JP6531373B2 - INFORMATION PROCESSING APPARATUS, CONTROL METHOD FOR INFORMATION PROCESSING APPARATUS, AND PROGRAM - Google Patents

Description

  The present invention relates to an information processing apparatus capable of transmitting an electronic mail, a control method of the information processing apparatus, and a program.

  E-mail, which sends and receives e-mails, is an indispensable tool in performing daily work and the like. However, due to the increase in frequency of use and convenience, regardless of intention or intention, the risk of leakage of confidential information in a company is also increasing.

  Companies are making efforts to prevent the external leakage of confidential information from the viewpoint of self-defense. For example, as a mechanism for preventing the external leakage of confidential information, it has been practiced to check an email body to be sent and extract an email including a keyword in question.

  Further, Patent Document 1 proposes a system for prompting a user for confirmation when confidential information is included at the time of e-mail transmission.

JP, 2013-130942, A

  According to these prior arts, when mail is sent, if the mail body or the attached file of the mail includes the content including the specific wording, the user is prompted to confirm.

  That is, in the prior art, when the content including the specific wording is included, a predetermined operation (for example, notification or prohibition of transmission) is performed. For example, as the encryption method in the case of encrypting the attached file, a predetermined one is adopted. That is, even if there is a portion to be encrypted and a portion not to be required depending on the level of the confidential information included in the e-mail, according to the prior art, even words that are not necessary may be encrypted. In this case, there has been a problem that the recipient will have to take time to decode even the portion that did not require encryption.

Therefore, it is an object of the present invention to provide an information processing apparatus capable of flexibly masking an e-mail including confidential information based on a mask range based on a character string to be detected .

A detected character string storage unit which stores a character string and a range to be masked based on the character string for each character string to be detected, a mail reception unit that receives an electronic mail from a sender, and the mail Encryption means for encrypting an electronic mail from the sender received by the reception means, the electronic mail including the character string to be detected stored in the detection character string storage means, and the detected character string storage means In the mail text of the e-mail including the character string to be detected which is stored in the range to be masked based on the character string stored in association with the character string to be detected in the detected character string storage means a mask means for masking basis, the e-mail in which the mail text is masked by said masking means, the e-mail encrypted by the encrypting means is attached mass It has a mask mail generating means for generating a mail for the recipient's e-mail from the sender, and a mail distribution means for distributing the mask mail created by the mask mail generating means.

According to the present invention, it is possible to provide an information processing apparatus which flexibly masks electronic mail including confidential information based on a mask range based on a character string to be detected .

It is a figure which shows an example of a structure of the mail system concerning embodiment of this invention. It is a block diagram which shows an example of the hardware constitutions of the information processing apparatus in the mail system concerning embodiment of this invention. FIG. 3 is a block diagram showing an example of the software configuration of the information processing apparatus in the mail system according to the embodiment of the present invention. It is a figure which shows an example of the mail function with which the mail system concerning embodiment of this invention is equipped. It is a flowchart which shows an example of the whole process of the mail system concerning embodiment of this invention. It is a flow chart which shows an example of mail analysis processing of a mail system concerning an embodiment of the present invention. It is a flowchart which shows an example of the mask mail production | generation process of the mail system concerning embodiment of this invention. It is a figure which shows an example of the mail transmission screen of the mail system concerning embodiment of this invention. It is a figure which shows an example of the mail screen for password notification of the mail system concerning embodiment of this invention. It is a figure which shows an example of the reception screen of the mask mail of the mail system concerning embodiment of this invention. It is a figure which shows an example of the screen which opened the attached file of the mail system concerning embodiment of this invention. It is a flowchart which shows an example of the process which opens the attached file of the mail system concerning embodiment of this invention. It is a figure which shows an example of the various definition files of the mail system concerning embodiment of this invention.

  Hereinafter, embodiments of the present invention will be described in detail with reference to the drawings.

  FIG. 1 is a diagram showing an example of the configuration of a mail system according to an embodiment of the present invention.

  In this mail system, at least one client apparatus 102 (information processing apparatus), the mail server 101, and the Web mail server 104 are connected via the network 103 (LAN / WAN), and they are mutually emailed (hereinafter simply referred to as mail). Transmission / reception is also possible. Further, the server does not necessarily require the mail server 101 and the web mail server 104, and may be configured by any one type of server.

  Although FIG. 1 shows the case where three client apparatuses 102 a to 102 c are provided as an example, any number of client apparatuses may be provided. The type of information processing apparatus may be any information processing apparatus that can be used as a client of electronic mail, and a portable terminal such as a PC or a mobile phone can be applied.

  When the sender of the e-mail transmits an e-mail from any client device (here, the client device 102a), the e-mail is received by the mail server 101 via the network 103.

  The mail receiver receives the mail from the mail server 101, and refers to the received mail from the mail client mailbox.

  The mail sent to the mail server 101 can be referred to using the transmission tray of the client terminal 102.

  Further, a plurality of mail servers 101 and web mail servers 104 may exist, and mail may be transmitted and received between the client apparatuses 102 a and 102 c via a plurality of mail servers and web mail servers.

  The web mail server 104 is a server capable of providing the client apparatus 102 with the web mail service. The user has no data in the client apparatus 102 and uses a service using a web browser or the like. In this case, mail transmission / reception data (including history data) and an address book are stored in the Web mail server. When using the web mail server, the user sends an e-mail on the web mail server, and browses the received email using the web mail server using the web browser.

  Further, since the web mail server 104 is accessed by the client device 102 using a web browser, control of file operation in the client device 102 is also possible.

  FIG. 2 is a block diagram showing an example of the hardware configuration of the information processing apparatus in the mail system according to the embodiment of the present invention.

  The information processing apparatus 200 can be applied to the mail server 101, the web mail server 104, and the client apparatus 102.

  Central processing unit (CPU) 201, random access memory (RAM) 203, read only memory (ROM) 202, input controller 205, video controller 206, memory controller 207, communication I / F controller 208, etc. Take a connected configuration.

  The CPU 201 centrally controls the devices and controllers connected to the system bus 204.

  Further, the ROM 202 or the external memory 211 may include a BIOS (Basic Input / Output System) or an OS (Operating System), which is a control program of the CPU 201, and a function necessary for realizing each server or each PC. Various programs are stored.

  Also, information necessary for practicing the present invention is stored. The external memory may be a database.

  The RAM 203 functions as a main memory, a work area, and the like of the CPU 201. The CPU 201 loads programs necessary for execution of processing from the ROM 202 or the external memory 211 to the RAM 203 and executes the loaded programs to realize various operations.

  The input controller 205 also controls input from a keyboard (KB) 209 and a pointing device such as a mouse (not shown).

  The video controller 206 controls display on a display such as the display 210. The display may be a display such as a liquid crystal display. These are used by the administrator as needed.

  The memory controller 207 is an external storage device (hard disk (HD)) for storing a boot program, various applications, font data, user files, editing files, various data, etc., a flexible disk (FD), or PCMCIA (Personal Computer). Memory Card International Association) Control access to an external memory 211 such as a Compact Flash (registered trademark) memory connected via an adapter to a card slot.

  The communication I / F controller 208 connects to and communicates with an external device via the network 103, and executes communication control processing in the network. For example, communication using TCP / IP (Transmission Control Protocol / Internet Protocol) is possible.

  The CPU 201 can display the image on the display 210 by executing, for example, an outline font rasterization process on a display information area in the RAM 203. Further, the CPU 201 enables user instruction by a mouse cursor (not shown) or the like on the display 210.

  Various programs to be described later for realizing the present invention are stored in the external memory 211, and are executed by the CPU 201 by being loaded into the RAM 203 as necessary. Furthermore, a definition file and various information tables used at the time of execution of the program are also stored in the external memory 211.

  FIG. 3 is a block diagram showing an example of the software configuration of the information processing apparatus in the mail system according to the embodiment of the present invention.

  It is a figure which shows the function structure which the information processing apparatus 301 (mail server 101) has. In addition, the Web mail server can also provide this function, and in this case, the Web mail server 104 has this function.

  The information processing apparatus 301 includes a mail reception unit 302, a mail determination unit 303, an attached file generation unit 304, a mail text change unit 306, a password generation unit 307, a mask mail generation unit 308, and a mask mail transmission unit 309.

  When the information processing apparatus 301 is the web mail server 104, the attached file control unit 305 is provided.

  The mail reception unit 302 receives a mail from a mail sender. The mail determination unit 303 determines whether a mask is required for the received mail. A condition definition set in advance is used for the determination.

  The attached file generation unit 304 generates an encrypted file to be attached when the mask is required. The encrypted file can be decrypted by accepting the input of the set password. Although it is desirable that the encrypted file is a compressed file, it is not limited to this.

  The mail text changing unit 306 masks portions necessary for the text based on the condition definition set in advance. The password generation unit 307 generates a password for giving to the generated encrypted file. The password to be granted may be determined in advance by the administrator or may be randomly assigned.

  The mask mail generation unit 308 attaches the created encrypted file to the mail whose text is masked. The mask mail transmission unit 309 distributes (sends) the generated mask mail to the recipient to which the sender is addressed.

  An attached file control unit 305 is a function of the web mail server 104, and controls when a client connected to the web mail server manipulates an attached file.

  FIG. 4 is a view showing an example of the mail function provided in the mail system according to the embodiment of the present invention.

  It is a figure which illustrates notionally the flow of transmission / reception of the electronic mail in this mail system. First, when the sender 401 sends e-mail (1) as plaintext, the mail server 402 uses the stored various definition files 404 to determine whether a mask is necessary from the content of the received e-mail. Do.

  If a mask is required, the password notification mail (2) is notified to the sender 401 when a password is given at the time of masking. Further, the password notification mail (2) may not be sent to the sender 401, in which case the mail server 402 may send it directly to the sender 403.

  The masked mail (3) is transmitted with the corresponding part of the mail text masked, and the contents of the mail originally transmitted are transmitted to the recipient 403 as an attached file. At this time, the password when the attached file is encrypted is sent from the sender 401 or notified from the mail server 402.

  The e-mail sent from the sender 401 is masked according to the contents set in the various definition files 404 according to the contents of the mail. Not all emails are necessarily masked, and some emails may not be masked. The contents of the various definition files 404 will be described with reference to FIG.

  In the present embodiment, the mail server 402 refers to the mail server 101 and the web mail server 104, and the same processing is performed by either server unless otherwise described.

  FIG. 13 is a view showing an example of various definition files of the mail system according to the embodiment of the present invention.

  As an example of the definition file, a detection condition definition 1300, a destination condition definition 1310, and an option condition definition 1320 are stored.

  The detection condition definition 1300 defines a condition for detecting a character string to be masked from characters written in the text of the electronic mail (detection character string storage means). For convenience, in the description, the character string will be described, but characters (one character) when the detection condition is set to detect one character are also included in the character string of the present invention.

  The parameter 1301 is a title of a detection condition, and can be freely named when the administrator sets it. The detection condition 1302 is a parameter for detecting a character string written in the mail text, and is detected by the method set in the detection unit 1303.

  The detected character string is a range in which the range designated by the mask range 1304 is masked, and the security level designated by the security level 1305 is set.

  For example, when the detection condition 1302 is “111.222. *” In the parameter 1301 “IP address”, the detection condition 1303 is “partial match”, so the character string including “111.222.” Is a mask. Since the mask range 1304 is “target only”, only the portion including the character string is to be masked, and the security level “A” is obtained as specified by the security level 1305.

  The security level 1305 is used as a mask setting condition according to the destination of the destination condition definition 1310.

  Similarly, with the parameter 1302 “IP address”, the detection condition 1302 is “/ ^ (([1-9]? [0-9] | 1 [0-9] {2} | 2 [0-4] [0− 9] | 25 [0-5]).) {3} ([1-9]? [0-9] | 1 [0-9] {2} | 2 [0-4] [0-9] | If it is 25 [0-5]) $ /, the detection means 1303 is a "regular expression", so the character string "***. ***. ***. ***" is to be masked .

  In the present embodiment, “partial match”, “regular expression”, and “perfect match” are described as the detection unit 1303 as an example, but it is needless to say that there is no limitation to this. By detecting something that matches the detection condition 1302 by this detection means 1303, such as “IP address” “URL” “contract amount” “specific email (mail address)” “phone number” “account (employee number)” etc. Strings can be detected.

  In addition, whether to mask only the detected character string (only the relevant part), mask the line containing the applicable character string (corresponding line), or mask the preceding and subsequent lines of the detected character string (before and after the relevant line) Can be specified by the mask range 1304.

  In the destination condition definition 1310, using the security level determined in the detection condition definition 1300, it is possible to set the mask setting state according to the destination. Note that it is possible to change whether or not to perform mask setting according to the destination condition definition using the security level by setting.

  The presence or absence of a mask is set for each security level designated by the security level 1311 according to the destination.

  For example, the character string of security level 1311 “A” is set to “masked” in any of 1312 for company, 1313 for group company (for G company), and 1314 for outside company.

  In the option condition definition 1320, a condition for performing additional option setting is set by the setting related to the mask determined by the above two conditions.

  In the case where “the number of masked portions in the text is two or less” in the condition 1321, “the attached file is only the masked portion”. Similarly, in the case where "security level is only C" in the condition 1321, the control is performed so that the attached file is opened in the "mailable format". Further, in the case where the condition 1321 is “open only when there is an original mail”, it is set that “an open is made if there is no original mail”. Details will be described later.

  Also for this condition, as with the destination condition definition 1310, only the condition specified by the administrator is executed.

  FIG. 5 is a flow chart showing an example of the overall processing of the mail system according to the embodiment of the present invention.

  It corresponds to the process of the mail server 402 when the mail is received from the sender 401.

  In step S501, when an electronic mail is received, analysis processing is performed to analyze the presence or absence of mask processing for the mail received in step S502.

  The result of the analysis process is determined in step S503. If it is determined that the mask process is not necessary, the process proceeds to step S506 to perform normal mail transmission to the receiver 403. The e-mail transmission may be a method of push-sending an e-mail to the recipient, or a process of storing the e-mail in the recipient's mailbox.

  On the other hand, if it is determined that the masking process is necessary, the process proceeds to step S504, and a mask mail generation process is performed. At step S505, the mask mail is transmitted (distributed) to the mail receiver, and the process ends. Details of the mail analysis process and the mask mail generation process will be described with reference to FIGS. 6 and 7.

  FIG. 6 is a flow chart showing an example of mail analysis processing of the mail system according to the embodiment of the present invention.

  In step S601, the detection condition definition 1300 is acquired from the storage area of the mail server 402, and in step S602, the text of the sent mail is analyzed. An example of the sent mail is shown in FIG.

  FIG. 8 is a view showing an example of a mail transmission screen of the mail system according to the embodiment of the present invention.

  This screen is a mail transmission screen 801 created by the mail sender 401 on the screen of the client terminal 102. The mail sender 401 enters a text 802, a destination 804, a destination (CC) 805, and a subject 806, and when the transmission 803 is pressed, a mail is sent to the mail server 402.

  In step S602, the character string defined in the detection condition definition 1300 is analyzed for the character string described in the text 802.

  In the example of the figure, “192.168.1.1” and “192.168.11.1” of IPAddress (1) and IPAddress (2) are detected, and the security level 1305 becomes “A”.

  It returns to the explanation of the flowchart (FIG. 6). If no character string is detected in step S603, the process advances to step S609, and the analysis result is "mask unnecessary". On the other hand, when the target character string is detected as shown in FIG. 8, the process proceeds to step S 604, and the destination condition definition 1310 is acquired.

  The destination is analyzed in step S605. In the example of FIG. 8, since two destinations, destination 804 and destination (CC) 805, are set, analysis is performed on two destinations. The destination 804 may be prioritized, or one with a high security level (A> B> C) may be prioritized, and processing is performed on all the destinations as described in this embodiment. Alternatively, they may be sent as different mails (for example, using envelope information).

  The determination as to whether a mask is necessary uses the security level analyzed in step S602. In the example of FIG. 8, since the “IP address” parameter 1301 is detected, the security level is “A”, and it is determined that any destination is masked.

  Assuming that “account” is detected in parameter 1301, in that case, “mask present” for destination 804 and “mask absent” for destination (CC) 805. It is determined that It should be noted that whether the address is an internal address or an external address (or an address to a group company) may be determined using the domain name of the e-mail address of the address.

  In step S607, the determined mask state and mask presence are stored as an analysis result, and the process proceeds to step S608. In step S608, it is determined whether or not all the destinations set in the transmitted mail have been analyzed, and the process returns to step S605 and the process is repeated until processing is performed on all the destinations, and analysis is performed on all the destinations. When the process is performed, the process ends.

  FIG. 7 is a flowchart showing an example of mask mail generation processing of the mail system according to the embodiment of the present invention.

  The mail text to be masked is extracted in step S701, and the mail text is encrypted into a file with a password in step S702. The password is assigned in accordance with a preset assignment rule.

  In step S703, the corresponding part of the mail text is masked. The masked mail text will be described with reference to FIG.

  FIG. 10 is a view showing an example of a mask mail reception screen of the mail system according to the embodiment of the present invention.

  It is an email reception screen 1001 created in FIG. IPAddress (1) and IPAddress (2) of the text 1002 are masked as “**********”, respectively. Since the mask range 1304 for the “IP address” of the parameter 1301 is “only relevant part”, it is masked as shown in the figure.

  If the mask range 1301 is "the corresponding line", the IPAddress (1) and IPAddress (2) are also masked with "*", and if they are "before and after the corresponding line", the "IP address" The lines of “I will contact you” and “I would like to thank you,” will also be masked with “*”.

  The sender 1003, the destination 1004, and the subject are the same as the sent mail 801, and the attached file 1006 is attached with the encrypted file "sa001.zip" generated in step S702.

  The description will return to the flowchart (FIG. 7). In step S704, a mask e-mail (FIG. 10) for transmission to be sent to the recipient 403 is created, and the process is terminated.

  FIG. 9 is a diagram showing an example of a password notification mail screen of the mail system according to the embodiment of the present invention.

  It is an example of the notification mail 901 of the password of the encrypted file created in step S702 (FIG. 7). This email is a notification email sent from the email server 402 to the sender 401.

  The notice on the password is written in the text 902, the mail system admin is set in the sender 903, and the address 904 is addressed to "netnet@aaa.co.jp" which is the address of the sender 401. ing.

  In the subject 905, "password notification" is added to "commit IP address" which is the subject of the original mail.

  The sender 401 having received the mail notifies the recipient 403 of the password so that the recipient 403 can open the attached file. Also, it goes without saying that the mail server 402 may directly send a mail regarding the password to the recipient 403.

  FIG. 11 is a diagram showing an example of the screen with the attached file opened in the mail system according to the embodiment of the present invention.

  The content is opened after the sender 403 enters a password (not shown) in “sa001.zip” of the attachment 1006.

  The incoming mail viewer 1101 is in a form that can be opened by e-mail-type e-mail software that can directly reply to or forward this e-mail.

  On the other hand, the text viewer 1111 is designed to be opened in a file format (not an e-mail format) in which it is not possible to reply or forward the mail directly. Basically, the text viewer 1111 format is preferable from the viewpoint of information leakage prevention by reply and transfer. However, in the case where the security level is low or the like, it may be desirable in the form of the received mail viewer 1101 which can reply or forward as it is.

  Therefore, in the present invention, in the case of "only security level is C" in the option condition definition 1320, the attached file can be opened in "mailable format for mail transmission" (ie, mail software). In this case, when generating the mask mail by the mail server 101, the correspondence with the open format may be made, or in the case of the Web mail server 104, the option condition definition 1320 is referred to when the client opens. And the format for opening the attached file may be determined.

  In addition, in the case of "the number of masked portions of the text is two or less" in the option condition definition 1320, when "only an attached file is a masked portion" is set, the character string displayed in the text of 1101 and 1111 is "192. It can only be 168.1.1 "and" 192.168.11.1 ". As a result, compared to the case where the entire electronic mail is encrypted, extra information is not included, so the risk in the event of a leak can be suppressed to a low level. The number of mask locations is not limited to two or less, and a predetermined number can be set in advance.

  However, if there are many masked parts, it may be unclear which corresponding part is masked, so it is preferable to display the same contents of the original mail.

  Further, an example in the case where “setting to open only when there is an original mail” is set to “prevent opening if there is no original mail” in the option definition 1320 will be described using FIG.

  FIG. 12 is a flowchart showing an example of the process of opening an attached file of the mail system according to the embodiment of the present invention.

  This flow is processed by the client terminal 102 of the transmission destination 403, and is processing when the encrypted file attached to the mail is opened.

  In step S1201, it is checked whether to retain the attached original mail. If there is an original mail, the compound sign is permitted in step S1202, and if not, the compound sign is not permitted in step S1203.

  This is to reduce the risk when the attached file and password are leaked at the same time, and for example, when the attached file is opened, whether or not the attached original mail exists (is possessed) in the same client terminal 102 This is realized by performing the determination of In this case, when the mail server 101 generates an encrypted file, a script or the like that performs such operations can be embedded in the encrypted file.

  Also, in the case of the Web mail server 104, it is possible to make the client terminal execute the processing of this flowchart or open the encrypted file, or the Web mail server program is executed on the server.

  The configuration of the various data described above and the contents thereof are not limited to this, and it is needless to say that they are configured in various configurations and contents depending on the application and purpose.

  As mentioned above, although one Embodiment was shown, this invention can take the embodiment as a system, an apparatus, a method, a program, a recording medium etc., for example, and, specifically, it is comprised from a some apparatus The present invention may be applied to a single system or to an apparatus comprising a single device.

  Further, the program in the present invention is a program that enables a computer to execute the processing method in the flowchart, and the storage medium of the present invention stores a program that can execute the computer in the processing method in the flowchart. The program in the present invention may be a program for each processing method of each device.

  As described above, the recording medium recording the program for realizing the functions of the above-described embodiments is supplied to the system or apparatus, and the computer (or CPU or MPU) of the system or apparatus stores the program stored in the recording medium. It goes without saying that the object of the present invention can be achieved also by reading and executing.

  In this case, the program itself read out from the recording medium realizes the novel function of the present invention, and the recording medium storing the program constitutes the present invention.

  As a recording medium for supplying the program, for example, a flexible disk, hard disk, optical disk, magneto-optical disk, CD-ROM, CD-R, DVD-ROM, magnetic tape, non-volatile memory card, ROM, EEPROM, silicon Disks, solid state drives, etc. can be used.

  Further, by executing the program read by the computer, not only the functions of the above-described embodiment are realized, but also an operating system (OS) or the like running on the computer is actually executed based on the instructions of the program. It goes without saying that the processing is partially or entirely performed, and the processing realizes the functions of the above-described embodiments.

  Furthermore, after the program read from the recording medium is written to the memory provided to the function expansion board inserted into the computer or the function expansion unit connected to the computer, the function expansion board is read based on the instruction of the program code. It goes without saying that the case where the CPU or the like provided in the function expansion unit performs part or all of the actual processing and the functions of the above-described embodiment are realized by the processing.

  Further, the present invention may be applied to a system constituted by a plurality of devices or to an apparatus comprising a single device. It goes without saying that the present invention can also be applied to the case where it is achieved by supplying a program to a system or apparatus. In this case, by reading a recording medium storing a program for achieving the present invention into the system or apparatus, the system or apparatus can receive the effects of the present invention.

  Further, by downloading and reading out a program for achieving the present invention from a server on a network, a database or the like by a communication program, the system or apparatus can receive the effects of the present invention.

  In addition, the structure which combined each embodiment mentioned above and its modification is also contained in this invention altogether.

101 mail server 102 client device 103 network 104 web mail server 201 CPU
202 ROM
203 RAM
204 System bus 205 Input controller 206 Video controller 207 Memory controller 208 Communication I / F controller

Claims (9)

A detected character string storage unit which stores a character string and a range to be masked with the character string as a reference in association with each character string to be detected;
Mail receiving means for receiving an e-mail from a sender;
Encryption means for encrypting an electronic mail from the sender received by the mail reception means, the electronic mail including the character string to be detected stored in the detected character string storage means;
In the mail text of the e-mail including the character string to be detected stored in the detected character string storage unit, the character string stored in the detected character string storage unit in association with the character string to be detected Mask means for masking based on the range to be masked as a reference ;
Mask email generation means for creating a mask email in which the email encrypted by the encryption means is attached to the email in which the email body is masked by the masking means;
Mail delivery means for delivering the mask mail created by the mask mail creation means to the recipient of the email from the sender;
An information processing apparatus having The mask means is
The information processing apparatus according to claim 1, characterized in that the basis of the e-mail address from the sender, determining whether to mask. And security level storage means for storing a security level corresponding to the detected character string,
The mask means is
3. The information processing apparatus according to claim 1 , wherein whether to mask is determined based on a security level corresponding to a character string to be detected included in an electronic mail from the sender. The encryption means is
If the number of detected character strings is larger than a predetermined number, the entire email from the sender is encrypted, while if smaller than the predetermined number, only the mask portion is encrypted. The information processing apparatus according to any one of Items 1 to 3 . 5. The control method according to any one of claims 1 to 4 , wherein, when the recipient holds the received e-mail, control is performed so that decryption of the encrypted e-mail generated by the encryption unit can be performed. An information processing apparatus according to any one of the preceding items E-mail that is encrypted is generated from the encryption unit, based on the security level corresponding to the character string the detected, according to claim 1, wherein determining a file format that is generated by the decoding The information processing apparatus according to any one of the items. An e-mail system comprising an information processing apparatus capable of delivering an e-mail, and a client terminal capable of viewing the delivered e-mail,
The information processing apparatus is
A detected character string storage unit which stores a character string and a range to be masked with the character string as a reference in association with each character string to be detected;
Mail receiving means for receiving an e-mail from a sender;
Encryption means for encrypting an electronic mail from the sender received by the mail reception means, the electronic mail including the character string to be detected stored in the detected character string storage means;
In the mail text of the e-mail including the character string to be detected stored in the detected character string storage unit, the character string stored in the detected character string storage unit in association with the character string to be detected Mask means for masking based on the range to be masked as a reference ;
Mask email generation means for creating a mask email in which the email encrypted by the encryption means is attached to the email in which the email body is masked by the masking means;
Mail delivery means for delivering the mask mail created by the mask mail creation means to the recipient of the email from the sender;
Have
The client terminal is
It has delivery mail receiving means for receiving the mask mail delivered by the mail delivery means,
Controlling to be capable of decrypting the encrypted electronic mail attached to the mask mail received by the distribution mail receiving means, when the mask mail distributed by the mail distribution means is possessed;
Mail system with. It is a processing method of an information processing apparatus having detection character string storage means which associates and stores a character string and a range masked with the character string for each character string to be detected.
The information processing apparatus
A mail receiving step of receiving an e-mail from a sender;
The electronic mail from the sender received by the mail receiving step, an encryption step of encrypting the e-mail including the character string to be detected stored in said detecting character string storage means,
In the mail text of the e-mail including the character string to be detected stored in the detected character string storage unit, the character string stored in the detected character string storage unit in association with the character string to be detected A mask step of masking based on a range to be masked as a reference ;
A mask email generation step of creating a mask email in which the email encrypted in the encryption step is attached to the email in which the email body is masked in the mask step;
A mail delivery step of delivering the mask mail created by the mask mail generation step to the recipient of the email from the sender;
A processing method characterized by performing. The program for functioning a computer as each means of the information processing apparatus of any one of Claims 1 thru | or 6 .

Images