JP4354950B2 - Information processing apparatus, information processing method, computer program, and storage medium - Google Patents

Description

  The present invention relates to a technique for transmitting and receiving an electronic mail using an HTTP protocol.

  With the development of network technology, it is possible to exchange information very easily and efficiently. For example, it is possible to attach materials to be used for a meeting to an e-mail and send them to participants in advance without trouble and trouble. However, while network technology has been developed in this way and information exchange has become easier, the degree of danger that important confidential information can easily flow outside has increased.

  From the standpoint of preventing information leakage, it is important to take measures against unauthorized access from the outside, and to take measures against inadvertent transmission of important data from the inside. It has become. The cause of information leakage is that information is often leaked by internal carelessness or illegal behavior rather than being stolen by unauthorized access. .

  In addition to this background, the enforcement of the Personal Information Protection Law, etc. has required companies to handle information properly. For example, as a countermeasure against information leakage at companies, electronic Introduce a system that checks the contents of the mail (for example, text information of the destination and text, contents of the attached file) and prohibits the e-mail from being sent outside the company if the specified conditions are met. Yes. This reduces the risk that important confidential information will be leaked from inside the company or that information that is disadvantageous to the company will be leaked.

  On the other hand, the risk of leaking information or leaking disadvantageous information via the network is not limited to e-mail transmission. For example, leakage of confidential information due to posting on a bulletin board on the Internet, or outflow of disadvantageous information can be considered. Services using the Internet have been diversified, and companies have been required to deal with information leakage for each service.

For example, Patent Document 1 is disclosed as a technique for preventing leakage of confidential information due to posting on the bulletin board and outflow of information that is inconvenient for a company. According to this technology, a specific service on the Internet is specified by a URL (Uniform Resource Locator), and transmission of information is controlled only for the service, so that a protocol (HTTP) different from the conventional electronic mail (SMTP) is used. It is also possible to take measures against information leakage without compromising the convenience of the Internet.
JP 2004-348202 A

  Recently, unlike conventional electronic mail (data transmission is performed by SMTP), a service for performing electronic mail using HTTP has been widely used. With this service, it is possible to send and receive e-mails using general-purpose browser software without using an e-mail application.

  Regarding the control of mail transmission in such a format, since the communication protocol is different from that of the conventional electronic mail (those based on SMTP), the conventional relay control method for electronic mail cannot be used. . Further, communication control using a specific keyword is possible by using the technique disclosed in Patent Document 1, but information such as a destination, CC, and subject, as in a conventional electronic mail communication control system. It is not possible to perform detailed communication control based on the.

  Also, when trying to control such communication, unlike email using SMTP, there is no uniform rule, so simply considering the difference in protocol, relaying conventional email There is a problem that it is impossible to apply a control method.

  The present invention has been made in view of the above problems, and even for an electronic mail (Web mail) using HTTP, a specific meaning such as a destination, a CC, a subject, and the like is similar to an electronic mail using SMTP. The purpose is to provide a technology to perform data relay control based on the information (semantic information).

  In order to achieve the object of the present invention, for example, an information processing apparatus of the present invention comprises the following arrangement.

That is, relay control of HTTP data communication between an HTTP server that provides a web page for providing a service for sending and receiving electronic mail using the HTTP protocol and a client terminal device that can communicate with the HTTP server is performed. An information processing apparatus,
For a plurality of the HTTP servers, obtain a capture pattern including a request URL for specifying data communication to the HTTP server, and transmission information of the e-mail included in HTTP data transmitted to the HTTP server. First storage means for storing association attributes for definition,
Receiving means for receiving HTTP data transmitted from the client terminal device;
First determination means for determining which of the capture patterns is matched by comparing the request URL included in the HTTP data received by the reception means with the capture pattern stored in the first storage means. When,
The HTTP received by the receiving means according to the definition attribute associated with the acquisition pattern determined to match the HTTP data received by the receiving means when the first judging means determines that the captured pattern matches. First acquisition means for acquiring e-mail transmission information from the data;
Judgment is made as to whether the transmission information of the e-mail acquired by the first acquisition means matches the definition formula that can be set on the condition of the e-mail destination, text information included in the e-mail, and attached file information of the e-mail Second determining means for
And a relay control unit that performs relay control for relaying or prohibiting transmission of HTTP data received by the reception unit according to a determination result by the second determination unit .

In order to achieve the object of the present invention, for example, an information processing method of the present invention comprises the following arrangement.

That is, relay control of HTTP data communication between an HTTP server that provides a web page for providing a service for sending and receiving electronic mail using the HTTP protocol and a client terminal device that can communicate with the HTTP server is performed. An information processing method performed by an information processing apparatus,
For a plurality of the HTTP servers, obtain a capture pattern including a request URL for specifying data communication to the HTTP server, and transmission information of the e-mail included in HTTP data transmitted to the HTTP server. A first storage step for storing association attributes for definition,
A receiving step of receiving HTTP data transmitted from the client terminal device;
A first determination step of determining which of the capture patterns is matched by comparing the request URL included in the HTTP data received in the reception step with the capture pattern stored in the first storage step. When,
If it is determined in the first determination step that it matches the capture pattern, the HTTP received in the reception step according to the definition attribute associated with the capture pattern determined to match the HTTP data received in the reception step A first acquisition step of acquiring e-mail transmission information from the data;
Judgment is made as to whether the transmission information of the email acquired in the first acquisition step matches the definition formula that can be set on the condition of the destination of the email, the text information included in the email, and the attached file information of the email A second determination step,
A relay control step of performing relay control for relaying or prohibiting transmission of the HTTP data received in the reception step according to a determination result in the second determination step .

  According to the configuration of the present invention, even an electronic mail (Web mail) using HTTP is based on information (semantic information) having a specific meaning, such as a destination, a CC, a subject, and the like, similar to an electronic mail using SMTP. Data relay control can be performed.

  Hereinafter, the present invention will be described in detail according to preferred embodiments with reference to the accompanying drawings.

[First Embodiment]
FIG. 1 is a diagram illustrating a configuration example of a system according to the present embodiment. As shown in the figure, the system according to this embodiment includes a mail server 104, an HTTP server 105, client terminal devices 102a and 102b, and a relay server 101 that functions as an information processing device according to this embodiment. Hereinafter, those constituting the system according to the present embodiment will be described.

  The client terminal devices 102 a and 102 b are used for accessing the HTTP server 105 via the relay server 101 and the wide area network 106 and browsing a desired home page among various home pages provided by the HTTP server 105. . The client terminal devices 102a and 102b can also send and receive general electronic mail using the SMTP protocol. In this case, the transmitted electronic mail is sent to the mail server via the relay server 101 and the wide area network 106. 104 is transmitted. In addition, when the client terminal devices 102a and 102b receive an e-mail, the mail server 104 may be accessed via the relay server 101 and the wide area network 106 to instruct the downloading of the e-mail.

  The HTTP server 105 performs the same operation as the HTTP server provided in a general provider, and makes a request to the client terminal devices 102a and 102b accessed via the relay server 101 and the wide area network 106. It provides a homepage that meets your needs. In this embodiment, as one of such home pages, there is a home page (hereinafter referred to as “Web mail page”) that provides a service for sending and receiving electronic mail using the HTTP protocol. Hereinafter, an electronic mail transmitted and received using the HTTP protocol is referred to as “Web mail”. As is well known, the Web mail page is provided by a general provider, and a detailed description thereof will be omitted.

  The relay server 101 is for relaying data communication between the client terminal devices 102 a and 102 b and the HTTP server 105. When the client terminal devices 102a and 102b access a Web mail page provided by the HTTP server 105 and input operation instructions such as creation, storage, and transmission of an electronic mail on the Web mail page, the relay server 101 Upon receiving this operation instruction, various processes are executed according to the received operation instruction. Details of the processing performed by the relay server 101 will be described later.

  The wide area network 106 is a network represented by the Internet. Reference numeral 103 denotes a network such as a LAN or the Internet.

  FIG. 2 is a block diagram illustrating a hardware configuration of the relay server 101.

  A CPU 201 controls the entire relay server 101 using programs and data stored in the RAM 202 and the ROM 203 and executes each process described below performed by the relay server 101.

  A RAM 202 temporarily stores programs and data loaded from the HDD (hard disk drive) 204 and the storage medium drive 206, programs and data received from the outside via the network I / F (interface) 205, and the like. And various areas such as a work area used when the CPU 201 executes various processes can be provided as appropriate.

  A ROM 203 stores setting data of the relay server 101, a boot program, and the like.

  Reference numeral 204 denotes an HDD, which stores an OS (Operating System) and programs and data for causing the CPU 201 to execute processes described later performed by the relay server 101. These are loaded into the RAM 202 as appropriate under the control of the CPU 201. , The processing target by the CPU 201.

  Reference numeral 205 denotes a network I / F for connecting the relay server 101 to the network 103 and the wide area network 106. The relay server 101 is connected to the network 103 and the wide area network 106 via the network I / F 205. Data communication can be performed with each connected device.

  Reference numeral 206 denotes a storage medium drive that reads programs and data recorded on a storage medium such as a CD-ROM, CD-R / RW, DVD-ROM, DVD-R / RW, and DVD-RAM, and outputs them to the RAM 202 and HDD 204. To do. A part of the information held in the HDD 204 may be stored in this storage medium.

  Reference numeral 207 denotes a keyboard, and 208 denotes a pointing device configured by a mouse, a joystick, and the like. Various instructions can be input to the CPU 201 by an operator of the relay server 101.

  A display unit 209 includes a CRT, a liquid crystal screen, and the like, and can display a processing result by the CPU 201 using an image, text, or the like.

  Reference numeral 210 denotes an external device connection I / F, which is a port for connecting peripheral devices to the relay server 101. The relay server 101 transmits / receives data to / from this peripheral device via the external device connection I / F 210. The external device connection I / F 210 is configured by USB, IEEE 1394, or the like, and usually has a plurality of external device I / Fs. The connection form with the peripheral device may be wired or wireless.

  A bus 211 connects the above-described units.

  Note that the hardware configuration of the relay server 101 is described as having the configuration illustrated in FIG. 2, but is not necessarily limited to having the configuration illustrated in FIG. 2. The following processing described as processing performed by the relay server 101 is described below. If the configuration is executable, the configuration of the relay server 101 may be modified as appropriate.

  The hardware configurations of the client terminal devices 102a and 102b, the HTTP server 105, and the mail server 104 are as follows. Since a general computer is applied to them, the configuration generally shown in FIG.

  Next, the client terminal devices 102a and 102b access the Web mail page provided by the HTTP server 105 via the relay server 101 and the wide area network 106, and create, store, and transmit Web mail on the Web mail page. The processing performed by the relay server 101 when instructed will be described below with reference to FIG. 3 showing a flowchart of the processing.

  Note that programs and data for causing the CPU 201 to execute the processing according to the flowchart of FIG. 5 are stored in the HDD 204, which are loaded into the RAM 202 according to the control of the CPU 201, and are processed by the CPU 201 using the loaded programs and data. By performing the above, the relay server 101 executes each process described below. In the following description, the client terminal devices 102a and 102b are collectively referred to as the client terminal device 102.

  As described above, at the time when the processing according to the flowchart of FIG. 10 is started, the client terminal device 102 is accessing the Web mail page and is in a state where it is possible to instruct creation, storage, transmission, and the like of an email. For example, a Web mail page screen is displayed on the display screen of the display device of the client terminal apparatus 102, and an area for designating an e-mail transmission destination (TO, CC, BCC) is displayed on the Web mail page. An area for describing the body of the e-mail, a button image for storing the created e-mail in the HTTP server 105, sending it, or designating a file attached to the e-mail are provided. Yes.

  The relay server 101 is in a standby state so that any instruction may be transmitted from the client terminal device 102. When an instruction to create, save, or send an e-mail is input on the client terminal device 102 side, for example, when a button image for instructing creation or saving is instructed on the client terminal device 102 side From the client terminal device 102, an HTTP relay packet (HTTP data) including the instructed content is transmitted to the relay server 101. When the relay server 101 detects reception of HTTP data via the network I / F 205, the relay server 101 performs processing to store the HTTP data in the RAM 202 or the HDD 204 (step S501). This storing process is performed until reception of all the transmitted HTTP data is completed.

  If all HTTP data (all HTTP data transmitted from the client terminal device 102 when one instruction related to electronic mail is input on the client terminal device 102 side) has been received, the process proceeds to step S502. Proceed to S503, analyze the received HTTP data, and extract and extract each element (each element to be referred to in the following processing) constituting HTTP data such as request method, request URL, protocol version, request header, request body, etc. One file (analysis file) including these elements is created according to a predetermined format (step S503).

  If there is a request body, the content of the request body is also analyzed (parsed) based on the content of the Content-Type header, Content-Length or Transfer-Encoding header, and text information is extracted. If Content-Type is multipart format, each part is recursively parsed.

  In addition, when the request body data or the part data includes structured data format data having text information such as PDF or word processor document, the text information is extracted from each format data.

  Next, the relay control rule table data shown in FIG. 5 is loaded from the HDD 204 into the RAM 202, and one rule ID is selected from the loaded table (step S504). FIG. 5 is a diagram illustrating a configuration example of a relay control rule table referred to in order to determine processing performed by the relay server 101 based on the analysis file.

  As shown in the figure, a set of capture pattern expressions, Web mail definition attributes, and action expressions corresponding to each rule ID is registered in the relay control rule table. For example, rule ID = 3 is associated with a set of <pattern expression-03>, (service ID = 1, operation type = creation, context operation procedure = <operation procedure-3>), and <action expression-03>. It has been.

  Accordingly, in step S504, one rule ID registered in the relay control rule table is selected, and processing for specifying a capture pattern expression, a Web mail definition attribute, and an action expression corresponding to the selected rule ID is performed. If all rule IDs have already been selected, the process proceeds to step S507. On the other hand, if all the rule IDs have not been selected (that is, if the selected rule ID has not been selected yet), the process proceeds to step S505, and the process according to the flowchart of FIG. 4 is performed (step S505). ). FIG. 4 is a flowchart showing details of the processing in step S505.

  First, the analysis file is referred to, and it is checked whether or not it matches the capture pattern expression corresponding to the rule ID selected in step S504 (step S601). The capture pattern expression is an expression for expressing a specific set of instances of transmission HTTP data, and is described as shown in FIG. 9, and is used as a filter for specifying what the analysis file is. Function. Therefore, when the analysis file matches the captured pattern expression, the contents of the analysis file can be determined as matching the contents determined by the captured pattern expression. FIG. 9 is a diagram illustrating an example of a capture pattern expression. When the captured pattern expression of FIG. 9 is evaluated against the transmission HTTP data, the request URL character string is “http: /// [az] + \. Abc-mail \ .co \ .jp / mail / send.cgi”. It contains a URL parameter that matches the regular expression pattern that is represented, the key is “FLAG0” and the value is “ON”, and the key contains a URL parameter or “COOKIE” parameter that is “SEND”, and the request method is When it is “GET” and the user agent name character string starts with the character string “Mozilla / 5”, it is determined to match, and otherwise it is determined not to match.

  If the captured pattern expression corresponding to the rule ID selected in step S504 does not match the analysis file as a result of the check process in step S601, the process returns to step S504 via step S506 in FIG. The next rule ID that has not been selected is selected. If they match, the process proceeds to step S602, and it is determined whether or not a Web mail definition attribute corresponding to the rule ID selected in step S504 exists. A check is made (step S602). In the example shown in FIG. 5, there is a Web mail definition attribute corresponding to rule ID = 3, but there is no Web mail definition attribute corresponding to rule ID = 1.

  Here, the Web mail definition attribute will be described. As shown in FIG. 5, the Web mail definition attribute includes a service ID, an operation type, and a context operation procedure. “Service ID” indicates the type of the Web mail page. As is well known, there are multiple types of providers that provide Web mail pages. Therefore, an ID is assigned to each type of Web mail page in order to identify which provider is the Web mail page currently used by the client terminal device 102. FIG. 6 is a diagram showing a configuration example of a table in which the types of Web mail pages corresponding to the service IDs are registered. For example, a service ID = 2 indicates that a Web mail page of the type “Coo Mail” (Coo Mail Service is selected). Web mail page provided).

  The “operation type” indicates what the instruction from the client terminal device 102 is. In the figure, “(e-mail) creation”, “(e-mail) cancellation”, “(e-mail)” “Send” or “Create / Send (e-mail)”.

  The “context operation procedure” describes processing contents to be performed by the relay server 101 in accordance with the “operation type”. Details of the “context operation procedure” will be described later.

  The action expression describes the processing content that the relay server 101 should finally perform according to the “operation type”. Details of the “action expression” will be described later.

  Therefore, when the analysis file matches, for example, <Pattern Expression-03>, the type of the Web mail page used by the client terminal apparatus 102 is the Web mail page (ABC mail service is provided with the service ID = 1). Web mail page), and the content instructed from the client terminal device 102 is “create (e-mail)”, and the processing performed by the relay server 101 in response to this instruction is <operation procedure-03>, < It can be determined that action expression-03>.

  Returning to FIG. 4, if there is no Web mail definition attribute corresponding to the rule ID selected in step S504 as a result of the process in step S602, the process proceeds to step S604. Proceeding to step S603, the context operation procedure corresponding to the rule ID selected at step S504 is executed (step S603).

  10 to 13 are diagrams illustrating the contents of the context operation procedure corresponding to various operation types. In the context operation procedure, when one e-mail message transmission process is composed of a plurality of HTTP transactions, the transmission contents of each HTTP transaction is used as partial information regarding a specific mail transmission, and the transmission mail information table in the RAM 202 It is a procedure to record in. Normally, the transmission process of one e-mail message is composed of a plurality of HTTP transactions, and therefore such a process is performed because there is a problem that it cannot be controlled only by a simple check.

  The context operation procedure shown in FIGS. 10 and 11 is an example when the operation type = creation. For example, when the context operation procedure shown in FIG. 10 is executed, first, a service ID and session key specific to the e-mail to be created are acquired, and the acquired service ID and session key are used to identify the e-mail message. As key information, the destination (To, Cc) of the electronic mail described in the analysis file is registered in the transmission mail information table shown in FIG. In the context operation procedure of FIG. 10, “VAR SEVICE_ID; VAR SESSION-KEY; VAR SLOT_TO; VAR SLOT_CC;” are “Web mail service identifier”, “session key”, “TO address”, “CC address”, respectively. This is a variable declaration for storing the value of “during procedure execution. When“ SERVICE_ID = GET_SERVICE_ID (); ”is executed, the value of the service ID line in the current row of the relay control rule table currently being evaluated is transferred to the SERVICE_ID variable. Substituting and executing “SESSION-KEY = URL_PARAM (“ SESSID ”)” assigns the value of the parameter named SESSID in the transmission HTTP data to the SESSION-KEY variable, and “SLOT_TO = BODY_GET_ELEMENT_BY_ID (“ text / xml ” , “To_addr”); ”, the request body data in the transmitted HTTP data is analyzed in the“ text / xml ”format, and the value of the XML entity having the identifier“ to_addr ”from that is analyzed. Substituting into the SLOT_TO variable, similarly, “SLOT_CC = BODY_GET_ELEMENT_BY_ID (“ text / xml ”,“ to_addr ”);” substitutes the value of the XML entity with the identifier “cc_addr” into the SLOT_CC variable, -STORE, MAIL_CONTEXT (SERVICE_ID, SESSION-KEY, CC, SLOT_CC); '', the values of the SERVICE_ID variable and SESSION-KEY variable are used as keys, and the value of the SLOT_TO variable is set in the TO column of the transmission information table. Store the value of the SLOT_CC variable in the CC column.

  Similarly, the contents of FIG. 11 represent a procedure for extracting the attached file from the request body data of the transmission HTTP data and storing it in the transmission mail information table. As described above, the context operation procedure includes a function for accessing element data from the analysis file and a function for updating the outgoing mail information table. In addition, since the method for extracting the session key from the transmission HTTP data and the method for extracting the mail attribute information such as TO, CC, text, and attached file differ depending on the Web mail service and its version, the extraction specification itself is also a context operation procedure. It shall be expressed in program form in the data.

  FIG. 7 is a diagram showing a configuration example of the outgoing mail information table. One horizontal line represents transmission information related to one outgoing mail. In the figure, the service ID, session key, destination (To, Cc), Subject, body, attached file, start time, sender, unique to the outgoing mail A set of attributes (authentication identifier, IP address as identification information unique to the client terminal apparatus 102) is registered in the transmission mail information table as transmission information regarding one transmission mail. Therefore, when the transmission process of one electronic mail message is composed of a plurality of HTTP transactions, the context operation procedure for the plurality of HTTP transactions is performed, so that the information in one horizontal line of the transmission mail information table is changed. Will be created. When the context operation procedure shown in FIG. 10 is executed, transmission information (information described in the analysis file) related to the e-mail to be created is registered in this transmission mail information table.

  Of course, all transmission information does not necessarily exist for a single e-mail, for example, there is no attached file depending on the e-mail. Therefore, for example, null may be registered for non-existing transmission information.

  The context operation procedure shown in FIG. 12 is an example when the operation type = cancel. In this case, it is determined that the corresponding information in the transmitted mail information table may be deleted, assuming that the mail message being created is canceled. If the context operation procedure shown in the figure is executed, a service ID and a session key specific to the e-mail instructed from the client terminal apparatus 102 as a cancellation target are acquired, and from the outgoing mail information table illustrated in FIG. Processing for deleting the transmission information specified by the acquired service ID and session key is performed. In FIG. 12, after retrieving the Web mail service ID and session key in the same manner as in FIG. 10, the “REMOVE_MAIL_CONTEXT (SERVICE_ID, SESSION-KEY, CC);” command is used to send mail information using the Web mail service ID and session key as keys The target entry in the table is deleted.

  The context operation procedure shown in FIG. 13 is an example in the case of operation type = transmission. If the context operation procedure shown in the figure is executed, a service ID and a session key specific to the e-mail instructed from the client terminal apparatus 102 are acquired as transmission targets, and registered in the outgoing mail information table illustrated in FIG. Among the transmission information being acquired, the transmission information corresponding to the acquired service ID and session key is acquired. Then, the body (acquired from the analysis file) of the electronic mail designated as the transmission target is registered in the “body” portion of the acquired transmission information. In FIG. 13, after extracting the variable declaration, the Web mail service identifier, and the session key, as in FIG. 10, “SLOT_BODY = BODY_GET_ELEMENT_BY_ID (“ appliacation / x-www-form-urlencoded ”,” mail_body ”,“ euc- jp ”);” Result of sending HTTP data request body in “appliacation / x-www-form-urlencoded” format and extracting the value with “mail_body” string as key and converting the character code to EUC-JP To the SLOT_BODY variable, update the text field value of the outgoing mail information table with the contents of the SLOT_BODY variable with the `` STORE_MAIL_CONTEXT (SERVICE_ID, SESSION-KEY, BODY, SLOT_BODY); '' statement, and finally `` COMMIT_MAIL_MESSAGE (SERVICE_ID, SESSION -KEY); ", the mail session information set identified by the Web mail service ID and the session key in the outgoing mail information table is completed.

  As described above, when the analysis file matches the capture pattern expression corresponding to the rule ID acquired in step S504, the context operation procedure corresponding to the matched capture pattern expression is executed. Thereby, the relay server 101 performs an operation related to the electronic mail specified by the service ID and the session key instructed from the client terminal device 102 side.

  Further, every time the relay server 101 performs processing related to the email, the transmission information related to the email instructed from the client terminal apparatus 102 among the transmission information registered in the transmission email information table illustrated in FIG. It will be updated according to the type.

  Returning to FIG. 4, next, the action formula corresponding to the rule ID selected in step S504 is executed (step S604). 14 to 17 are diagrams showing the contents of action expressions corresponding to various operation types. The action formulas shown in FIGS. 14 and 15 are relayed when the HTTP data transmitted from the client terminal apparatus 102 is not related to Web mail (when the request is for browsing a home page other than the Web mail page). The processing executed by the server 101 is shown. When the action expression shown in FIG. 14 is executed, REJECT is returned. When the action formula shown in FIG. 15 is executed, REJECT is returned and mail is transmitted to the terminal device used by the system administrator. The action expression is an evaluation expression for determining the result of the access determination for the request corresponding to the capture pattern expression. In addition, it is possible to define a process that can return an evaluation result and can be driven based on the result. One of OK, REJECT, and CONTINUE is returned as the value of the action expression.

  The action formula shown in FIG. 16 is an example in the case of operation type = creation. When the action formula of FIG. 6 is executed, CONTINUE is returned so as to continue the processing. Return OK if you want to allow it immediately.

  The action formula shown in FIG. 17 is an example in the case of operation type = transmission. When the action formula of FIG. 6 is executed, the definition formula corresponding to the keyword set ID = x is read out by the function GET_KEYWORD (x). FIG. 8 is a diagram illustrating a configuration example of a keyword definition table in which definition formulas corresponding to each keyword set ID are registered. Here, the definition expression indicates a conditional expression for checking whether or not each character (string) included in the body of the e-mail to be transmitted satisfies a predetermined condition. . Therefore, different definition formulas are associated with each keyword set ID in order to correspond to various combinations of characters (columns) that should not be included in the body of the email.

  Next, for the e-mail to be transmitted, the sender and the destination are checked. If the e-mail is the predetermined sender and the predetermined destination, the HTTP is prohibited to be transmitted. Since the electronic mail to be transmitted is not transmitted to the server 105, the server 105 is instructed to cancel and returns REJECT.

  Next, the number of transmission destinations of the e-mail addressed for transmission is checked. If the number checked is equal to or greater than the predetermined number, the e-mail is transmitted to the terminal device used by the system administrator. Next, the body of the e-mail to be transmitted is checked using the definition formula acquired by GET_KEYWORD (x), and if a location satisfying the definition formula is found in the text, information about this e-mail Is recorded in the HDD 204 as a log. Then, OK is returned unless REJECT is returned.

  In this case, the destination of the email, the number of destinations or the text of the email was checked, and the action was executed for those that matched the conditions. However, this is not restrictive. A predetermined action may be executed when a file matches the presence or absence of the file or a combination of these.

  In addition, although actions were executed for those that matched the conditions, it was assumed that only those that matched the conditions were canceled, etc., but not limited to this, cancellation processing etc. were performed for all that did not match the conditions. It may be done.

  In addition to this, “operation type” may be “save (e-mail to server)”. Even when “Save” is selected, the e-mail data is transmitted to the server as in the case of transmission. Therefore, it is preferable to prepare an action expression similar to that in the case of “operation type” of transmission. By doing so, it is possible to check the e-mail data transmitted from the client apparatus 102 to the HTTP server 105 even when a storage process is instructed.

  As described above, by executing an action formula, for example, before sending an e-mail, items such as the destination and number of e-mails to be sent are checked, and the checked items are e-mail sending conditions. Can be checked to see if Depending on the result of the check, various procedure processes for permitting / prohibiting transmission can be performed.

  Also, Web mail with relay control can be searched for data using information such as destination, CC, BCC, subject, text, attached file, etc., regardless of whether transmission is permitted or prohibited. It is preferable to register in the database. In that case, of course, the relay control result may be registered together.

  There are various types of action expressions, and multiple action expressions are prepared according to each capture pattern expression expression, and multiple conditions can be activated in a single action expression. By setting the processes, it is possible to prepare a plurality of combinations of processes that are activated as a side effect at the same time as whether or not to relay an electronic mail to be transmitted.

  As described above, when the process in step S604 is completed, the process returns to step S506 in FIG. 3. As a result of executing the action formula in step S604, it is checked whether the returned one is REJECT, OK, or CONTINUE ( Step S506). As a result of this check, if the returned one is CONTINUE, the process returns to step S504, a rule ID that has not been selected is selected, and the subsequent processes are repeated.

  On the other hand, if the returned one is OK or REJECT, the process proceeds to step S507. If the returned one is OK, or if the process proceeds from step S504 to step S507, the subsequent HTTP relay process is performed (step S507). On the other hand, if the returned one is REJECT, the client terminal apparatus 102 is notified of access denial as an HTTP response (step S507).

In the case where the session key is not a single parameter but a combination of a plurality of parameters, the table model cannot cope. Therefore, imitating application control,
SESSION_KEY = URL_PARAM ("SESSIN_1") + COOKIE_PARAM ("SESSIN_2");("+" is a string concatenation).

[Second Embodiment]
The relay server 101 applies a predetermined relay control rule to transmission data before data relay as well as Web mail as well as normal electronic mail (SMTP), and permits data transmission. / Rejection is determined, relay processing is continued, stopped, prohibition message is responded, and transmission data is recorded.

  Although there are differences in communication methods, Web mail and ordinary e-mail have the same characteristics in terms of data, so it is better not to manage each separately but to manage them in a unified manner. preferable.

  Therefore, when the relay server 101 performs relay control of both Web mail and normal electronic mail (electronic mail by SMTP), it is preferable to manage the transmission data in a unified manner. When the relay server receives a normal e-mail, communication control such as permitting / rejecting the transmission of the normal e-mail based on the semantic information such as the destination, CC, BCC, the number of destinations, and a specific keyword. Will do. In this case as well, in the same way as in the case of Web mail, the capture pattern is defined, and an action expression is defined that defines what processing is to be performed when an SMTP email matches the capture pattern. Become. When the relay server performs relay control of both Web mail and normal electronic mail, it becomes possible to search for data using information such as destination, CC, BCC, subject, text, attached file, etc. as search keys. As described above, it is preferable to register both Web mail and normal e-mail data in the database in a unified manner.

[Third Embodiment]
The table data of FIGS. 5 and 6 and the action formulas shown in FIGS. 14 to 17 may be edited by the operator of the relay server 101 at an arbitrary timing.

  That is, for example, when a provider newly provides a Web mail page, in order to correspond to this Web mail page, the table shown in FIG. It is necessary to register a newly issued service ID in association with it.

  The same applies to the context operation procedures shown in FIGS. 14 to 17. For example, in the action expression shown in FIG. 17, the value of x used as an argument in the function GET_KEYWORD (x), the sender of the e-mail, the destination It is also necessary to appropriately edit the criteria for determining the destination, the destination of the email to be sent when the number of destinations is a predetermined number or more, and the like.

  If the above information is additionally created, it is necessary to register it in the table shown in FIG.

  As described above, table data, conditions, and the like as described above may be appropriately edited. As for the editing method, for example, an editing GUI may be displayed on the display unit 209 of the relay server 101, and editing may be performed via this GUI.

[Other Embodiments]
Also, an object of the present invention is to supply a recording medium (or storage medium) in which a program code of software that realizes the functions of the above-described embodiments is recorded to a system or apparatus, and a computer (or CPU or CPU) of the system or apparatus. Needless to say, this can also be achieved when the MPU) reads and executes the program code stored in the recording medium. In this case, the program code itself read from the recording medium realizes the functions of the above-described embodiment, and the recording medium on which the program code is recorded constitutes the present invention.

  Further, by executing the program code read by the computer, not only the functions of the above-described embodiments are realized, but also an operating system (OS) running on the computer based on the instruction of the program code. It goes without saying that a case where the function of the above-described embodiment is realized by performing part or all of the actual processing and the processing is included.

  Furthermore, after the program code read from the recording medium is written into a memory provided in a function expansion card inserted into the computer or a function expansion unit connected to the computer, the function is based on the instruction of the program code. It goes without saying that the CPU or the like provided in the expansion card or the function expansion unit performs part or all of the actual processing and the functions of the above-described embodiments are realized by the processing.

  When the present invention is applied to the recording medium, program code corresponding to the flowchart described above is stored in the recording medium.

It is a figure which shows the structural example of the system which concerns on the 1st Embodiment of this invention. 3 is a block diagram illustrating a hardware configuration of a relay server 101. FIG. When the client terminal devices 102a and 102b access the Web mail page provided by the HTTP server 105 via the relay server 101 and the wide area network 106 and instruct the creation, storage, transmission, etc. of the Web mail on the Web mail page 6 is a flowchart of processing performed by the relay server 101. It is a flowchart which shows the detail of the process in step S505. It is a figure which shows the structural example of the relay control rule table referred in order to determine the process which the relay server 101 performs based on an analysis file. It is a figure which shows the structural example of the table which registered the classification of the web mail page corresponding to each service ID. It is a figure which shows the structural example of a transmission mail information table. It is a figure which shows the structural example of the keyword definition table in which the definition formula corresponding to each keyword set ID is registered. It is a figure which shows an example of a capture pattern expression. It is a figure which shows the content of the context operation procedure corresponding to various operation types. It is a figure which shows the content of the context operation procedure corresponding to various operation types. It is a figure which shows the content of the context operation procedure corresponding to various operation types. It is a figure which shows the content of the context operation procedure corresponding to various operation types. It is a figure which shows the content of the action type | formula corresponding to various operation types. It is a figure which shows the content of the action type | formula corresponding to various operation types. It is a figure which shows the content of the action type | formula corresponding to various operation types. It is a figure which shows the content of the action type | formula corresponding to various operation types.

Claims (16)

Information processing for relay control of HTTP data communication between an HTTP server that provides a web page for providing a service for sending and receiving electronic mail using the HTTP protocol and a client terminal device that can communicate with the HTTP server A device,
For a plurality of the HTTP servers, obtain a capture pattern including a request URL for specifying data communication to the HTTP server, and transmission information of the e-mail included in HTTP data transmitted to the HTTP server. First storage means for storing association attributes for definition,
Receiving means for receiving HTTP data transmitted from the client terminal device;
First determination means for determining which of the capture patterns is matched by comparing the request URL included in the HTTP data received by the reception means with the capture pattern stored in the first storage means. When,
The HTTP received by the receiving means according to the definition attribute associated with the acquisition pattern determined to match the HTTP data received by the receiving means when the first judging means determines that the captured pattern matches. First acquisition means for acquiring e-mail transmission information from the data;
Judgment is made as to whether the transmission information of the e-mail acquired by the first acquisition means matches the definition formula that can be set on the condition of the e-mail destination, text information included in the e-mail, and attached file information of the e-mail Second determining means for
An information processing apparatus comprising: a relay control unit that performs relay control that relays or prohibits transmission of HTTP data received by the reception unit according to a determination result by the second determination unit . The definition attribute includes a first operation procedure for obtaining transmission information of the e-mail,
The information processing apparatus according to claim 1, wherein the first acquisition unit acquires the transmission information of the e-mail by executing the first operation procedure . The definition attribute includes a second operation procedure for acquiring session management information of the HTTP data,
Second acquisition means for acquiring the session management information by executing the second operation procedure;
Second storage means for storing e-mail transmission information acquired by the first acquisition means and the session management information;
The information processing apparatus according to claim 1 , further comprising: The said 2nd memory | storage means memorize | stores the transmission information which the said 1st acquisition means acquired from several HTTP data which have the same session management information in the same record . Information processing device. The first storage means further stores information indicating an operation type of HTTP data that matches the capture pattern;
The first determination means further determines the type of operation type of the email,
When the first determination unit determines that the operation type is an e-mail transmission, the second determination unit is acquired by the first acquisition unit and stored in the second storage unit. 5. The information processing apparatus according to claim 3, wherein it is determined whether transmission information of the electronic mail that matches the definition formula is satisfied . 6. Information processing for relay control of HTTP data communication between an HTTP server that provides a web page for providing a service for sending and receiving electronic mail using the HTTP protocol and a client terminal device that can communicate with the HTTP server An information processing method performed by a device,
For a plurality of the HTTP servers, obtain a capture pattern including a request URL for specifying data communication to the HTTP server, and transmission information of the e-mail included in HTTP data transmitted to the HTTP server. A first storage step for storing association attributes for definition,
A receiving step of receiving HTTP data transmitted from the client terminal device;
A first determination step of determining which of the capture patterns is matched by comparing the request URL included in the HTTP data received in the reception step with the capture pattern stored in the first storage step. When,
If it is determined in the first determination step that it matches the capture pattern, the HTTP received in the reception step according to the definition attribute associated with the capture pattern determined to match the HTTP data received in the reception step A first acquisition step of acquiring e-mail transmission information from the data;
Judgment is made as to whether the transmission information of the email acquired in the first acquisition step matches the definition formula that can be set on the condition of the destination of the email, the text information included in the email, and the attached file information of the email A second determination step,
An information processing method comprising: a relay control step of performing relay control that relays or prohibits transmission of HTTP data received in the reception step according to a determination result in the second determination step . The definition attribute includes a first operation procedure for obtaining transmission information of the e-mail,
The information processing method according to claim 6, wherein in the first acquisition step, transmission information of the electronic mail is acquired by executing the first operation procedure. The definition attribute includes a second operation procedure for acquiring session management information of the HTTP data,
A second acquisition step of acquiring the session management information by executing the second operation procedure;
A second storage step of storing the e-mail transmission information acquired in the first acquisition step and the session management information;
The information processing method according to claim 6, further comprising: The transmission information acquired in the first acquisition step from a plurality of HTTP data having the same session management information is stored in the same record in the second storage step. Information processing method. The first storage step further stores information indicating an operation type of HTTP data that matches the capture pattern;
In the first determination step, the operation type of the email is further determined,
In the first determination step, when it is determined that the operation type is transmission of an e-mail, the second determination step acquires the first acquisition step and stores it in the second storage step. 10. The information processing method according to claim 8 or 9, wherein it is determined whether or not the transmission information of the electronic mail that matches the definition formula. Relay control of HTTP data communication between an HTTP server that provides a web page for providing a service for sending and receiving e-mail using the HTTP protocol and a client terminal device that can communicate with the HTTP server A computer program for causing an information processing apparatus to function,
For a plurality of the HTTP servers, obtain a capture pattern including a request URL for specifying data communication to the HTTP server, and transmission information of the e-mail included in HTTP data transmitted to the HTTP server. First storage means for storing association attributes for definition,
Receiving means for receiving HTTP data transmitted from the client terminal device;
First determination means for determining which of the capture patterns is matched by comparing the request URL included in the HTTP data received by the reception means with the capture pattern stored in the first storage means. When,
The HTTP received by the receiving means according to the definition attribute associated with the acquisition pattern determined to match the HTTP data received by the receiving means when the first judging means determines that the captured pattern matches. First acquisition means for acquiring e-mail transmission information from the data;
Judgment is made as to whether the transmission information of the e-mail acquired by the first acquisition means matches the definition formula that can be set on the condition of the e-mail destination, text information included in the e-mail, and attached file information of the e-mail Second determining means for
Relay control means for performing relay control for relaying or prohibiting transmission of HTTP data received by the receiving means according to a determination result by the second determining means;
A computer program characterized by functioning as a computer program. The definition attribute includes a first operation procedure for obtaining transmission information of the e-mail,
12. The computer program according to claim 11, wherein the first acquisition unit acquires the transmission information of the e-mail by executing the first operation procedure. The definition attribute includes a second operation procedure for acquiring session management information of the HTTP data,
Second acquisition means for acquiring the session management information by executing the second operation procedure;
Second storage means for storing the transmission information of the e-mail acquired by the first acquisition means and the session management information;
The computer program according to claim 11, further comprising: The said 2nd memory | storage means memorize | stores the transmission information which the said 1st acquisition means acquired from several HTTP data which have the same session management information in the same record. Computer program. The first storage means further stores information indicating an operation type of HTTP data that matches the capture pattern;
The first determination means further determines the type of operation type of the email,
When the first determination unit determines that the operation type is transmission of an e-mail, the second determination unit is acquired by the first acquisition unit and stored in the second storage unit. The computer program according to claim 13 or 14, wherein it is determined whether the transmission information of the electronic mail that matches the definition formula is satisfied. A computer-readable storage medium storing the computer program according to any one of claims 11 to 15 .

Images