JP2017167871A - Encrypted mail processing device, encrypted mail processing method, and program - Google Patents

Abstract

PROBLEM TO BE SOLVED: To eliminate the need for accepting input again for decrypting an encrypted attachment file.SOLUTION: It is possible to eliminate the need for accepting input again for decrypting an encrypted attachment file by an encrypted mail processing device 1 comprising: an input acceptance unit 121 for accepting decryption input to decrypt an encrypted attachment file that is attached to a mail; a decryption unit 131 for decrypting the encrypted attachment file on the basis of decryption input; an indication acceptance unit 122 for accepting an indication relating to a process that cannot be executed on the encrypted attachment file unless it is decrypted; and a file processing unit 132 for executing, when the indication is accepted while the attachment file is closed after decryption input is accepted for the attachment file, a process that corresponds to the indication on a decrypted attachment file that is obtained as the decryption unit 131 performs decryption on the basis of the decryption input.SELECTED DRAWING: Figure 1

Description

  The present invention relates to an encrypted mail processing apparatus that performs processing on an attached file that is an attached file of mail and that is encrypted.

  Conventionally, there is a document describing a system that performs a search for mail and attached files (see, for example, Patent Document 1).

  Further, there is a document describing a search engine that performs a search for an encrypted mail and a compressed mail and a compressed attached file (for example, see Non-Patent Document 1).

JP 2004-192335 A (first page, FIG. 1 etc.)

“Mail archiving software with full-text search engine“ SAVV / MailRetriever ””, Hitachi Solutions West Japan, [online], [October 19, 2015 search], Internet [URL: http: //www.hitachi-solutions -west.co.jp/products/security/savvy/]

  However, in any of the prior arts in any document, the encrypted attached file is not subject to search.

  In order to perform a process such as a search on an encrypted attached file, for example, it is necessary to accept an input (key, password, etc.) for descrambling and to perform descrambling based on the input. However, when the process is completed and the decrypted attached file is closed and the process such as the search is performed again, it is necessary to accept the input for the decryption again.

  Accordingly, an object of the present invention is to provide an encrypted mail processing device or the like that can eliminate the need for re-acceptance of an input for descrambling an encrypted attached file.

  The encrypted mail processing device according to the first aspect of the present invention is an email attachment file, and an input receiving unit that receives a release input that is an input for descrambling the encrypted attachment file, and a release input In addition, a descrambling unit that performs descrambling on the encrypted attachment file, an instruction receiving unit that accepts instructions regarding processing that must be decrypted on the encrypted attachment file, and an attachment file If the attachment is closed after the cancellation input is received, and the instruction is received, the descrambling unit will decrypt the attachment based on the cancellation input. And a file processing unit that performs processing corresponding to the instruction.

  With such a configuration, it is possible to eliminate the need for re-acceptance of the release input for the encrypted attached file. As a result, the processing that cannot be performed without decryption can be performed any number of times by accepting the cancellation input once. For example, the complexity of the user's operation can be reduced, and the processing load can also be reduced.

  The encrypted mail processing apparatus according to the second aspect of the present invention is the encryption obtained by the descrambling unit deciphering the encrypted attached file of the stored mail with respect to the first invention. A storage unit for overwriting the decrypted attachment file over the encrypted attachment file, and the file processing unit has the decrypted attachment file at the time of receiving the instruction. In this case, the encrypted mail processing apparatus performs processing corresponding to the instruction on the decrypted attached file.

  With this configuration, the decrypted attached file is overwritten on the original encrypted attached file (original file), so that the resources of the recording medium can be saved and the processing can be performed at high speed. Also, the decryption of one attached file need only be performed once, and the processing load can be reduced.

  In addition, the encrypted mail processing device according to the third aspect of the invention relates to the first aspect of the invention, the cancellation input received by the input receiving unit for the encrypted attachment file, and the encrypted attachment file. A decryption unit that stores the decryption input when the instruction is received and the decryption input is stored on the basis of the stored decryption input. Decryption is performed, and the file processing unit performs processing corresponding to the instruction on the decrypted attached file obtained by performing descrambling based on the decryption input stored in the descrambling unit. Device.

  With this configuration, once the cancellation input is accepted, the cancellation input is accumulated, and thereafter, every time an instruction is received, the descrambling is performed based on the stored cancellation input, so the cancellation input is accepted only once. What is necessary is that the complexity of the operation can be reduced. Further, it is possible to save the resources of the recording medium as compared with the case of storing the decrypted attached file separately from the encrypted attached file.

  In addition, the encrypted mail processing device of the fourth aspect of the invention relates to the first invention, the decrypted attachment file obtained by the descrambling unit decrypting the encrypted attachment file, It further comprises a storage unit that stores the encrypted attached file in association with the encrypted attachment file, and the file processing unit stores the encrypted encryption when the decrypted attached file is stored at the time of receiving the instruction. This is an encrypted mail processing device that performs processing corresponding to an instruction on a released attached file.

  With this configuration, once a cancel input is received, the descrambling is performed based on the cancel input, and the obtained decrypted attached file is accumulated, and thereafter, it is stored every time an instruction is received. Since the decrypted attached file is opened, it is only necessary to accept the cancellation input once, and the operation complexity can be reduced.

  In addition, since the descrambling needs to be performed only once, the processing load can be reduced.

  Furthermore, by accumulating the decrypted attachment separately from the original encrypted attachment (original file) (that is, leaving the original file), for example, when transferring the original file, There is no need to perform encryption, high-speed processing is possible, and the processing load can be further reduced. Further, even if one of the two files is damaged, the other can be used, so that the safety against the file damage is increased.

  The encrypted mail processing device according to the fifth aspect of the invention is directed to the third or fourth aspect, wherein the instruction is the first instruction relating to the first process for the encrypted attached file, or is encrypted. It is an instruction related to the second process other than the first process for the attached file, and further includes a request unit that requests the release input even when the release input has been received at the time of receiving the first instruction. In response to receiving the first instruction, the unit performs a first process on the decrypted attached file obtained by performing the descrambling based on the release input for the request by the descrambling unit. Depending on the acceptance, the decrypted attachment file stored or the decrypted attachment file obtained by performing decryption based on the decryption input storing the descrambling part It is an encrypted mail processing apparatus for performing the process.

  With this configuration, for the first instruction, a cancellation input is requested even if the cancellation input has been received, and the decryption is performed based on the cancellation input in response to this request. Can be suppressed. On the other hand, in response to the second instruction, since the second process is performed on the decrypted attached file without accepting the request and the release input for the request, the complexity of the operation can be reduced.

  Further, in the encrypted mail processing device of the sixth invention, the first instruction is an output instruction, the second instruction is a search instruction, and the first process is an output process with respect to the fifth invention. The second process is an encrypted mail processing apparatus which is a search process.

  With such a configuration, a release input is requested for an output instruction even if the release input has been received, and the descrambling is performed based on the release input in response to this request. Use can be prevented. On the other hand, in response to the search instruction, the search process is performed on the decrypted attached file without accepting such a request and a cancellation input for the request, so that the complexity of the operation can be reduced.

  The encrypted mail processing device according to the seventh aspect of the present invention further comprises a receiving unit for receiving mail and a transmitting unit for transmitting mail, as compared with any one of the first to sixth aspects of the invention. The attached file is a cipher that is attached to either the received mail received by the receiver, the unsent mail that the transmitter is trying to send, or the sent mail corresponding to the mail sent by the transmitter. This is a computerized mail processing device.

  With such a configuration, processing that cannot be performed without decryption only by accepting a cancellation input once for an encrypted attached file attached to any of received mail, unsent mail, or sent mail (for example, , Search, output, etc.) can be performed any number of times.

  According to the present invention, a process that cannot be performed without decryption can be performed any number of times by only receiving a cancel input once for an encrypted attached file.

Block diagram of encrypted mail processing apparatus 1 according to Embodiment 1 Flowchart for explaining the operation of the encrypted mail processing device 1 and the like in the first to third embodiments. Data structure diagram related to descrambling information in Embodiment 1 Block diagram of encrypted mail processing apparatus 1a in the second embodiment Data structure diagram for the correspondence information Block diagram of encrypted mail processing apparatus 1b in the third embodiment Data structure diagram for the correspondence information Flowchart for explaining details of object processing in modified examples of second and third embodiments External view of a computer system 900 that realizes the encrypted mail processing apparatus 1 and the like Configuration diagram of computer system 900

  The following is an encrypted mail processing device that does not require input for decryption when the attached file is opened next time when it is decrypted for an attached file of an email and the attached file is opened next time. The embodiment will be described with reference to the drawings. In addition, since the component and step which attached | subjected the same code | symbol in each embodiment and modification perform the same operation | movement, description may be abbreviate | omitted again.

(Embodiment 1)
When the encrypted mail processing apparatus 1 according to the present embodiment decrypts the encrypted attachment file by overwriting the decrypted attachment file on the original encrypted attachment file, The feature is that an input for decryption is unnecessary when opening an attached file.

  FIG. 1 is a block diagram of an encrypted mail processing apparatus 1 in the present embodiment. The encrypted mail processing apparatus 1 includes a storage unit 11, a receiving unit 12, a processing unit 13, a receiving unit 14, and a transmitting unit 15.

  The storage unit 11 includes a mail storage unit 111. The receiving unit 12 includes an input receiving unit 121 and an instruction receiving unit 122. The processing unit 13 includes a descrambling unit 131, a file processing unit 132, a storage unit 133, and a request unit 134.

  As a premise, the storage unit 11 stores information for the processing unit 13 to perform various processes, such as a program for the encrypted mail processing device 1. Various processes and programs will be described later.

  The storage unit 11 also includes an identifier for identifying the encrypted mail processing device 1 itself, an identifier for identifying a mail server device (not shown), and a partner device with which the encrypted mail processing device 1 exchanges information such as mail. An identifier and the like are also stored. Such an identifier is usually an IP address, a MAC address, or the like, but the type is not limited.

  Although not particularly mentioned below, such an identifier is usually added as a transmission source identifier or a transmission destination identifier to information transmitted / received between apparatuses.

  The mail storage unit 111 is, for example, one or two or more mails, attachment files of each mail, and can store information such as an encrypted attachment file. Note that the encrypted attached file may be information different from the mail or a part of information constituting the mail.

  Mail is an abbreviation for electronic mail, and refers to information such as digitized documents and images transmitted and stored between computers such as the encrypted mail processing apparatus 1 through a network such as the Internet.

  An email usually consists of a header and a body. The header includes, for example, information (transmission source identifier, transmission destination identifier, etc.) regarding the transmission destination, the transmission source, and the like. The body may include a mail text (document, image, etc.), an attached file (described later), and the like.

  The mail stored in the storage unit 11 is usually a received mail, an unsent mail, or a sent mail, but the type is not limited.

  The received mail is mail received by the receiving unit 14 described later. The unsent mail is a mail to be transmitted by the transmitting unit 15 described later, and the transmitted mail is a mail corresponding to the mail transmitted by the transmitting unit 15.

  A mail attachment file refers to a file attached to a mail and transmitted / accumulated together with the mail. “With mail” includes a case of being part of the mail.

  The attached file may include various contents such as a document, an image, and sound, for example.

  The attached file only needs to be a file that can be transmitted / stored together with the e-mail, and the content of the file, the file format, the mode of attachment, etc. are not limited.

  Encryption generally refers to converting information according to a predetermined procedure in order to prevent information viewing / falsification (editing) or the like by a third party when information is transmitted or stored. The predetermined procedure is, for example, a procedure according to an encryption algorithm such as common key encryption or public key encryption, but the method is not limited.

  Common key cryptography is a method that uses the same key (common key) for encryption and decryption (decryption). Public key cryptography is a scheme (PGP, S / MIME, etc.) that uses different keys (public key and private key) for encryption and decryption.

  However, the encryption is not limited to the conversion of information according to the encryption algorithm using the encryption key as described above (hereinafter simply referred to as “key”). For example, the information may be rearranged by an encryption table, Any type or method may be used as long as it is a procedure that makes browsing / editing impossible or difficult (disabled or difficult).

  That is, the encryption referred to in this embodiment includes, for example, a method of making information browsing / editing impossible or difficult by dividing or compressing information.

  In addition, encryption is not limited to a method for converting information itself. For example, a password is set for a file in which information is stored, and the file cannot be opened unless the password is input. Widely interpreted, including methods that make browsing and editing impossible or difficult.

  The encryption may be, for example, encryption with compression (such as ZIP or LZH with a password), scrambling with an encryption key, or the like.

  The target of encryption may be, for example, only an attached file of an email, a body part of an email (email body and attached file), or an object including at least an attached file of an email.

  The storage unit 11 can store descrambling information indicating whether or not descrambling has been performed on one or more encrypted attachment files stored in the mail storage unit 111.

  Decryption information includes, for example, an encrypted file ID (for example, CF1, CF2,...) That identifies an encrypted attachment file, and a flag (for example, A1) indicating whether or not the encrypted attachment file has been decrypted. , A2,...) And a set of pairs.

  The flag is off in the initial state (the state that has not been decrypted yet), and when the decryption is performed, the flag is turned on, for example, under the control of the processing unit 13.

  However, when the processing unit 13 can determine whether the decryption is performed based on information other than the decryption information, for example, when the attached file itself has information indicating whether the decryption is performed. Does not require decryption information.

  Based on information (program, mail, descrambling information, etc.) stored in the storage unit 11 and the mail storage unit 111, the processing unit 13 performs, for example, the above-described flag control and various processes described later.

  The accepting unit 12 accepts inputs, instructions, and the like described later.

  The input receiving unit 121 is a mail attachment file, and accepts a release input that is an input for descrambling the encrypted attachment file.

  The release input is, for example, a key (the above-mentioned common key, secret key, encryption key, etc.), password, etc., but any type can be used as long as it is information that enables decryption of the encrypted attached file.

  The decryption input includes a key or password for decrypting the encrypted attachment.

  The release input may include, for example, a pair of an encrypted file ID that identifies one encrypted attached file and a key or password for decrypting the encrypted attached file.

  Acceptance is, for example, acceptance of information input from an input device such as a keyboard, mouse, touch panel, reception of information transmitted via a wired or wireless communication line, an optical disk, a magnetic disk, a recording medium such as a semiconductor memory This is a concept including reception of information read out from.

  The descrambling unit 131 performs descrambling on the encrypted attached file based on the release input received by the input receiving unit 121.

  Decryption is to decrypt the attached file and return, for example, the ciphertext (encrypted character string) contained in the attached file to plaintext (unencrypted character string). Say. Further, when the key is encrypted, it may include decryption of the key.

  In the case of encryption involving compression, the descrambling unit 131 may further perform decompression (decompression).

  When the encryption is scrambled with an encryption key, the descrambling unit 131 may perform descrambling with the encryption key, for example.

  When the encryption includes setting a password for the attached file, the descrambling unit 131 may cancel the password.

  The storage unit 11 can also store a decrypted attached file obtained by performing descrambling on the attached file encrypted by the descrambling unit 131.

  Each time the instruction receiving unit 122 receives an instruction (described above), the file processing unit 132 opens the decrypted attached file.

  The file processing unit 132 performs processing on the decrypted attached file obtained by the descrambling unit 131 performing descrambling based on the release input.

  For example, when the mail stored in the mail storage unit 111 has a decrypted attached file at the time of receiving the instruction, the file processing unit 132 performs processing on the decrypted attached file. .

  The file processing unit 132 normally performs processing such as search and output on plain text obtained by opening the decrypted attached file.

  The search generally refers to searching for target data from a set of data, and includes, for example, a character string search using a keyword, an attribute search based on file attributes (reception date, transmission source identifier, etc.), and the like.

  The search instruction in this embodiment refers to a search such as a character string search or an attribute search for one or more of one or more encrypted attached files stored in the mail storage unit 111. It is instructing to perform processing.

  The search processing referred to in this embodiment is to perform descrambling on one or two or more encrypted attachments in accordance with a search instruction, and to obtain one or more decrypted ones obtained. Searching for attached files.

  The output instruction in this embodiment refers to information contained in one or more of one or more encrypted attached files stored in the mail storage unit 111, for example, Instructing output via an output device such as a display.

  The output processing referred to in this embodiment means that one or two or more encrypted attachments are decrypted according to an output instruction, and one or two or more decrypted files obtained are decrypted. For example, output is performed on an attached file via an output device such as a display.

  However, the target of the above-described instruction or processing may be, for example, only an encrypted attachment file of an email, or an encrypted email body and an encrypted attachment file. Further, in addition to the encrypted attachment file, for example, an unencrypted attachment file, a mail text, a header portion, and the like may be included in the instruction or processing target.

  In the following description, a process corresponding to an instruction received by the instruction receiving unit 122 and which cannot be performed without descrambling may be referred to as a “target process”. Specifically, the target process is the search process corresponding to the search instruction and the output process corresponding to the output instruction as described above. For example, the target process is an edit instruction that is an instruction for editing the attached file. A corresponding editing process, an analysis process corresponding to an analysis instruction that is an instruction for analyzing an attached file, or the like may be used.

  The processing unit 13 can output the content of the attached file opened by the file processing unit 132, the result of processing such as search by the file processing unit 132, and the like via an output device.

  For example, the accumulating unit 133 stores the decrypted attachment file obtained by performing descrambling by the descrambling unit 131 on the encrypted attachment file included in the mail stored in the mail storage unit 111. Overwrite the converted attachment.

  Therefore, the original encrypted attachment file (original file) corresponding to the decrypted attachment file is overwritten by the decrypted attachment file and is lost from the mail storage unit 111.

  However, it is desirable to exclude encrypted attachments of unsent mail from being overwritten. That is, the storage unit 133 normally overwrites the encrypted attachment file of the received mail and the encrypted attachment file of the transmitted mail with the decrypted attachment file as described above, Such overwriting is not performed on encrypted attachments of unsent mail. In this case, instead of overwriting the encrypted attachment of the unsent mail with the decrypted attachment, the encrypted attachment of the unsent mail is paired with (for example, associated with the original file, May accumulate in the same or different storage.

  Alternatively, the storage unit 133 may store the release input received by the input receiving unit 121 with respect to the encrypted attached file, for example, in the storage unit 11 in association with the encrypted attached file. This will be described in the second embodiment.

  Alternatively, the storage unit 133 associates the decrypted attachment file obtained by performing descrambling on the encrypted attachment file with the decryption unit 131, for example, a storage unit 11 may be accumulated. This will be described in the third embodiment.

  The request unit 134 requests a release input (key, password, etc.) when the instruction receiving unit 122 receives an instruction regarding processing for an encrypted attached file.

  When the instruction receiving unit 122 receives an instruction regarding processing on an encrypted attached file, the request unit 134 requests a cancel input when the flag is on.

  The request unit 134 outputs a request via an output device such as a display.

  The receiving unit 14 receives, for example, a mail transmitted from a mail server device (not shown) via a network such as the Internet and a wireless or wired communication module (such as a network card) connected to the network.

  For example, the transmission unit 15 transmits a mail to the mail server device via the communication module and the network.

  The storage unit 11, the mail storage unit 111, and the storage unit 11 a, the storage unit 11 b, the input storage unit 112, and the decrypted file storage unit 113 described later are preferably volatile storage media. It is also possible to realize with a storage medium of the nature.

  The storage unit 11 or the like is usually realized by a storage medium (such as a storage such as a hard disk or an optical disk, a memory such as a RAM or a flash memory, or an internal memory of an MPU) included in the encrypted mail processing apparatus 1 itself. You may implement | achieve by the cloud computing using computer resources, such as a server connected to the network.

  For example, the storage unit 11, the storage unit 11 a, the storage unit 11 b, the input storage unit 112, and the decrypted file storage unit 113 are realized by a storage medium included in the encrypted mail processing device 1 itself for ensuring security, The mail storage unit 111 can also be realized by a storage medium included in the mail server. In this case, mails such as received mails and sent mails are stored in the mail storage unit 111 in the storage medium of the mail server, and when the mail application (mailer) is activated in the encrypted mail processing apparatus 1, the Internet is accessed. To the storage medium (such as the storage unit 11) of the encrypted mail processing apparatus 1.

  If security can be ensured, the storage unit 11, the storage unit 11 a, the storage unit 11 b, the input storage unit 112, and the decrypted file storage unit 113 are also external devices such as a mail server like the mail storage unit 111. You may implement | achieve with the storage medium which has.

  There is no limitation on the process (when and how it is stored) in which various types of information such as mail and programs are stored in the storage unit 11 or the like. For example, information may be stored in the storage unit 11 via a removable storage medium such as a CD-ROM, and information transmitted via a communication line or the like may be stored in the storage unit 11. Alternatively, information input via an input device such as a keyboard may be stored in the storage unit 11.

  The processing unit 13, the descrambling unit 131, the file processing unit 132, the storage unit 133, the request unit 134, and the processing unit 13a, the descrambling unit 131a, the storage unit 133a, the processing unit 13b, and the storage unit 133b, which will be described later, Usually, it can be realized by cooperation of MPU, memory (ROM, RAM, etc.) or other hardware (storage, output device, etc.) and software stored in the memory, but only hardware (dedicated circuit) It may be realized with.

  In the following, the entire hardware including the MPU and the memory is referred to as “computer”, and software that causes the computer to function as the storage unit 11, the reception unit 12, the processing unit 13, the reception unit 14, the transmission unit 15, etc. May be called. However, the MPU and the memory may be referred to as “computer”, and the software that causes the computer to function as the processing unit 13 or the like may be referred to as “program”.

  The reception unit 12, the input reception unit 121, and the instruction reception unit 122 may be considered to include an input device or may not be included. That is, the receiving unit 12 or the like can be realized by an input device and its driver software, or can be realized by a driver software of the input device. The input device may be anything such as a keyboard, a mouse, or a touch panel.

  The processing unit 13 and the request unit 134 may be considered to include an output device, or may not be included. That is, the output function of the processing unit 13 or the like can be realized by the output device and its driver software, or can be realized by the driver software of the output device. The output device may be anything such as a display or a speaker.

  The reception unit 14 and the transmission unit 15 may or may not include a communication module such as a network card. That is, the receiving unit 14 and the like can be realized by communication modules and driver software thereof, or can be realized by driver software of communication modules.

  Next, the operation of the encrypted mail processing apparatus 1 will be described using the flowchart of FIG. 2 and the data structure of FIG.

  FIG. 2 is a flowchart for explaining the operation of the encrypted mail processing apparatus 1 according to the first embodiment.

  The process according to the flowchart of FIG. 2 starts when the encrypted mail processing apparatus 1 is powered on, and ends when an end event such as a power-off operation or interruption of another process occurs.

  At the time of activation, the mail storage unit 111 stores one or more mails, encrypted attached files (for example, CF1, CF2,...) Of each mail.

  Further, the storage unit 11 stores decryption information regarding one or more encrypted attached files (for example, CF1, CF2,...) Stored in the mail storage unit 111.

  FIG. 3 is a data structure diagram regarding descrambling information. The descrambling information indicates an encrypted file ID (for example, CF1, CF2,...) For identifying one or more encrypted attachment files, and whether or not the one or more encrypted attachment files have been decrypted. It consists of a set of pairs with one or more flags (for example, A1, A2,...).

  At the time of activation, it is assumed that the encrypted attached files CF1, CF2,... Have not been decrypted yet, and therefore all the flags A1, A2,.

  (Step S201) In the processing unit 13, the instruction receiving unit 122 is one of one or more encrypted attached files stored in the mail storage unit 111 (hereinafter may be referred to as “encrypted file”). Processing that cannot be performed without decryption (for example, search processing, output processing for browsing, editing processing, analysis processing, etc., hereinafter may be simply referred to as “processing” or “target processing”) It is determined whether or not an instruction (for example, a search instruction, an output instruction, an editing instruction, an analysis instruction, etc., which may be simply referred to as “instruction” hereinafter) is received.

  The instruction includes, for example, an encrypted file ID for identifying an encrypted file to be processed, and a process type (for example, any one of a search instruction, an output instruction, an edit instruction, an analysis instruction, etc.) Includes a pair with type information.

  If it is determined that the instruction receiving unit 122 has received an instruction for the encrypted file, the process proceeds to step S202. If it is determined that the instruction receiving unit 122 has not received an instruction for the encrypted file, the same determination is repeated.

  (Step S202) The processing unit 13 determines whether or not a flag corresponding to the encrypted file is on.

  If it is determined that the flag corresponding to the encrypted file is on, the process proceeds to step S209. If it is determined that the flag is not on (off), the process proceeds to step S203.

  (Step S203) The request unit 134 requests the user to input a release (key, password, etc.) for the encrypted file via an output device such as a display.

  (Step S204) The processing unit 13 determines whether the input receiving unit 121 has received a release input for the encrypted file.

  The release input includes, for example, a pair of an encrypted file ID that identifies an encrypted attached file to be decrypted and a key or password for decryption. However, the encrypted file ID may not be present.

  If it is determined that the input receiving unit 121 has received a release input for the encrypted file, the process proceeds to step S205. If it is determined that the input is not received (not input), the same determination is repeated. If the non-input period exceeds a certain time, the processing unit 13 may determine that a timeout has occurred and may return to step S201.

  (Step S205) The descrambling unit 131 performs descrambling on the encrypted file based on the release input.

  (Step S206) The processing unit 13 determines whether or not the descrambling by the descrambling unit 131 is successful.

  If the descrambling by the descrambling unit 131 is successful, the process proceeds to step S207, and if not successful, the process returns to step S203.

  (Step S207) The processing unit 13 executes a re-input unnecessary process that makes it unnecessary to accept the release input again for the encrypted file.

  As an example of this re-input unnecessary processing, the accumulating unit 133 describes a decrypted attached file (hereinafter referred to as “decrypted file”) obtained by the descrambling unit 131 performing descrambling on the encrypted file. May overwrite the encrypted file.

  The original encrypted file corresponding to the decrypted file is lost from the mail storage unit 111 as a result of being overwritten by the decrypted file (in other words, the original encrypted file is replaced with the decrypted file). .

  (Step S208) The processing unit 13 turns on a flag corresponding to the encrypted file ID for identifying the encrypted file, which is included in the descrambling information stored in the storage unit 11. Thereafter, the process proceeds to step S209.

  (Step S209) The file processing unit 132 executes a target process which is a process corresponding to the instruction.

  In this purpose processing, the file processing unit 132 uses the encrypted file ID included in the instruction among one or more decrypted files DF1, DF2,... Of one or more emails stored in the mail storage unit 111. Open the decrypted file that is identified.

  Next, the file processing unit 132 performs processing corresponding to the processing type information included in the instruction (search processing, output processing for browsing, etc.) for one or more plaintexts obtained by opening the decrypted file. Target processing).

  Thereafter, the file processing unit 132 closes the decrypted file and returns to step S201. This file close may be performed, for example, in response to the end of the target process, or may be performed in response to an end instruction being an instruction for ending the target process.

  According to this flowchart, when the first instruction is received for each of one or more encrypted files CF1, CF2,... Of one or more mails stored in the mail storage unit 111, the flag is turned off. Therefore, through the processing in steps S203 to S208, the target processing in step S209 is performed, so that the one or more encrypted files CF1, CF2,... Are decrypted files identified by the same file ID. Overwritten sequentially by CF1, CF2,. Accordingly, the processing unit 13 sequentially changes the flags A1, A2,... Included in the descrambling information from off to on.

  For this reason, when an instruction for the second time or later is received for one encrypted file, the flag corresponding to the one encrypted file is on, so the steps S203 to S208 are not performed and the steps are not performed. Since the purpose process of S209 is performed, it is not necessary to accept the release input again.

  Hereinafter, a specific operation example of the encrypted mail processing apparatus 1 in the present embodiment will be described. However, the following operation is only an example and does not limit the present invention.

  Now, in the mail storage unit 111, two or more mails M1, M2,..., An encrypted attached file attached to the mail M1 (encrypted file CF1), and two or more mails attached to the mail M2 are stored. Encrypted attachment files (encrypted files CF2, CF3,...) Are stored.

  The storage unit 11 stores descrambling information regarding the encrypted files CF1, CF2, CF3,... Stored in the mail storage unit 111. The decryption information includes encrypted file IDs “CF1”, “CF2”, “CF3”,... For identifying the encrypted files CF1, CF2, CF3,... And the encrypted file IDs “CF1”, “CF2”. , “CF3”,... Corresponding to flags A1, A2, A3,.

  However, the flags A1 and A2 are on, and the flag A3 is off. Therefore, among the encrypted files CF1, CF2, CF3,... Stored in the mail storage unit 111, the former two have already been overwritten by the decrypted files CF1, CF2.

  The processing unit 13 determines whether the input receiving unit 121 has received a release input (key, password, etc.) for any of the encrypted files CF1, CF2, CF3,... Stored in the mail storage unit 111, The distinction is repeatedly made.

  When the input receiving unit 121 receives a release input for the encrypted file CF3, the descrambling unit 131 performs descrambling on the encrypted file CF3 based on the release input.

  The storage unit 133 overwrites the original encrypted file CF3 with the decrypted file CF3 obtained by the descrambling unit 131 performing descrambling on the encrypted file CF3. As a result of such overwriting, the encrypted file CF3 stored in the mail storage unit 111 is replaced with the decrypted file CF3. Accordingly, the processing unit 13 turns on the flag A3 corresponding to the encrypted file ID “CF3” included in the descrambling information stored in the storage unit 11.

  In addition, the processing unit 13 can not be performed unless the instruction receiving unit 122 decrypts the encrypted file CF1, CF2, CF3,... Stored in the mail storage unit 111. It is also determined whether or not an instruction regarding processing (for example, any one of search processing, output processing, etc.) has been received.

  For example, when the instruction receiving unit 122 receives a search instruction related to the search process for the encrypted file CF1, the processing unit 13 determines whether or not the flag corresponding to the encrypted file CF1 is on by using the descrambling information. Determine based on.

  Here, since the encrypted file CF1 has been decrypted, the determination result is YES, and the file processing unit 132 opens the decrypted file CF1 identified by the encrypted file ID “CF1”.

  Note that when the target of the search instruction is an encrypted file that has not been decrypted yet, the encrypted file is not opened.

  One search instruction target is not limited to one encrypted file, but may be two or more encrypted files. When the target of one search instruction is two or more encrypted files, the same processing as described above is performed sequentially or in parallel on each encrypted file.

  The file processing unit 132 performs a search process on the plain text included in the decrypted file CF1 thus opened.

  For example, when the instruction receiving unit 122 receives an output instruction for browsing the encrypted file CF3, the file processing unit 132 opens the decrypted file CF3 overwritten on the encrypted file CF3, and the file The processing unit 132 can perform an output process on plaintext included in the opened decrypted file CF3.

  As described above, according to the present embodiment, an input reception unit 121 that receives a release input that is an input for descrambling an encrypted attachment file that is an attachment file of an email, and based on the release input, A descrambling unit 131 for performing descrambling on the encrypted attachment file, an instruction receiving unit 122 for accepting an instruction regarding processing (objective processing) that cannot be performed without decrypting the encrypted attachment file, Decryption obtained when the descrambling unit 131 performs descrambling based on the release input when an instruction is received with the attached file being closed after the release input is received for the attached file Encrypted by the encrypted mail processing apparatus 1 including the file processing unit 132 that performs a target process corresponding to the instruction with respect to the attached file. Again of acceptance of the release input to the attached file is not required. As a result, the processing that cannot be performed without decryption can be performed any number of times by accepting the cancellation input once. For example, the complexity of the user's operation can be reduced, and the processing load can also be reduced.

  In the encrypted mail processing apparatus 1, a mail storage unit 111 that can store a mail having an encrypted attachment file, and an encrypted attachment file that the mail stored in the mail storage unit 111 has The decryption unit 131 further includes a storage unit 133 for overwriting the decrypted attached file obtained by performing descrambling on the encrypted attached file, and the file processing unit 132 at the time of receiving the instruction When the mail stored in the mail storage unit 111 has a decrypted attached file, the decrypted attached file is performed by performing a target process corresponding to the instruction on the decrypted attached file. Is overwritten on the original encrypted attachment (original file). It is not necessary to secure the parts, can save the resources of the recording medium, and to be processed at high speed, also descrambling for one attachment may be performed only once, the processing load can be alleviated.

  In this embodiment, the mail storage unit 111 is stored in a storage medium included in the encrypted mail processing apparatus 1 itself. For example, the mail storage unit 111 is stored in a storage medium included in an external apparatus such as a mail server on the Internet. It does not matter where it is stored.

  When the mail storage unit 111 is stored in a storage medium of the external device, the descrambling unit 131 acquires the encrypted attached file from the external device and encrypts the attachment based on the release input. Decryption is performed on the file, and the storage unit 133 decrypts the decrypted attachment obtained by the descrambling unit 131 decrypting the encrypted attachment file included in the mail stored in the mail storage unit 111. Requests (requests) the external device to overwrite the encrypted attached file. When the mail stored in the mail storage unit 111 has a decrypted attached file at the time of receiving the instruction, the file processing unit 132 acquires the encrypted attached file from the external device, and The target process corresponding to the instruction is performed on the decrypted attached file.

  The encrypted mail processing apparatus 1 further includes a receiving unit 14 that receives a mail and a transmitting unit 15 that transmits the mail, and the encrypted attached file is a received mail received by the receiving unit 14, Either the received mail, the unsent mail or the sent mail is attached to either the unsent mail to be sent by the sending unit 15 or the sent mail corresponding to the mail sent by the sending unit 15 The target process (for example, search, output, etc.) that cannot be performed without decryption can be performed any number of times by accepting the cancellation input once for the encrypted attached file attached to .

  Furthermore, the processing in the present embodiment may be realized by software. Then, this software may be distributed by software download or the like. Further, this software may be recorded on a storage medium such as a CD-ROM and distributed. This also applies to other embodiments in the present specification or modifications thereof.

  In addition, the software which implement | achieves the encryption mail processing apparatus 1 in this Embodiment is a program for functioning a computer as said each part (11-15, 111, 121, 122, 131-134), for example.

  In other words, this program, for example, is an attachment file for an email, and an input receiving unit 121 that receives a release input that is an input for descrambling the encrypted attachment file, and the release input. A descrambling unit 131 for performing descrambling on the encrypted attachment file, and an instruction receiving unit 122 for accepting an instruction regarding processing (objective processing) that cannot be performed on the encrypted attachment file unless decryption is performed. Decryption obtained by the descrambling unit 131 performing descrambling based on the release input when an instruction is received with the attached file being closed after the release input is received for the attached file It is made to function as a file processing unit 132 that performs a target process corresponding to an instruction on a completed attached file.

(Embodiment 2)
The encrypted mail processing device 1a according to the present embodiment manages the release input for the encrypted attached file (for example, stores it in a recording medium), thereby decrypting the encrypted attached file. Next, when opening an attached file, it is characterized in that a cancel input is not required.

  FIG. 4 is a block diagram of the encrypted mail processing apparatus 1a in the present embodiment. The encrypted mail processing device 1a includes a storage unit 11a, a reception unit 12, a processing unit 13a, a reception unit 14, and a transmission unit 15.

  The storage unit 11 a includes a mail storage unit 111 and an input storage unit 112. The receiving unit 12 includes an input receiving unit 121 and an instruction receiving unit 122. The processing unit 13a includes a descrambling unit 131a, a file processing unit 132a, a storage unit 133a, and a request unit 134.

  The input storage unit 112 can store one or more release inputs (keys, passwords, etc.) for encrypted attachments that each of the one or more mails stored in the mail storage unit 111 has. One or more release inputs are associated with one or more encrypted attachments.

  The descrambling unit 131a applies the decrypted input to the encrypted attached file based on the release input stored in the input storage unit 112 when the release input is stored in the input storage unit 112 at the time of receiving the instruction. Decrypt.

  The descrambling unit 131a normally performs descrambling on the encrypted attached file based on the release input stored in the input storage unit 112 in response to the instruction received by the instruction receiving unit 122.

  The file processing unit 132a performs a process corresponding to the instruction on the decrypted attached file obtained by performing the descrambling based on the release input stored in the input storage unit 112 by the descrambling unit 131a.

  The storage unit 133a stores the release input received by the input receiving unit 121 for the encrypted attachment file in the input storage unit 112 in association with the encrypted attachment file.

  The operation of the encrypted mail processing device 1a configured as described above is different from the operation of the encrypted mail processing device 1 in the first embodiment in the details of the re-input unnecessary processing in step S207 and the purpose processing in step S209. Since it is the same except for the above, the flowchart of FIG. 2 is also used to explain the operation of the encrypted mail processing apparatus 1a.

  As in the first embodiment, the mail storage unit 111 stores one or more mails and encrypted attachment files (for example, CF1, CF2,...) Of the respective mails.

  For example, correspondence information as shown in FIG. 5 is stored in the storage unit 11a. This correspondence information is information indicating a correspondence relationship between the encrypted attached file and the release input.

  FIG. 5 is a data structure diagram regarding correspondence information in the present embodiment. This correspondence information is paired with one or more encrypted file IDs (for example, “CF1”, “CF2”,...) That identify one or more encrypted attached files stored in the mail storage unit 111. One or more release inputs (for example, “abc”, “ABC”,...) Received by the input receiving unit 121 can be registered.

  A pair of the encrypted file IDs “CF1”, “CF2”,... And a release input “abc”, “ABC”,... Is received by a release input (key, password, etc.) for the encrypted files CF1, CF2,. Registered each time decryption is successful.

  (Step S207) The storage unit 133a stores the release input received by the input receiving unit 121 for the encrypted attachment file in the input storage unit 112 in association with the encrypted attachment file. Along with this, for example, the processing unit 13 registers the cancellation input in the correspondence information in a pair with the encrypted file ID for identifying the encrypted attached file.

  Therefore, the encrypted file included in the mail stored in the mail storage unit 111 is not overwritten (replaced) with the decrypted file unlike the encrypted file in the first embodiment.

  (Step S209) The file processing unit 132a executes a target process that is a process corresponding to the instruction.

  In this purpose processing, the file processing unit 132a is identified by an encrypted file ID included in the instruction among one or more encrypted files CF1, CF2,... Of one or more mails stored in the mail storage unit 111. The encrypted file is decrypted based on the cancellation input of the instruction, and the decrypted attachment file obtained is opened.

  Next, the file processing unit 132a performs processing (search processing, output processing, etc.) corresponding to the processing type information included in the instruction on one or more plaintexts obtained by opening the decrypted attached file. .

  Thereafter, the file processing unit 132a closes the decrypted attached file and returns to step S201.

  According to this flowchart, when the first instruction is received for each of one or more encrypted files CF1, CF2,... Of one or more mails stored in the mail storage unit 111, the flag is turned off. Therefore, through the processing in steps S203 to S208, the target processing in step S209 is performed, so that one or more release inputs for the one or more encrypted files CF1, CF2,... Are accumulated in the input storage unit 112. At the same time, in the correspondence information, the one or more release inputs “abc” are paired with the encrypted file IDs “CF1”, “CF2”,... For identifying the one or more encrypted files CF1, CF2,. , “ABC”,... Are sequentially registered. Further, the processing unit 13a sequentially changes the flags A1, A2,... Included in the descrambling information from off to on.

  For this reason, when an instruction for the second time or later is accepted for one encrypted file, the flag corresponding to the one encrypted file is on, so the steps S203 to S208 are not performed and the steps are not performed. Proceeding to S209, the descrambling is performed based on the cancel input stored in the input storage unit 112, so that it is not necessary to accept the cancel input again.

  Hereinafter, a specific operation example of the encrypted mail processing apparatus 1a in the present embodiment will be described. The following operation is only an example and does not limit the present invention.

  Now, in the mail storage unit 111, as in the first embodiment, two or more mails M1, M2,..., An encrypted attached file attached to the mail M1 (encrypted file CF1), Two or more encrypted attachment files (encrypted files CF2, CF3,...) Attached to the mail M2 are stored.

  The input storage unit 112 stores release inputs I1 and I2 corresponding to the encrypted files CF1 and CF2. However, the release input I3 corresponding to the encrypted file CF3 is not yet stored.

  Therefore, at present, the correspondence information includes a pair of encrypted file IDs “CF1”, “CF2”,... And release inputs “abc”, “ABC”.

  In the processing unit 13a, as in the first embodiment, the input receiving unit 121 cancels input of any of the encrypted files CF1, CF2, CF3,... Stored in the mail storage unit 111 (key, password). Etc.) is repeatedly determined.

  When the input receiving unit 121 receives the release input I3 for the encrypted file CF3, the storage unit 133a stores the release input I3 in the input storage unit 112, and the correspondence information includes the encrypted file ID “CF3”. A pair with the cancellation input “123” is further registered.

  In this manner, the input storage unit 112 stores the release inputs I1, I2, and I3 corresponding to the encrypted files CF1, CF2, and CF3, and the correspondence information includes encrypted file IDs “CF1”, “CF2”, and “CF3”. ”And the cancellation input“ abc ”,“ abc ”,“ 123 ”are registered.

  Further, as in the first embodiment, the processing unit 13a targets the one of the encrypted files CF1, CF2, CF3,... Stored in the mail storage unit 111 by the instruction receiving unit 122. Further, it is also determined whether or not an instruction regarding a process (for example, any one of a search process and an output process) that cannot be performed without descrambling is received.

  For example, when the instruction receiving unit 122 receives a search instruction related to the search process for the encrypted file CF1, the processing unit 13a stores the release input I1 corresponding to the encrypted file CF1 in the input storage unit 112. It is determined whether or not.

  Here, since the release input I1 for the encrypted file CF1 has already been stored in the input storage unit 112, the determination result is YES, and the descrambling unit 131a performs descrambling on the encrypted file CF1 based on the release input I1. . The file processing unit 132a opens the decrypted file CF1 obtained by decryption.

  Note that when the target of the search instruction is an encrypted file that has not been decrypted yet, the encrypted file is not opened.

  One search instruction target is not limited to one encrypted file, but may be two or more encrypted files. When the target of one search instruction is two or more encrypted files, the same processing as described above is performed sequentially or in parallel on each encrypted file.

  The file processing unit 132a performs a search process on the plain text included in the decrypted file CF1 thus opened.

  For example, when the instruction receiving unit 122 receives an output instruction for the encrypted file CF3, the descrambling unit 131a decrypts the encrypted file CF3 based on the release input I3 stored in the input storage unit 112. The file processing unit 132a can open the decrypted file CF3 and perform an output process on the plain text included in the opened decrypted file CF3.

  As described above, according to the present embodiment, an input reception unit 121 that receives a release input that is an input for descrambling an encrypted attachment file that is an attachment file of an email, and based on the release input, A descrambling unit 131a that performs descrambling on the encrypted attached file, an instruction accepting unit 122 that accepts an instruction regarding processing (objective processing) that cannot be performed without decrypting the encrypted attached file, Decryption obtained when the descrambling unit 131a performs descrambling based on the release input when an instruction is received in a state in which the attached file is closed after the release input is received for the attached file The encrypted mail processing apparatus 1a including the file processing unit 132a that performs the target processing corresponding to the instruction for the attached file has been encrypted. Has been canceled input again of the acceptance of on attachments is not required. As a result, the processing that cannot be performed without decryption can be performed any number of times by accepting the cancellation input once. For example, the complexity of the user's operation can be reduced, and the processing load can also be reduced.

  In the encrypted mail processing apparatus 1a, the input storage unit 112 that can store the release input received by the input reception unit 121 and the release input received by the input reception unit 121 for the encrypted attached file are encrypted. And an accumulating unit 133a that accumulates in the input storage unit 112 in association with the converted attachment file, and the descrambling unit 131a stores the cancellation input in the input storage unit 112 at the time of receiving the instruction. In such a case, the encrypted attachment is decrypted based on the cancellation input stored in the input storage unit 112, and the file processing unit 132a stores the decryption unit 131a in the input storage unit 112. Once the decryption input is accepted by processing the decrypted attachment obtained by performing the decryption based on the decryption input being Since the descrambling input is stored in the input storage unit 112, and thereafter, every time an instruction is accepted, the descrambling is performed based on the canceling input stored in the input storage unit 112. Therefore, the canceling input is accepted only once. The complexity of the operation can be reduced. Further, as in the case of Embodiment 3 to be described later, it is possible to save the resources of the recording medium as compared with the case of storing the decrypted attached file separately from the encrypted attached file.

  In this embodiment, the input storage unit 112 is stored in a storage medium included in the encrypted mail processing apparatus 1 itself, but may be stored in a storage medium included in an external apparatus such as a mail server. Well, it doesn't matter where it is stored.

  When the input storage unit 112 is stored in a storage medium included in the external device, the storage unit 133a converts the release input received by the input receiving unit 121 for the encrypted attachment file into the encrypted attachment file. The external device is requested (requested) to be stored in the input storage unit 112 in association with each other. The descrambling unit 131a acquires the release input stored in the input storage unit 112 from the external device when the release input is stored in the input storage unit 112 at the time of receiving the instruction. Based on this, decryption is performed on the encrypted attachment.

  The encrypted mail processing apparatus 1a further includes a receiving unit 14 that receives a mail and a transmitting unit 15 that transmits the mail, and the encrypted attached file is a received mail received by the receiving unit 14, Either the received mail, the unsent mail or the sent mail is attached to either the unsent mail to be sent by the sending unit 15 or the sent mail corresponding to the mail sent by the sending unit 15 By accepting a release input once for the encrypted attached file attached to the crab, processing (for example, search, output, etc.) that cannot be performed without decryption can be performed any number of times.

  The software that implements the encrypted mail processing apparatus 1a in the present embodiment is, for example, a computer that includes the above-described units (11a, 12, 13a, 14, 15, 111, 112, 121, 122, 131a, 132a, 133a, 134).

(Embodiment 3)
The encrypted mail processing apparatus 1b according to the present embodiment stores the decrypted file in association with the encrypted attachment file, separately from the encrypted attachment file. For this reason, when the encrypted attachment is decrypted, the decryption input is not required when the attachment is opened next time.

  FIG. 6 is a block diagram of the encrypted mail processing apparatus 1b in the present embodiment. The encrypted mail processing device 1b includes a storage unit 11b, a reception unit 12, a processing unit 13b, a reception unit 14, and a transmission unit 15.

  The storage unit 11b includes a mail storage unit 111 and a decrypted file storage unit 113. The receiving unit 12 includes an input receiving unit 121 and an instruction receiving unit 122. The processing unit 13b includes a descrambling unit 131, a file processing unit 132b, a storage unit 133b, and a request unit 134.

  The descrambled file storage unit 113 is one or more decrypted attachment files obtained by performing descrambling on the encrypted attachment files of one or more mails stored in the mail storage unit 111. Can be stored.

  The file processing unit 132b stores the decrypted attachment file corresponding to the encrypted attachment file when the instruction (search instruction, output instruction, etc.) for the encrypted attachment file is received. When the file is stored in the unit 113, processing (search processing, output processing, etc.) corresponding to the instruction is performed on the decrypted attached file stored in the decrypted file storage unit 113.

  The accumulating unit 133b stores the decrypted file by associating the decrypted attachment file obtained by decrypting the encrypted attachment file by the decryption unit 131 with the encrypted attachment file. Stored in the unit 113.

  Such association can be performed using, for example, correspondence information (described later) between the encrypted attached file and the decrypted attached file.

  The operation of the encrypted mail processing device 1b is the same as the operation of the encrypted mail processing device 1 in the first embodiment except for the details of the re-input unnecessary processing in step S207 and the purpose processing in step S209. The flowchart of FIG. 2 is also used to explain the operation of the mail processing apparatus 1b.

  As in the first embodiment, the mail storage unit 111 stores one or more mails and encrypted attachment files (for example, CF1, CF2,...) Of the respective mails.

  For example, correspondence information as shown in FIG. 7 is stored in the storage unit 11. This correspondence information is information indicating a correspondence relationship between the encrypted attached file (encrypted file) and the decrypted attached file (decrypted file). However, for example, when the correspondence between the encrypted file and the decrypted file is achieved by a combination of a common file identifier and a different extension or other linking, there is no correspondence information. Good.

  FIG. 7 is a data structure diagram related to correspondence information in the present embodiment. The correspondence information includes one or more decrypted file IDs (for example, “DF1”, “DF2”,...) That identify one or more decrypted files stored in the decrypted file storage unit 113. One or more encrypted file IDs (for example, “CF1”, “CF2”,...) For identifying one or more encrypted files stored in the mail storage unit 111 may be registered as a pair.

  A pair of the encrypted file IDs “CF1”, “CF2”,... And the decrypted file IDs “DF1”, “DF2”,... Is a release input (key, password, etc.) for the encrypted files CF1, CF2,. ) Is received, the descrambling is performed, and the decrypted files DF1, DF2,.

  (Step S207) The storage unit 133b associates the decrypted file obtained by decrypting the encrypted file by the decryption unit 131 with the encrypted attached file, and decrypts the decrypted file. Accumulate in the storage unit 113. Accordingly, for example, the processing unit 13b registers the decrypted file ID for identifying the decrypted file in the correspondence information in a pair with the encrypted file ID for identifying the encrypted file.

  (Step S209) The file processing unit 132b executes a target process which is a process corresponding to the instruction.

  In this purpose processing, the file processing unit 132b selects the encryption corresponding to the encrypted file ID included in the instruction among the one or more decrypted files DF1, DF2,... Stored in the decrypted file storage unit 113. Open the decrypted file identified by the decrypted file ID.

  Next, the file processing unit 132b performs processing (search processing, output processing, etc.) corresponding to the processing type information included in the instruction on one or more plaintexts obtained by opening the decrypted attached file. .

  Thereafter, the file processing unit 132b closes the decrypted attached file and returns to step S201.

  According to this flowchart, when the first instruction is received for each of one or more encrypted files CF1, CF2,... Of one or more mails stored in the mail storage unit 111, the flag is turned off. Therefore, after the processing of steps S203 to S208, the target processing of step S209 is performed, so that one or more decrypted files for the one or more encrypted files CF1, CF2,. 113, and the correspondence information includes one or more encrypted files IDs “CF1”, “CF2”,... For identifying the one or more encrypted files CF1, CF2,. Decrypted file IDs “DF1”, “DF2”,... For identifying descrambled files are sequentially registered. As a result, the processing unit 13b sequentially changes the flags A1, A2,... Included in the descrambling information from off to on.

  For this reason, when the second and subsequent instructions are accepted, the flag is on, so that the process proceeds to step S209 without going through the processes of steps S203 to S208, and the encryption stored in the descrambled file storage unit 113 is processed. Since the canceled file is opened, it is not necessary to accept the cancellation input again.

  Hereinafter, a specific operation example of the encrypted mail processing apparatus 1b in the present embodiment will be described. The following operation is only an example and does not limit the present invention.

  Now, in the mail storage unit 111, as in the first embodiment, two or more mails M1, M2,..., An encrypted attached file attached to the mail M1 (encrypted file CF1), Two or more encrypted attachment files (encrypted files CF2, CF3,...) Attached to the mail M2 are stored.

  The decrypted file storage unit 113 stores decrypted files DF1 and DF2 corresponding to the encrypted files CF1 and CF2. However, the decrypted file DF3 corresponding to the encrypted file CF3 is not yet stored.

  Therefore, at present, the correspondence information includes a pair of encrypted file IDs “CF1”, “CF2”... And decrypted file IDs “DF1”, “DF2”.

  As in the first embodiment, the processing unit 13b receives a release input (key, password) for any of the encrypted files CF1, CF2, CF3,... Stored in the mail storage unit 111 by the input receiving unit 121. Etc.) is repeatedly determined.

  When the input receiving unit 121 receives the release input I3 for the encrypted file CF3, the descrambling unit 131 performs descrambling on the encrypted file CF3 based on the release input I3, and the accumulating unit 133b The decrypted file DF3 is accumulated in the decrypted file storage unit 113, and a pair of the encrypted file ID “CF3” and the decrypted file ID “DF3” is further registered in the correspondence information.

  Thus, the decrypted file storage unit 113 stores the decrypted files DF1, DF2, and DF3 corresponding to the encrypted files CF1, CF2, and CF3, and the correspondence information includes encrypted file IDs “CF1”, “CF1”. As a result, a pair of “CF2”, “CF3” and the decrypted file IDs “DF1”, “DF2”, “DF3” is registered.

  Further, as in the first embodiment, the processing unit 13b is configured so that the instruction receiving unit 122 targets any one of the encrypted files CF1, CF2, CF3,... Stored in the mail storage unit 111. Further, it is also determined whether or not an instruction regarding a process (for example, any one of a search process and an output process) that cannot be performed without decryption is received.

  For example, when the instruction receiving unit 122 receives a search instruction related to search processing for the encrypted file CF1, the file processing unit 132b opens the decrypted file DF1 stored in the decrypted file storage unit 113. To do.

  Note that when the target of the search instruction is an encrypted file that has not been decrypted yet, the encrypted file is not opened.

  One search instruction target is not limited to one encrypted file, but may be two or more encrypted files. When the target of one search instruction is two or more encrypted files, the same processing as described above is performed sequentially or in parallel on each encrypted file.

  The file processing unit 132b performs a search process on the plain text included in the decrypted file DF1 thus opened.

  For example, when the instruction receiving unit 122 receives an output instruction for browsing the encrypted file CF3, the file processing unit 132b reads the decrypted file DF3 stored in the decrypted file storage unit 113. The file processing unit 132b can perform output processing on the plain text included in the opened descrambled file D3.

  As described above, according to the present embodiment, an input reception unit 121 that receives a release input that is an input for descrambling an encrypted attachment file that is an attachment file of an email, and based on the release input, A descrambling unit 131 for performing descrambling on the encrypted attachment file, an instruction receiving unit 122 for accepting an instruction regarding processing (objective processing) that cannot be performed without decrypting the encrypted attachment file, Decryption completed by the descrambling unit 131 performing descrambling based on the release input when an instruction is received with the attached file being closed after the release input is received for the attached file Encrypted attachment by the encrypted mail processing device 1b including the file processing unit 132b that performs a target process corresponding to the instruction for the attached file Again of acceptance of the release input to the Airu it is not required. As a result, the processing that cannot be performed without decryption can be performed any number of times by accepting the cancellation input once. For example, the complexity of the user's operation can be reduced, and the processing load can also be reduced.

  In the encrypted mail processing apparatus 1b, the decrypted file storage unit 113 that can store the decrypted attachment file and the decryption unit 131 decrypt the encrypted attachment file. The storage unit 133b further stores the decrypted attached file in association with the encrypted attached file in the decrypted file storage unit 113, and the file processing unit 132b encrypts the attached file at the time of receiving the instruction. When the decrypted attachment file is stored in the decrypted file storage unit 113, the decryption input is performed by processing the decrypted attachment file stored in the decrypted file storage unit 113. Once received, the decryption is performed based on the cancellation input, and the resulting decrypted attachment is encrypted. Since it is accumulated in the unlocked file storage unit 113 and thereafter, the decrypted attached file stored in the decrypted file storage unit 113 is opened every time an instruction is accepted, so the cancel input is accepted only once. What is necessary is that the complexity of the operation can be reduced. In addition, since the descrambling needs to be performed only once, the processing load can be reduced. Furthermore, by accumulating the decrypted attachment separately from the original encrypted attachment (original file) (that is, leaving the original file), for example, when transferring the original file, It is not necessary to perform encryption, and the processing load can be further reduced.

  In this embodiment, the decrypted file storage unit 113 is stored in a storage medium included in the encrypted mail processing apparatus 1 itself, but is stored in a storage medium included in an external apparatus such as a mail server. It does not matter where it is stored.

  When the descrambled file storage unit 113 is stored in a storage medium included in the external device, the storage unit 133b is a descrambling unit obtained by the descrambling unit 131 decrypting the encrypted attached file. The external device is requested (requested) to store the attached file in the decrypted file storage unit 113 in association with the encrypted attached file. The file processing unit 132b receives the decrypted file stored in the decrypted file storage unit 113 when the decrypted attached file is stored in the decrypted file storage unit 113 at the time of receiving the instruction. The attached file is acquired from the external server, and the decrypted attached file is processed.

  The encrypted mail processing apparatus 1b further includes a receiving unit 14 that receives a mail and a transmitting unit 15 that transmits the mail, and the encrypted attached file is a received mail received by the receiving unit 14, Either the received mail, the unsent mail or the sent mail is attached to either the unsent mail to be sent by the sending unit 15 or the sent mail corresponding to the mail sent by the sending unit 15 By accepting a release input once for the encrypted attached file attached to the crab, processing (for example, search, output, etc.) that cannot be performed without decryption can be performed any number of times.

  The software that realizes the encrypted mail processing apparatus 1b in the present embodiment causes the computer to function as the above-described units (11b, 12, 13b, 14, 15, 111, 113, 131, 132b, 133b, 134). It is a program.

  In the second and third embodiments, when the output process for browsing is performed, the cancel input is requested (even if the cancel input has already been received), while the process other than the output such as the search process is performed. In the case of the decrypted attachment file (the decrypted file obtained by performing the decryption based on the decryption input stored in the input storage unit 112 in the second embodiment, or the decryption in the third embodiment) The encrypted mail processing devices 1a and 1b may be configured to perform processing such as search on the decrypted file stored in the completed file storage unit 113). Hereinafter, such a modification will be described.

  (Modification of Embodiments 2 and 3)

  The encrypted mail processing devices 1a and 1b in the present modification have the same configuration as the encrypted mail processing devices 1a and 1b in the second and third embodiments. However, the request unit 134 also performs decryption of the attached file even when a release input for decrypting the attached file has been accepted at the time of receiving an output instruction for the encrypted attached file. Request release input.

  That is, the request unit 134 of this modification example, when the release input for the attached file has been received at the time of receiving the instruction for the encrypted attached file, the instruction performs the output process (first process). If it is an output instruction (first instruction) to perform, a release input is requested, while the instruction is a search instruction (second instruction) for performing a search process (second process other than the first process). If there is, the release input is not requested.

  Next, the operations of the encrypted mail processing devices 1a and 1b in the present modification are different from the operations of the encrypted mail processing devices 1a and 1b in the second and third embodiments, basically the purpose processing in step S209. Only.

  FIG. 8 is a flowchart regarding the details of the objective process in the present modification.

  (Step S801) The file processing units 132a and 132b determine whether or not the instruction is an output instruction for browsing.

  If the instruction is an output instruction for browsing, the process proceeds to step S802. If the instruction is not an output instruction for browsing (for example, an instruction other than an output such as a search instruction), the process proceeds to step S811.

  (Step S802) The request unit 134 requests the user to input a release (key, password, etc.) for the encrypted file via an output device such as a display.

  (Step S803) The processing units 13a and 13b determine whether or not the input receiving unit 121 has received a cancel input for the request.

  If the input receiving unit 121 receives a cancel input for the request, the process proceeds to step S804. If not received, the same determination is repeated. If the non-input period exceeds a certain time, the processing units 13a and 13b may determine that a timeout has occurred and return to the flowchart of FIG.

  (Step S804) The descrambling units 131a and 131 perform descrambling on the encrypted file based on the release input.

  (Step S805) The processing units 13a and 13b determine whether or not descrambling by the descrambling units 131a and 131 is successful.

  If the descrambling by the descrambling units 131a and 131 is successful, the process proceeds to step S806, and if not successful, the process returns to step S802.

  (Step S806) The processing units 13a and 13b execute re-input unnecessary processing similar to that in the second and third embodiments.

  (Step S807) The file processing units 132a and 132b obtain the decrypted attached file corresponding to the encrypted file (obtained by performing the descrambling based on the release input stored in the input storage unit 112 in the second embodiment). The decrypted file to be decrypted or the decrypted file stored in the decrypted file storage unit 113 in the third embodiment) is opened.

  (Step S808) The processing units 13a and 13b perform output processing for browsing the encrypted file via an output device such as a display. Thereby, for example, the plaintext of the decrypted attached file corresponding to the encrypted file is displayed on the display.

  (Step S809) The processing units 13a and 13b turn on the flag corresponding to the encrypted file ID for identifying the encrypted file, which the descrambling information stored in the storage unit 11 has.

  (Step S810) The file processing units 132a and 132b close the decrypted attached file.

  Thereafter, the process returns to the flowchart of FIG.

  (Step S811) The file processing units 132a and 132b decrypt the attached file corresponding to the encrypted file (obtained by performing the descrambling based on the cancel input stored in the input storage unit 112 in the second embodiment). The decrypted file to be decrypted or the decrypted file stored in the decrypted file storage unit 113 in the third embodiment) is opened.

  (Step S812) The file processing units 132a and 132b execute processing corresponding to the instruction (for example, processing other than output, such as search processing) for the plain text included in the decrypted attached file.

  (Step S813) The file processing sections 132a and 132b close the decrypted attached file.

  Thereafter, the process returns to the flowchart of FIG.

  As described above, according to the present modification, in the encrypted mail processing devices 1a and 1b according to the second and third embodiments, the instruction is an output instruction (first instruction) related to an output process for viewing an encrypted attached file. Or an instruction (second instruction) related to the search process (second process other than the first process) for the encrypted attached file, and the release input has been accepted at the time of receiving the output instruction (first instruction) The file processing units 132a and 132b further include a request unit 134 for requesting a release input, and the descrambling units 131a and 131 receive a release input for the request in response to receiving an output instruction (first instruction). Output processing (first processing) is performed on the decrypted attached file obtained by performing descrambling on the basis of the descrambling unit, and the descrambling unit is received in response to acceptance of the search instruction (second instruction). By performing a search process (second process) on a decrypted attached file obtained by performing decryption on the basis of a cancellation input to the request by 31a, 131, an output instruction (first instruction) Requests decryption input for descrambling and performs descrambling based on the cancel input in response to this request, so that it is possible to prevent (suppress use) the attached file from being viewed by a third party. On the other hand, for the search instruction (second instruction), search processing is performed on the decrypted attached file without accepting the request and the release input for the request, thereby reducing the complexity of the user's operation. it can.

  FIG. 9 is a schematic diagram showing an example of the external appearance of a computer system 900 that implements the encrypted mail processing apparatuses 1, 1a, 1b by executing the programs described in the above embodiments and modifications. The above-described embodiment can be realized by computer hardware and a computer program executed on the computer hardware.

  In FIG. 9, the computer system 900 includes a computer 901 including a CD-ROM drive 905, a keyboard 902, a mouse 903, and a display 904. Note that the entire system including the keyboard 902, the mouse 903, and the display 904 may be called a computer.

  FIG. 10 is a diagram showing an internal configuration of the computer system 900. In FIG. 10, in addition to the CD-ROM drive 905, a computer 901 is connected to an MPU (Micro Processing Unit) 911, a ROM 912 for storing a program such as a bootup program, and the MPU 911, and receives instructions of an application program. A RAM 913 that temporarily stores and provides a temporary storage space, a hard disk 914 that stores application programs, system programs, and data, a bus 915 that interconnects the MPU 911, the ROM 912, and the like, and a network such as the Internet A network card 916 for providing connection.

  A program that causes the computer system 900 to execute the functions of the encrypted mail processing devices 1, 1 a, and 1 b may be stored in the CD-ROM 921, inserted into the CD-ROM drive 905, and transferred to the hard disk 914. Alternatively, the program may be transmitted to the computer 901 via a network such as the Internet and stored in the hard disk 914. The program is loaded into the RAM 913 when executed. The program may be loaded directly from the CD-ROM 921 or the network. Further, the program may be read into the computer system 900 via another recording medium (for example, a DVD or a memory card) instead of the CD-ROM 921.

  The program does not necessarily include an operating system (OS) or a third-party program that executes the functions of the encrypted mail processing apparatuses 1, 1a, and 1b in 901 indicating the details of the computer. The program may include only a part of an instruction that calls an appropriate function or module in a controlled manner and obtains a desired result. How the computer system 900 operates is well known and will not be described in detail.

  The encrypted mail processing devices 1, 1a, 1b are not limited to the stationary computer system 900 as described above, and may be realized by a portable computer system such as a smartphone, a tablet terminal, or a notebook PC. 16 and 17, the hard disk 914, the CD-ROM drive 905, and the CD-ROM 921 may be replaced with, for example, a flash memory, a memory card slot, and a memory card, respectively. The keyboard 902 and the mouse 903 can be replaced with a touch panel, for example.

  In the programs described in the above embodiments and modifications, the transmission step for transmitting information and the reception step for receiving information do not include processing performed only by hardware (such as a network card).

  Further, the computer that executes the program may be singular or plural. That is, centralized processing may be performed, or distributed processing may be performed.

  Further, in each of the above embodiments and modifications, it can be said that two or more communication means (such as the transmission unit 15 and the reception unit 14) existing in one apparatus may be physically realized by one medium. Not too long.

  In each of the above embodiments and modifications, each processing (each function) may be realized by centralized processing by a single device (system), or distributed processing by a plurality of devices. May be realized.

  The present invention is not limited to the above-described embodiments, and various modifications are possible, and it goes without saying that these are also included in the scope of the present invention.

  As described above, the encrypted mail processing apparatus according to the present invention can eliminate the need for re-accepting input for decryption of an encrypted attached file. For example, the user's operation is complicated. And the processing load can be reduced, which is useful as an encrypted mail processing apparatus.

1, 1a, 1b Encrypted mail processing device 11, 11a, 11b Storage unit 12 Reception unit 13, 13a, 13b Processing unit 14 Reception unit 15 Transmission unit 111 Mail storage unit 112 Input storage unit 113 Decrypted file storage unit 121 Input Reception unit 122 Instruction reception unit 131, 131a Decryption unit 132, 132a, 132b File processing unit 133, 133a, 133b Storage unit 134 Request unit

Claims (9)

An input receiving unit that receives a release input that is an input for descrambling an encrypted attachment that is an attachment of an email;
A descrambling unit for performing descrambling on the encrypted attached file based on the release input;
An instruction receiving unit that receives an instruction regarding processing that cannot be performed unless the encrypted attachment is decrypted;
Obtained by the descrambling unit performing descrambling based on the release input when the instruction is received with the attached file being closed after the release input is received for the attached file An encrypted mail processing apparatus comprising: a file processing unit that performs a process corresponding to the instruction on a decrypted attached file. A storage unit for overwriting the decrypted attachment file obtained by decrypting the encrypted attachment file included in the stored mail with the decrypted attachment file; Equipped,
The file processing unit
The process according to claim 1, wherein when the stored mail has the decrypted attachment file at the time of receiving the instruction, processing corresponding to the instruction is performed on the decrypted attachment file. Encrypted mail processing device. A storage unit for storing the cancellation input received by the input receiving unit with respect to the encrypted attachment file in association with the encrypted attachment file;
The descrambling unit performs descrambling on the encrypted attached file based on the stored release input when the release input is stored at the time of receiving the instruction,
2. The file processing unit according to claim 1, wherein the descrambling unit performs processing corresponding to the instruction on a decrypted attached file obtained by performing descrambling based on the stored release input. Encrypted mail processing device. A storage unit for storing the decrypted attachment file obtained by performing descrambling on the encrypted attachment file in association with the encrypted attachment file;
When the decrypted attached file is stored at the time of receiving the instruction, the file processing unit performs a process corresponding to the instruction on the stored decrypted attached file. The encrypted mail processing apparatus according to claim 1, wherein the encrypted mail processing apparatus is performed. The instruction is a first instruction related to a first process for the encrypted attachment file, or a second instruction related to a second process other than the first process for the encrypted attachment file,
Further comprising a request unit that requests the release input even when the release input has been received at the time of receiving the first instruction,
The file processing unit
In response to accepting the first instruction, the descrambling unit performs a first process on the decrypted attached file obtained by performing descrambling based on the release input for the request,
In accordance with acceptance of the second instruction, the stored decrypted attachment file or the decrypted attachment obtained by the descrambling unit performing decryption based on the stored release input The encrypted mail processing apparatus according to claim 3 or 4, wherein the second process is performed on the file. The first instruction is an output instruction;
The second instruction is a search instruction;
The first process is an output process,
6. The encrypted mail processing apparatus according to claim 5, wherein the second process is a search process. A receiver for receiving mail;
A transmission unit for transmitting mail,
The encrypted attached file is attached to any of the received mail received by the receiving unit, the unsent mail to be transmitted by the transmitting unit, or the transmitted mail corresponding to the mail transmitted by the transmitting unit. The encrypted mail processing apparatus according to claim 1, wherein the encrypted mail processing apparatus is used. An encrypted mail processing method performed by an input receiving unit, a descrambling unit, an instruction receiving unit, and a file processing unit,
An input receiving step in which the input receiving unit is a mail attachment file, and receives a release input that is an input for descrambling the encrypted attachment file;
A descrambling step in which the descrambling unit performs descrambling on the encrypted attached file based on the release input;
An instruction receiving step in which the instruction receiving unit receives an instruction regarding processing that cannot be performed unless the encrypted attachment is decrypted;
When the file processing unit receives a release input for the attached file and then receives the instruction in a state where the attached file is cooled, the descrambling unit encrypts based on the release input. A file processing step of performing a process corresponding to the instruction on the decrypted attached file obtained by performing the decryption. Computer
An input receiving unit that receives a release input that is an input for descrambling an encrypted attachment that is an attachment of an email;
A descrambling unit for performing descrambling on the encrypted attached file based on the release input;
An instruction receiving unit that receives an instruction regarding processing that cannot be performed unless the encrypted attachment is decrypted;
Obtained by the descrambling unit performing descrambling based on the release input when the instruction is received in a state where the attached file is cooled after the release input is received for the attached file A program for functioning as a file processing unit that performs processing corresponding to the instruction on a decrypted attached file.

Images