JP4284328B2 - Personal information inspection program, personal information inspection method, and personal information inspection system - Google Patents

Description

  The present invention relates to a personal information inspection program, a personal information inspection method, and a personal information inspection system for inspecting whether or not personal information is contained in a file to be printed, written to an external medium, or sent by e-mail. It is.

  In recent years, the protection of personal information such as customer information has become a particularly important issue for corporations due to the continual disclosure of personal information held by corporations and the enforcement of the Personal Information Protection Law. Leakage of personal information is often caused by outflow of electronic data due to storage media, unauthorized access to the network, etc., or outflow of documents printed out of electronic data. Countermeasures against information leakage from computers are being considered.

  To prevent the leakage of personal information stored in the computer, take appropriate measures by monitoring the writing and printing out of document files containing personal information, sending e-mails containing personal information, etc. Is preferred. For this purpose, a technique for efficiently inspecting whether or not personal information is included in the target file is required.

  In order to deal with such a problem, an invention is disclosed in which personal information elements are efficiently counted among files stored in a computer, and a file including personal information is searched based on the counting result. (See Patent Document 1).

Japanese Patent No. 3705439

  In the inspection of whether or not personal information is included in the target file, as disclosed in Patent Document 1, the telephone number, e-mail address, address, and name are included to the extent that the predetermined condition is satisfied. It is possible to determine whether the file includes personal information. In this case, regarding the telephone number, the e-mail address, and the address, since there is a certain pattern in the character string format, it is relatively easy to identify these elements. On the other hand, the name of an individual (Japanese) is composed of kanji and kana with a relatively small number of characters, so how to distinguish it from information other than the name becomes a problem.

  As a method of identifying a character string that is a name, a method of registering a character string used for a general Japanese name as a name list and comparing the character string included in the file with the name list is conceivable. However, in order to perform highly accurate processing by this method, it is necessary to increase the number of name lists as much as possible. However, as the number of name lists increases, there is a problem that the burden of collation processing increases. (Refer to Reference 1, page 5, lines 1 to 11.)

  In the invention described in Patent Document 1, in response to such a problem, for example, a character string that cannot appear in a general name such as “Tokyo”, “school”, and “president” is registered as an inappropriate character string, A character string included in the file is collated with an inappropriate character string, and a character string not corresponding to the inappropriate character string is determined as a name. By such a method, it is supposed that more efficient processing is possible compared with the case where a name list is registered and collated.

  However, even in the method using an inappropriate character string described in Patent Document 1, there is no difference that registration of an inappropriate character string is necessary in advance. Even if it is a character string of several characters in Kanji, it can be considered that there are a huge number of character strings that cannot be matched with full names, but in order to make precise judgments, as many inappropriate characters as possible There is no difference in the need to register the columns, and if it is attempted to increase the accuracy, it is expected that the burden of collation processing will become heavy as in the case of the name list method.

  The present invention has been made in order to cope with such problems, and in order to prevent leakage of personal information from within an organization such as a company, printout, writing to external media, mail transmission, etc. A personal information inspection program, a personal information inspection method, and a personal information inspection system for inspecting whether or not personal information is included in a target file, and in particular, an individual name included in the file (Mr. It is an object of the present invention to provide a personal information inspection program, a personal information inspection method, and a personal information inspection system.

  In order to solve such a problem, the present invention is a personal information inspection program for inspecting whether a file to be inspected includes predetermined personal information including a personal name, wherein A first storage unit for storing a kanji character to be determined as a personal name and a kanji character to be determined as a personal name when there is a second character in a character string of 2 to n characters (n is a natural number of 2 or more) An identification step of identifying a character or character string delimited by a predetermined separator included in the file, and one character out of the character or character string identified in the identification step The selection step of selecting a character or character string of n characters or less, and when the character or character string selected in the selection step is one character, in contrast to the character stored in the first storage unit If there is a matching kanji character, a first determination step for determining as a personal name, and if the character or character string selected in the selection step is not less than 2 characters and not more than n characters, the second character of the character string is In contrast to the kanji stored in the second storage unit, if there is a matching kanji, a second determination step for determining an individual name, an individual in the first determination step, and the second determination step A personal name counting step for counting the number of cases determined to be a name, and checking whether the number of personal information included in the file including the number of personal names counted in the personal name counting step meets a predetermined condition And an inspection step.

  In the present invention, in the inspection of whether or not personal information is included in a target file, in order to identify a personal name (only a name or a name) to be counted as personal information, for each character, the character and one character are used. Compare Kanji that is easy to use as Mr. Naru, and focus on the second character for strings of two or more characters, and collate the second character with Kanji that is easy to use for the second character in Mr. By doing so, efficient processing is enabled.

  Further, according to the present invention, the computer stores a third storage unit that stores characters or character strings to be determined as mail addresses, a fourth storage unit that stores characters or character strings to be determined as addresses, a telephone number, A fifth storage unit that stores a character or character string to be determined, and the character or character string identified in the identification step is stored in the third storage unit in the computer. In contrast to the column, if there is a matching character or character string, a third determination step for determining an email address and the character or character string identified in the identification step are stored in the fourth storage unit. If there is a matching character or character string, the fourth determination step for determining an address when there is a matching character or character string, and the character or character string identified in the identification step are the fifth storage unit Remembered A fifth determination step for determining a telephone number when there is a matching character or character string as compared with a character or a character string, and a mail for counting the number of cases determined as a mail address in the third determination step An address counting step, an address counting step for counting the number of cases determined as an address in the fourth determination step, and a telephone number counting step for counting the number of cases determined as a telephone number in the fifth determination step. In the inspection step, the number of personal names counted in the personal name counting step, the number of email addresses counted in the email address counting step, the number of addresses counted in the address counting step, the telephone number count Number of phone numbers counted in the step Counting the number of Luo personal information may also be characterized by examining whether satisfies a predetermined condition.

  The personal information included in the target file is not limited to the personal name, but can also be an email address, address, and telephone number. High inspection is possible.

  Further, the present invention causes the computer to specify a data size of the file, and to execute a data size determination step of determining whether the data size exceeds a preset size. When it is determined in the determination step that the data size exceeds a preset size, the inspection is performed with the preset size as an upper limit, or the personal information inspection is not performed. Good.

  According to the present invention, if all files to be printed out or written to an external medium are subject to inspection, a file with a large data size will take a long time to process, and the burden on the computer may be excessive. There is sex. With this configuration, the computer user sets the data size in consideration of the balance between the processing burden and the necessity of information maintenance, thereby enabling efficient inspection.

  Further, according to the present invention, the computer includes a sixth storage unit that stores a data size to be skipped from the top corresponding to the data size of the file, and specifies the data size of the file in the computer, The computer is caused to execute a specifying step for specifying a data size to be skipped from the beginning of the file with reference to the sixth storage unit, and the computer skips the data size specified in the specifying step among the files. It may be characterized in that an examination of personal information is performed on the remaining data.

  As a way to reduce the processing burden on the computer, if you configure the skip part according to the file size in this way, the head part where header information etc. is described and the possibility of relatively containing personal information is relatively low By skipping the predetermined size, the processing load on the inspection can be reduced without significantly impairing the inspection accuracy.

  Furthermore, the present invention can be specified as a personal information inspection method executed by the personal information inspection program according to the present invention.

  That is, the personal information inspection method according to the present invention is a personal information inspection method for inspecting whether or not a file to be inspected includes predetermined personal information including a personal name. A first storage unit for storing a kanji character to be determined as a second character, and a second storage unit for storing a kanji character to be determined as an individual name when the second character is in a character string of 2 or more and n characters (n is a natural number of 2 or more) An identification step of identifying a character or a character string delimited by a predetermined separator included in the file, and among the characters or the character string identified by the computer in the identification step, A selection step of selecting a character or a character string of 1 character or more and n characters or less; and when the computer selects one character or character string in the selection step, the first A first determination step of determining a personal name when there is a matching Chinese character compared to the Chinese character stored in the storage unit, and the computer selects two or more characters or character strings in the selection step a second determination step of determining a personal name when there is a matching kanji character by comparing the second character of the character string with the kanji character stored in the second storage unit when there are n characters or less; The personal name counting step in which the computer counts the number of personal names determined in the first determination step and the second determination step, and the computer counts the personal names counted in the personal name counting step. And an inspection step for inspecting whether or not the number of personal information included in the file including the number of cases meets a predetermined condition.

  In the personal information inspection method according to the present invention, the computer stores a third storage unit that stores characters or character strings that are determined as mail addresses, and a fourth storage that stores characters or character strings that are determined as addresses. And a fifth storage unit for storing a character or character string to be determined as a telephone number, and the computer identifies the character or character string identified in the identification step in the third storage unit. In contrast to the stored character or character string, if there is a matching character or character string, a third determination step of determining an email address, and the computer identifies the character or character string identified in the identification step A fourth determination step of determining an address when there is a matching character or character string compared to the character or character string stored in the fourth storage unit; and Fifth determination step of determining the character or character string identified in the step as a telephone number when there is a matching character or character string compared with the character or character string stored in the fifth storage unit A mail address counting step in which the computer counts the number of mail addresses determined in the third determination step; and an address in which the computer counts the number of addresses determined in the fourth determination step. A counting step and a telephone number counting step in which the computer counts the number of telephone numbers determined in the fifth determination step. In the inspection step, the computer The number of personal names counted in the counting step, the email address counting step The number of personal information is counted from the number of e-mail addresses counted in the group, the number of addresses counted in the address counting step, and the number of telephone numbers counted in the telephone number counting step. It can also be characterized.

  The personal information inspection method according to the present invention further includes a data size determination step in which the computer specifies a data size of the file and determines whether the data size exceeds a preset size. When the data size determination step determines that the data size exceeds a preset size, the computer may not perform the personal information inspection.

  Furthermore, in the personal information inspection method according to the present invention, the computer includes a sixth storage unit that stores a data size to be skipped from the top corresponding to the data size of the file. A specifying step of specifying a data size and specifying a data size to be skipped from the beginning of the file with reference to the sixth storage unit, wherein the computer specifies the file in the specifying step; The personal information may be inspected for the remaining data obtained by skipping the read data size.

  Furthermore, this invention can also be specified as a personal information inspection system provided with the personal information inspection program concerning this invention.

  That is, the personal information inspection system according to the present invention is a personal information inspection system for inspecting whether or not a file to be inspected includes predetermined personal information including a personal name. A first storage means for storing a kanji character to be determined as a second character, and a second storage for storing a kanji character that is determined as an individual name when it is the second character in a character string of 2 to n characters (n is a natural number of 2 or more) Storage means; identification means for identifying a character or character string delimited by a predetermined separator included in the file; and one or more characters of the character or character string identified by the identification means A selection means for selecting a character string, and if the character or character string selected by the selection means is a single character, the personal name if there is a matching Chinese character compared with the kanji stored in the first storage means And And when the character or character string selected by the selection means is 2 characters or more and n characters or less, the second character of the character string is compared with the kanji stored in the second storage means. When there is a matching kanji character, the second determination means for determining the personal name, and the personal name count for counting the number of cases determined as the personal name by the first determination means and the second determination means Means and inspection means for inspecting whether or not the number of personal information included in the file including the number of personal names counted by the personal name counting means meets a predetermined condition.

  The personal information inspection system according to the present invention includes a third storage unit that stores characters or character strings to be determined as mail addresses, a fourth storage unit that stores characters or character strings to be determined as addresses, and a telephone. The fifth storage means for storing the character or character string to be determined as a number, and the character or character string identified by the identification means are compared with the character or character string stored in the third storage means, When there is a matching character or character string, a third determination unit that determines an email address, and the character or character string identified by the identification unit is a character or character string stored in the fourth storage unit. In contrast, if there is a matching character or character string, a fourth determination unit that determines an address and a character or character string that is identified by the identification unit are stored in the fifth storage unit. Matches against a string If there is a character or character string, a fifth determination means for determining a telephone number, a mail address counting means for counting the number of cases determined as a mail address in the third determination means, and a fourth determination means Address counting means for counting the number of cases determined as addresses in the telephone, and telephone number counting means for counting the number of cases determined as telephone numbers in the fifth determination means. Personal information from the number of personal names counted in the name counting step, the number of email addresses counted in the email address counting step, the number of addresses counted in the address counting step, and the number of phone numbers counted in the telephone number counting step It is a feature to check whether the specified condition is met. It can also be a.

  According to the present invention, in order to prevent personal information from leaking from within an organization such as a company, it is inspected whether personal information is included in a target file for printout, writing to an external medium, mail transmission, etc. In particular, it is possible to reduce the processing burden on the computer by efficiently identifying personal names (including names or combinations of names and names) included in the file.

  The best mode for carrying out the present invention will be described below in detail with reference to the drawings. The following description shows an example in which personal information is inspected according to the present invention, and the present invention is not limited to such an embodiment.

  FIG. 1 is a diagram showing functions of a personal information inspection program according to the present invention. FIG. 2 is a diagram showing an embodiment of the personal information inspection system according to the present invention. FIG. 3 is a block diagram showing the configuration of the personal information inspection system according to the present invention. FIG. 4 is a diagram showing an example of an inspection target event table used in the personal information inspection program according to the present invention. FIG. 5 is a diagram showing an example of a personal information inspection rule relating to an inspection level used in the personal information inspection program according to the present invention. FIG. 6 is a diagram showing an example of a personal information inspection rule regarding data skipping used in the personal information inspection program according to the present invention. FIG. 7 is a diagram showing an example of a personal information inspection rule relating to an individual name used in the personal information inspection program according to the present invention. FIG. 8 is a diagram showing an example of inspecting an individual name by the personal information inspection program according to the present invention. 9 to 11 are first to third flowcharts, respectively, showing the processing flow of the personal information inspection by the personal information inspection program according to the present invention. FIGS. 12 and 13 are first and second flowcharts, respectively, showing processing flows for counting personal names by the personal information inspection program according to the present invention.

  With reference to FIG. 1, functions and usage forms of the personal information inspection program according to the present invention will be described. It is assumed that a file A including personal information such as a customer list and a file B not including personal information such as an in-house newsletter are stored in a computer used in an organization such as a company. Here, for each of file A and file B, when a write command to the external storage medium is issued, before executing the write process to the external storage medium, the personal information inspection program assigns the individual files to the target file for the write process. A check is made to see if the information is included.

  In the inspection by the personal information inspection program, when the information corresponding to the personal information is defined in advance, the personal information contained in the file to be inspected is detected, and the number of detected personal information corresponds to the predetermined rule The file is determined to be a file that needs to be dealt with in order to prevent leakage of personal information. In the example of FIG. 1, since it is determined that the file A needs to be handled to prevent the leakage of personal information, writing to the external storage medium is prohibited, but the file B is determined not to need to be handled, Write processing to the external storage medium is executed.

  The inspection by the personal information inspection program is not limited to the writing of the file shown in the example of FIG. 1 to the external storage medium, but the file is printed out, the e-mail is sent with the attached file, and the file It is possible to make a configuration so as to prevent leakage of personal information by performing inspection when various events such as new creation or update are executed.

  FIG. 2 is a diagram showing an embodiment in which the personal information inspection system according to the present invention is utilized in a network in an organization such as a company. In addition to user terminals used by members of the organization, a file server, a network printer, a mail server, etc. are connected to the network such as the in-house LAN shown in FIG. 2 and are connected to the Internet via a gateway server. Yes. By operating the user terminal, files stored in the user terminal and file server can be output to a printer connected to the user terminal, written to external media, etc., printed on a network printer, and sent and received by e-mail It is possible to browse web pages.

  The personal information inspection program according to the present invention is stored in each user terminal. When the user terminal receives a file printout or write command, a mail transmission command, or the like, the personal information check program checks whether the target file contains personal information. The file to be inspected may be a file stored in a user terminal or a file stored in a file server shared on a network.

  The inspection of personal information is performed by detecting characters and character strings that meet the conditions defining the personal information stored in the user terminal from the target file. As conditions for defining personal information, characters and character strings included in personal names, addresses, telephone numbers, mail addresses, and the like are determined. Such conditions are stored in each user terminal, but by configuring the conditions set in the monitor server to be distributed to the user terminals, it is possible to prevent variations in inspection accuracy between terminals, The conditions stored in the user terminal are maintained in the latest state.

  The personal information is inspected in the user terminal, and if the character or character string corresponding to the personal information meets a predetermined condition, a countermeasure for preventing leakage of the personal information is executed. The handling method is not particularly limited, and includes, for example, stoppage of events received at the user terminal such as printout, writing, and mail transmission, and warning display on the user terminal and the monitor server.

  Such inspection of personal information is preferably performed at a user terminal that accepts an operation by the user. However, the personal server according to the present invention may be applied to a file server, a mail server, a gateway server, or the like that executes processing in response to an instruction from the user terminal. An information inspection program may be stored and an inspection may be executed.

  The operation of the computer executed by the personal information inspection program according to the present invention and a specific method of the personal information inspection will be described with reference to FIGS. FIG. 3 shows an example of the configuration of a computer for operating the personal information inspection program according to the present invention.

  The user terminal 10 that inspects personal information by the personal information inspection program according to the present invention is provided with a CPU 11, RAM 12, ROM 13, HDD 14, NIC 15, and external connection bus 16. When executing an application program stored in the HDD 14, basic various programs for hardware control such as input control and output control stored in the ROM 13 are started, and the application program stored in the HDD 14 is read out. Thus, the CPU 11 executes arithmetic processing while functioning the RAM 12 as a work area.

  A personal information inspection program 141 is stored in the HDD 14. When an execution of a predetermined event set in the inspection target event storage unit 142 such as printout or writing of a file is received, the personal information inspection program 141 is received from the HDD 14. It is read out and a check is made to see if the target file contains personal information. The personal information inspection is performed based on the conditions stored in the personal information inspection rule storage unit 143.

  The personal information policy such as the inspection target event stored in the inspection target event storage unit 142 and the personal information inspection rule stored in the personal information inspection rule storage unit 143 is set in the monitor server 50, and the user terminal 10 can be configured to be distributed. As a result, the user terminal 10 can be applied with more accurate rules set in the monitor server 50. However, some rules such as the inspection level among the inspection target events and the inspection rules for personal information are not applicable. The user terminal may be configured so that each user can make settings.

  When the user terminal 10 receives various processing instructions from the input device 20, the personal information inspection program 141 refers to the inspection target event storage unit 142 as to whether the received instruction requires inspection of personal information. To be judged. FIG. 4 is an example of an inspection target event table stored in the inspection target event storage unit 142, and includes writing to an external medium, printing, sending an email, browsing the Web, creating a new file, updating, deleting a file, Whether it is an inspection target is set for each event such as name change. In this example, mail transmission and file name change are not subject to inspection, but personal information is inspected for all other events.

  Such setting of the inspection target may be performed by each user using the user terminal 10, but the inspection target set by the system administrator or the like in the monitor server 50 is distributed to each user terminal. Also good.

  If the operation received by the user terminal 10 is defined as an event to be inspected in the inspection object event storage unit 142, the personal information such as a file that is the target of output or writing in the received operation Get the file to be inspected. Note that in the case of checking the transmission of mail, since the signature of the sender is often included in the mail text, there is a possibility that all will be judged as personal information and the transmission will be stopped. Therefore, in the case of inspecting the mail, the mail text may be excluded from the inspection target and only the attached file may be inspected.

  Subsequently, the data size of the acquired file is confirmed. When the data size is excluded from the inspection target in comparison with the rule stored in the personal information inspection rule storage unit 143, the received operation is executed as it is without performing the inspection. .

  FIG. 5 shows an example of the personal information inspection rule relating to the inspection level stored and stored in the personal information inspection rule storage unit 143, but only the part corresponding to the data size determined as the inspection target is personal. Information is inspected, and portions exceeding the data size are not subject to inspection. Note that which part of the file is to be inspected can be set from the beginning to a predetermined size, from the end to a predetermined size, and the like, but is not particularly limited. Alternatively, the personal information may be inspected only for a file having a data size equal to or smaller than the data size determined as the inspection target, and the file may not be inspected for exceeding the predetermined data size. If an inspection is performed on a large data size, the processing burden on the computer increases and the time required for the processing also increases. Therefore, depending on the authority and usage status given to each user who uses the user terminal 10 The inspection level can be set.

  Such setting of the inspection level may be performed by each user using the user terminal 10, but the inspection level set by the system administrator or the like in the monitor server 50 is distributed to each user terminal. Also good.

  Also, it is possible to set a skip portion that is not inspected according to the data size of the file acquired as the inspection target. The data size of the acquired file is confirmed, and the personal information inspection rule storage unit 143 is referred to, and the personal information is inspected from the portion after skipping the skip size corresponding to the data size.

  FIG. 6 shows an example of a personal information inspection rule related to data skipping stored and stored in the personal information inspection rule storage unit 143. The data skipping size corresponding to the data size of the acquired file is shown in FIG. The personal information is inspected for the data after the specified data skipping size has been skipped from the beginning of the file.

  Such setting of the data skipping size may be performed by each user using the user terminal 10, but the data skipping size set by the system administrator or the like in the monitor server 50 is set in each user terminal. It is good also as delivering. Alternatively, it may be set so that all data in the file is inspected without skipping data reading for all the files.

  In the file to be inspected, the data to be inspected after the skipped portion is inspected as to whether personal information is included by the following processing. First, a character or character string delimited by a predetermined separator such as a space or a comma (in the following explanation, a character is a number or a code, a character string is a number string or a code string, and a combination of a character, a number, or a code. Is included as a target for determining whether it is personal information. If the extracted character or character string corresponds to a rule that defines characters included in the personal name, email address, address, telephone number, etc. stored in the personal information inspection rule storage unit 143, and The number of cases is counted as personal information.

  Note that the method for cutting out the character or character string to be determined here is not particularly limited, and for the separator, in addition to spaces and commas, characters such as>, <, line feed, semicolon, punctuation marks, etc. It is possible to adopt various codes or the like for separating the character strings, and the present invention is not particularly limited to the examples given here.

  If the counted number of personal information satisfies a predetermined condition, it is determined that the target file needs to be dealt with in order to prevent leakage of personal information, and is sent to the printer 30. Processing such as printout, stop of writing to the external medium 40, and warning to the monitor server 50 is executed. There are no particular restrictions on the conditions set here, but if the absolute number of personal information counted is a condition, depending on the level of the number of requests for processing, it may The strength can be adjusted. Such conditions are stored in the personal information inspection rule storage unit 143 as part of the inspection rules.

  For a rule that defines personal information stored in the personal information inspection rule storage unit 143, for example, if it is an email address, it may be determined that the character string includes an at sign (@) or a dot (.). it can. If it is an address, for example, it can be determined that characters such as a ward and a city are included. In the case of a telephone number, for example, it can be determined that it is 9 to 17 single-byte characters and includes a hyphen (-).

  On the other hand, it is difficult to set general-purpose rules compared to email addresses, addresses, telephone numbers, etc., to determine whether it is an individual name. Usually, a name list that specifies names and names corresponding to individual names is used. A comparison is made as to whether the registered character or character string corresponds to the character or character string registered in the name list. However, in order to make a highly accurate judgment, the number of registrations in the name list must be increased as much as possible. The greater the number of names in the name list, the greater the burden of collation processing, and the more likely it is to hinder normal operations. turn into.

  Therefore, in the present invention, by setting a rule as shown in the example of FIG. 7, it is possible to increase the accuracy of the inspection with a small number of registrations and remarkably reduce the processing load on the computer. In this example, among characters or character strings cut out by the separator, for characters or character strings of 1 to 6 full-width characters, if the character is a double-byte character, whether or not the character is registered in the list In the case of 2 to 6 double-byte characters, it is determined whether or not the extracted character string is a personal name depending on whether or not the second character is a character registered in the list. The upper limit of the number of characters in the character string to be inspected is not limited to 6 characters, but any number of characters can be used as long as it is 2 characters or more, but the general number of characters in the Japanese name is considered. Then, it is preferable to set to 6 characters.

  For the character or character string cut out by the separator, it is first confirmed whether or not it is a single-byte character. In the case of one full-width character, as shown in the example of FIG. 7, characters such as “Hayashi, Mori, Shima, Tani, Hara” that are often used by one Japanese character are registered as inspection characters. Matches against a list. If it matches any of the check characters, it is determined to be a personal name.

  If it does not correspond to a single-byte character, it is confirmed whether or not it is a character string of 2 to 6 double-byte characters. In the case of 2 to 6 full-pitch kanji characters, as shown in the example of FIG. 7, “Wisteria, Wood, Bridge, Middle, Side, Book” , Village, forest, rice field, etc. are collated with a list registered as inspection characters. If it matches any of the check characters, it is determined to be a personal name.

  In Japanese names, the type of kanji used for the second character is relatively limited. Therefore, when targeting two or more character strings in this way, only the second character is compared. By doing so, it becomes possible to perform inspection with relatively high accuracy while suppressing the number of characters registered in the list. In addition, since only one character is registered and collated in the list, the number of character codes to be collated is remarkably reduced as compared with the case of registering a name with two or more characters, and the processing burden on the computer is reduced. Can be reduced.

  FIG. 8 shows a specific example of the examination of the personal name performed by the present invention. From the first line, the characters or character strings “001”, “Hara”, “Ichiro”, “03-1234-5678... Characters or character strings “Hara” and “Ichiro” are subject to personal name inspection. Since “original” is one character, it is compared with the inspection character in the case of one character, and since “original” is included in the inspection character, it is determined to be a personal name, and there is one piece of personal information. Is counted. Since “Ichiro” is a two-character string, the second character “Buro” is compared with the inspection character in the case of two characters, and the inspection character does not include “Buro”. It is not counted in the information.

  Similarly, for the second line, for “Sato” and “Jiro”, the second character “Fuji” and “Buro” are compared with the inspection character in the case of two characters, and for “Sato” Since the inspection character includes “wisteria”, it is determined that the character is a personal name, and one personal information is counted. Since “Jiro” is not included in the inspection character, “Jiro” is not counted in the personal information.

  For the third line, there is no space between the name and the name, so the four-character string “Saburo Tanaka” is cut out, and the second character “middle” and the second character are inspected. The character is collated, and since “inspection” includes “middle”, it is determined to be a personal name, and it is counted that one piece of personal information exists.

  In the present invention, not only the name but also the name may be similarly registered and inspected with characters that are easily used for the first and second characters. If a name and a name are separated by a space, there is a possibility that one name will be counted as two. Then, even if the file contains personal information of the same number of people, the number of cases counted in the list of only names and the list of names will be significantly different. preferable. In that case, compared to the case where the personal name is specified only by the name, there are more cases where the personal name is specified only by the name, and based on the name, what number character is inspected when the name is described without a space. Since it is difficult to specify, it is preferable to perform the inspection based on only Mr ..

  When the number of personal names is counted in this way, the number of personal information contained in the file to be inspected is counted together with the number of email addresses, addresses, telephone numbers, etc., and leakage of personal information is prevented. It is confirmed whether or not the conditions for performing the countermeasure are met. This condition is not particularly limited, it may be based on the total number of all cases, or may be determined by setting a standard value for each element, and it is necessary to prevent leakage of personal information In consideration of the balance between performance and the processing load on the computer, the user or system administrator may be able to make individual settings.

  As countermeasures to be taken when a predetermined condition is met, for example, printing out to the printer 30 or writing to the external medium 40 is stopped, a warning is given to the monitor server 50, and a mail transmitted to the network via the NIC 15 is transmitted. What is necessary is just to stop.

  A personal information inspection processing flow by the personal information inspection program according to the present invention will be described with reference to the flowcharts of FIGS. FIG. 9 is a flow for determining whether the event is a target event, FIG. 10 is a flow for specifying data to be inspected, and FIG. 11 is a counter for counting personal information and preventing leakage of personal information when necessary. The flow for executing the countermeasure is shown.

  First, in the computer on which the personal information inspection program according to the present invention operates, when the execution of an event such as file printout or mail transmission is accepted (S01), the inspection object event table specifying the inspection object of personal information is referred to. (S02), it is determined whether the received event is a subject of personal information inspection (S03). If it does not fall under the inspection target, the personal information inspection is terminated, and the process proceeds to a process of executing the accepted event.

  If it is determined that the personal information is to be inspected, a file to be inspected for personal information is acquired (S04). The file to be inspected is a file designated as a printout or export target, an attached file of a mail to be transmitted, or the like. The data size of the acquired file is read (S05), and it is confirmed whether the file is smaller than the predetermined size set in the inspection rule as the inspection target (S06).

  When the predetermined size is exceeded, the portion to be inspected is specified in the file to be inspected with the predetermined data size as the upper limit (S09). Here, which part of the file is specified as the inspection target is not particularly limited. If the size is equal to or smaller than the predetermined size, the entire file is to be inspected. In any case, the skip size set as the inspection rule is subsequently acquired according to the data size (S07), and the skip size is acquired. The inspection object data after the reading is skipped is specified (S08).

  Subsequently, as personal information included in the inspection target data, the count of the number of personal names (S10), the count of the number of e-mail addresses (S11), the count of the number of addresses (S12), the count of the number of phone numbers (S13) ) Is performed. It is confirmed whether or not the number of cases matches a predetermined condition for executing a countermeasure for preventing leakage of personal information set as an inspection rule (S14). (S15), measures are taken to prevent leakage of personal information such as printout stop or mail transmission stop (S16). If the predetermined condition is not met, it is determined that no action is required, the personal information inspection is terminated, and the process proceeds to a process of executing the accepted event.

  A processing flow for counting personal names by the personal information inspection program according to the present invention will be described with reference to the flowcharts of FIGS. FIG. 12 shows a flow for determining whether one character is a personal name, and FIG. 13 shows a flow for determining whether a character string of two or more characters is a personal name.

  In counting the personal name, a predetermined character or character string (for example, a character or character string of 1 to 6 full-width characters) separated by a separator is cut out from the data to be inspected (S091). It is determined whether the extracted character string is one character (S092), and if it is one character, it is confirmed whether the character matches any of the characters registered in the inspection rule as the inspection character (S093). ).

  If it matches the inspection character, it is counted that there is one personal name (S094), and it is confirmed whether there is a next character string (S095). If it does not match the inspection character, it is not counted as a personal name, and it is confirmed whether there is a next character string (S095).

  If the extracted character string is not one character, the second character of the character string is specified (S096). It is confirmed whether the second character matches one of the characters registered in the inspection rule as the inspection character (S097), and if it matches the inspection character, it is counted that one individual name exists (S094). ), It is confirmed whether there is a next character string (S095). If it does not match the inspection character, it is not counted as a personal name, and it is confirmed whether there is a next character string (S095).

  These processes are repeated until all the extracted character strings are inspected, and the total number of personal names included in the inspection target data is calculated. When the total number of personal names is calculated, as shown in FIG. 11, the process proceeds to a process of counting mail addresses.

  As for the count of the number of personal names, as described in the previous examples, the total number of cases may be calculated by inspecting the entire data to be inspected. The inspection may be aborted when the number of necessary countermeasures for prevention is exceeded, and the countermeasures may be taken immediately. Not only the number of personal names but also the same processing may be performed when a predetermined number is exceeded after shifting to the counting of e-mail addresses, addresses, and the like.

It is a figure which shows the function of the personal information inspection program concerning this invention. It is a figure which shows the Example of the personal information test | inspection system concerning this invention. It is a block diagram which shows the structure of the personal information test | inspection system concerning this invention. It is a figure which shows an example of the test object event table used in the personal information inspection program concerning this invention. It is a figure which shows an example of the personal information test | inspection rule regarding the test | inspection level used in the personal information test | inspection program concerning this invention. It is a figure which shows an example of the personal information inspection rule regarding the data skipping used in the personal information inspection program concerning this invention. It is a figure which shows an example of the personal information inspection rule regarding the personal name used in the personal information inspection program concerning this invention. It is a figure which shows the example which test | inspects a personal name with the personal information test | inspection program concerning this invention. It is a 1st flowchart which shows the processing flow of a personal information test | inspection by the personal information test | inspection program concerning this invention. It is a 2nd flowchart which shows the processing flow of a personal information test | inspection by the personal information test | inspection program concerning this invention. It is a 3rd flowchart which shows the processing flow of a personal information test | inspection by the personal information test | inspection program concerning this invention. It is a 1st flowchart which shows the processing flow which counts the personal name by the personal information test | inspection program concerning this invention. It is a 2nd flowchart which shows the processing flow which counts the personal name by the personal information test | inspection program concerning this invention.

Explanation of symbols

10 User terminal 11 CPU
12 RAM
13 ROM
14 HDD
141 Personal information inspection program 142 Inspection object event storage unit 143 Personal information inspection rule storage unit 15 NIC
16 External connection bus 20 Input device 30 Printer 40 External media 50 Monitor server

Claims (6)

A personal information inspection program for inspecting whether predetermined personal information including a personal name is included in a file to be inspected, a first storage unit for storing a Chinese character that determines a single Chinese character as a personal name And a second storage unit that stores a kanji character that is determined as a personal name when it is the second character in a character string of 2 characters or more and n characters (n is a natural number of 2 or more),
An identification step for identifying characters or character strings delimited by a predetermined separator included in the file;
A selection step of selecting one or more characters or character strings from the characters or character strings identified in the identification step;
A first determination step in which, when the character or character string selected in the selection step is one character, in contrast to the kanji stored in the first storage unit, if there is a matching kanji, it is determined as an individual name; ,
If the character or character string selected in the selection step is not less than 2 characters and not more than n characters, the second character of the character string is compared with the kanji stored in the second storage unit and there is a matching kanji A second determination step for determining a personal name in the case,
A personal name counting step of counting the number of cases determined as personal names in the first determination step and the second determination step;
An inspection step for inspecting whether the number of personal information included in the file including the number of personal names counted in the personal name counting step meets a predetermined condition;
A personal information inspection program characterized in that The computer includes a third storage unit that stores characters or character strings to be determined as mail addresses, a fourth storage unit that stores characters or character strings to be determined as addresses, and characters or character strings to be determined as telephone numbers. A fifth storage unit for storing
The character or character string identified in the identification step is compared with the character or character string stored in the third storage unit, and if there is a matching character or character string, a third address is determined. A determination step;
Fourth determination for determining the character or character string identified in the identification step as an address when there is a matching character or character string in comparison with the character or character string stored in the fourth storage unit Steps,
The character or character string identified in the identification step is compared with the character or character string stored in the fifth storage unit. A determination step;
An e-mail address counting step for counting the number of e-mail addresses determined in the third determining step;
An address counting step of counting the number of cases determined to be addresses in the fourth determination step;
A telephone number counting step of counting the number of cases determined as telephone numbers in the fifth determination step,
In the inspection step, the number of personal names counted in the personal name counting step, the number of email addresses counted in the email address counting step, the number of addresses counted in the address counting step, counted in the telephone number counting step 2. The personal information inspection program according to claim 1, wherein the personal information inspection program counts the number of personal information from the number of telephone numbers and checks whether or not a predetermined condition is met. In the computer,
Specifying the data size of the file, causing the data size determination step to determine whether the data size exceeds a preset size,
If it is determined in the data size determination step that the data size exceeds a preset size, the computer performs an inspection up to the preset size or performs an inspection of personal information. 3. The personal information inspection program according to claim 1, wherein the personal information inspection program is not executed. The computer includes a sixth storage unit that stores a data size to be skipped from the beginning corresponding to the data size of the file.
Specify the data size of the file, and execute a specifying step of specifying the data size skipped from the beginning of the file with reference to the sixth storage unit,
The said computer performs the test | inspection of personal information for the remaining data which skipped the data size specified in the said specific step among the said files. Personal information inspection program. A personal information inspection method for inspecting whether a file to be inspected includes predetermined personal information including a personal name,
A first storage unit that stores a kanji character that is determined to be an individual name for one kanji character and a character name that is the second character in a character string that is not less than 2 characters and not more than n characters (n is a natural number not less than 2) is determined as an individual name An identification step for identifying a character or a character string delimited by a predetermined separator included in the file;
A selection step in which the computer selects one or more characters or character strings from the characters or character strings identified in the identification step;
When the character or character string selected in the selection step is one character, the computer compares the kanji stored in the first storage unit, and if there is a matching kanji, the computer determines a first personal name. A determination step of
If the character or character string selected by the computer in the selecting step is not less than 2 characters and not more than n characters, the second character of the character string is compared with the kanji stored in the second storage unit and matched. A second determination step for determining a personal name when there is a Chinese character to be
A personal name counting step in which the computer counts the number of cases determined as personal names in the first determination step and the second determination step;
An inspection step in which the computer inspects whether the number of personal information included in the file including the number of personal names counted in the personal name counting step meets a predetermined condition;
A personal information inspection method characterized by comprising: A personal information inspection system for inspecting whether a file to be inspected includes predetermined personal information including a personal name,
First storage means for storing a kanji character that is determined as an individual name for one kanji character;
A second storage means for storing a kanji character that is determined as an individual name when it is the second character in a character string of two or more and n characters (n is a natural number of 2 or more)
An identification means for identifying a character or a character string delimited by a predetermined separator included in the file;
A selection means for selecting one or more characters or character strings from among the characters or character strings identified by the identification means;
A first determination unit that determines a personal name when there is a matching kanji character in contrast to the kanji stored in the first storage unit when the character or character string selected by the selection unit is one character; ,
When the character or character string selected by the selection means is not less than 2 characters and not more than n characters, the second character of the character string is compared with the kanji stored in the second storage means and there is a matching kanji. A second determination means for determining a personal name in the case;
Personal name counting means for counting the number of cases determined as personal names in the first determination means and the second determination means;
Inspection means for inspecting whether the number of personal information included in the file including the number of personal names counted by the personal name counting means meets a predetermined condition;
A personal information inspection system comprising: