  On the other hand, when the terminal device that performs the decryption process is the external terminal device 7 in step S40, the external terminal device 7 cannot use the encryption / decryption software that constitutes the system 2, and therefore the external terminal The device 7 acquires decryption-dedicated software via the server device 4 (step S41).

  The method for obtaining the decoding-dedicated software is not particularly limited, but can be realized by the following method, for example.

  In step S26, the e-mail attached with the encrypted file is sent from the terminal device 5 on the transmission side to the external terminal device 7. In the body of this e-mail, the decryption-only software download site of the server device 4 is sent. Link data to is pasted.

  In the external terminal device 7 that has received this e-mail, by clicking the link data and accessing the download site for the decryption-only software of the server device 4, the decryption-only software and its use ID can be acquired.

  The method for obtaining the decryption-dedicated software and its use ID is not particularly limited, but can be performed by the following method, for example.

  That is, when the link data is clicked to access the download site for the decryption dedicated software, the server device 4 can acquire the file ID included in the link data.

  On the other hand, when accessing the download site, the user is prompted to input an e-mail address to the external terminal device 7 at the download site. In response, the e-mail address that received the e-mail attached with the encrypted file is input from the external terminal device 7.

  Based on the file ID table 73, the server device 4 determines whether the external terminal mail address stored in correspondence with the acquired file ID matches the input electronic mail address.

  If they match, it is determined that the input e-mail address is a genuine external terminal mail address, and the server apparatus 4 displays link data for downloading the decryption-dedicated software on the download site.

  By clicking on this link data in the external terminal device 7, the decryption dedicated software is downloaded to the external terminal device 7. Note that this decryption-dedicated software cannot be activated unless a usage ID is input.

  Next, the server device 4 reads data in the OTUID notification mode (utilization ID notification mode) corresponding to the acquired file ID from the file ID table 73. If the data in the OTUID notification mode is “automatic notification”, the usage ID is notified to the external terminal device 7. The notification method is not limited. For example, immediately after the download of the decryption-only software by the external terminal device 7 is completed, the notification is displayed on the download site or in an e-mail addressed to the external terminal mail address. Can be.

  On the other hand, if the data in the OTUID notification mode is “waiting for approval”, the server apparatus 4 identifies the unique ID related to the terminal apparatus 5 on the transmission side obtained based on the file ID table 73, the serial number table 70, and the user table 72. An e-mail for inquiring whether or not to approve the use ID to be transmitted to the external terminal device 7 is transmitted to the e-mail address corresponding to.

  In the electronic mail, link data to a site for inputting permission / denial to transmit the usage ID to the external terminal device 7 is described. In the terminal device 5 on the transmitting side, the site for inputting the approval / disapproval is accessed according to the link data, and the approval / disapproval of transmitting the usage ID to the external terminal device 7 is input. If the input data is “reject”, the server device 4 does not transmit the usage ID to the external terminal device 7. When the input data is “approved”, the server device 4 transmits the notification use ID to the external terminal device 7 using, for example, an electronic mail addressed to the external terminal mail address.

  In this way, the external terminal device 7 can acquire the decryption-dedicated software and its use ID via the server device 4.

  Returning to FIG. 6, the processing after step S42 will be described. Since the processing in step S42 and subsequent steps is common to the case of the receiving terminal device 6 and the case of the external terminal device 7, the case of the receiving terminal device 6 will be described as an example.

  When the encryption / decryption software is operated in the receiving-side terminal device 6 that performs the decryption process, the CPU 61 of the receiving-side terminal device 6 (hereinafter simply referred to as “terminal device 6”) may be used. Then, monitoring of the input of the encrypted file is started (step S42).

  The input of the encrypted file to the terminal device 6 is performed by, for example, dragging the icon of the encrypted file to the encrypted file input area of the input screen (not displayed) displayed on the display device 62 of the terminal device 6. It is executed by dropping. This operation corresponds to a decryption instruction.

  When the encrypted file is input, the terminal device 6 determines whether or not the encrypted file is password-locked (step S43). If the password is not locked, the control proceeds to step S45, where the password is locked. If it is locked, a password unlock process is performed (step S44).

  In the password unlock processing, the receiving terminal device 6 transmits a password notification request to the server device 4. The method of transmitting the password notification request is not particularly limited. For example, the password notification request link data described in the body of the email attached with the encrypted file received from the terminal device 5 on the transmission side. By clicking. The link data for requesting password notification is described (pasted) in the body of the e-mail to which the encrypted file is attached, for example, by the operator of the sender terminal device 5.

  The file ID of the encrypted file is automatically added to the password notification request link data, and when the link data is clicked, the server device 4 acquires the file ID.

  The server apparatus 4 that has received the password notification request reads out the password notification mode data corresponding to the file ID from the file ID table 73 based on the acquired file ID. When the password notification mode data is “automatic notification”, the server device 4 reads the password corresponding to the file ID from the file ID table 73 and transmits it to the terminal device 6 on the receiving side. The transmission method is not particularly limited. For example, the transmission method is transmitted using an electronic mail stored in the database 12 and addressed to the mail address of the receiving terminal device 6 corresponding to the file ID.

  On the other hand, when the password notification mode data is “waiting for approval”, the server device 4 transmits information indicating that a password notification request has been made to the terminal device 5 on the transmission side. The transmission method is not particularly limited. For example, the transmission method is transmitted using an electronic mail stored in the database 12 and addressed to the mail address of the terminal device 5 on the transmission side corresponding to the file ID.

  The terminal device 5 on the transmission side that has received the information indicating that the password notification request has been received transmits information indicating that the password notification is approved to the server device 4 when determining that the password notification is approved. This transmission method is not particularly limited. For example, clicking the link data for password notification approval described in the e-mail from the server apparatus 4 that has transmitted the information that the password notification request has been made. To do.

  The server device 4 reads out the password corresponding to the file ID stored in the database 12 only when receiving information from the terminal device 5 on the transmission side to approve the notification of the password. It transmits to the terminal device 6. The transmission method is not particularly limited. For example, the transmission method is transmitted using an electronic mail stored in the database 12 and addressed to the mail address of the receiving terminal device 6 corresponding to the file ID.

  Note that the terminal device 5 on the transmission side that has received the information that the password notification request has been received from the server device 4 can also be configured to transmit the password directly to the terminal device 6 on the reception side. The transmission method is not particularly limited. For example, the transmission is performed using an e-mail addressed to the e-mail address of the terminal device 6 on the reception side, which is known in the terminal device 5 on the transmission side.

  In this way, in the receiving terminal device 6 that has received the password notification, the password lock of the encrypted file is released using the password.

  Next, as shown in FIG. 6, the terminal device 6 on the receiving side has hardware (for example, USB memory) or software (for example, activated encryption / decryption software) used in the terminal device 6. The unique ID is read from the encrypted file, and the encrypted file is decrypted using the decryption key generated based on the read unique ID (step S45).

  In the description of step S23, as another example of the encryption method when the decryption permission target is a specific group of one or more, based on the group ID of the group (see the group member table 71). The configuration of generating an encrypted file by generating an encryption key and encrypting a plain text file using the encryption key has been described. A decryption method in this case will be described.

  In this case, the terminal device 6 on the receiving side reads and reads the unique ID from hardware (for example, USB memory) or software (for example, activated encryption / decryption software) used in the terminal device 6. It is determined which group the unique ID belongs to based on the serial number table 70 and the group member table. In this way, the group ID corresponding to the read unique ID can be read from the database 12.

  The terminal device 6 on the receiving side can decrypt the encrypted file using the decryption key generated based on the read group ID.

  In the case of encryption, when other protection conditions such as the number of times of decryption and the period of time for decryption shown in the display screen 40 of FIG. 8 are set, in addition to the protection Only when the condition is satisfied, the encrypted file can be decrypted.

  In this manner, the encrypted file is decrypted in the terminal device 6 on the receiving side.

  On the other hand, when the decoding in step S45 is executed in the external terminal device 7, it is different from the case of the receiving side terminal device 6.

  When decryption is executed in the external terminal device 7, the external terminal device 7 sends the encrypted file received from the terminal device 5 on the transmission side in step S3 via the server device 4 in step S41. Decryption is performed using the obtained decryption-dedicated software and its use ID.

  As mentioned in the description of step S26 above, since no unique ID is used for encryption, when a protection condition other than the decryption permission target setting area 45 (see FIG. 8) is set, Decoding is performed on condition that the condition is satisfied.

  In this way, the decryption process (step S4) ends, and the file transfer process is completed.

  In the above-described embodiment, the identification ID that can be directly recognized from the hardware or software by the encryption / decryption software constituting the system, such as a hardware or software serial number, is described as an example of the unique ID. However, the present invention is not limited to this. The identification ID that can be recognized indirectly by hardware or software by the encryption / decryption software can be used as the unique ID.

  For example, the owner ID shown in the serial number table 70 can be a unique ID. With this configuration, at the time of encryption, an encryption key is generated using an owner ID as a unique ID, and prior to decryption, a serial number directly recognized by the encryption / decryption software is stored in a database (above The serial number table 70) can be used to convert the owner ID. In this way, decryption is possible using the owner ID that is the unique ID.

  In such a configuration, by setting the data length of the owner ID to be shorter than the data length of the serial number, the data amount of the encryption key can be kept small even for an encryption key including a large number of unique IDs.

  In this case, the encryption / decryption software recognizes the owner ID as the unique ID indirectly from the hardware or software via the database. If the encryption / decryption software and the database are interpreted as an integrated system, the system recognizes the owner ID as the unique ID directly from the hardware or software.

  In any case, when a solid identification mark (for example, an owner ID) that cannot be directly recognized by the encryption / decryption software is used as a unique ID, a pair is formed with the solid identification mark that can be directly recognized. It is sufficient to provide a means (for example, a conversion table such as the serial number table 70 or an arithmetic conversion means) capable of mutual conversion to 1. The present invention includes such a configuration.

  In the above-described embodiment, the case where the server device and each terminal device are each configured using one computer has been described as an example, but the present invention is not limited to this. The server device can also be configured by two or more computers. In this case, the two or more computers can be connected via the information communication means 8.

  Also, one terminal device can be configured by two or more computers. Also in this case, the two or more computers can be connected via the information communication means 8.

  In this case, for example, a function corresponding to each function of the terminal device 5 is provided to a terminal device equipped with a web browser from a web server (not shown) in an ASP (Application Service Provider) system. You can also. The same applies to the other terminal apparatuses 6, 7, and 9.

  Step S2 shown in FIG. 4 corresponds to a part of the encryption processing unit 20 of the terminal device 5 on the transmission side and the server side control unit 10 of the server device 4 in FIG. Part of step S3 shown in FIG. 4 corresponds to part of the information communication means 8 in FIG. Step S4 shown in FIG. 4 corresponds to the decryption processing unit 30 of the terminal device 6 on the receiving side and the other part of the server side control unit 10 of the server device 4 in FIG. Step S29 shown in FIG. 5 corresponds to the password lock processing unit 21 of the terminal device 5 on the transmission side in FIG. Step S44 illustrated in FIG. 6 corresponds to the password lock release processing unit 31 of the terminal device 6 on the receiving side in FIG.

  In this embodiment, as a recording medium storing a program on the server device 4 side of the electronic file transfer system 2, a hard disk mounted on the HDD is exemplified, and a program on the terminal device 5, 6, 7 side is stored. The flash memory mounted on the SSD is exemplified as the recording medium, but the recording medium storing the program is not limited to these, and examples of the recording medium storing the program include an external memory card, a CD- ROM, DVD-ROM, flexible disk, and magnetic tape can also be used. Further, the main storage device can also be used as a recording medium storing a program.

  In addition, the distribution mode of the program is not particularly limited, and the program may be distributed via a wired or wireless information communication unit in addition to distributing the program stored in a recording medium.

  The recording mode of the program is not particularly limited. In addition to being stored or distributed in a recording medium in a form that can be directly executed, it can be stored or distributed in a recording medium in a compressed form so as to be decompressed and used, for example.

  In each of the above-described embodiments, the case where each function of FIG. 2 is realized by using a computer has been described as an example. However, part or all of these functions are configured using hardware logic. May be.

  Further, the above-described block diagram, hardware configuration, flowchart, database configuration, display screen configuration, and the like are given as examples, and the present invention is not limited thereto.

Although the present invention has been described above as a preferred embodiment, the terminology has been used for description rather than limitation and departs from the scope and spirit of the present invention. Without departing from the scope of the appended claims. Also, while the above describes only some exemplary embodiments of the present invention in detail, those skilled in the art will recognize the exemplary implementations described above without departing from the novel teachings and advantages of the present invention. It will be readily appreciated that many variations in form are possible. Accordingly, all such modifications are intended to be included within the scope of the present invention.

5: Terminal device on transmission side 6: Terminal device on reception side 20: Encryption processing unit 30: Decryption processing unit

Claims (11)

An electronic file transfer system comprising a transmitting terminal device and one or more receiving terminal devices,
The terminal device on the transmitting side is
Two or more of a unique ID that is an individual identification mark of hardware or software used in the terminal device on the transmission side and a unique ID of hardware or software used in one or more of the terminal devices on the reception side When an instruction to disable the use of an electronic file with designation of a unique ID is input, the electronic file can be made usable only with an enabling key generated based on one of the designated unique IDs. A disabling processor that disables the electronic file using a disabling key,
With
The receiving side terminal device is:
When an instruction for enabling an electronic file that has been made unavailable is input, a unique ID is acquired from the hardware or software used in the terminal device on the receiving side, and generated based on the acquired unique ID An enabling processing unit for making the disabled electronic file available using the enabling key;
Having
An electronic file transfer system characterized by The electronic file transfer system according to claim 1,
The disabling processor further includes:
The group-related database that stores the unique ID related to the terminal device on the transmitting side and the unique ID related to the terminal device on the receiving side in one or more groups is configured to be accessible,
When a command for disabling an electronic file accompanied by designation of a specific group to which a unique ID related to the terminal device on the transmitting side belongs is input among the groups stored in the group related database, the designated group is configured. The electronic file is configured to be disabled using a disabling key configured to enable the electronic file only with an enabling key generated based on any unique ID;
An electronic file transfer system characterized by In the electronic file transfer system according to claim 2,
The group related database stores a plurality of different groups in association with one unique ID,
The disabling processing unit further disables use of an electronic file accompanied by designation of one or more specific groups to which a unique ID relating to the terminal device on the transmitting side belongs among the groups stored in the group related database. When an instruction is input, a disabling key configured so that the electronic file can be used only with an enabling key generated based on one of the unique IDs constituting all the specified groups is used. Configured to make electronic files unavailable,
An electronic file transfer system characterized by In the electronic file transfer system according to any one of claims 1 to 3,
The disabling processor further includes:
A password lock processing unit that locks a disabled electronic file with a specified password when the disable instruction includes a password specification;
The enabling processing unit further includes:
If the disabled electronic file is password-locked, obtain the password notified from the terminal device on the sending side that performed the password lock before using the electronic file, and use the acquired password. A password lock release processing unit for releasing the password lock,
An electronic file transfer system characterized by The electronic file transfer system according to any one of claims 1 to 4,
The electronic file transfer system further includes:
An external terminal device identified by an email address;
A server device comprising a file ID-related database and a server-side control unit that controls access to the file ID-related database, between the transmission-side terminal device and the external terminal device via information communication means And a server device capable of communicating information with,
The file ID related database associates and stores a file ID that is an identification mark that identifies an electronic file that has been disabled, and an external mail address that is an electronic mail address of the external terminal device,
The disabling processor further includes:
When an instruction to disable the use of an electronic file accompanied by designation of the external terminal device by an external mail address is input, the electronic file can be used only by temporary use enabling software provided from the server device. As well as
Correlating the file ID of the electronic file disabled and the external mail address with each other, storing it in the file ID related database via the server device,
An e-mail addressed to the external e-mail address attached with the disabled electronic file, which can be used temporarily for the server apparatus when operated on the external terminal apparatus that has received the e-mail Link data for requesting transmission of the software, and an e-mail describing the link data associated with the file ID,
Configured and
When the link data is operated, the server-side control unit obtains the file ID associated with the link data and prompts the external terminal device that has operated the link data to input an e-mail address. If the input e-mail address matches the external mail address stored in association with the file ID stored in the file ID related database, prior or subsequent approval by the terminal device on the transmission side Is configured to transmit the temporarily usable enabling software to the external terminal device,
The enabling processing unit of the external terminal device is
When an instruction to enable the disabled electronic file is input, the disabled electronic file is configured to be enabled using the temporary enabling software.
An electronic file transfer system characterized by   The said server apparatus used for the electronic file transfer system of Claim 5.   The terminal device on the transmission side used in the electronic file transfer system according to any one of claims 1 to 5.   The terminal device on the receiving side used in the electronic file transfer system according to any one of claims 1 to 5, or the external terminal device used in the electronic file transfer system according to claim 5.   A server-side control unit of the server device according to claim 6, a disabling processing unit of the transmitting-side terminal device according to claim 7, or an enabling processing unit of the receiving-side terminal device or external terminal device according to claim 8. , A program to make it function as.   A recording medium storing the program according to claim 9. An electronic file transfer method performed using an electronic file transfer system including a transmission-side terminal device and one or more reception-side terminal devices,
The transmission side terminal device has a unique ID that is an individual identification mark of hardware or software used in the transmission side terminal device, and hardware or software used in one or more of the reception side terminal devices If an instruction for disabling an electronic file accompanied by specification of two or more unique IDs is input, the electronic file is generated only with an enabling key generated based on one of the specified unique IDs. A disabling process step of disabling the electronic file using a disabling key configured to enable
When the terminal device on the receiving side receives an instruction for enabling an electronic file that has been disabled, the terminal device on the receiving side acquires a unique ID from the hardware or software used in the terminal device on the receiving side, An enabling process step of making the disabled electronic file available using the enabling key generated based on the unique ID;
Having
An electronic file exchange method characterized by the above.

Images