JP2019046083A - Information processing system and control method thereof - Google Patents

Abstract

To improve the security by controlling an access to an improper link attached to e-mail.SOLUTION: An information processing system is configured to: acquire by a mail acquisition unit 302 e-mail received by a mail receiving unit 300; determine the risk of URL attached to the e-mail suspended by applying reception control rule, on the basis of an operation on the e-mail; determine the risk of the URL on the basis of the URL per se attached to the e-mail; and determine the risk of the URL attached to the e-mail on the basis of the e-mail per se, to control access to the high-risk URL from a client terminal 108.SELECTED DRAWING: Figure 4

Description

  The present invention relates to relay control of communication with another device, and more particularly, to a method of registering information for identifying a resource of a communication destination which is required to perform relay control.

  With the development of network technology, various types of information are distributed, and there is a very convenient tool for providing such information to many users.

  For example, it is possible to obtain resources desired by the user by clicking a URL for specifying the location of resources such as HTML and images on the Internet.

  However, recently, exploiting the convenience of such tools and causing them to illegally access resources has caused damage such as infection with a virus and demand for a large payment.

  As an example of damage that abuses such a tool, an email with a URL specifying the location of the unauthorized resource is unilaterally sent to the user, the user opens the email, and the URL of the email is erroneously sent. Damage such as clicking has occurred.

  Therefore, as a method for solving such a problem, the URL of the e-mail stored in the folder for storing spam mail is invalidated, while the URL of the e-mail stored in a folder other than such a folder A technology for enabling is disclosed (see, for example, Patent Document 1).

Patent No. 04974076

  However, in the technology described in Patent Document 1, an e-mail that has not been determined as a spam e-mail but has only invalidated the URL given to the e-mail determined to be a spam e-mail by the function of the existing e-mail application software. However, there is a problem that it is difficult to cope with the case where a URL for specifying the location of an unauthorized resource is given.

  As a method of solving such a problem, there is a method of registering a URL for controlling access in the DB and prohibiting the access when the user tries to access the URL registered in the DB.

  In such a method, in order to improve the accuracy of access control, it depends on the accuracy of the URL registered in the DB, and if the URL given to the e-mail is registered in the DB, to the URL It is possible to control access, but if it is not registered in the DB, there arises a problem that the URL is accessed.

  Therefore, the present invention provides an information processing apparatus, an information processing system, a control method, and a program capable of improving security by controlling access to an inappropriate connection destination given to an electronic mail. The purpose is to

  The present invention for solving the above problems is an information processing apparatus that accesses resource by instructing resource specification information indicating information specifying a resource, wherein the resource specification information performs control of the access. Using storage means for storing information, risk specifying means for receiving information relating to the risk of access to the resource with respect to resource specifying information given to the received e-mail, and information relating to the risk received by the risk receiving means And registration means for registering the resource specifying information in the storage means.

  According to the present invention, the security can be improved by controlling the access to the inappropriate connection destination given to the electronic mail.

It is a block diagram which shows schematic structure of an information processing system. It is a block diagram which shows schematic structure of the hardware of an access relay apparatus, a mail relay apparatus, a mail server, an external server, and a client terminal. It is a block diagram which shows the function structure of an information processing system. It is a flowchart which shows registration determination processing of URL. It is a flowchart which shows the process which determines whether the URL provided to the said email as filtering object based on operation with respect to the suspended email. It is a flowchart which shows the process which determines whether the said URL is made into filtering object based on URL itself provided to e-mail. It is a flowchart which shows the process which determines whether the said URL is made into the filtering object based on the suspiciousness of E-mail itself. It is a block diagram which shows the structure of a pending | holding email list screen. It is a block diagram which shows the structure of a relay control rule list screen. It is a block diagram which shows the structure of a relay control rule detailed screen. It is a block diagram which shows the structure of a group registration screen. It is a block diagram which shows the structure of a URL group registration screen. It is a block diagram which shows the structure of an unregistered URL list screen. It is a block diagram which shows the structure of an unregistered URL detailed screen. It is a block diagram which shows the structure of an access warning screen. It is a block diagram which shows the structure of a URL group registration screen. It is a block diagram which shows the structure of each table.

  Hereinafter, embodiments of the present invention will be described in detail with reference to the drawings.

First Embodiment
First, the first embodiment will be described.

  FIG. 1 is a schematic block diagram of an information processing system according to an embodiment of the present invention.

  As shown in FIG. 1, the information processing system 100 according to the present embodiment has a configuration including an access relay apparatus 102, a mail server 104, a mail relay apparatus 106, a client terminal 108 (provided with at least one or more), and a LAN 110. And is connected to the external server 114 via the wide area network 112.

  The access relay apparatus 102 is an apparatus functioning as an information processing apparatus, and relays between the client terminal 108 and the external server 114 which communicates data via the wide area network 112.

  Also, the access relay apparatus 102 controls communication of the data according to a relay control rule for determining whether to relay or not relay data transmitted and received between the client terminal 108 and the external server 114. ing.

  The mail server 104 is an information processing apparatus used to transmit and receive electronic mail, and has functions such as management of a mail address of the electronic mail and storage of the electronic mail transmitted to the mail address. There is.

  The mail relay apparatus 106 performs transmission control processing for electronic mail transmitted from the mail server 104 and the client terminal 108 using transmission control rules, and also performs reception control processing for electronic mail transmitted from the external server 114, which will be described later. Using the reception control rule.

  Further, the mail relay device 106 accepts or transmits the input of the transmission control rule (reception control rule) used for the transmission control processing (reception control processing) of the electronic mail in response to the request from the user who operates the client terminal 108. As a result of control processing (reception control processing), transmission (reception) for an e-mail for which transmission (reception) is suspended, and input (audit input) of transmission inhibition (reception inhibition) are accepted.

  The client terminal 108 is a terminal device operated by a user who exchanges e-mails using a mail address managed by the mail server 104.

  The client terminal 108 is also a terminal device that provides various contents and the like provided from the external server 114 to the user.

  Furthermore, the client terminal 108 can refer to and register relay control rules, transmission control rules, and reception control rules stored in the access relay apparatus 102 and the mail relay apparatus 106 via the LAN 110.

  The external server 114 is a device for providing various contents and the like to users, and is installed by a service provider or an individual user or the like, or installed as a mail server owned by an external user. Do.

  Next, FIG. 2 describes an example of a hardware configuration of an information processing apparatus applicable to the access relay apparatus 102, the mail server 104, the mail relay apparatus 106, and the client terminal 108.

  In FIG. 2, reference numeral 201 denotes a CPU, which centrally controls devices and controllers connected to the system bus 204. Further, the ROM 202 or the external memory 211 is required to realize a BIOS (Basic Input / Output System) which is a control program of the CPU 201, an operating system program (hereinafter referred to as OS), and functions executed by each server or each PC. The various programs described later are stored.

  A RAM 203 functions as a main memory, a work area, and the like of the CPU 201. The CPU 201 loads a program and the like necessary for execution of processing from the ROM 202 or the external memory 211 to the RAM 203, and implements the various operations by executing the loaded program.

  An input controller 205 controls input from a keyboard (KB) 209 and a pointing device such as a mouse (not shown). A video controller 206 controls display on a display such as a CRT display (CRT) 210 or the like.

  Although FIG. 2 describes the CRT 210, the display may be not only a CRT but also another display such as a liquid crystal display. These are used by the administrator as needed.

  A memory controller 207 is connected via an adapter to a hard disk (HD) storing a boot program, various applications, font data, user files, editing files, various data, etc., a flexible disk (FD), or a PCMCIA card slot. Control access to the external memory 211 such as Compact Flash (registered trademark) memory.

  A communication I / F controller 208 connects and communicates with an external device via a network (for example, the LAN 110 shown in FIG. 1), and executes communication control processing in the network. For example, communication using TCP / IP is possible.

  The CPU 201 enables display on the CRT 210 by executing, for example, outline font rasterization processing on a display information area in the RAM 203. Further, the CPU 201 enables user's instruction with a mouse cursor (not shown) on the CRT 210 or the like.

  Various programs to be described later for realizing the present invention are stored in the external memory 211, and are executed by the CPU 201 by being loaded into the RAM 203 as necessary.

  Furthermore, definition files and various information tables used at the time of execution of the program are also stored in the external memory 211, and a detailed description of these will be described later.

  Next, the functional configuration of the information processing system 100 will be described using FIG. The details of each function will be described later with reference to a flowchart and the like.

  The mail relay device 106 includes a mail reception unit 300, a mail acquisition unit 302, a registration judgment unit 304, a reception control unit 306, a reception control rule storage unit 308, a display unit 310, an input reception unit 312, a notification unit 314, and a judgment result storage. A unit 316 is provided.

  The mail reception unit 300 receives an electronic mail transmitted from the mail server 104, the external server 114, and the like, and the mail acquisition unit 302 acquires the electronic mail received by the mail reception unit 300.

  The registration determination unit 304 determines the risk of the URL given to the e-mail, thereby determining whether or not it is the target of the filtering.

  The reception control unit 306 controls the reception of the electronic mail by applying the reception control rule to the electronic mail acquired by the mail acquisition unit 302, and the display unit 310 displays various screens on the client terminal 108. Take control.

  The input reception unit 312 receives an input of information input to various screens displayed by the display unit 310, and the notification unit 314 notifies the access relay apparatus 102 of information related to the result of the determination by the registration determination unit 304. Do.

  The determination result storage unit 316 stores information on the result of the determination made by the registration determination unit 304.

  The access relay apparatus 102 includes a notification receiving unit 318, an unregistered URL storage unit 320, a display unit 322, an access control rule storage unit 324, an access control unit 326, and a URL storage unit 328.

  The notification acceptance unit 318 receives information on the determination result notified from the notification unit 314 of the mail relay device 106, and the unregistered URL storage unit 320 becomes unregistered from the information on the determination result accepted by the notification reception unit 318. It stores information about the URL, the reason for being considered unregistered, and the email to which the URL is given.

  The display unit 322 controls display of various screens in the client terminal 108, and the access control rule storage unit 324 stores rules for controlling relay of access requested from the client terminal 108.

  The access control unit 326 controls the access by applying the relay control rule stored by the access control rule storage unit 324 to the access requested from the client terminal 108.

  The URL storage unit 328 stores and manages the categorized URLs, and new categories of categorized URLs are registered as appropriate.

  Next, URL registration determination processing will be described using the flowchart shown in FIG.

  In step S100, the mail acquisition unit 302 causes the mail reception unit 300 to acquire the electronic mail received from the external server 114.

  In step S102, the registration determination unit 304 applies the reception control rule for determining the reception control method of the e-mail, and as a result, the URL given to the e-mail based on the operation for the e-mail determined to be put on hold. Is determined as a target of filtering (for details, see FIG. 5).

  In step S104, the registration determination unit 304 determines, based on the URL itself assigned to the electronic mail, whether or not to be a target of filtering (for details, see FIG. 6).

  In step S106, the registration determination unit 304 determines, based on the electronic mail itself, whether the URL given to the electronic mail is to be filtered (see FIG. 6 for details).

  In step S108, in steps S102 to S106, the notification unit 314 notifies the access relay apparatus 102 of the information stored by the determination result storage unit 316 regarding the result as to whether or not to perform filtering.

  In the notification, only the information related to the URL (details will be described later) determined to have a high risk may be notified to the access relay apparatus 102.

  In step S110, the notification receiving unit 318 receives information on the determination result notified from the mail relay device 106 in step S108.

  In step S112, the unregistered URL storage unit 320 registers information on the determination result accepted in step S110 in the unregistered URL DB (the lowermost row in FIG. 17).

  The lower part of FIG. 17 shows the configuration of the unregistered URLDB. The unregistered URLDB is an unregistered URL ID for uniquely identifying an unregistered URL, an unregistered URL, and an unregistered URL. It includes an unregistered reason indicating the reason, and an e-mail ID for uniquely identifying the e-mail to which the URL is given.

  In this step, an ID is newly issued and registered such that the unregistered URL ID is unique in the unregistered URL DB, and the URL included in the information related to the determination result is registered in the unregistered URL.

  In the unregistered reason, whether the risk when accessed by the URL is low or high, and the reason for determining the level are registered.

  Next, processing for determining whether or not the URL given to the e-mail is to be the filtering target based on the operation on the held e-mail will be described using the flowchart shown in FIG.

  In step S200, the reception control unit 306 applies the reception control rule to the electronic mail acquired by the mail acquisition unit 302 in step S100.

  The top row of FIG. 17 shows the configuration of a reception control rule DB storing information on reception control rules. The reception control rule DB is stored and managed by the reception control rule storage unit 308, and the reception control rules are unique. As a rule ID for identifying the ID, a rule name indicating the name of the reception control rule, a condition of the e-mail to which the reception control rule applies, sender condition, receiver condition, subject / text condition, and attached file condition, and It is configured to include an operation indicating a process to be applied to the e-mail data meeting the above-mentioned conditions.

  The sender condition indicates the condition regarding the sender of the e-mail, for example, the sender of the e-mail "*

example. co. is "jp", "*

example. co. Conditions such as "except jp" and "all senders" are registered.

  The recipient condition indicates the condition regarding the recipient of the e-mail, for example, “TO, CC, BCC *

example. co. Conditions such as "An address other than jp is set", "The number of addresses set in TO, CC is n or more", "Includes domains of n or more", "All recipients", etc. Will be registered.

  The subject / body condition indicates the condition regarding the character string set in the subject or body of the e-mail. For example, “Subject not entered”, “Subject or body, mixed terms in foreign countries” The condition such as "is used" is to be registered.

  The attached file condition indicates a condition related to the attached file attached to the e-mail. For example, as information on the file type of the attached file, “jpeg” in the case of a JPEG file, in the case of a text file "Text / plain", the text entered in the attached file "includes any of" confidential, confidential, confidential, and confidential ", the size of the attached file is" more than 30MB "," less than 20MB " , Etc. conditions are registered.

  Of course, it is not necessary to set all of the sender condition, the receiver condition, the subject / text condition, and the attached file condition in one reception control rule.

  When a plurality of conditions are registered among the sender condition, the receiver condition, the subject / body condition, and the attached file condition, the e-mail including all the conditions applies to the reception control rule, and Be done.

  The operation shows the process applied to the e-mail data that matches the condition, but any one of “reception”, “reception prohibition”, and “pending” is registered.

  If "receive" is set, the electronic mail is sent to the designated destination. If "reception prohibited" is set, the reception of e-mail is prohibited. If "hold" is set, reception of the electronic mail is suspended, and reception control according to the "reception" or "reception prohibition" instruction accepted from the administrator is performed.

  In step S202, as a result of applying the reception control rule in step S200, the reception control unit 306 determines whether the operation is on hold, and if it is determined that the operation is on hold, the process proceeds to step S204 to suspend If not determined, the process proceeds to step S220.

  In step S204, it is determined whether or not a reception instruction has been made via input acceptance unit 312 with respect to pending e-mail list screen 400 (see FIG. 8) displayed by display unit 310, and it is determined that the instruction is a reception instruction. If it is determined, the process proceeds to step S206. If it is not determined that the instruction is a reception instruction, the process proceeds to step S212.

  FIG. 8 shows the configuration of the held e-mail list screen 400. The held e-mail list screen 400 includes a held e-mail list display unit 402, a reception button 404, and a reception prohibition button 406.

  The pending e-mail list display unit 402 is a display unit that displays a list of pending e-mails, and includes an audit target email selection check box 408, an email ID 410, a reception date 412, a sender / subject 414, an attached file presence / absence 416, and A detail button 418 is provided.

  An audit target email selection check box 408 is a check box for selecting an email to be audited. When an instruction to press the reception button 404 is accepted for the e-mail data for which the audit target mail selection check box 408 is checked, the reception process is received, and if an instruction to press the reception prohibition button 406 is accepted. The reception prohibition process will be executed.

  The email ID 410 is a display unit that displays the email ID of the pending email. The reception date and time 412 is a display unit that displays time information when the hold email is transmitted. A sender / subject 414 is a display unit that displays sender information and subject information of the hold email.

  The attached file presence / absence 416 is a display unit that displays the presence / absence of the attached file of the hold email. The detail button 418 is a button used to request the mail relay apparatus 106 for the detail data of the electronic mail.

  In this step, when the check box 408 for selecting mail to be audited is checked and it is detected that the reception button 404 has been pressed, the process proceeds to step S206, and when it is not detected that the receive button 404 has been pressed, the process is performed to step S212. Advance.

  In step S206, the registration determination unit 304 determines whether or not the URL is attached to the e-mail checked in the audit target mail selection check box 408, and when it is determined that the URL is attached, the process proceeds to step S208. The process proceeds, and if it is not determined that it has been granted, the process ends.

  In step S208, the registration determination unit 304 acquires the URL from the e-mail, and in step S210, the determination result storage unit 316 determines the URL acquired in step S208 and information on the e-mail to which the URL is added (email ID And storing the judgment result information indicating that the held e-mail is permitted to be received, and the risk at the time of access by the URL is low.

  In step S212, it is determined whether or not the reception prohibition button 406 has been pressed via the input reception unit 312 with respect to the held e-mail list screen 400 displayed by the display unit 310. The process proceeds to step S214, and when it is not determined that the button is pressed, the process ends.

  In step S214, the registration determination unit 304 determines whether or not the URL is attached to the e-mail checked in the audit target e-mail selection check box 408. If it is determined that the URL is attached, the process proceeds to step S216. The process proceeds, and if it is not determined that it is assigned, the process is ended.

  In step S216, the registration determination unit 304 acquires the URL from the e-mail, and in step S218, the determination result storage unit 316 determines the URL acquired in step S216 and information on the e-mail to which the URL is added (email ID And the e-mail held is prohibited from being received, and stores the determination result information indicating that the risk when accessing by the URL is high.

  In step S220, the registration determination unit 304 determines whether or not the URL is attached to the unheld e-mail. If it is determined that the URL is attached, the process proceeds to step S222, If not determined, the process ends.

  In step S222, the registration determination unit 304 acquires the URL from the e-mail, and in step S224, the determination result storage unit 316 receives the URL acquired in step S222 and information on the e-mail to which the URL is added (email ID And E-mail is not held, and determination result information indicating that the risk at the time of access by the URL is extremely low is stored.

  Next, processing for determining whether or not the URL is to be filtered will be described based on the URL itself assigned to the e-mail, using the flowchart shown in FIG.

  In step S300, the registration determination unit 304 determines whether the URL is attached to the e-mail acquired in step S100. If it is determined that the URL is attached, the process proceeds to step S302, and the email is attached. If it is not determined that there is, the process ends.

  In step S302, the registration determination unit 304 acquires the URL given to the e-mail acquired in step S100. In step S304, the registration determination unit 304 determines the elements of the URL acquired in step S300 (for example, the scheme, host Get name, path name, port number, folder name etc.

  In step S306, the registration determination unit 304 determines whether or not the element acquired in step S304 is similar to a prominent domain. If it is determined that they are similar, the process proceeds to step S308, and it is not determined that they are similar. The process proceeds to step S310.

  As a determination method in this step, a prominent domain is stored in advance, and it is determined whether or not the stored domain and the element of the URL are similar.

  Further, not only the domain but also a derived domain may be targeted. For example, when bbb.co.jp exists as a prominent domain, the target URL is http://aaa.bbb.c0jp.com. At the same time, aaa.bbb which is a derived domain may be determined as a similar element.

  The reason for performing such a determination is that the target URL is assumed to be used in an attempt to misidentify the user by being similar to a famous domain.

  In step S308, the determination result storage unit 316 is similar to the URL acquired in step S302, information on the e-mail to which the URL is added (including the mail ID), and the domain of the URL, and the URL Stores the determination result information indicating that the risk at the time of access is high.

  In step S310, the determination result storage unit 316 is not similar to the URL acquired in step S302, the information on the e-mail to which the URL is added (including the mail ID), and the domain of the URL, It stores determination result information indicating that the risk when accessing by URL is low.

  In step S312, the registration determination unit 304 determines whether or not the domain of the URL acquired in step S302 is a domain used in the e-mail magazine. If it is determined that the domain is a domain, the process proceeds to step S314. If it is determined not to be a domain, the process proceeds to step S316.

  As a determination method in this step, the domain used in the mail magazine is stored in advance by the reception control rule storage unit 308, and it is determined whether the domain of the stored domain matches the domain of the URL.

  In step S314, the determination result storage unit 316 determines that the URL acquired in step S302, the information related to the e-mail to which the URL is added (including the e-mail ID), and the domain of the URL is the domain of the e-mail magazine. Stores the determination result information indicating that the risk at the time of access is high.

  In step S316, the determination result storage unit 316 determines the URL acquired in step S302, information on the e-mail to which the URL is added (including the mail ID), and the domain of the URL is not the domain of the e-mail magazine, but the URL Stores the determination result information indicating that the risk at the time of access is low.

  Next, processing for determining whether the URL is to be filtered based on the suspiciousness of the electronic mail itself will be described using the flowchart shown in FIG.

  In step S400, the registration determination unit 304 determines whether or not the URL is attached to the e-mail acquired in step S100. If it is determined that the URL is attached, the process proceeds to step S402 to be attached. If it is not determined that there is, the process ends.

  In step S402, the registration determination unit 304 acquires the URL given to the electronic mail acquired in step S100.

  In step S404, the registration determination unit 304 determines whether the address of the sender of the e-mail acquired in step S100 is a free e-mail address. If it is determined that the e-mail is a free e-mail address, the process proceeds to step S406. If the email address is not determined, the process proceeds to step S408.

  As a determination method in this step, the reception control rule storage unit 308 stores in advance the domain in which the free mail is used, and determines whether the stored domain matches the domain of the electronic mail.

  In addition, depending on the service that provides free mail, it is assumed that the address of the sender will be converted, so this is not limited to the domain, and identification information that specifies the service is added to the header of the e-mail. Identification information may be stored in advance, and it may be determined whether the stored identification information matches the information input to the header of the e-mail.

  In step S406, the determination result storage unit 316 determines that the URL acquired in step S402, information on the e-mail (including the e-mail ID) to which the URL is added, and the address of the e-mail sender are free e-mail addresses. It stores determination result information indicating that the risk when accessing by URL is high.

  In step S408, the determination result storage unit 316 determines that the URL acquired in step S402, the information related to the electronic mail (including the mail ID) to which the URL is added, and the address of the sender of the electronic mail are not free mail addresses. It stores determination result information indicating that the risk when accessing by URL is low.

  In step S410, the registration determination unit 304 determines from the IP address of the transmission source included in the header of the e-mail whether the e-mail described above is sent from overseas, and it is determined that the e-mail is from overseas. If it is determined, the process proceeds to step S412. If it is not determined that the email is from overseas, the process proceeds to step S414.

  In step S412, the determination result storage unit 316 is the URL acquired in step S402, information on the e-mail to which the URL is added (including the e-mail ID), and the e-mail transmitted from overseas. Stores the determination result information indicating that the risk at the time of access is high.

  In step S414, the determination result storage unit 316 is the URL acquired in step S402, information on the e-mail to which the URL is added (including the e-mail ID), and the e-mail transmitted from overseas. Stores the determination result information indicating that the risk at the time of access is low.

  In step S416, the registration determination unit 304 determines whether or not the above-mentioned e-mail has been assigned the same URL as the URL given to the different e-mail already received most recently. If YES in step S420, the process advances to step S418; otherwise, the process advances to step S420.

  In step S418, the determination result storage unit 316 adds the URL acquired in step S402, information on the e-mail to which the URL is added (including the e-mail ID), and the e-mail to the e-mail already received most recently. The same URL as the above URL is assigned, and determination result information indicating that the risk at the time of access by the URL is high is stored.

  In step S420, the determination result storage unit 316 adds the URL acquired in step S402, information on the e-mail to which the URL is added (including the e-mail ID), and the e-mail to the e-mail already received most recently. The same URL as the above URL is assigned, and determination result information indicating that the risk at the time of access by the URL is low is stored.

  Next, a method of registering relay control rules for access from the client terminal 108 to the external server 114 will be described.

  FIG. 9 shows a relay control rule list screen 500 for displaying a list of relay control rules.

  The relay control rule list screen 500 includes a relay control rule list display unit 502 displayed by the display unit 322 and displaying a list of relay control rules, and a rule addition button 504 for pressing when adding a new relay control rule. When the rule addition button 504 is pressed, the relay control rule detail screen 600 is displayed (see FIG. 10).

  The relay control rule list display unit 502 displays an ID 506 for uniquely identifying the relay control rule, a rule name 508 indicating the name of the relay control rule, an action 510 indicating the operation when the access content corresponds to the relay control rule, and display An operation 512 is shown to indicate an operation that can be performed on the relay control rule being executed.

  The operation 512 includes an edit button 514 for pressing the content of the relay control rule, and a move button 516 for changing the display order of the relay control rules in the relay control rule list display unit 502, When the edit button 514 is pressed, the relay control rule detail screen 600 is displayed. When the move button 516 is pressed, a screen (not shown) for specifying the position of the transfer destination for displaying the relay control rule is displayed. Be done.

  A relay control rule detail screen 600 is shown in FIG.

  The relay control rule detail screen 600 is displayed by the display unit 322, and an ID display column 602 for displaying an ID for uniquely identifying the relay control rule, and a name column for displaying or inputting the name of the relay control rule It is equipped with 604.

  When the edit button 514 of the relay control rule list screen 500 is pressed, the ID of the relay control rule corresponding to the pressed edit button 514 is displayed in the ID display column 602, and the name is displayed in the name column 604.

  On the other hand, when the rule addition button 504 of the relay control rule list screen 500 is pressed, the ID of the new relay control rule (rule ID of relay control rule DB, detailed later description) is issued and displayed in the ID display column 602, In the name column 604, a blank, a comment prompting for an input, or the like is displayed.

  The relay control rule detail screen 600 is displayed by the display unit 322, and displays candidates of a group (for example, the user's authentication name, IP address, User-Agent, etc.) related to the access source to which the relay control rule is applied. Group display field 606 (combo box, list box, etc.) to be selected, an add button 608 for pressing the relay control rule applied to the group selected and displayed in the group display field 606, and an add button 608 are pressed. An applied group display field 610 for displaying the group selected and displayed in the group display field 606 by being displayed.

  The relay control rule detail screen 600 has a delete button 612 for pressing when deleting the group name displayed in the application group display field 610, and the group name displayed in the application group display field 610 is selected. When the delete button 612 is pressed in the off state, the group name is deleted from the application group display field 610.

  The relay control rule detail screen 600 displays an application date selection field 614 for selecting a time or day of the week to which the relay control rule is applied, and an application URL group for displaying candidates for a group of URLs to be filtered with respect to the access destination URL. A display field 616 (combo box, list box, etc.) is provided.

  When one group is selected from the URL group (details will be described later) candidates displayed in the applied URL group display field 616, the group of the URL is set as an application target of the relay control rule.

  The relay control rule detail screen 600 can set an operation to be performed for the access to which the relay control rule is applied, and when relaying the access, the relay column 618 is used to relay the access without relaying the access. When replying a warning message, when redirecting a warning message without relaying access, when replying a prohibition message, prohibiting column 622; when relaying access without redirecting to a set URL, Each column (combo box etc.) for selecting the redirect column 624 is provided.

  The relay control rule detail screen 600 includes a redirect URL setting field 626 for setting a URL to be redirected when the redirect field 624 is selected.

  The relay control rule detail screen 600 includes a delete button 628 for pressing when deleting the relay control rule, an update button 630 for pressing when registering or updating the relay control rule, and canceling editing of the relay control rule. It has a cancel button 632 for pressing at the time.

  Information on the relay control rule is registered in the relay control rule DB shown in the second row from the top of FIG.

  The relay control rule DB is stored and managed by the access control rule storage unit 324, and relates to the rule ID for uniquely identifying the relay control rule, the rule name indicating the name of the rule, and the access source to which the relay control rule is applied. Group (including ID), time and day to apply relay control rule, group of URLs to be filtered with respect to access destination URL (including ID), and operation to be performed on access to which relay control rule is applied Is configured to include an action indicating.

  When the relay control rule list screen 500 is displayed, the relay control rule list display unit 502 displays information on the relay control rules registered in the relay control rule DB.

  When the delete button 628 of the relay control rule detail screen 600 is pressed, the information on the corresponding relay control rule is deleted from the relay control rule DB, and when the update button 630 is pressed, the corresponding information in the relay control rule DB is displayed. Information on relay control rules is edited and updated.

  Next, a group registration screen 700 for registering a group displayed in the application group display field 610 described above will be described using FIG.

  The group registration screen 700 is displayed by the display unit 322, and includes a group ID display field 702 for displaying an ID for uniquely identifying a group, and a group name field 704 for displaying or inputting the name of a group.

  When an edit button pressed when editing a group in a group list screen (not shown) in which groups are displayed in a list is pressed, the ID of the group corresponding to the pressed edit button is displayed in the group ID display column 702. The name is displayed in the group name column 704.

  On the other hand, when the group addition button pressed when adding a group in the group list screen is pressed, the ID of a new group is issued and displayed in the group ID display column 702, and the group name column 704 is blank or A comment or the like prompting input is displayed.

  The group registration screen 700 has an authentication name field 706 for displaying or inputting an authentication name for the access relay apparatus 102, and an addition button 708 for pressing the authentication name displayed in the authentication name field 706 to the group, An authentication name list display field 710 for displaying the authentication name displayed in the authentication name field 706 is provided by pressing the add button 708.

  Also, when the authentication name displayed in the authentication name list display field 710 is selected, the authentication name is displayed in the authentication name field 706.

  In the group registration screen 700, when the authentication name in the authentication name list display column 710 is selected and displayed in the authentication name column 706, the authentication name is corrected and then the corrected authentication name is displayed in the authentication name list display column 710. A correction button 712 for pressing when reflecting is provided.

  Further, in the group registration screen 700, the authentication name in the authentication name list display column 710 is selected, displayed in the authentication name column 706, and deleted for pressing when deleting the authentication name from the authentication name list display column 710. A button 714 is provided.

  The group registration screen 700 includes an address name field 716 for displaying or inputting an IP address of an access source, and an add button 718 for pressing an IP address etc. displayed in the address name field 716 to a group. An address name list display field 720 for displaying the IP address and the like displayed in the address name field 716 by pressing the add button 718 is provided.

  The correction button 722 and the delete button 724 perform the same operations as the correction button 712 and the delete button 714 for correcting and deleting the authentication name described above, and therefore the description thereof is omitted.

  The group registration screen 700 is pressed to add the User-Agent name displayed in the User-Agent name column 726 and the User-Agent name column 726 for displaying or inputting the User-Agent of the access source to the group. A user-agent name list display field 730 for displaying the User-Agent name displayed in the User-Agent name field 726 by pressing the add button 728 and the add button 728 is provided.

  The correction button 732 and the delete button 734 perform the same operation as the correction button 712 and the delete button 714 for correcting and deleting the authentication name described above, and therefore the description thereof is omitted.

  The group registration screen 700 includes a registration button 736 for pressing when registering the relay control rule, and a cancel button 738 for pressing when canceling the editing of the relay control rule.

  Information on groups is registered in a group DB shown in the third row from the top of FIG.

  The group DB is stored and managed by the access control rule storage unit 324, and an ID uniquely identifying the group, a group name indicating the name of the group, an authentication name for the access relay apparatus 102, an IP address of the access source, etc. It is configured to include the original User-Agent.

  When the registration button 736 of the group registration screen 700 is pressed, the information displayed on the group registration screen 700 is registered and updated in the group DB.

  Next, a URL group registration screen 800 for registering a group of URLs displayed in the applied URL group display field 616 described above will be described using FIG.

  The URL group registration screen 800 is displayed by the display unit 322, and a URL group ID display field 802 for displaying an ID for uniquely identifying a URL group, and a URL group name for displaying or inputting the name of the URL group A column 804 is provided.

  When an edit button pressed when editing a group of URLs of a URL group list screen (not shown) in which a group of URLs is displayed in a list, an ID of a group of URLs corresponding to the pressed edit button Is displayed in the URL group ID display column 802, and the name is displayed in the URL group name column 804.

  On the other hand, when the URL group addition button pressed when adding a URL group on the URL group list screen is pressed, the ID of the new URL group is issued and displayed in the URL group ID display column 802, and the URL In the group name column 804, a blank, a comment prompting for an input, or the like is displayed.

  The URL group registration screen 800 has a URL column 806 for displaying or inputting a URL attributed to a group of URLs, an add button 808 for pressing the URL displayed in the URL column 806 when added to the group, and an add button By pressing the button 808, a URL list display field 810 for displaying the URL displayed in the URL field 806 is provided.

  Also, when the URL displayed in the URL list display field 810 is selected, the URL is displayed in the URL field 806.

  In the URL group registration screen 800, when the URL in the URL list display column 810 is selected and displayed in the URL column 806, the URL is corrected, and then the URL is displayed when reflecting the corrected URL in the URL list display column 810 A correction button 812 is provided.

  Further, the URL group registration screen 800 is provided with a delete button 814 for pressing the URL in the URL list display column 810 when the URL in the URL list display column 810 is selected and displayed in the URL column 806. ing.

  The URL group registration screen 800 has an unregistered URL display button 816 for displaying an unregistered URL list screen 900 (see FIG. 13) for displaying a list of unregistered URLs notified from the mail relay device 106.

  The URL selected on the unregistered URL list screen 900 is displayed on the URL list display field 810.

  The URL group registration screen 800 includes a category selection button 818 for selecting a category belonging to a group, and when the category selection button 818 is pressed, a category selection screen (not shown) is displayed.

  Then, when the category displayed on the category selection screen (not shown) is selected, the category display field 822 displays the selected category.

  This category indicates the category to which the URL belongs (for example, chat bulletin board, sports, politics, economy, etc.), and this category information is obtained from the category DB (not shown) in which the information is registered. Are displayed on the category selection button 818. The category DB (not shown) is stored and managed by the URL storage unit 328.

  The URL group registration screen 800 includes a URL search button 824 for displaying a URL search screen (not shown) for searching a category to which the URL belongs by inputting a URL.

  The URL group registration screen 800 has a registration button 834 for pressing when registering a group of URLs, and a cancel button 836 for pressing when canceling a group of URLs.

  Information on a group of URLs is registered in the URL group DB shown in the second row from the bottom of FIG.

  The URL group DB is stored and managed by the access control rule storage unit 324, and is a URL group ID for uniquely identifying a URL group, a URL group name indicating a URL group name, a URL list indicating a URL belonging to a group, It is configured to include a category list indicating categories belonging to a group.

  In the URL group list screen (not shown), information on the URL groups registered in the URL group DB is displayed, and when the registration button 834 is pressed, the URL group registration screen 800 displays the URL Information on groups is registered and updated.

  Next, the unregistered URL list screen 900 will be described with reference to FIG.

  The unregistered URL list screen 900 is a screen for displaying a list of the URLs given to the e-mail in the mail relay device 106, and is displayed by the display unit 322, and an unregistered URL list for displaying a list of unregistered URLs. A display unit 902 is provided.

  The unregistered URL list display unit 902 is unregistered to display an ID 904 for uniquely identifying an unregistered URL, an unregistered URL 906 indicating an unregistered URL, and an unregistered reason based on the determination result in the mail relay device 106. A reason 908 and an operation 910 indicating the operation of the information related to the unregistered URL are provided.

  The operation 910 includes a registration button 912 for pressing information related to an unregistered URL in a group of URLs, a delete button 914 for pressing the information when deleting the information, and editing the information. A detail button 916 for pressing when displaying the unregistered URL detail screen 1000 (see FIG. 14) for displaying the detailed information of the unregistered URL is provided.

  When the registration button 912 is pressed, the URL corresponding to the registration button 912 pressed in the URL list display field 810 of the URL group registration screen 800 is displayed.

  Further, the unregistered URL list screen 900 includes a close button for pressing when the unregistered URL list screen 900 is closed.

  Next, the unregistered URL detail screen 1000 will be described with reference to FIG.

  The unregistered URL detail screen 1000 is displayed by the display unit 322, and an ID 1002 for uniquely identifying an unregistered URL, an unregistered URL 1004 indicating an unregistered URL, and an unregistered based on the determination result in the mail relay device 106 It includes e-mail information 1008 for displaying information (e.g., address, subject, text, attached file, etc.) regarding an e-mail to which an unregistered reason 1006 for displaying a reason and an unregistered URL have been given.

  The unregistered URL detail screen 1000 includes a registration button 1010 for pressing the displayed unregistered URL in any group of URLs, and a cancel for pressing the unregistered URL. A button 1012 is provided.

  When the registration button 1010 is pressed, the URL corresponding to the registration button 1010 pressed in the URL list display field 810 of the URL group registration screen 800 is displayed.

  This makes it possible to register an inappropriate access destination URL accurately.

  In this way, when the client terminal 108 makes an access request to the external server 114 after registering the relay control rule etc., the URL related to the access, the access destination URL, the access time, the day of the week The access control unit 326 analyzes, for example, an authentication name related to the accessing user, an IP address of the client terminal 108 as an access source, and a User-Agent that specifies software requesting access.

  Then, the access control unit 326 determines an authentication name, an IP address, and an authentication name, an IP address, and a combination of the User-Agent registered in the group DB, to which group the information obtained by analysis belongs. And acquires the group ID of the record corresponding to the User-Agent.

  Then, the access control unit 326 acquires the URL group (ID) of the record corresponding to the group (ID) in which the acquired group ID is registered in the relay control rule DB.

  Next, the access control unit 326 acquires the URL list and the category list of records corresponding to the URL group ID in which the acquired URL group (ID) is registered in the URL group DB.

  Then, among the information obtained by analysis, the access control unit 326 includes the category DB (not shown) in which the URL of the access destination is included in the URL list or the category to which the URL of the access destination belongs. It uses and specifies and it is determined whether this specified category is contained in a category list.

  If the access control unit 326 determines that it is included in any of the determination results, the access control unit 326 executes the action of the record acquired from the above-described relay control rule DB in response to the access.

Second Embodiment
In the first embodiment, the risk of the URL is obtained based on the URL given to the e-mail or the e-mail itself, and the URL is notified to the access relay apparatus 102 for registration, but the URL causing such a risk is It is also possible to hold the granted e-mail.

  In addition, in order to perform the same structure and process as 1st Embodiment, detailed description is abbreviate | omitted using the same code | symbol about the same structure and process, and only a different part is demonstrated.

  In the registration determination process of the URL shown in FIG. 4, without performing steps S104 and S106, whether or not the URL given to the e-mail based on the operation on the held e-mail shown in FIG. When the reception control rule is applied in step S200 of the process of determining whether or not the process regarding step S104 and step S106 may be performed.

  In step S202, as a result of the processing in step S104 and step S106, the e-mail to which the URL determined to have a high risk is assigned is set as a pending target, and the URL determined to have a low risk is assigned. Processing may be performed so as not to hold e-mails not assigned.

  However, even if it is an e-mail to which a URL determined to have a low risk has been assigned or no URL has been assigned, the e-mail is put on hold if another reception control rule is applied.

  When the detail button 418 of the hold email list screen 400 is pressed, a hold detail screen (not shown) to which the details of the held email can be referred is displayed, and the determination result information stored by the determination result storage unit 316 is also displayed. Display together.

  As a result, the auditor can control the reception of the e-mail to which the high-risk URL is assigned, and therefore, the unauthorized access can be suppressed.

  Although the e-mail to which the URL determined to have a low risk is assigned is not set as the hold target, all e-mails to which the URL is set may be set as the hold target. Also in this case, the determination result information is displayed on the hold detail screen (not shown).

  Furthermore, whether the URL risk is high or low, it is possible to display the judgment result information on the holding detail screen (not shown) regarding the held e-mail.

Third Embodiment
In the first embodiment and the second embodiment, the aspect of registering the URL given to the electronic mail as the relay control rule in the access relay apparatus 102 has been described, but in the third embodiment, it is not registered. A certain URL may be accessed unless it is registered as a relay control rule, so an attempt is made to access an unregistered URL according to the selection type of access from a plurality of users from the client terminal 108. It warns the user.

  In addition, in order to perform the same structure and process as 1st Embodiment and 2nd Embodiment, using the same code | symbol about the same structure and process, detailed description is abbreviate | omitted and only a different part is demonstrated. .

  First, in advance, a group of URLs dedicated to URLs that have become unregistered URLs is created on the URL group registration screen 800 shown in FIG. 16, and the group registration screen 700 newly adds a group regarding this URL group. Create a group

  When creating a group of URLs, in the URL group registration screen 800 shown in FIG. 16, the automatic registration warning output column 1200 for accepting the setting for automatically registering the URL and giving a warning, and automatically registering the URL in the URL group DB And an item for storing information indicating the effect, and when the registration button 834 is pressed in a state where the automatic registration warning output column 1200 is checked, the URL is automatically registered in this item for that item. Information to indicate is stored.

  In addition, when creating a group, for example, the authentication name list, the IP address, and the User-Agent may be set so as to cover all the client terminals 108 which are access control targets. For example, all authentication name lists, IP addresses, and User-Agents may be targets by setting the authentication name list display field 710, the address name list display field 720, and the User-Agent name list display field 730 as blanks.

  Furthermore, in order to control access to the URL that has become an unregistered URL as a relay control rule, the newly created group is selected and displayed in the application group display field 610 by the relay control rule detail screen 600, and anew The created URL group is selectively displayed in the applied URL group display field 616.

  Then, the alert column 620 is checked as an action (when the URL group checked in the auto registration alert output column 1200 is selected to be displayed in the applied URL group display column 616, the alert column 620 is automatically checked as an action, The relay control rule is registered in the relay control rule DB by pressing the update button 630).

  Then, after the process of step S112, if information indicating that automatic registration is to be registered is stored in the item of the URL group DB, the URL registered in the unregistered URL of the unregistered URL DB is stored in the URL list of the URL group. sign up.

  Thereafter, when the client terminal 108 requests access to the external server 114, the access control unit 326 determines the access time, the day of the week, the authentication name for the accessing user, and the IP address of the client terminal 108 of the access source. , And a User-Agent that identifies software requesting access.

  Then, the access control unit 326 determines an authentication name, an IP address, and an authentication name, an IP address, and a combination of the User-Agent registered in the group DB, to which group the information obtained by analysis belongs. And the group ID of the record corresponding to the User-Agent, but in this case, for the newly created group ID, all authentication names, IP addresses, and User-Agents are targeted, so the group ID get.

  Then, the access control unit 326 acquires the URL group (ID) of the record in which the acquired group ID corresponds to the group (ID) registered in the relay control rule DB, but at this time, the group of the newly created URL You will get.

  Next, the access control unit 326 acquires the URL list and the category list of records corresponding to the URL group ID in which the acquired URL group (ID) is registered in the URL group DB. That is, an unregistered URL can be acquired.

  Then, the access control unit 326 determines whether the URL of the access destination is included in the URL list among the information obtained by analysis.

  If the access control unit 326 determines that it is included in the URL list as a result of the determination, the access control unit 326 executes an action of the record acquired from the relay control rule DB described above, that is, a warning.

  As an example of execution of this warning, an access warning screen 1100 shown in FIG. 15 is displayed on the client terminal 108 that has made a request for access.

  The access warning screen 1100 is a screen for warning that the currently requested URL of the access destination is a URL having a risk, and the URL display field 1102 for displaying the URL and the risk of the URL are recognized and accessed. Access button 1104 for pressing when performing an action, a risk-free access button 1106 for not performing an access by recognizing the risk of the URL, and access is performed because the risk judgment of the URL is not possible. It has a non-determinable access non-access button 1108 for pressing when there is no.

  When the user accesses the URL having the risk, the user presses the access button 1104. When the user recognizes that the risk exists and does not perform the access, the user presses the non-risk access button 1106. If the access is not performed, the non-determinable access non-access button 1108 is pressed.

  In addition, it is possible to adopt a configuration in which which button is pressed is registered in the unregistered URL DB.

  In the unregistered URL DB, the number of times the access button 1104 is pressed, the number of times the risk-free access button 1106 is pressed, and the number of times the undecidable-access button 1108 is pressed are stored.

  Then, when the user tries to access an unregistered URL, the number of times pressed by each button may be displayed as in the access result display 1110 of the access warning screen 1100.

  The total number of references in the access result display 1110 indicates the total number of accesses to the URL (unregistered URL in the unregistered URLDB) displayed in the URL display column 1102 and the risky judgment is that the button 1106 not accessed with risk is pressed The number of times that the user can not judge is the number of times the button 1108 for which the indeterminate access is not performed is pressed, and the access indicates the number of times the access button 1104 is pressed.

  In the process of determining whether or not the URL is to be filtered based on the URL itself attached to the e-mail shown in FIG. 6, it is determined whether the URL acquired in step S302 is registered in the unregistered URL DB. If it is determined that the URL is registered, the risk may be determined by the number of times each button corresponding to the URL is pressed.

  For example, if the number of times that the risk-free access button 1106 is pressed is registered even once (or registered more than a predetermined number of times), it is determined that the risk is high and only the number of times the access button 1104 is pressed If registered, it is determined that the risk is extremely low, and the button 1108 for which judgment is not accessed is pressed several times, and if the number of times the access button 1104 is pressed is registered several times, the risk is low It may be determined that

  It is determined by the access control unit 326 whether the URL of the access destination is included in the URL list among the information obtained by analysis, but the URL of the access destination is the category DB (not shown). If it is included in the URL list and registered in the category DB, a warning may be executed.

  Furthermore, even if it is a URL belonging to a dangerous category even if it is registered in this category DB, it is good even if it executes a warning.

Fourth Embodiment
In the third embodiment, the warning to the user who is trying to access the unregistered URL is described. However, in the fourth embodiment, the unregistered URL determined as having high risk is used. As long as it does, the aspect registered to URL group DB is explained.

  In addition, in order to perform the structure and processing similar to 1st Embodiment thru | or 3rd Embodiment, using the same code | symbol about the same structure and processing, detailed description is abbreviate | omitted and only a different part is demonstrated. .

  In the fourth embodiment, among the URLs registered in the unregistered URL of the unregistered URL DB, the URLs determined to have a high risk are automatically registered in the URL list of the URL group DB.

  In this case, when creating a group of URLs, the URL group registration screen 800 shown in FIG. 16 is provided with an automatic registration field 1202 for accepting settings for automatically registering high risk URLs, and a check is made in the automatic registration field 1202. When the registration button 834 is pressed in the done state, information indicating that a high risk URL is to be automatically registered is stored for the above-described item of the URL group DB.

  A method of creating a group or a method of creating a relay control rule uses the same method as that of the third embodiment, but it is assumed to check the warning column 620 or the prohibition column 622 as an action. If the URL group checked in the automatic registration field 1202 is selected to be displayed in the applied URL group display field 616 as a method of the action, the alert field 620 and the prohibition field 622 can be checked automatically as an action, and another action is selected. A mode which makes it impossible may be good, or it is good also as selection possible only for prohibition column 622.

  Then, after the process of step S112, if information indicating that a high risk URL is to be automatically registered is stored in the item of the URL group DB, the URL is registered in the URL list of the URL group.

  Thereafter, processing similar to that of the third embodiment is performed, but when the client terminal 108 requests access to the external server 114, the access control unit 326 automatically registers the URL of the access request destination with a high risk. In the case of executing the warning as the action, the access warning screen 1100 is displayed on the client terminal 108 that has made the access request in the case of executing the URL as an action, and a warning screen indicating that the access is to be blocked (Not shown) is displayed on the client terminal 108 that has made the access request.

  Incidentally, in the same manner as the third embodiment, information indicating that the URL is to be automatically registered and information indicating that the high risk URL is to be automatically registered are identified and registered in the item of the URL group DB. If the automatic registration warning output column 1200 is checked, information indicating that the URL is to be registered automatically is registered, and if the automatic registration column 1202 is checked, a URL with a high risk is automatically registered. It is possible that the information shown is registered

Fifth Embodiment
In the first to fourth embodiments, the configuration for registering the URL given to the electronic mail in the access relay apparatus 102 has been described, but such a URL is applied as a reception control rule of the mail relay apparatus 106 Aspects will be described.

  In addition, in order to perform the structure and process similar to 1st Embodiment thru | or 4th Embodiment, detailed description is abbreviate | omitted using the same code | symbol about the same structure and process, and only a different part is demonstrated. .

  In the fifth embodiment, for example, in the process after step S106, the unregistered URL DB is also provided to the mail relay apparatus 106, and the determination result information stored by the determination result storage unit 316 is registered in the unregistered URL DB.

  After that, when the reception control rule is registered in the reception control rule DB, the unregistered URL list screen 900 is displayed, and the registration button 912 corresponding to the corresponding unregistered URL is pressed to assign this URL. It is also possible to register in the reception control rule DB so that the e-mail is to be put on hold.

  Thus, in step S200, the reception control unit 306 applies the reception control rule to the e-mail acquired by the mail acquisition unit 302 in step S100, and based on the applied result, suspends the e-mail in step S202. Determine if it should be.

  As the reception control rule, register an unregistered URL and a rule that controls high risk reception, and automatically register the high risk URL registered in the unregistered URLDB in the reception control rule DB. Also good.

  The data registered in the unregistered URLDB is registered in the unregistered URLDB at this update timing, as the data registered in the category DB stored and managed by the URL storage unit 328 is appropriately updated. A method of deleting from the unregistered URL DB may be applied to the URLs that are registered and registered in the category DB.

  Furthermore, in the third embodiment, the URL registered in the category DB in accordance with the update of the data registered in the category DB relates to a group of URLs dedicated to URLs that have become unregistered URLs, It may be deleted from the URL list of the URL group DB.

  As described above, according to the present invention, it is possible to register information on an inappropriate connection destination with high accuracy.

  The configuration of the various data described above and the contents thereof are not limited to this, and it is needless to say that they are configured in various configurations and contents depending on the application and purpose.

  Although one embodiment has been described above, the present invention can take an embodiment as a method, a program, a recording medium, etc., for example.

  Further, the program in the present invention is a program that can execute the processing method of the flowcharts shown in FIG. 4 to FIG.

  As described above, the recording medium recording the program for realizing the functions of the above-described embodiments is supplied to the system or apparatus, and the computer (or CPU or MPU) of the system or apparatus stores the program stored in the recording medium. It goes without saying that the object of the present invention can be achieved also by reading and executing.

  In this case, the program itself read out from the recording medium realizes the novel function of the present invention, and the recording medium storing the program constitutes the present invention.

  As a recording medium for supplying the program, for example, a flexible disk, hard disk, optical disk, magneto-optical disk, CD-ROM, CD-R, DVD-ROM, magnetic tape, non-volatile memory card, ROM, EEPROM, silicon Disks, solid state drives, etc. can be used.

  Further, by executing the program read by the computer, not only the functions of the above-described embodiment are realized, but also an operating system (OS) or the like running on the computer is actually It goes without saying that the processing is partially or entirely performed, and the processing realizes the functions of the above-described embodiments.

  Furthermore, after the program read from the recording medium is written to the memory provided to the function expansion board inserted into the computer or the function expansion unit connected to the computer, the function expansion board is read based on the instruction of the program code. It goes without saying that the case where the CPU or the like provided in the function expansion unit performs part or all of the actual processing and the functions of the above-described embodiment are realized by the processing.

  It goes without saying that the present invention can also be applied to the case that is achieved by supplying a program to a system or device. In this case, by reading a recording medium storing a program for achieving the present invention into the system or apparatus, the system or apparatus can receive the effects of the present invention.

  Further, by downloading and reading out a program for achieving the present invention from a server on a network, a database or the like by a communication program, the system or apparatus can receive the effects of the present invention.

  In addition, the structure which combined each embodiment mentioned above and its modification is also contained in this invention altogether.

100 information processing system 102 access relay device 104 mail server 106 mail relay device 108 client terminal 110 LAN
112 Wide area network 114 External server

The present invention for solving the above-mentioned problems is a program for functioning as an information processing apparatus, wherein the information processing apparatus is determined based on a predetermined condition, of access destination information described in electronic mail It is characterized in that it functions as an acquisition unit that acquires risk information, and a registration unit that registers the access destination information based on the risk information acquired by the acquisition unit .

Therefore, in the present invention, by controlling access to inappropriate connection destination given to the e-mail, security information capable processing systems be improved, and to provide a control method for an information processing system With the goal.

According to the present invention for solving the above problems, a mail relay device for controlling reception of an electronic mail and an access relay device for controlling access to the access destination information by instructing the access destination information can communicate with each other. In the information processing system connected, the mail relay apparatus determines the access destination information given to the received electronic mail by a determination unit that determines a risk of access to the access destination information, and the determination unit Transmitting means for transmitting the result as risk information to the access relay apparatus, the access relay apparatus storing storage means storing access destination information to be controlled for access, and the risk transmitted by the transmission means Based on the risk accepting means for accepting information and the risk information accepted by the risk accepting means, Registration means for registering the access destination information added to the email to the storage means, characterized in that it comprises a.

Claims (24)

An information processing apparatus that accesses a resource by instructing resource specification information indicating information specifying a resource,
Storage means for storing the resource identification information for controlling the access;
Risk accepting means for accepting information on the risk of access to the resource with regard to the resource identification information attached to the received electronic mail;
A registration unit that registers the resource identification information in the storage unit using the information related to the risk received by the risk reception unit;
An information processing apparatus comprising:   The information processing apparatus according to claim 1, wherein the registration unit registers resource identification information with high risk among resource identification information received by the risk reception unit in the storage unit. A display unit for displaying the resource specifying information received by the receiving unit;
3. The information processing apparatus according to claim 1, wherein the registration unit stores, in the storage unit, resource identification information that has received a selection from among the resource identification information displayed by the display unit.   The information processing apparatus according to claim 3, wherein the display means displays information related to the risk of access to the resource with respect to the resource specification information.   When a request for access to the resource identification information stored in the storage unit is received, the apparatus further comprises an access instruction accepting unit that accepts an instruction to perform the access or not to perform the access. The information processing apparatus according to any one of to 4.   6. The access instruction accepting means according to claim 5, wherein the access instruction accepting means accepts an instruction not to perform access because there is a risk, or an instruction not to perform access because the risk can not be determined. Information processing equipment.   When a request for access to the resource specification information stored in the storage means is received, the access instruction receiving means warns using the information about performing the access for which the instruction has already been received or not performing the access. The information processing apparatus according to claim 5 or 6, further comprising: a warning unit configured to:   8. The information processing apparatus according to claim 7, wherein the warning means gives a warning using the number of times an instruction to access is issued or the number of times an instruction not to access is issued.   With regard to the resource identification information attached to the received electronic mail, the information related to the risk of access to the resource is determined by the operation on the electronic mail held by the reception control rule used when controlling the reception of the electronic mail. The information processing apparatus according to any one of claims 1 to 8, characterized in that:   The information related to the risk of access to the resource is that, when the operation on the e-mail is a reception instruction, the resource specifying information has a low risk, and the operation on the e-mail is reception prohibited. 10. The information processing apparatus according to claim 9, wherein the resource specification information has a high risk.   Regarding resource identification information attached to the received electronic mail, the information related to the risk of access to the resource is information indicating that the resource identification information itself is at risk. 11. An information processing apparatus according to any one of items 1 to 10.   The information processing apparatus according to claim 11, wherein when the resource specification information is similar to a prominent domain, the resource specification information is at risk.   13. The information processing apparatus according to claim 11, wherein when the resource specification information is a domain used in a mail magazine, the resource specification information is at risk.   The resource identification information attached to the received electronic mail is characterized in that the information related to the risk of access to the resource is information indicating that the received electronic mail itself is at risk. The information processing apparatus according to any one of claims 1 to 13.   15. The information processing apparatus according to claim 14, wherein when the sender of the received electronic mail is a free mail dress, resource specification information given to the electronic mail is at risk.   The information according to claim 14 or 15, wherein when the received electronic mail is an electronic mail transmitted from overseas, the resource specifying information attached to the electronic mail is at risk. Processing unit.   If the received electronic mail is identical to the URL given to the other electronic mail received most recently, the resource specifying information given to the electronic mail is characterized by being at risk. The information processing apparatus according to any one of items 14 to 16.   The information processing apparatus according to any one of claims 1 to 17, wherein the risk reception unit receives information related to the risk of access to the resource from another apparatus that controls reception of an electronic mail. . An information processing apparatus that accesses a resource by instructing resource specification information indicating information specifying a resource,
Storage means for storing the resource identification information for controlling the access;
And registration means for registering resource identification information attached to the e-mail from the suspiciousness of the received e-mail in the storage means.
An information processing apparatus comprising: An information processing system in which a mail relay apparatus for controlling reception of electronic mail and an access relay apparatus for accessing the resource by instructing resource specification information indicating information for specifying a resource are connected,
The mail relay device
A determination unit that determines the risk of access to the resource with regard to the resource identification information attached to the received electronic mail;
Transmission means for transmitting the result determined by the determination means as the information relating to the risk to the access relay apparatus;
Equipped with
The access relay device is
Storage means for storing the resource identification information for controlling the access;
Risk accepting means for accepting information relating to the risk transmitted by the transmitting means;
A registration unit that registers the resource identification information in the storage unit using the information related to the risk received by the risk reception unit;
An information processing system comprising: A control method of an information processing apparatus that accesses a resource by instructing resource specification information indicating information specifying a resource,
The information processing apparatus is
A risk accepting step of accepting information related to the risk of access to the resource with regard to the resource identification information attached to the received electronic mail;
A registration step of registering the resource specification information in storage means for storing the resource specification information for controlling the access, using the information related to the risk received in the risk reception step;
And controlling the information processing apparatus. A program that can be read and executed by an information processing apparatus that accesses a resource by instructing the resource specification information indicating information specifying a resource,
The information processing apparatus
Risk accepting means for accepting information on the risk of access to the resource with regard to the resource identification information attached to the received electronic mail;
Registration means for registering the resource specifying information in a storage means for storing the resource specifying information for controlling the access, using the information related to the risk received by the risk receiving means;
Program to make it work. A control method of an information processing system in which a mail relay device for controlling reception of an electronic mail and an access relay device for accessing the resource by instructing resource specification information indicating information for specifying a resource are connected. There,
The mail relay device
A determination step of determining a risk of access to the resource with respect to resource identification information given to the received e-mail;
Transmitting the result determined in the determination step to the access relay apparatus as information relating to the risk;
Run
The access relay device is
A risk accepting step of accepting information relating to the risk transmitted by the transmitting step;
A registration step of registering the resource specification information in storage means for storing the resource specification information for controlling the access, using the information related to the risk received in the risk reception step;
And controlling the information processing system. In an information processing system in which a mail relay device that controls reception of electronic mail and an access relay device that accesses the resource by instructing resource specification information that indicates information that specifies a resource are connected,
The mail relay device
A determination unit that determines the risk of access to the resource with regard to the resource identification information attached to the received electronic mail;
Transmission means for transmitting the result determined by the determination means as the information relating to the risk to the access relay apparatus;
Make it work,
The access relay device is
Risk accepting means for accepting information relating to the risk transmitted by the transmitting means;
Registration means for registering the resource specifying information in a storage means for storing the resource specifying information for controlling the access, using the information related to the risk received by the risk receiving means;
Program to make it work.

Images