JP2018092544A - Management program, management method, and management device - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide a management program, management method, and management device capable of recognizing the existence of data which is left stored in an information processing terminal.SOLUTION: A management program makes a computer execute processing for obtaining, from an information processing terminal, a file stored in the information processing terminal and an operation log in the information processing terminal. The management program makes the computer execute processing for outputting an alert according to time that has elapsed from a storage timing of the obtained file which is determined on the basis of the obtained operation log.SELECTED DRAWING: Figure 1

Description

  The present invention relates to a management program, a management method, and a management apparatus.

  In recent years, management of trail information in a business system has been performed in local governments and the like in order to respond to requests for disclosure of administrative documents and the like and to manage information leakage risks. In managing the trail information, it is audited whether the trail information is properly managed. In auditing trail information, for example, file operations relating to external recording media in a business terminal, log check of the number of printed sheets, and the like are performed.

Japanese Patent Application No. 63-145077

  However, it is difficult to determine what kind of log exists for the various file operations and printing logs in the terminal and the risk of information leakage is high. For this reason, for example, even if an output certificate file remains in the terminal, it is detected from the file operation log that the file remains in the terminal and should be deleted. It is difficult.

  In one aspect, an object is to provide a management program, a management method, and a management apparatus that can recognize the existence of data that has been stored in an information processing terminal and remains stored.

  In one aspect, the management program causes a computer to execute processing for acquiring a file stored in the information processing terminal and an operation log in the information processing terminal from the information processing terminal. The management program causes the computer to execute processing for outputting an alert according to the elapsed time from the storage timing of the acquired file specified based on the acquired operation log.

  It is possible to recognize the existence of data that has been stored in the information processing terminal.

FIG. 1 is a block diagram illustrating an example of the configuration of the data management system according to the embodiment. FIG. 2 is a diagram illustrating an example of the white list storage unit. FIG. 3 is a diagram illustrating an example of an alert output list screen. FIG. 4 is a diagram illustrating an example of a history display screen for each user. FIG. 5 is a flowchart illustrating an example of the data management process according to the embodiment. FIG. 6 is a diagram illustrating an example of a computer that executes a data management program.

  Hereinafter, embodiments of a management program, a management method, and a management device disclosed in the present application will be described in detail based on the drawings. The disclosed technology is not limited by the present embodiment. Further, the following embodiments may be appropriately combined within a consistent range.

  FIG. 1 is a block diagram illustrating an example of the configuration of the data management system according to the embodiment. The data management system 1 illustrated in FIG. 1 includes a business terminal 10, a business server 30, a security server 50, an audit terminal 70, and a data management device 100. Note that the number of business terminals 10 is not limited, and an arbitrary number of business terminals 10 may be provided. The business terminal 10, the business server 30, the security server 50, the audit terminal 70, and the data management device 100 are connected to be communicable with each other via the network N. As such a network N, any type of communication network such as the Internet, a LAN (Local Area Network), and a VPN (Virtual Private Network) can be adopted regardless of wired or wireless.

  The business terminal 10 is, for example, an information processing apparatus operated by a staff member who is a user at a public office window, and a stationary or portable personal computer can be used. The business terminal 10 may be a mobile communication terminal such as a tablet terminal or a smartphone. The business terminal 10 is an example of an information processing terminal. In the business terminal 10, for example, a user performs a counter service of a business system. The business terminal 10 exchanges various information with the business server 30 according to various operations of the user. The window business includes, for example, processing related to a resident's card or seal certificate, processing related to taxes, processing related to pensions, and the like. In addition, the business terminal 10 acquires a log such as a file operation or printing performed by the user, and transmits the acquired log to the security server 50. In the log, for example, the name of data generated by the business terminal 10, for example, a file name, data generation date / time or update date / time, data size, and the like are recorded. Further, the log includes an operation log in which operations on the business terminal 10 are recorded.

  The business server 30 is, for example, an information processing apparatus on which a business system at a government office operates. The business server 30 exchanges various information related to business with the business terminal 10. For example, when the business server 30 receives a resident card issuance request from the business terminal 10, the business server 30 refers to a database regarding resident registration (not shown) and transmits resident card data corresponding to the issuance request to the business terminal 10. The business server 30 also acquires various processing logs in the business system. When receiving the log acquisition instruction from the data management apparatus 100, the business server 30 transmits the acquired log to the data management apparatus 100. In the log, for example, information such as the number of issued resident cards is recorded.

  The security server 50 is an information processing apparatus that receives and collects logs from the business terminal 10. When the security server 50 acquires the logs from the business terminal 10, for example, the security server 50 collects the logs for each department or each user. When the security server 50 receives a log acquisition instruction from the data management apparatus 100, the security server 50 transmits the aggregated log to the data management apparatus 100.

  The audit terminal 70 is, for example, an information processing device used by an inspector of an analysis center that analyzes logs, and receives and displays a display screen that displays information related to auditing from the data management device 100. For example, the audit terminal 70 transmits operation information based on the operation of the auditor to the data management apparatus 100. The audit terminal 70 receives and displays a display screen corresponding to the operation information from the data management apparatus 100.

  The data management apparatus 100 is an information processing apparatus that analyzes logs acquired from the business server 30 and the security server 50. For example, the data management apparatus 100 transmits a log acquisition instruction to the business server 30 and the security server 50 at predetermined time intervals. The data management apparatus 100 acquires a log corresponding to the log acquisition instruction from the business server 30 and the security server 50. That is, the data management apparatus 100 acquires a log that records the generation date / time or update date / time of data generated by the business terminal 10. The data management apparatus 100 specifies a data recording period based on the generation date and time or update date recorded in the acquired log, and determines whether or not the specified recording period is equal to or longer than a predetermined period. The data management apparatus 100 outputs an alert for data when the recording period is equal to or longer than a predetermined period. For example, the alert output list screen is transmitted to the audit terminal 70, and the alert output list screen is displayed on the audit terminal 70. As a result, the data management apparatus 100 can reduce the risk of leakage of the remaining file.

  In other words, the data management apparatus 100 acquires the file stored in the business terminal 10 and the operation log in the business terminal 10 from the business terminal 10. The data management apparatus 100 outputs an alert according to the elapsed time from the storage timing of the acquired file specified based on the acquired operation log. As a result, the data management apparatus 100 can recognize the presence of data that has been stored in the business terminal 10 and remains stored.

  In addition, the data management apparatus 100 acquires a log that records the name and size of the data generated by the business terminal 10. The data management apparatus 100 compares the name and size of the data recorded in the acquired log with the name stored in the storage unit and the size corresponding to the name, and the data is incorrect according to the comparison result. It is determined whether or not. When the data management apparatus 100 determines that the data is invalid, the data management apparatus 100 outputs an alert for the data. For example, the alert output list screen is transmitted to the audit terminal 70, and the alert output list screen is displayed on the audit terminal 70. Thereby, the data management apparatus 100 can reduce the risk of leakage due to an unauthorized operation.

  Next, the configuration of the data management apparatus 100 will be described. As illustrated in FIG. 1, the data management apparatus 100 includes a communication unit 110, a display unit 111, an operation unit 112, a storage unit 120, and a control unit 130. Note that the data management apparatus 100 may include various functional units included in a known computer, for example, functional units such as various input devices and audio output devices, in addition to the functional units illustrated in FIG.

  The communication unit 110 is realized by, for example, a NIC (Network Interface Card). The communication unit 110 is wired or wirelessly connected to the business server 30, the security server 50, and the audit terminal 70 via the network N, and performs communication of information between the business server 30, the security server 50, and the audit terminal 70. Interface. The communication unit 110 transmits the log acquisition instruction input from the control unit 130 to the business server 30 and the security server 50. In addition, the communication unit 110 outputs the log received from the business server 30 and the security server 50 to the control unit 130. Further, the communication unit 110 transmits various display screens input from the control unit 130 to the audit terminal 70.

  The display unit 111 is a display device for displaying various information to the administrator of the data management apparatus 100. The display unit 111 is realized by, for example, a liquid crystal display as a display device. The display unit 111 displays various screens such as a display screen input from the control unit 130.

  The operation unit 112 is an input device that receives various operations from the administrator of the data management apparatus 100. The operation unit 112 is realized by, for example, a keyboard or a mouse as an input device. The operation unit 112 outputs an operation input by the administrator to the control unit 130 as operation information. Note that the operation unit 112 may be realized by a touch panel or the like as an input device, and the display device of the display unit 111 and the input device of the operation unit 112 may be integrated.

  The storage unit 120 is realized by, for example, a semiconductor memory device such as a RAM (Random Access Memory) or a flash memory, or a storage device such as a hard disk or an optical disk. The storage unit 120 includes a white list storage unit 121. In addition, the storage unit 120 stores information used for processing in the control unit 130.

  The white list storage unit 121 stores a white list used for determining whether the data stored in the business terminal 10 conforms to a predetermined requirement. FIG. 2 is a diagram illustrating an example of the white list storage unit. As shown in FIG. 2, the white list storage unit 121 includes “item number”, “part”, “section”, “person”, “terminal ID (Identifier)”, “file name”, “lower limit size”, “ Items such as “upper limit size”, “remaining days”, and “priority” are included. The white list storage unit 121 stores, for example, one record for each file name.

  The “item number” is an identifier for identifying each line of the white list. “Department” is information indicating a department in the information of the department in which the business terminal 10 is installed. “Section” is information indicating a section among the information of the department where the business terminal 10 is installed. “Responsibility” is information indicating a relationship among the information of the department where the business terminal 10 is installed. “Terminal ID” is an identifier for identifying the business terminal 10.

  “File name” is information indicating the file name of the file stored in the business terminal 10. The “file name” is represented by a regular expression, for example, in order to absorb the fluctuation of the file name. In the example of item number “4” in FIG. 2, the file name is represented by “resident card list _ [*]. Docx”, and even if the part of “*” is an arbitrary character, Treat as a match. The file name may include a directory, but is omitted in the above description.

  “Lower limit size” is information indicating the lower limit size of a file. The “lower limit size” can be set individually for each file type, that is, for each file name. “Upper limit size” is information indicating the upper limit size of a file. The “upper limit size” can be set individually for each file type, that is, for each file name. “Remaining days” is information serving as a threshold for outputting an alert with respect to the number of days that have elapsed since the file was generated or updated in the business terminal 10, that is, a predetermined period. For example, when the “remaining days” is set to 10 days, an alert is output when 10 days have passed since the file was generated or updated. The predetermined period is set in association with the file name of the data based on the data type. Further, the predetermined period may be set for each extension of the file name by using a description such as “¥ .txt” or “¥ .csv”, for example. Further, the “remaining days” may be set according to the terminal ID. The “priority order” is information indicating the order of priority lines when a plurality of conditions of each line in the white list are met. If the lower limit size, upper limit size, and remaining days are blank as in item numbers “1” to “3” and “5” in FIG. 2, the OS (Operating System) system file and the like are to be checked. Indicates that the file is outside.

  Here, a method of generating a white list will be described. The size of the file generated by the business terminal 10 is limited to some extent according to the business. For example, the resident card file has one to several people per household, and if it exceeds the size corresponding to these numbers, there is a high possibility that some kind of unauthorized operation has occurred. Another type of certificate, such as a seal certificate, has a format different from that of a resident's card. It is considered that the nature is high. Thus, since the file generated by the business terminal 10 has a high correlation between the file type, that is, the file name and the size, for example, a normal size range can be determined from the same type of files in the past. it can. Therefore, a white list with higher accuracy can be generated by describing the relationship between the file name and the size thus obtained in the white list.

  Returning to the description of FIG. 1, the control unit 130 executes, for example, a program stored in an internal storage device using a RAM as a work area by a CPU (Central Processing Unit), an MPU (Micro Processing Unit), or the like. Is realized. Further, the control unit 130 may be realized by an integrated circuit such as an application specific integrated circuit (ASIC) or a field programmable gate array (FPGA). The control unit 130 includes an acquisition unit 131, a first determination unit 132, a second determination unit 133, and an output control unit 134, and implements or executes information processing functions and operations described below. Note that the internal configuration of the control unit 130 is not limited to the configuration illustrated in FIG. 1, and may be another configuration as long as the information processing described below is performed.

  The acquisition unit 131 acquires logs from the business server 30 and the security server 50. For example, the acquisition unit 131 transmits a log acquisition instruction to the business server 30 and the security server 50 at predetermined time intervals, for example, every day. The acquisition unit 131 acquires logs corresponding to the log acquisition instruction from the business server 30 and the security server 50. Note that the acquisition unit 131 may store the acquired log in the storage unit 120. The log includes the generation date / time or the update date / time of the data generated by each business terminal 10 and the name and size of the data. In other words, the log includes the generation date or update date, the file name, and the file size of the file generated by each business terminal 10.

  When acquiring the log, the acquiring unit 131 refers to the white list storage unit 121 and determines whether or not a file name that does not match the white list is included in the log. When the log includes a file name that does not match the white list, the acquisition unit 131 generates file name invalid information for the file that does not match the white list. The acquisition unit 131 outputs the generated file name fraud information to the output control unit 134 and outputs the log to the first determination unit 132. The acquisition unit 131 outputs the log to the first determination unit 132 when the file name that does not match the white list is not included in the log.

  In addition to the log, the acquisition unit 131 may acquire a file from the business terminal 10 and acquire information such as a file name, an update date and time, and a size from the acquired file. In other words, the acquisition unit 131 acquires the file stored in the business terminal 10 and the operation log in the business terminal 10 from the business terminal 10.

  When the log is input from the acquisition unit 131, the first determination unit 132 specifies the recording period of each file based on the generation or update date / time of each file recorded in the log. The first determination unit 132 refers to the white list storage unit 121 and determines whether there is a file whose specified recording period is a predetermined period, that is, the remaining days or more. That is, the first determination unit 132 determines whether the recording period is equal to or longer than a predetermined period based on the file name. When there is a file whose recording period is equal to or longer than a predetermined period, the first determination unit 132 generates period excess information for a file whose recording period is equal to or longer than the predetermined period. The first determination unit 132 outputs the generated period excess information to the output control unit 134 and outputs the log to the second determination unit 133. The first determination unit 132 outputs a log to the second determination unit 133 when there is no file whose recording period is equal to or longer than the predetermined period.

  In other words, the first determination unit 132 refers to the white list storage unit 121 that stores time in association with the file name, and specifies the time stored in association with the acquired file.

  When the log is input from the first determination unit 132, the second determination unit 133 refers to the white list storage unit 121, the file name and size of each file recorded in the log, and the file name and size of the white list. And compare. In the example of the file name “resident card list _ [*]. Docx” of the item number “4” in FIG. 2, the second determination unit 133 determines the size of the file recorded in the log, the lower limit size “10 bytes”, and the upper limit. The size is compared with “102 Kbytes”. The second determination unit 133 determines whether there is a file with an illegal size based on the comparison result. That is, the second determination unit 133 determines whether the size of the file that satisfies the condition of the file name “resident card list _ [*]. Docx” is 10 bytes or less or 102 Kbytes or more.

  In other words, the second determination unit 133 compares the name and size of the data recorded in the acquired log with the name stored in the white list storage unit 121 and the size corresponding to the name, and produces a comparison result. Accordingly, it is determined whether or not the data is invalid. That is, the second determination unit 133 compares the file name and size of the data recorded in the log with the file name stored in the white list storage unit 121 and the size corresponding to the file name. Here, the name is, for example, a file name of data based on the type of data.

  If there is an illegally sized file, the second determination unit 133 generates illegal size information for the illegally sized file. The second determination unit 133 outputs the generated incorrect size information to the output control unit 134. The second determination unit 133 outputs check end information to the output control unit 134 when there is no file of an illegal size.

  The output control unit 134 receives the file name illegal information from the acquisition unit 131 and the period excess information from the first determination unit 132. In addition, incorrect size information or check end information is input from the second determination unit 133 to the output control unit 134. The output control unit 134 generates an alert output display screen based on the file name invalid information, the period excess information, and the size invalid information or the check end information. The output control unit 134 transmits the generated alert output display screen to the audit terminal 70 via the communication unit 110 and the network N, and displays the display screen on the display unit (not shown) of the audit terminal 70. For example, the output control unit 134 generates a list screen that summarizes the number of alerts per day for each user. The output control unit 134 transmits the generated list screen to the audit terminal 70 via the communication unit 110 and the network N, and displays the list screen on a display unit (not shown) of the audit terminal 70.

  That is, the output control unit 134 outputs an alert indicating that the data is remaining data when the recording period is equal to or longer than the predetermined period. Further, when the output control unit 134 determines that the data is invalid, the output control unit 134 outputs an alert for the data determined to be invalid. That is, when the output control unit 134 determines that the data is illegal, the output control unit 134 outputs an alert indicating that the data is illegally acquired.

  Further, when the output control unit 134 determines that the data is invalid, the output control unit 134 may output information that disables the output of the data to the business terminal 10. For example, when the business terminal 10 receives information that disables the output of data, the business terminal 10 performs a process of performing an access control and prohibiting the output of the data file corresponding to the information.

  In other words, the first determination unit 132 and the output control unit 134 output an alert according to the elapsed time from the storage timing of the acquired file specified based on the acquired operation log. The alert is output when the elapsed time from the file storage timing exceeds a predetermined time. The alert is output when the elapsed time from the storage timing of the acquired file exceeds the specified time. The output control unit 134 also outputs an alert indicating that the file is a remaining file when the elapsed time exceeds the specified time.

  Here, the display screen will be described with reference to FIGS. 3 and 4. FIG. 3 is a diagram illustrating an example of an alert output list screen. The list screen 21 shown in FIG. 3 is a screen showing the number of alert outputs from the 11th to the 18th of a certain month of staff, that is, users Taro XX, Jiro XX, and Hanako XX. That is, the list screen 21 is an example of a screen that outputs an alert for each user of the business terminal 10 and / or for a predetermined period (for example, day). In the list screen 21, it can be seen that four alerts occurred on the 12th for Hanako XX. In the audit terminal 70, when the auditor clicks, for example, the 12th day column 22 of Mr. Hanako XX who has generated four alerts in the list screen 21, a history display showing details of the column 22 is displayed. A screen is displayed.

  FIG. 4 is a diagram illustrating an example of a history display screen for each user. The history display screen 23 illustrated in FIG. 4 is a screen that displays a history regarding the alert output of Mr. Hanako XX on the 12th. The history display screen 23 includes a date column 24, a staff ID column 25, a staff name column 26, an operation history column 27, and a detection reason check box 28. The date column 24 indicates the date on which the alert is detected. The staff ID column 25 indicates a staff ID of a target whose history is to be displayed. The staff name column 26 indicates the name of a staff member whose history is to be displayed. The operation history column 27 shows the operation history of the business terminal 10 of the target staff member. The check box 28 can be selected for each detection reason, and a history corresponding to the selected detection reason is displayed in the operation history column 27.

  On the history display screen 23, the history of four alerts of Hanako XX on the 12th is displayed in the operation history column 27. Since the first line of the operation history column 27 is the detection reason “file size”, the size of the file that matches the file name “renkei_XXXXXX09.dat” (X is an arbitrary character) is equal to or larger than the upper limit size of the white list. It shows that. The second and third lines of the operation history column 27 indicate the detection reason “file name”, and thus indicate that the file name “Untitled.png” does not match the white list. The fourth line of the operation history column 27 is the detection reason “update date / time”, and thus indicates that the recording period specified from the update date / time of the file name “memo.txt” is equal to or longer than a predetermined period. That is, the recording period of the file with the file name “memo.txt” is equal to or longer than a predetermined period corresponding to the file name recorded in the white list. The detection reason “update date and time” indicates that the file is remaining data. In the above description, the file name directory is omitted.

  Next, the operation of the data management apparatus 100 according to the embodiment will be described. FIG. 5 is a flowchart illustrating an example of the data management process according to the embodiment.

  The acquisition unit 131 of the data management apparatus 100 transmits a log acquisition instruction to the business server 30 and the security server 50. The acquisition unit 131 acquires a log corresponding to the log acquisition instruction from the business server 30 and the security server 50 (step S1).

  When acquiring the log, the acquiring unit 131 refers to the white list storage unit 121 and determines whether or not a file name that does not match the white list is included in the log (step S2). When the file name that does not match the white list is included in the log (step S2: Yes), the acquisition unit 131 generates file name invalid information for the file that does not match the white list (step S3). The acquisition unit 131 outputs the generated file name invalid information to the output control unit 134 and outputs the log to the first determination unit 132, and the process proceeds to step S4. If the file name that does not match the white list is not included in the log (No at Step S2), the acquisition unit 131 outputs the log to the first determination unit 132 and proceeds to Step S4.

  When the log is input from the acquisition unit 131, the first determination unit 132 specifies the recording period of each file based on the generation or update date and time of each file recorded in the log (step S4). The first determination unit 132 refers to the white list storage unit 121 and determines whether there is a file whose specified recording period is equal to or longer than a predetermined period (step S5). When there is a file whose recording period is equal to or longer than the predetermined period (step S5: Yes), the first determination unit 132 generates period excess information for a file whose recording period is equal to or longer than the predetermined period (step S6). The first determination unit 132 outputs the generated period excess information to the output control unit 134 and outputs the log to the second determination unit 133, and the process proceeds to step S7. If there is no file whose recording period is equal to or longer than the predetermined period (step S5: No), the first determination unit 132 outputs a log to the second determination unit 133, and proceeds to step S7.

  When the log is input from the first determination unit 132, the second determination unit 133 refers to the white list storage unit 121, and compares the file name and size of the log with the file name and size of the white list (step S7). Based on the comparison result, the second determination unit 133 determines whether or not there is an illegally sized file (step S8). If there is a file with an incorrect size (step S8: Yes), the second determination unit 133 generates size incorrect information for the file with an incorrect size (step S9). The second determination unit 133 outputs the generated incorrect size information to the output control unit 134, and the process proceeds to step S10. If there is no illegally sized file (No at Step S8), the second determination unit 133 outputs the check end information to the output control unit 134, and proceeds to Step S10.

  When the file name invalid information, the period excess information, and the size invalid information or the check end information are input, the output control unit 134 displays an alert output based on the file name invalid information, the period excess information, and the size invalid information. A screen is generated (step S10). The output control unit 134 transmits the generated alert output display screen to the audit terminal 70 (step S11), and displays it on a display unit (not shown) of the audit terminal 70. As a result, the data management apparatus 100 outputs an alert for a file that has passed a predetermined period, thereby reducing the risk of leakage of the remaining file. In addition, since the data management apparatus 100 checks the size of the file recorded in the log based on the size corresponding to the file name of the white list, the risk of leakage due to an unauthorized operation can be reduced.

  As described above, the data management apparatus 100 acquires the file stored in the business terminal 10 and the operation log in the business terminal 10 from the business terminal 10. In addition, the data management apparatus 100 outputs an alert according to the elapsed time from the storage timing of the acquired file specified based on the acquired operation log. As a result, the data management apparatus 100 can recognize the existence of data that has been stored in the business terminal 10 and remains stored.

  In the data management apparatus 100, an alert is output when the elapsed time from the file storage timing exceeds a predetermined time. As a result, the data management apparatus 100 can recognize the existence of data that has been stored for a predetermined time.

  In addition, the data management apparatus 100 refers to the white list storage unit 121 that stores time in association with the file name, and specifies the time stored in association with the acquired file. In the data management apparatus 100, an alert is output when the elapsed time from the storage timing of the acquired file exceeds the specified time. As a result, the data management apparatus 100 can recognize the existence of data that has been stored over the time corresponding to the file name.

  In addition, when the elapsed time exceeds the specified time, the data management apparatus 100 outputs an alert indicating that the file is a remaining file. As a result, the data management apparatus 100 can notify that the remaining file remains in the business terminal 10.

  Further, the data management apparatus 100 outputs an alert for each user of the business terminal 10 and / or for each predetermined period. As a result, the data management apparatus 100 can easily grasp which operation of which user is an alert.

  In addition, the data management apparatus 100 acquires a log that records the generation date / time or update date / time of the data generated by the business terminal 10. In addition, the data management device 100 specifies a data recording period based on the generation date or update date recorded in the acquired log, and determines whether the specified recording period is equal to or longer than a predetermined period. . In addition, the data management apparatus 100 outputs an alert for data when the recording period is equal to or longer than a predetermined period. As a result, the data management apparatus 100 can reduce the risk of leakage of remaining files.

  In the data management apparatus 100, the predetermined period is set in association with the file name of the data based on the data type. Further, the data management apparatus 100 determines whether the recording period is equal to or longer than a predetermined period based on the file name. As a result, the data management apparatus 100 can determine the recording period based on different predetermined periods based on the file name including the data type.

  Further, the data management apparatus 100 outputs an alert indicating that the data is remaining data when the recording period is equal to or longer than a predetermined period. As a result, the data management apparatus 100 can notify that the remaining data, that is, the remaining file remains in the business terminal 10.

  In the above-described embodiment, the case where the data management process, that is, the audit is performed on the log acquired from each business terminal 10 has been described. However, the present invention is not limited to this. For example, the data acquired from the business server 30 may be subjected to data management processing, that is, auditing.

  Moreover, in the said Example, although the white list was used for the determination which outputs an alert, it is not limited to this. For example, a black list may be used.

  Moreover, in the said Example, although log collection was performed at the predetermined time interval, it is not limited to this. For example, every time a log is generated on the business terminal 10 or the business server 30 side, a newly generated portion of the log may be sequentially transmitted to the security server 50. Similarly, the security server 50 may transmit a log to the data management apparatus 100 every time a new log is received. That is, the data management apparatus 100 may acquire logs in real time from the business terminal 10 and the business server 30, determine the acquired logs, and output an alert.

  In the above-described embodiment, the determination as to whether or not the file recording period is equal to or longer than the predetermined period and the determination as to whether or not there is an illegally sized file are made, but the present invention is not limited thereto. For example, either one of the determinations may be performed and the alert may be output, or the determination order may be switched and the alert may be output.

  Moreover, in the said Example, when the alert generate | occur | produced, the data management apparatus 100 output the display screen of alert output, and displayed on the audit terminal 70, However, It is not limited to this. For example, the data management apparatus 100 may output a screen showing the result of determining that no alert has occurred on the alert output list screen, that is, a screen with 0 alerts.

  In addition, each component of each part illustrated does not necessarily need to be physically configured as illustrated. In other words, the specific form of distribution / integration of each unit is not limited to that shown in the figure, and all or a part thereof may be functionally or physically distributed / integrated in arbitrary units according to various loads or usage conditions. Can be configured. For example, the first determination unit 132 and the second determination unit 133 may be integrated. In addition, the illustrated processes are not limited to the above-described order, and may be performed at the same time as long as the process contents are not contradictory, or may be performed in a different order.

  Furthermore, various processing functions performed by each device may be executed entirely or arbitrarily on a CPU (or a microcomputer such as an MPU or MCU (Micro Controller Unit)). In addition, various processing functions may be executed in whole or in any part on a program that is analyzed and executed by a CPU (or a microcomputer such as an MPU or MCU) or on hardware based on wired logic. Needless to say, it is good.

  By the way, the various processes described in the above embodiments can be realized by executing a program prepared in advance by a computer. Therefore, in the following, an example of a computer that executes a program having the same function as in the above embodiment will be described. FIG. 6 is a diagram illustrating an example of a computer that executes a data management program.

  As illustrated in FIG. 6, the computer 200 includes a CPU 201 that executes various arithmetic processes, an input device 202 that receives data input, and a monitor 203. The computer 200 also includes a medium reading device 204 that reads a program and the like from a storage medium, an interface device 205 for connecting to various devices, and a communication device 206 for connecting to other information processing devices and the like by wire or wirelessly. Have The computer 200 also includes a RAM 207 that temporarily stores various types of information and a hard disk device 208. Each device 201 to 208 is connected to a bus 209.

  The hard disk device 208 stores a data management program having the same functions as the processing units of the acquisition unit 131, the first determination unit 132, the second determination unit 133, and the output control unit 134 illustrated in FIG. Also, the hard disk device 208 stores a white list storage unit 121 and various types of data for realizing a data management program. The input device 202 has a function similar to that of the operation unit 112 illustrated in FIG. 1, for example, and receives input of various types of information such as operation information from the administrator of the computer 200. The monitor 203 displays various screens such as a display screen for the administrator of the computer 200, for example. The interface device 205 is connected to, for example, a printing device. The communication device 206 has the same function as that of the communication unit 110 illustrated in FIG. 1, for example, and is connected to the business terminal 10, the business server 30, the security server 50, and the audit terminal 70. The communication device 206 exchanges various information with the business terminal 10, the business server 30, the security server 50, and the audit terminal 70.

  The CPU 201 reads out each program stored in the hard disk device 208, develops it in the RAM 207, and executes it to perform various processes. Further, these programs can cause the computer 200 to function as the acquisition unit 131, the first determination unit 132, the second determination unit 133, and the output control unit 134 illustrated in FIG.

  Note that the above-described data management program is not necessarily stored in the hard disk device 208. For example, the computer 200 may read and execute a program stored in a storage medium readable by the computer 200. The storage medium readable by the computer 200 corresponds to, for example, a portable recording medium such as a CD-ROM, a DVD disk, a USB (Universal Serial Bus) memory, a semiconductor memory such as a flash memory, a hard disk drive, and the like. Alternatively, the data management program may be stored in a device connected to a public line, the Internet, a LAN, or the like, and the computer 200 may read and execute the data management program therefrom.

DESCRIPTION OF SYMBOLS 1 Data management system 10 Business terminal 30 Business server 50 Security server 70 Audit terminal 100 Data management apparatus 110 Communication part 111 Display part 112 Operation part 120 Storage part 121 White list storage part 130 Control part 131 Acquisition part 132 1st determination part 133 1st 2 determination unit 134 output control unit N network

Claims (7)

Obtaining a file stored in the information processing terminal and an operation log in the information processing terminal from the information processing terminal;
According to the elapsed time from the storage timing of the acquired file specified based on the acquired operation log, an alert is output.
A management program for causing a computer to execute processing. The alert is output when the elapsed time from the storage timing of the file exceeds a predetermined time.
The management program according to claim 1, wherein: Referring to the storage unit that stores time in association with the file name, specify the time stored in association with the acquired file,
The alert is output when the elapsed time from the storage timing of the acquired file exceeds the specified time,
The management program according to claim 1, wherein: The output process outputs the alert indicating that the file is a remaining file when the elapsed time exceeds the specified time.
The management program according to claim 3. The outputting process outputs the alert for each user of the information processing terminal and / or for each predetermined period.
The management program according to any one of claims 1 to 4, wherein: Obtaining a file stored in the information processing terminal and an operation log in the information processing terminal from the information processing terminal;
According to the elapsed time from the storage timing of the acquired file specified based on the acquired operation log, an alert is output.
A management method, wherein a computer executes a process. An acquisition unit for acquiring a file stored in the information processing terminal and an operation log in the information processing terminal from the information processing terminal;
An output control unit that outputs an alert according to the elapsed time from the storage timing of the acquired file specified based on the acquired operation log;
A management apparatus comprising:

Images