JP6674296B2 - Encrypted mail processing device, encrypted mail processing method and program - Google Patents

Description

  BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to an encrypted mail processing device and the like which processes a file attached to a mail and which is an encrypted file attached.

  2. Description of the Related Art Conventionally, there is a document that describes a system for performing a search for an email and an attached file (for example, see Patent Document 1).

  In addition, there is a document that describes a search engine that performs a search on an encrypted and compressed mail and a compressed attached file (for example, see Non-Patent Document 1).

JP-A-2004-192335 (Page 1, FIG. 1, etc.)

"SAVVY / MailRetriever, a mail archiving software with full-text search engine", Hitachi Solutions Nishi-Nippon, Ltd., [online], [searched October 19, 2015], Internet [URL: http: //www.hitachi-solutions -west.co.jp/products/security/savvy/]

  However, in the prior art of any of the documents, the encrypted attached file was not searched.

  In order to perform a process such as a search on the encrypted attached file, it is necessary to receive, for example, an input for decryption (key, password, etc.) and perform decryption based on the input. However, after the processing is completed and the decrypted attached file is closed, if it is desired to perform processing such as search again, it is necessary to accept input for decryption again.

  Therefore, an object of the present invention is to provide an encrypted mail processing device and the like which can eliminate the necessity of receiving an input for decryption of an encrypted attached file again.

  The encrypted mail processing device according to the first aspect of the present invention includes an input receiving unit that receives a decryption input, which is an input for decryption, for an attached file of a mail, A decryption unit that decrypts the encrypted attached file, an instruction receiving unit that receives instructions related to processing that cannot be performed without decrypting the encrypted attached file, When the instruction is received in the state where the attached file is closed after the decryption input is received, the decryption unit decrypts the decrypted attachment file obtained by performing decryption based on the decryption input. And a file processing unit for performing a process corresponding to the instruction.

  With such a configuration, it is not necessary to accept the release input again for the encrypted attached file. As a result, a process that cannot be performed unless the decryption is performed can be performed any number of times only by receiving the decryption input once, so that, for example, the complexity of the user operation can be reduced and the processing load can be reduced.

  Further, the encrypted mail processing device of the second invention is the same as the first invention, except that the decryption unit decrypts the encrypted attached file of the stored mail by decrypting the attached file. A storage unit for overwriting the decrypted attached file with the encrypted attached file, wherein the file processing unit has the decrypted attached file at the time of receiving the instruction. In this case, the encrypted mail processing device performs a process corresponding to the instruction on the decrypted attached file.

  With this configuration, the decrypted attached file is overwritten on the original encrypted attached file (original file), so that the resources of the recording medium can be saved and the processing can be performed at high speed. Also, the decryption of one attached file needs to be performed only once, and the processing load can be reduced.

  Further, the encrypted mail processing device of the third invention is the same as the first invention, except that the release input received by the input receiving unit for the encrypted attached file is associated with the encrypted attached file. A decryption unit that stores the decryption input at the time of receiving the instruction and, based on the stored decryption input, encrypts the attached file. The decryption unit performs decryption, and the file processing unit performs a process corresponding to the instruction on the decrypted attached file obtained by performing decryption based on the decryption input stored in the decryption unit. Device.

  With this configuration, once a decryption input is received, the decryption input is accumulated, and thereafter, every time an instruction is received, decryption is performed based on the stored decryption input, so the decryption input is received only once. And the complexity of the operation can be reduced. Further, compared with the case where the decrypted attached file is stored separately from the encrypted attached file, the resources of the recording medium can be saved.

  Further, the encrypted mail processing device according to the fourth invention is the same as the first invention, wherein the decrypted unit obtained by decrypting the encrypted attached file by the decryption unit performs decryption. The file processing unit further includes a storage unit configured to store the encrypted attached file in association with the encrypted attached file, when the decrypted attached file is stored at the time of receiving the instruction. This is an encrypted mail processing device that performs a process corresponding to an instruction on a released attached file.

  With this configuration, once the decryption input is received, the decryption is performed based on the decryption input, and the obtained decrypted attached file is stored. Thereafter, the attached file is stored every time the instruction is received. Since the decrypted attached file is opened, the decryption input needs to be received only once, and the complexity of the operation can be reduced.

  Further, since the decryption needs to be performed only once, the processing load can be reduced.

  Further, by storing the decrypted attached file separately from the original encrypted attached file (original file) (that is, the original file is also retained), for example, when the original file is transferred, There is no need to perform encryption, high-speed processing becomes possible, and the processing load can be further reduced. Further, even if one of the two files is damaged, the other can be used, so that the security against the damage of the file is enhanced.

  Further, in the encrypted mail processing device of the fifth invention, the instruction is the first instruction relating to the first processing on the encrypted attached file or the encrypted instruction is the encrypted instruction processing device according to the third or fourth invention. An instruction relating to a second process other than the first process for the attached file, further comprising a request unit for requesting a release input even when the release input has been received at the time of receiving the first instruction, The unit, in response to receiving the first instruction, performs the first processing on the decrypted attached file obtained by the decryption unit performing decryption based on the decryption input to the request, and Upon receipt, the stored decrypted attachment or the decrypted attachment obtained by decrypting based on the decryption Is an encrypted mail processing apparatus for performing the process.

  With such a configuration, for the first instruction, even if the release input has been received, the release input is requested, and the decryption is performed based on the release input in response to this request. Can be suppressed. On the other hand, in response to the second instruction, the second process is performed on the decrypted attached file without receiving such a request and a release input for the request, so that the complexity of the operation can be reduced.

  Further, in the encrypted mail processing device according to the sixth invention, the first instruction is an output instruction, the second instruction is a search instruction, and the first processing is an output processing. The second process is an encrypted mail processing device that is a search process.

  With such a configuration, in response to the output instruction, even if the release input has been received, the release input is requested, and the decryption is performed based on the release input in response to the request. Use can be prevented. On the other hand, in response to the search instruction, the search processing is performed on the decrypted attached file without receiving the request and the release input for the request, so that the complexity of the operation can be reduced.

  Further, the encrypted mail processing device according to the seventh invention is the encrypted mail processing device according to any one of the first to sixth inventions, further comprising: a receiving unit that receives a mail; and a transmitting unit that transmits a mail. The encrypted attached file is an encrypted mail attached to any of the received mail received by the receiving unit, the unsent mail that the sending unit tries to send, or the sent mail corresponding to the mail sent by the sending unit. A mail processing device.

  With this configuration, a process that only accepts a decryption input once for an encrypted attached file attached to any of a received mail, an unsent mail, or a transmitted mail and cannot be performed without decryption (for example, , Search, output, etc.) can be performed any number of times.

  According to the present invention, it is possible to perform a process that cannot be performed unless the decryption is performed only once by accepting the decryption input once for the encrypted attached file.

Block diagram of encrypted mail processing device 1 in the first embodiment Flowchart for describing operation of encrypted mail processing device 1 and the like in first to third embodiments Data structure diagram relating to decryption information according to Embodiment 1 Block diagram of encrypted mail processing apparatus 1a according to Embodiment 2. Data structure diagram for the corresponding information Block diagram of encrypted mail processing device 1b according to Embodiment 3. Data structure diagram for the corresponding information Flowchart for describing details of target processing in a modification of the second and third embodiments External view of a computer system 900 that realizes the encrypted mail processing device 1 and the like Configuration diagram of computer system 900

  The following is an attached file of an e-mail, and if the encrypted attached file is decrypted, the next time the attached file is opened, an input for decryption is not required. An embodiment will be described with reference to the drawings. Note that components and steps denoted by the same reference numerals in each of the embodiments and the modified examples perform the same operations, and thus the description thereof may not be repeated.

(Embodiment 1)
When the encrypted mail processing apparatus 1 according to the present embodiment decrypts the encrypted attached file by overwriting the decrypted attached file with the original encrypted attached file, the following processing is performed. It is characterized in that, when an attached file is opened, an input for decryption is not required.

  FIG. 1 is a block diagram of an encrypted mail processing device 1 according to the present embodiment. The encrypted mail processing device 1 includes a storage unit 11, a reception unit 12, a processing unit 13, a reception unit 14, and a transmission unit 15.

  The storage unit 11 includes a mail storage unit 111. The receiving unit 12 includes an input receiving unit 121 and an instruction receiving unit 122. The processing unit 13 includes a decryption unit 131, a file processing unit 132, a storage unit 133, and a request unit 134.

  As a premise, the storage unit 11 stores information for the processing unit 13 to perform various kinds of processing, for example, a program for the encrypted mail processing device 1 and the like. The various processes and programs will be described later.

  The storage unit 11 also stores an identifier for identifying the encrypted mail processing device 1 itself, an identifier for identifying a mail server device (not shown), and a device with which the encrypted mail processing device 1 exchanges information such as mail. An identifier and the like are also stored. Such an identifier is usually an IP address, a MAC address, or the like, but may be of any type.

  Although not particularly mentioned below, such an identifier is usually added to the information transmitted and received between the devices as a transmission source identifier or a transmission destination identifier.

  The mail storage unit 111 is, for example, one or more mails, an attached file of each mail, and can store information such as an encrypted attached file. The encrypted attached file may be information different from the mail or a part of the information constituting the mail.

  The mail is an abbreviation of electronic mail, for example, information such as digitized documents and images transmitted and accumulated between computers such as the encrypted mail processing device 1 through a network such as the Internet.

  An email usually consists of a header and a body. The header includes, for example, information on a transmission destination, a transmission source, and the like (a transmission source identifier, a transmission destination identifier, and the like). The body may include a mail body (document, image, etc.), an attached file (described later), and the like.

  The mail stored in the storage unit 11 is usually a received mail, an unsent mail, or a sent mail, but the type is not limited.

  The received mail is a mail received by the receiving unit 14 described later. The unsent mail is a mail to be transmitted by the transmission unit 15 described later, and the transmitted mail is a mail corresponding to the mail transmitted by the transmission unit 15.

  The mail attached file is a file attached to the mail and transmitted / stored together with the mail. With the mail includes the case where the mail is part of the mail.

  The attached file may include various contents such as a document, an image, and a sound.

  The attached file only needs to be a file that can be transmitted and stored together with the mail, and there is no limitation on the content of the file, the file format, the mode of attachment, and the like.

  Encryption generally refers to converting information in accordance with a predetermined procedure in order to prevent a third party from viewing, falsifying (editing), etc., when transmitting or storing the information. The predetermined procedure is, for example, a procedure according to an encryption algorithm such as a common key encryption and a public key encryption.

  The common key encryption is a method using the same key (common key) for encryption and decryption (decryption). Public key cryptography is a method (PGP, S / MIME, etc.) that uses different keys (public key and secret key) for encryption and decryption.

  However, the encryption is not limited to the conversion of information according to an encryption algorithm using the above-described encryption key (hereinafter, simply referred to as a “key”). For example, the information may be rearranged by using an encryption table. Any type or method can be used as long as the procedure makes browsing / editing impossible or difficult (disabled or difficult).

  That is, the encryption referred to in this embodiment includes a method of disabling or making it difficult to view or edit information by dividing or compressing information, for example.

  In addition, encryption is not limited to a method of converting information itself. For example, by setting a password for a file in which information is stored and making it impossible to open the file without entering a password, Widely interpreted, including methods that make browsing / editing impossible or difficult.

  The encryption may be, for example, encryption with compression (such as ZIP or LZH with a password) or scrambling with an encryption key.

  The target of encryption may be, for example, only the attached file of the mail, the body part of the mail (mail body and attached file), or any object that includes at least the attached file of the mail.

  The storage unit 11 can store decryption information indicating whether or not one or more encrypted attached files stored in the mail storage unit 111 have been decrypted.

  The decryption information includes, for example, an encrypted file ID (for example, CF1, CF2,...) For identifying an encrypted attached file, and a flag (for example, A1) indicating whether or not the encrypted attached file has been decrypted. , A2,...).

  The flag is off in an initial state (a state in which the decryption has not been performed yet), and changes to on when the decryption is performed, for example, under the control of the processing unit 13.

  However, for example, when the processing unit 13 can determine whether or not the attached file itself has been decrypted based on information other than the decryption information, such as when the attached file has information indicating whether or not the decryption has been performed. Does not need decryption information.

  The processing unit 13 performs, for example, control of the above-described flag and various processes to be described later based on information (program, mail, decryption information, and the like) stored in the storage unit 11 and the mail storage unit 111.

  The receiving unit 12 receives an input, an instruction, and the like described later.

  The input receiving unit 121 is a file attached to a mail, and receives a decryption input for decrypting the encrypted attached file.

  The decryption input is, for example, a key (the above-mentioned common key, secret key, encryption key, etc.), a password, etc., but any type may be used as long as the information can decrypt the encrypted attached file.

  The decryption input includes a key or password for decrypting the encrypted attached file.

  The decryption input may include, for example, a pair of an encrypted file ID for identifying one encrypted attached file and a key or password for decrypting the encrypted attached file.

  Reception includes, for example, reception of information input from input devices such as a keyboard, a mouse, and a touch panel, reception of information transmitted via a wired or wireless communication line, and recording media such as optical disks, magnetic disks, and semiconductor memories. This is a concept including reception of information read from a.

  The decryption unit 131 decrypts the encrypted attached file based on the decryption input received by the input receiving unit 121.

  Decryption is to decrypt the attached file and return, for example, the cipher text (encrypted character string) included in the attached file to plain text (unencrypted character string). Say. Further, if the key is encrypted, decryption of the key may be included.

  In the case of encryption with compression, the decryption unit 131 may further perform decompression (decompression).

  When the encryption is scrambled by the encryption key, the decryption unit 131 may perform descrambling by the encryption key, for example.

  When the encryption includes setting of a password for the attached file, the decryption unit 131 may release the password.

  The storage unit 11 can also store a decrypted attached file obtained by decrypting the attached file encrypted by the decryption unit 131.

  The file processing unit 132 opens the decrypted attached file every time the instruction receiving unit 122 receives an instruction (described above).

  The file processing unit 132 performs processing on the decrypted attached file obtained by the decryption unit 131 performing decryption based on the decryption input.

  For example, when the mail stored in the mail storage unit 111 has a decrypted attached file at the time of receiving the instruction, the file processing unit 132 performs processing on the decrypted attached file. .

  The file processing unit 132 normally performs processing such as search and output on a plaintext obtained by opening the decrypted attached file.

  The search generally refers to searching for a target data from a set of data, and includes, for example, a character string search using a keyword, an attribute search based on file attributes (reception date and time, a transmission source identifier, and the like).

  The search instruction in this embodiment is a search such as a character string search or an attribute search for one or more of one or more encrypted attached files stored in the mail storage unit 111. It is to instruct to perform processing.

  The search processing in this embodiment means that one or two or more encrypted attached files are decrypted in response to a search instruction, and one or two or more decrypted Searching for attached files.

  The output instruction in this embodiment means that information included in one or more encrypted one or more of the attached files stored in the mail storage unit 111 is, for example, , An output via an output device such as a display.

  The output processing in this embodiment means that one or two or more encrypted attached files are decrypted according to an output instruction, and one or two or more decrypted To output the attached file via an output device such as a display, for example.

  However, the target of the instruction or processing as described above may be, for example, only an encrypted attached file of an email, or may be an encrypted email body and an encrypted attached file. Further, in addition to the encrypted attached file and the like, for example, an unencrypted attached file, a mail text, a header portion, and the like may be included in the instruction or the processing target.

  In the following, a process corresponding to the instruction received by the instruction receiving unit 122 and that cannot be performed unless the decryption is performed may be referred to as a “target process”. The target process is, specifically, a search process corresponding to the search instruction, an output process corresponding to the output instruction, and the like, as described above. For example, the target process includes an edit instruction that is an instruction for editing an attached file. A corresponding editing process, an analysis process corresponding to an analysis instruction which is an instruction for analyzing an attached file, or the like may be performed, and the type of the target process is not limited.

  The processing unit 13 can output, via an output device, the contents of the attached file opened by the file processing unit 132 and the results of processing such as search by the file processing unit 132.

  The storage unit 133 stores, for example, the decrypted attached file obtained by the decryption unit 131 decrypting the encrypted attached file of the mail stored in the mail storage unit 111 into the encrypted file. Overwrite encrypted attachments.

  Accordingly, the original encrypted attached file (original file) corresponding to the decrypted attached file is lost from the mail storage unit 111 as a result of being overwritten by the decrypted attached file.

  However, it is desirable that encrypted attachments of unsent mails be excluded from being overwritten. That is, the storage unit 133 normally overwrites the encrypted attached file of the received mail and the encrypted attached file of the transmitted mail with the decrypted attached file as described above, Such overwriting is not performed on the encrypted attachment of the unsent mail. In this case, instead of overwriting the decrypted attachment with the encrypted attachment of the unsent message, the file is paired with the encrypted attachment of the unsent message (for example, in association with the original file, (In the same or another storage).

  Alternatively, the storage unit 133 may accumulate the release input received by the input receiving unit 121 with respect to the encrypted attached file, for example, in the storage unit 11 in association with the encrypted attached file. This will be described in a second embodiment.

  Alternatively, the storage unit 133 associates the decrypted attachment file obtained by the decryption unit 131 decrypting the encrypted attachment file with the encrypted attachment file, and stores the decrypted attachment file in the storage unit, for example. 11 may be stored. This will be described in a third embodiment.

  The request unit 134 requests a release input (a key, a password, and the like) when the instruction receiving unit 122 receives an instruction related to processing of the encrypted attached file.

  The request unit 134 requests a release input when the instruction receiving unit 122 receives an instruction related to processing of an encrypted attached file and the flag is on.

  The request unit 134 outputs a request via an output device such as a display.

  The receiving unit 14 receives, for example, mail transmitted from a mail server device (not shown) via a network such as the Internet and a wireless or wired communication module (such as a network card) connected to the network.

  The transmission unit 15 transmits an e-mail to the mail server device via the communication module and the network, for example.

  The storage unit 11, the mail storage unit 111, and the storage unit 11a, the storage unit 11b, the input storage unit 112, and the decrypted file storage unit 113 described later are preferably volatile storage media. It can also be realized with a non-transitory storage medium.

  The storage unit 11 and the like are generally realized by a storage medium (storage such as a hard disk and an optical disk, a memory such as a RAM and a flash memory, and an internal memory of an MPU) included in the encrypted mail processing device 1 itself. It may be realized by cloud computing that utilizes computer resources such as a server connected to a network.

  For example, the storage unit 11, the storage unit 11a, the storage unit 11b, the input storage unit 112, and the decrypted file storage unit 113 are realized by a storage medium included in the encrypted mail processing device 1 in order to ensure security. The mail storage unit 111 can be realized by a storage medium of the mail server. In this case, mails such as received mails and sent mails are stored in the mail storage unit 111 in the storage medium of the mail server, and when the mail application (mailer) is started in the encrypted mail processing device 1, the mail is sent to the Internet. The data is downloaded to the storage medium (the storage unit 11 and the like) of the encrypted mail processing device 1 via the storage device.

  If security can be ensured, the storage unit 11, the storage unit 11a, the storage unit 11b, the input storage unit 112, and the decrypted file storage unit 113 are also external devices such as a mail server like the mail storage unit 111. May be realized by the storage medium included in.

  The process of storing various information such as mails and programs in the storage unit 11 and the like (when and how the information is stored) does not matter. For example, the information may be stored in the storage unit 11 via a removable storage medium such as a CD-ROM, or the information transmitted via a communication line or the like may be stored in the storage unit 11. Alternatively, information input via an input device such as a keyboard may be stored in the storage unit 11.

  The processing unit 13, the decryption unit 131, the file processing unit 132, the storage unit 133, the request unit 134, and the processing unit 13a, the decryption unit 131a, the storage unit 133a, the processing unit 13b, and the storage unit 133b, which will be described later, Usually, it can be realized by cooperation of MPU, memory (ROM, RAM, etc.) and other hardware (storage, output device, etc.) and software stored in the memory, but only hardware (dedicated circuit) May be realized.

  In the following, the entire hardware including the MPU and the memory and the like is referred to as a “computer”, and software that causes this computer to function as the storage unit 11, the reception unit 12, the processing unit 13, the reception unit 14, the transmission unit 15, and the like is referred to as “program”. ". However, the MPU and the memory may be called a “computer”, and the software that causes this computer to function as the processing unit 13 or the like may be called a “program”.

  The receiving unit 12, the input receiving unit 121, and the instruction receiving unit 122 may or may not include the input device. That is, the reception unit 12 and the like can be realized by an input device and its driver software, or can be realized by the driver software of the input device. The input device may be any device such as a keyboard, a mouse, and a touch panel.

  The processing unit 13 and the request unit 134 may or may not include the output device. That is, the output function of the processing unit 13 or the like can be realized by the output device and its driver software, or can be realized by the driver software of the output device. The output device may be anything, such as a display or a speaker.

  The receiving unit 14 and the transmitting unit 15 may or may not include a communication module such as a network card. That is, the receiving unit 14 and the like can be realized by the communication module and its driver software, or can be realized by the driver software of the communication module.

  Next, the operation of the encrypted mail processing device 1 will be described using the flowchart of FIG. 2 and the data structure of FIG.

  FIG. 2 is a flowchart for explaining the operation of the encrypted mail processing device 1 according to the first embodiment.

  The process according to the flowchart of FIG. 2 starts when the power of the encrypted mail processing device 1 is turned on, and ends when an end event such as a power-off operation or interruption of another process occurs.

  At the time of activation, the mail storage unit 111 stores one or more mails, and attached files (for example, CF1, CF2,...) Of the respective mails.

  The storage unit 11 stores decryption information on one or more encrypted attached files (for example, CF1, CF2,...) Stored in the mail storage unit 111.

  FIG. 3 is a data structure diagram regarding the decryption information. The decryption information indicates an encrypted file ID (for example, CF1, CF2,...) Identifying one or more encrypted attached files, and indicates whether or not the one or more encrypted attached files have been decrypted. It is composed of a set of pairs with one or more flags (for example, A1, A2,...).

  At the time of activation, it is assumed that none of the encrypted attached files CF1, CF2,... Has been decrypted yet, and therefore, all the flags A1, A2,.

  (Step S <b> 201) The processing unit 13 determines that the instruction receiving unit 122 is one of one or more encrypted attached files (hereinafter, sometimes referred to as “encrypted files”) stored in the mail storage unit 111. For one, processing that cannot be performed without decryption (for example, search processing, output processing for browsing, editing processing, analysis processing, etc .; hereinafter, sometimes simply referred to as “processing” or “objective processing”) It is determined whether or not an instruction (for example, a search instruction, an output instruction, an edit instruction, an analysis instruction, and the like; hereinafter, may be simply referred to as an “instruction”) has been received.

  The instruction is, for example, an encrypted file ID for identifying an encrypted file to be processed, and a process indicating a type of the process (for example, any one of a search instruction, an output instruction, an edit instruction, an analysis instruction, and the like). Includes pairs with type information.

  If it is determined that the instruction receiving unit 122 has received the instruction for the encrypted file, the process proceeds to step S202. If it is determined that the instruction has not been received, the same determination is repeated.

  (Step S202) The processing unit 13 determines whether a flag corresponding to the encrypted file is on.

  When it is determined that the flag corresponding to the encrypted file is ON, the process proceeds to step S209, and when it is determined that the flag is not ON (OFF), the process proceeds to step S203.

  (Step S203) The request unit 134 requests the user to input a release (key, password, etc.) for the encrypted file via an output device such as a display.

  (Step S204) The processing unit 13 determines whether or not the input receiving unit 121 has received a release input for the encrypted file.

  The decryption input has, for example, a pair of an encrypted file ID for identifying an encrypted attached file to be decrypted and a key or password for decryption. However, the encrypted file ID need not be provided.

  If it is determined that the input receiving unit 121 has received the release input for the encrypted file, the process proceeds to step S205, and if it is determined that the input has not been received (not input), the same determination is repeated. If the period of no input exceeds a certain time, the processing unit 13 may determine that a timeout has occurred and return to step S201.

  (Step S205) The decryption unit 131 decrypts the encrypted file based on the decryption input.

  (Step S206) The processing unit 13 determines whether or not the decryption by the decryption unit 131 is successful.

  If the decryption by the decryption unit 131 is successful, the process proceeds to step S207; otherwise, the process returns to step S203.

  (Step S207) The processing unit 13 executes a re-entry unnecessary process that makes it unnecessary to accept a re-entry input for the encrypted file again.

  As an example of the re-entry unnecessary processing, the storage unit 133 stores the decrypted attached file (hereinafter, referred to as “decrypted file”) obtained by the decryption unit 131 decrypting the encrypted file. May be overwritten on the encrypted file.

  The original encrypted file corresponding to the decrypted file is thus overwritten by the decrypted file and thus lost from the mail storage unit 111 (in other words, the original encrypted file is replaced with the decrypted file). .

  (Step S208) The processing unit 13 turns on a flag corresponding to the encrypted file ID for identifying the encrypted file, which is included in the decryption information stored in the storage unit 11. Thereafter, the process proceeds to step S209.

  (Step S209) The file processing unit 132 executes a target process which is a process corresponding to the instruction.

  In this target process, the file processing unit 132 uses the encrypted file ID of the instruction among the one or more decrypted files DF1, DF2,... Of the one or more mails stored in the mail storage unit 111. Open the identified decrypted file.

  Next, the file processing unit 132 performs processing corresponding to the processing type information included in the instruction (for example, search processing, output processing for browsing, etc.) on one or more plaintexts obtained by opening the decrypted file. Target processing).

  Thereafter, the file processing unit 132 closes the decrypted file, and returns to step S201. This file closing may be performed, for example, in response to the end of the target process, or may be performed in response to receiving an end instruction that is an instruction for ending the target process.

  According to this flowchart, when the first instruction is received for each of the one or more encrypted files CF1, CF2,... Of the one or more mails stored in the mail storage unit 111, the flag is turned off. Therefore, after the processing of steps S203 to S208 and the target processing of step S209, the one or more encrypted files CF1, CF2,... Are decrypted files identified by the same file ID. Are sequentially overwritten by CF1, CF2,... Along with this, the processing unit 13 sequentially changes the flags A1, A2,... Of the decryption information from off to on.

  For this reason, when the second or subsequent instruction is received for one encrypted file, the flag corresponding to the one encrypted file is turned on. Since the target process in S209 is performed, it is not necessary to accept the release input again.

  Hereinafter, a specific operation example of the encrypted mail processing device 1 according to the present embodiment will be described. However, the following operation is only an example, and does not limit the present invention.

  Now, the mail storage unit 111 stores two or more mails M1, M2,..., An encrypted attached file (encrypted file CF1) attached to the mail M1, and two or more mails attached to the mail M2. (Encrypted files CF2, CF3,...) Are stored.

  The storage unit 11 stores decryption information on the encrypted files CF1, CF2, CF3,... Stored in the mail storage unit 111. The decryption information includes encrypted file IDs “CF1”, “CF2”, “CF3”,... For identifying the encrypted files CF1, CF2, CF3,. , “CF3”,... Corresponding to flags A1, A2, A3,.

  However, the flags A1 and A2 are on and the flag A3 is off. Therefore, of the encrypted files CF1, CF2, CF3,... Stored in the mail storage unit 111, the former two have already been overwritten by the decrypted files CF1, CF2.

  The processing unit 13 determines whether the input receiving unit 121 has received a release input (key, password, etc.) for any of the encrypted files CF1, CF2, CF3,... Stored in the mail storage unit 111. Is repeatedly performed.

  When the input receiving unit 121 receives a decryption input for the encrypted file CF3, the decryption unit 131 decrypts the encrypted file CF3 based on the decryption input.

  The storage unit 133 overwrites the original decrypted file CF3 with the decrypted file CF3 obtained by the decryption unit 131 decrypting the encrypted file CF3. As a result of such overwriting, the encrypted file CF3 stored in the mail storage unit 111 is replaced with the decrypted file CF3. Accordingly, the processing unit 13 turns on the flag A3 corresponding to the encrypted file ID “CF3” included in the decryption information stored in the storage unit 11.

  Further, the processing unit 13 cannot be performed unless the instruction receiving unit 122 decrypts one of the encrypted files CF1, CF2, CF3,... Stored in the mail storage unit 111. A determination is also made as to whether an instruction regarding a process (for example, any one of a search process, an output process, and the like) has been received.

  For example, when the instruction receiving unit 122 receives a search instruction regarding a search process for the encrypted file CF1, the processing unit 13 determines whether or not the flag corresponding to the encrypted file CF1 is ON, and sets the decryption information to Determine based on the base.

  Here, since the encrypted file CF1 has been decrypted, the determination result is YES, and the file processing unit 132 opens the decrypted file CF1 identified by the encrypted file ID “CF1”.

  If the search instruction is for an encrypted file that has not been decrypted, the encrypted file is not opened.

  The target of one search instruction is not limited to one encrypted file, but may be two or more encrypted files. If the target of one search instruction is two or more encrypted files, the same processing as described above is performed on each encrypted file sequentially or in parallel.

  The file processing unit 132 performs a search process on the plaintext of the decrypted file CF1 thus opened.

  When the instruction receiving unit 122 receives, for example, an output instruction for browsing the encrypted file CF3, the file processing unit 132 opens the decrypted file CF3 overwritten on the encrypted file CF3, and The processing unit 132 can perform an output process on the plaintext of the opened decrypted file CF3.

  As described above, according to the present embodiment, the input receiving unit 121 that receives a release input, which is an input for decryption, with respect to an encrypted attached file, which is an attached file of a mail, A decryption unit 131 for decrypting the encrypted attached file; an instruction receiving unit 122 for receiving an instruction regarding a process (a target process) that cannot be performed without decrypting the encrypted attached file; When an instruction is received in a state in which the attached file is closed after the decryption input is received for the attached file, the decryption unit 131 performs decryption based on the decryption input and obtains decryption. The encrypted mail processing device 1 including the file processing unit 132 that performs a target process corresponding to the instruction on the already attached file has been encrypted. Again of acceptance of the release input to the attached file is not required. As a result, a process that cannot be performed unless the decryption is performed can be performed any number of times only by receiving the decryption input once, so that, for example, the complexity of the user operation can be reduced and the processing load can be reduced.

  Further, in the encrypted mail processing device 1, a mail storage unit 111 that can store a mail having an encrypted attached file, and an encrypted attached file included in the mail stored in the mail storage unit 111. A storage unit 133 for overwriting the decrypted attached file obtained by decryption by the decryption unit 131 with the encrypted attached file, and the file processing unit 132 In the case where the mail stored in the mail storage unit 111 has the decrypted attached file, the decrypted attached file is subjected to the target process corresponding to the instruction, so that the decrypted attached file is processed. Overwrites the original encrypted attachment (original file), so the It is not necessary to secure the part, saves resources of the recording medium, and to be processed at high speed, also descrambling for one attachment may be performed only once, the processing load can be alleviated.

  In this embodiment, the mail storage unit 111 is stored in a storage medium of the encrypted mail processing apparatus 1 itself, but is stored in a storage medium of an external device such as a mail server on the Internet. It does not matter where it is stored.

  When the mail storage unit 111 is stored in a storage medium of the external device, the decryption unit 131 obtains the encrypted attached file from the external device and, based on the decryption input, encrypts the attached file. The file is decrypted, and the storage 133 stores the decrypted attachment obtained by the decryption unit 131 decrypting the encrypted attached file of the mail stored in the mail storage unit 111. Request (request) the external device to overwrite the file with the encrypted attached file. The file processing unit 132 acquires the encrypted attached file from the external device when the mail stored in the mail storage unit 111 has the decrypted attached file at the time of receiving the instruction, The purpose processing corresponding to the instruction is performed on the decrypted attached file.

  The encrypted mail processing device 1 further includes a receiving unit 14 for receiving the mail and a transmitting unit 15 for transmitting the mail, and the encrypted attached file is the received mail received by the receiving unit 14, By being attached to either the unsent mail to be sent by the sending unit 15 or the sent mail corresponding to the mail sent by the sending unit 15, any one of the received mail, the unsent mail, and the sent mail It is possible to perform a target process (for example, a search, an output, etc.) that can only be performed on the encrypted attached file attached to the crab once the decryption input is received once and the decryption is not performed. .

  Further, the processing in the present embodiment may be realized by software. Then, this software may be distributed by software download or the like. The software may be recorded on a storage medium such as a CD-ROM and distributed. Note that this also applies to other embodiments or modifications thereof in this specification.

  The software that implements the encrypted mail processing device 1 in the present embodiment is, for example, a program that causes a computer to function as the above-described units (11 to 15, 111, 121, 122, 131 to 134).

  In other words, the program causes the computer to execute, based on the release input, an input receiving unit 121 that receives, for example, a file attached to an e-mail and receives a decryption input for decrypting the encrypted attached file. A decryption unit 131 that decrypts the encrypted attached file, an instruction receiving unit 122 that receives an instruction regarding a process (a target process) that cannot be performed without decrypting the encrypted attached file. When an instruction is received in a state where the attached file is closed after the decryption input is received for the attached file, the decryption unit 131 performs decryption based on the decryption input and obtains the decryption. It functions as a file processing unit 132 that performs a target process corresponding to the instruction on the already attached file.

(Embodiment 2)
The encrypted mail processing device 1a according to the present embodiment manages (for example, accumulates in a recording medium) the decryption input for the encrypted attached file, and decrypts the encrypted attached file. Next, when the attached file is opened, a release input is not required.

  FIG. 4 is a block diagram of the encrypted mail processing device 1a according to the present embodiment. The encrypted mail processing device 1a includes a storage unit 11a, a reception unit 12, a processing unit 13a, a reception unit 14, and a transmission unit 15.

  The storage unit 11a includes a mail storage unit 111 and an input storage unit 112. The receiving unit 12 includes an input receiving unit 121 and an instruction receiving unit 122. The processing unit 13a includes a decryption unit 131a, a file processing unit 132a, a storage unit 133a, and a request unit 134.

  The input storage unit 112 can store one or more release inputs (keys, passwords, etc.) for the encrypted attached files of one or more mails stored in the mail storage unit 111. One or more release inputs are associated with one or more encrypted attachments.

  The decryption unit 131a, when the decryption input is stored in the input storage unit 112 at the time of receiving the instruction, based on the decryption input stored in the input storage unit 112, encrypts the attached file. Perform decryption.

  The decryption unit 131a normally decrypts the encrypted attached file based on the decryption input stored in the input storage unit 112 in response to the reception of the instruction by the instruction reception unit 122.

  The file processing unit 132a performs a process corresponding to the instruction on the decrypted attached file obtained by the decryption unit 131a performing decryption based on the decryption input stored in the input storage unit 112.

  The storage unit 133a stores the release input received by the input receiving unit 121 for the encrypted attached file in the input storage unit 112 in association with the encrypted attached file.

  The operation of the encrypted mail processing apparatus 1a configured as described above is different from the operation of the encrypted mail processing apparatus 1 in the first embodiment in the details of the re-input unnecessary processing in step S207 and the target processing in step S209. Since the operation is the same except for the above, the flowchart of FIG.

  As in the first embodiment, the mail storage unit 111 stores one or more mails, and encrypted attached files (for example, CF1, CF2,...) Of each mail.

  The storage unit 11a stores, for example, correspondence information as shown in FIG. This correspondence information is information indicating the correspondence between the encrypted attached file and the release input.

  FIG. 5 is a data structure diagram relating to correspondence information in the present embodiment. This correspondence information is paired with one or more encrypted file IDs (for example, “CF1”, “CF2”,...) For identifying one or more encrypted attached files stored in the mail storage unit 111. , One or more release inputs (for example, “abc”, “ABC”,...) Received by the input receiving unit 121 may be registered.

  The pair of the encrypted file IDs “CF1”, “CF2”,... And the unlock inputs “abc”, “ABC”,... Accepts the unlock input (key, password, etc.) for the encrypted files CF1, CF2,. Each time the decryption succeeds, it is registered.

  (Step S207) The storage unit 133a accumulates the release input received by the input receiving unit 121 for the encrypted attached file in the input storage unit 112 in association with the encrypted attached file. Along with this, for example, the processing unit 13 registers the release input in the above-mentioned correspondence information in a pair with the encrypted file ID for identifying the encrypted attached file.

  Therefore, unlike the encrypted file in the first embodiment, the encrypted file included in the mail stored in the mail storage unit 111 is not overwritten (replaced) by the decrypted file.

  (Step S209) The file processing unit 132a executes a target process which is a process corresponding to the instruction.

  In this target process, the file processing unit 132a identifies the one or more encrypted files CF1, CF2,... Of the one or more emails stored in the email storage unit 111 by the encrypted file ID of the instruction. The encrypted file to be decrypted is decrypted based on the decryption input of the instruction, and the obtained decrypted attached file is opened.

  Next, the file processing unit 132a performs a process (a search process, an output process, and the like) corresponding to the process type information included in the instruction on one or more plaintexts obtained by opening the decrypted attached file. .

  After that, the file processing unit 132a closes the decrypted attached file, and returns to step S201.

  According to this flowchart, when the first instruction is received for each of the one or more encrypted files CF1, CF2,... Of the one or more mails stored in the mail storage unit 111, the flag is turned off. Therefore, after the processing of steps S203 to S208 and the target processing of step S209, one or more release inputs for the one or more encrypted files CF1, CF2,... Are stored in the input storage unit 112. At the same time, the correspondence information includes the one or more release inputs “abc” in pairs with the encrypted file IDs “CF1”, “CF2”,... Identifying the one or more encrypted files CF1, CF2,. , "ABC",... Are sequentially registered. Further, the processing unit 13a sequentially changes the flags A1, A2,... Of the decryption information from off to on.

  For this reason, when the second or subsequent instruction is received for one encrypted file, the flag corresponding to the one encrypted file is turned on. Proceeding to S209, the decryption is performed based on the decryption input stored in the input storage unit 112, so that it is not necessary to accept the decryption input again.

  Hereinafter, a specific operation example of the encrypted mail processing device 1a according to the present embodiment will be described. The following operation is merely an example and does not limit the present invention.

  Now, as in the first embodiment, two or more mails M1, M2,..., An encrypted attached file (encrypted file CF1) attached to the mail M1, Two or more encrypted attached files (encrypted files CF2, CF3,...) Attached to the mail M2 are stored.

  The input storage unit 112 stores release inputs I1 and I2 corresponding to the encrypted files CF1 and CF2. However, the release input I3 corresponding to the encrypted file CF3 has not been stored yet.

  Therefore, at this time, a pair of the encrypted file IDs “CF1”, “CF2”,... And the release inputs “abc”, “ABC” is registered in the correspondence information.

  As in the first embodiment, the processing unit 13a allows the input receiving unit 121 to input a release input (key, password, etc.) to one of the encrypted files CF1, CF2, CF3,. , Etc.) are repeatedly determined.

  When the input receiving unit 121 receives the release input I3 for the encrypted file CF3, the storage unit 133a stores the release input I3 in the input storage unit 112, and stores the encrypted file ID “CF3” in the corresponding information. A pair with the release input “123” is further registered.

  Thus, the input storage unit 112 stores the release inputs I1, I2, and I3 corresponding to the encrypted files CF1, CF2, and CF3, and the corresponding information includes the encrypted file IDs “CF1”, “CF2”, and “CF3”. And a release input "abc", "abc", "123" are registered.

  In addition, as in the first embodiment, the processing unit 13a allows the instruction receiving unit 122 to target any one of the encrypted files CF1, CF2, CF3,... Stored in the mail storage unit 111. Also, it is determined whether or not an instruction regarding a process that cannot be performed without decryption (for example, any one of a search process and an output process) has been received.

  For example, when the instruction receiving unit 122 receives a search instruction regarding a search process for the encrypted file CF1, the processing unit 13a stores the release input I1 corresponding to the encrypted file CF1 in the input storage unit 112. Is determined.

  Here, since the decryption input I1 for the encrypted file CF1 has been stored in the input storage unit 112, the determination result is YES, and the decryption unit 131a performs decryption on the encrypted file CF1 based on the decryption input I1. . The file processing unit 132a opens the decrypted file CF1 obtained by decryption.

  If the search instruction is for an encrypted file that has not been decrypted, the encrypted file is not opened.

  The target of one search instruction is not limited to one encrypted file, but may be two or more encrypted files. If the target of one search instruction is two or more encrypted files, the same processing as described above is performed on each encrypted file sequentially or in parallel.

  The file processing unit 132a performs a search process on the plaintext of the decrypted file CF1 thus opened.

  When the instruction receiving unit 122 receives, for example, an output instruction for the encrypted file CF3, the decryption unit 131a decrypts the encrypted file CF3 based on the decryption input I3 stored in the input storage unit 112. The file processing unit 132a can open the decrypted file CF3 and perform an output process on the plaintext of the opened decrypted file CF3.

  As described above, according to the present embodiment, the input receiving unit 121 that receives a release input, which is an input for decryption, with respect to an encrypted attached file, which is an attached file of a mail, A decryption unit 131a for decrypting the encrypted attached file, an instruction receiving unit 122 for receiving an instruction regarding a process (a target process) that cannot be performed without decrypting the encrypted attached file, When an instruction is received in a state in which the attached file is closed after the decryption input is received for the attached file, the decryption unit 131a performs decryption based on the decryption input and obtains decryption. The encrypted mail processing apparatus 1a including a file processing unit 132a that performs a target process corresponding to the instruction on the already attached file. Has been canceled input again of the acceptance of on attachments is not required. As a result, a process that cannot be performed unless the decryption is performed can be performed any number of times only by receiving the decryption input once, so that, for example, the complexity of the user operation can be reduced and the processing load can be reduced.

  Further, in the encrypted mail processing device 1a, the input storage unit 112 capable of storing the release input received by the input reception unit 121, and the release input received by the input reception unit 121 for the encrypted attached file are encrypted. A storage unit 133a for storing the input file in the input storage unit 112 in association with the encrypted attached file. The decryption unit 131a stores the decryption input in the input storage unit 112 at the time of receiving the instruction. In this case, the encrypted attached file is decrypted based on the decryption input stored in the input storage unit 112, and the file processing unit 132a determines that the decryption unit 131a is stored in the input storage unit 112. By performing processing on the decrypted attachment file obtained by performing decryption based on the decryption input, once the decryption input is accepted, Is stored in the input storage unit 112, and thereafter, every time an instruction is received, the decryption input is performed based on the release input stored in the input storage unit 112. Therefore, the decryption input is received only once. And the complexity of operation can be reduced. Further, compared with the case of storing the decrypted attached file separately from the encrypted attached file as in the third embodiment described later, the resources of the recording medium can be saved.

  In this embodiment, the input storage unit 112 is stored in the storage medium of the encrypted mail processing apparatus 1 itself. However, the input storage unit 112 may be stored in a storage medium of an external device such as a mail server. It doesn't matter where it is stored.

  When the input storage unit 112 is stored in the storage medium of the external device, the storage unit 133a converts the release input received by the input reception unit 121 for the encrypted attached file into the encrypted attached file. The external device is requested (requested) to be stored in the input storage unit 112 in association with the external device. The decryption unit 131a acquires the decryption input stored in the input storage unit 112 from the external device when the decryption input is stored in the input storage unit 112 at the time of receiving the instruction, and processes the acquired decryption input. Based on this, the encrypted attached file is decrypted.

  Further, the encrypted mail processing device 1a further includes a receiving unit 14 for receiving the mail and a transmitting unit 15 for transmitting the mail, and the encrypted attached file is a received mail received by the receiving unit 14, By being attached to either the unsent mail to be sent by the sending unit 15 or the sent mail corresponding to the mail sent by the sending unit 15, any one of the received mail, the unsent mail, and the sent mail It is possible to perform a process (for example, a process such as a search or an output) that can only be performed once the decryption input is received once for the encrypted attached file attached to the crab, unless the decryption input is received.

  The software that implements the encrypted mail processing device 1a according to the present embodiment may be, for example, a computer that executes the above-described units (11a, 12, 13a, 14, 15, 111, 112, 121, 122, 131a, 132a, 133a, 133a, 134).

(Embodiment 3)
The encrypted mail processing device 1b according to the present embodiment accumulates the decrypted file in association with the encrypted attached file, separately from the encrypted attached file. Therefore, when the encrypted attached file is decrypted, the decryption input is not required when the attached file is opened next time.

  FIG. 6 is a block diagram of the encrypted mail processing device 1b according to the present embodiment. The encrypted mail processing device 1b includes a storage unit 11b, a reception unit 12, a processing unit 13b, a reception unit 14, and a transmission unit 15.

  The storage unit 11b includes a mail storage unit 111 and a decrypted file storage unit 113. The receiving unit 12 includes an input receiving unit 121 and an instruction receiving unit 122. The processing unit 13b includes a decryption unit 131, a file processing unit 132b, a storage unit 133b, and a request unit 134.

  The decrypted file storage unit 113 decrypts one or more decrypted attachment files obtained by performing decryption on the encrypted attachment file of each of the one or more emails stored in the mail storage unit 111. Can be stored.

  Upon receiving an instruction (search instruction, output instruction, etc.) for the encrypted attached file, the file processing unit 132b stores the decrypted attached file corresponding to the encrypted attached file in the decrypted file. In the case where the file is stored in the storage unit 113, processing corresponding to the instruction (search processing, output processing, etc.) is performed on the decrypted attached file stored in the decrypted file storage unit 113.

  The storage unit 133b stores the decrypted attached file obtained by decrypting the encrypted attached file by the decryption unit 131 in association with the encrypted attached file, and stores the decrypted file. The information is accumulated in the unit 113.

  The association can be performed using, for example, correspondence information (described later) between the encrypted attached file and the decrypted attached file.

  The operation of the encrypted mail processing device 1b is the same as the operation of the encrypted mail processing device 1 in Embodiment 1 except for the details of the re-entry unnecessary process in step S207 and the target process in step S209. The operation of the mail processing device 1b will be described with reference to the flowchart of FIG.

  As in the first embodiment, the mail storage unit 111 stores one or more mails, and encrypted attached files (for example, CF1, CF2,...) Of each mail.

  The storage unit 11 stores, for example, correspondence information as shown in FIG. This correspondence information is information indicating the correspondence between the encrypted attached file (encrypted file) and the decrypted attached file (decrypted file). However, if there is a correspondence between the encrypted file and the decrypted file due to, for example, a combination of a common file identifier and a different extension, or other linking, there is no correspondence information. Good.

  FIG. 7 is a data structure diagram regarding correspondence information in the present embodiment. The correspondence information includes one or more decrypted file IDs (for example, “DF1”, “DF2”,...) For identifying one or more decrypted files stored in the decrypted file storage unit 113. One or more encrypted file IDs (for example, “CF1”, “CF2”,...) That identify one or more encrypted files stored in the mail storage unit 111 can be registered as a pair.

  The pair of the encrypted file IDs "CF1", "CF2", ... and the decrypted file IDs "DF1", "DF2", ... is a decryption input (key, password, etc.) for the encrypted files CF1, CF2, ... ) Is received, decryption is performed, and each time a decrypted file DF1, DF2,... Is obtained, it is registered.

  (Step S207) The storage unit 133b associates the decrypted file obtained by decrypting the encrypted file with the decryption unit 131 with the encrypted attached file, and The information is stored in the storage unit 113. Accordingly, for example, the processing unit 13b registers, in the correspondence information, a decrypted file ID for identifying the decrypted file in a pair with an encrypted file ID for identifying the encrypted file.

  (Step S209) The file processing unit 132b executes a target process which is a process corresponding to the instruction.

  In this target process, the file processing unit 132b, among the one or more decrypted files DF1, DF2,... Stored in the decrypted file storage unit 113, performs the encryption corresponding to the encrypted file ID indicated by the instruction. The decrypted file identified by the decrypted file ID is opened.

  Next, the file processing unit 132b performs processing (search processing, output processing, etc.) corresponding to the processing type information included in the instruction on one or more plaintexts obtained by opening the decrypted attached file. .

  Then, the file processing unit 132b closes the decrypted attached file, and returns to step S201.

  According to this flowchart, when the first instruction is received for each of the one or more encrypted files CF1, CF2,... Of the one or more mails stored in the mail storage unit 111, the flag is turned off. Therefore, after the processing of steps S203 to S208 and the target processing of step S209, the one or more decrypted files corresponding to the one or more encrypted files CF1, CF2,. 113, and the correspondence information includes one or more encrypted file IDs “CF1”, “CF2”,... That identify the one or more encrypted files CF1, CF2,. The decrypted file IDs “DF1”, “DF2”,... Identifying the decrypted files are sequentially registered. Along with this, the processing unit 13b sequentially changes the flags A1, A2,... Of the decryption information from off to on.

  For this reason, when the second and subsequent instructions are received, the flag is ON, and the process proceeds to step S209 without going through the above-described steps S203 to S208, and the encryption stored in the decrypted file storage unit 113 is performed. Since the released file is opened, it is not necessary to accept the release input again.

  Hereinafter, a specific operation example of the encrypted mail processing device 1b according to the present embodiment will be described. The following operation is merely an example and does not limit the present invention.

  Now, as in the first embodiment, two or more mails M1, M2,..., An encrypted attached file (encrypted file CF1) attached to the mail M1, Two or more encrypted attached files (encrypted files CF2, CF3,...) Attached to the mail M2 are stored.

  In the decrypted file storage unit 113, decrypted files DF1 and DF2 corresponding to the encrypted files CF1 and CF2 are stored. However, the decrypted file DF3 corresponding to the encrypted file CF3 has not been stored yet.

  Therefore, at this time, a pair of the encrypted file IDs “CF1”, “CF2”,... And the decrypted file IDs “DF1”, “DF2” is registered in the correspondence information.

  As in the first embodiment, the processing unit 13b allows the input receiving unit 121 to input a release input (key, password, etc.) to one of the encrypted files CF1, CF2, CF3,. , Etc.) are repeatedly determined.

  When the input receiving unit 121 receives the decryption input I3 for the encrypted file CF3, the decryption unit 131 decrypts the encrypted file CF3 based on the decryption input I3, and the storage unit 133b stores the obtained encryption The decrypted file DF3 is stored in the decrypted file storage unit 113, and a pair of the encrypted file ID “CF3” and the decrypted file ID “DF3” is further registered in the corresponding information.

  Thus, the decrypted files DF1, DF2, and DF3 corresponding to the encrypted files CF1, CF2, and CF3 are stored in the decrypted file storage unit 113, and the corresponding information includes the encrypted file IDs “CF1” and “CF1”. As a result, a pair of “CF2” and “CF3” and the decrypted file IDs “DF1”, “DF2” and “DF3” is registered.

  In addition, as in the first embodiment, the processing unit 13b allows the instruction receiving unit 122 to target any one of the encrypted files CF1, CF2, CF3,... Stored in the mail storage unit 111. Also, it is determined whether or not an instruction regarding a process that cannot be performed without decryption (for example, any one of a search process and an output process) has been received.

  For example, when the instruction receiving unit 122 receives a search instruction regarding search processing for the encrypted file CF1, the file processing unit 132b opens the decrypted file DF1 stored in the decrypted file storage unit 113. I do.

  If the search instruction is for an encrypted file that has not been decrypted, the encrypted file is not opened.

  The target of one search instruction is not limited to one encrypted file, but may be two or more encrypted files. If the target of one search instruction is two or more encrypted files, the same processing as described above is performed on each encrypted file sequentially or in parallel.

  The file processing unit 132b performs a search process on the plaintext of the decrypted file DF1 thus opened.

  When the instruction receiving unit 122 receives, for example, an output instruction for browsing the encrypted file CF3, the file processing unit 132b deletes the decrypted file DF3 stored in the decrypted file storage unit 113. When the file is opened, the file processing unit 132b can perform output processing on the plaintext of the opened decrypted file D3.

  As described above, according to the present embodiment, the input receiving unit 121 that receives a release input, which is an input for decryption, with respect to an encrypted attached file, which is an attached file of a mail, A decryption unit 131 for decrypting the encrypted attached file; an instruction receiving unit 122 for receiving an instruction regarding a process (a target process) that cannot be performed without decrypting the encrypted attached file; When an instruction is received in a state in which the attached file is closed after the decryption input is received for the attached file, the decryption unit 131 performs decryption based on the decryption input and obtains the decrypted file. The encrypted mail processing device 1b including the file processing unit 132b that performs a target process corresponding to the instruction on the attached file, Again of acceptance of the release input to the Airu it is not required. As a result, a process that cannot be performed unless the decryption is performed can be performed any number of times only by receiving the decryption input once, so that, for example, the complexity of the user operation can be reduced and the processing load can be reduced.

  In the encrypted mail processing device 1b, the decrypted file storage unit 113 capable of storing the decrypted attached file and the decrypted unit 131 decrypts the encrypted attached file. The file processing unit 132b further includes a storage unit 133b that stores the decrypted attached file in the decrypted file storage unit 113 in association with the encrypted attached file. When the decrypted attached file stored in the decrypted file storage unit 113 is processed by performing processing on the decrypted attached file stored in the decrypted file storage unit 113, the decryption input is performed. Once received, decryption is performed based on the decryption input, and the resulting decrypted attachment is encrypted. The file is stored in the decrypted file storage unit 113, and thereafter, every time an instruction is received, the decrypted attached file stored in the decrypted file storage unit 113 is opened, so the decryption input is received only once. And the complexity of the operation can be reduced. Further, since the decryption needs to be performed only once, the processing load can be reduced. Further, by storing the decrypted attached file separately from the original encrypted attached file (original file) (that is, the original file is also retained), for example, when the original file is transferred, There is no need to perform encryption, and the processing load can be further reduced.

  In this embodiment, the decrypted file storage unit 113 is stored in a storage medium of the encrypted mail processing apparatus 1 itself, but is stored in a storage medium of an external device such as a mail server. It does not matter where it is stored.

  When the decrypted file storage unit 113 is stored in the storage medium of the external device, the storage unit 133b stores the decrypted file obtained by the decryption unit 131 decrypting the encrypted attached file. The external device requests the external device to accumulate the attached file in the decrypted file storage unit 113 in association with the encrypted attached file. At the time of receiving the instruction, if the decrypted file storage unit 113 stores the decrypted attached file at the time of receiving the instruction, the file processing unit 132b stores the decrypted file stored in the decrypted file storage unit 113. Of the attached file from the external server, and processes the acquired decrypted attached file.

  The encrypted mail processing device 1b further includes a receiving unit 14 for receiving the mail and a transmitting unit 15 for transmitting the mail, and the encrypted attached file is a received mail received by the receiving unit 14, By being attached to either the unsent mail to be sent by the sending unit 15 or the sent mail corresponding to the mail sent by the sending unit 15, any one of the received mail, the unsent mail, and the sent mail It is possible to perform a process (for example, a process such as a search or an output) that can only be performed once the decryption input is received once for the encrypted attached file attached to the crab, unless the decryption input is received.

  The software that implements the encrypted mail processing device 1b according to the present embodiment causes a computer to function as the above-described units (11b, 12, 13b, 14, 15, 111, 113, 131, 132b, 133b, and 134). Program.

  In the second and third embodiments, when performing output processing for browsing, while requesting release input (even if release input has already been received), processing other than output such as search processing is required. In the case of, the decrypted attached file (the decrypted file obtained by decrypting based on the decryption input stored in the input storage unit 112 according to the second embodiment, or the decrypted file according to the third embodiment) The encrypted mail processing apparatuses 1a and 1b may be configured to perform processing such as search on the decrypted file stored in the encrypted file storage unit 113). Hereinafter, such modified examples will be described.

  (Modifications of Embodiments 2 and 3)

  The encrypted mail processing apparatuses 1a and 1b according to the present modification have the same configuration as the encrypted mail processing apparatuses 1a and 1b according to the second and third embodiments. However, even when the decryption input for decrypting the attached file has already been received at the time of receiving the output instruction for the encrypted attached file, the request unit 134 performs the decryption of the attached file. Request for the release input.

  In other words, if the request for inputting the encrypted attached file has already been received at the time of receiving the instruction for the encrypted attached file, the request unit 134 of this modification performs the output process (first process). If it is an output instruction to perform (first instruction), a release input is requested, while the instruction is a search instruction (second instruction) for performing search processing (second processing other than the first processing). If there is, no cancellation input is requested.

  Next, the operation of the encrypted mail processing apparatuses 1a and 1b in the present modified example is different from the operation of the encrypted mail processing apparatuses 1a and 1b in the second and third embodiments in that basically, the target processing in step S209 is performed. Only.

  FIG. 8 is a flowchart relating to the details of the target process in this modification.

  (Step S801) The file processing units 132a and 132b determine whether the instruction is an output instruction for browsing.

  If the instruction is an output instruction for browsing, the process proceeds to step S802. If the instruction is not an output instruction for browsing (for example, an instruction other than output such as a search instruction), the process proceeds to step S811.

  (Step S802) The request unit 134 requests the user to input a release (key, password, etc.) for the encrypted file via an output device such as a display.

  (Step S803) The processing units 13a and 13b determine whether the input receiving unit 121 has received a release input for the request.

  If the input receiving unit 121 receives a release input for the request, the process proceeds to step S804, and if not, the same determination is repeated. If the period of no input exceeds a certain time, the processing units 13a and 13b may determine that a timeout has occurred and return to the flowchart of FIG.

  (Step S804) The decryption units 131a and 131 decrypt the encrypted file based on the decryption input.

  (Step S805) The processing units 13a and 13b determine whether or not the decryption by the decryption units 131a and 131 is successful.

  If the decryption by the decryption units 131a and 131 is successful, the process proceeds to step S806; otherwise, the process returns to step S802.

  (Step S806) The processing units 13a and 13b execute the re-input unnecessary processing similar to that in the second and third embodiments.

  (Step S807) The file processing units 132a and 132b decrypt the attached file corresponding to the encrypted file (by decrypting the attached file based on the decryption input stored in the input storage unit 112 in the second embodiment). The decrypted file to be decrypted or the decrypted file stored in the decrypted file storage unit 113 in the third embodiment is opened.

  (Step S808) The processing units 13a and 13b perform output processing for browsing the encrypted file via an output device such as a display. Thereby, for example, the plain text of the decrypted attached file corresponding to the encrypted file is displayed on the display.

  (Step S809) The processing units 13a and 13b turn on the flag corresponding to the encrypted file ID for identifying the encrypted file, which is included in the decryption information stored in the storage unit 11.

  (Step S810) The file processing units 132a and 132b close the decrypted attached file.

  Thereafter, the process returns to the flowchart of FIG.

  (Step S811) The file processing units 132a and 132b decrypt the attached file corresponding to the encrypted file (obtained by decrypting the attached file based on the decryption input stored in the input storage unit 112 in the second embodiment). The decrypted file to be decrypted or the decrypted file stored in the decrypted file storage unit 113 in the third embodiment is opened.

  (Step S812) The file processing units 132a and 132b execute a process corresponding to the instruction (for example, a process other than output, such as a search process) on the plaintext included in the decrypted attached file.

  (Step S813) The file processing units 132a and 132b close the decrypted attached file.

  Thereafter, the process returns to the flowchart of FIG.

  As described above, according to this modification, in the encrypted mail processing apparatuses 1a and 1b according to the second and third embodiments, the instruction is an output instruction (first instruction) regarding output processing for browsing an encrypted attached file. Or an instruction (second instruction) relating to search processing (second processing other than the first processing) for the encrypted attached file, and the release input has been received at the time of receiving the output instruction (first instruction) The file processing units 132a and 132b further include a request unit 134 for requesting a decryption input when the decryption unit 131a or 131 receives the output instruction (first instruction). Performs output processing (first processing) on the decrypted attached file obtained by performing decryption on the basis of the decryption unit, and in response to receiving a search instruction (second instruction), decryption unit 31a and 131 perform search processing (second processing) on the decrypted attached file obtained by performing decryption based on the decryption input in response to the request, thereby responding to the output instruction (first instruction). Requests a decryption input for decryption, and decrypts based on the decryption input in response to this request, so that the attached file can be prevented from being viewed by a third party (use can be suppressed). On the other hand, in response to the search instruction (second instruction), the search processing is performed on the decrypted attached file without accepting the request and the release input for the request, thereby reducing the complexity of the user operation. it can.

  FIG. 9 is a schematic diagram illustrating an example of the external appearance of a computer system 900 that executes the programs described in the above-described embodiments and modified examples to realize the encrypted mail processing devices 1, 1a, and 1b. The above embodiment can be realized by computer hardware and a computer program executed on the computer hardware.

  9, the computer system 900 includes a computer 901 including a CD-ROM drive 905, a keyboard 902, a mouse 903, and a display 904. Note that the entire system including the keyboard 902, the mouse 903, and the display 904 may be called a computer.

  FIG. 10 is a diagram showing the internal configuration of the computer system 900. 10, a computer 901 is connected to an MPU (Micro Processing Unit) 911, a ROM 912 for storing a program such as a boot-up program, and a MPU 911 in addition to the CD-ROM drive 905, and is connected to the MPU 911. A RAM 913 for temporarily storing and providing a temporary storage space, a hard disk 914 for storing application programs, system programs, and data, a bus 915 for mutually connecting the MPU 911, the ROM 912, and the like, and a connection to a network such as the Internet. A network card 916 for providing a connection.

  A program that causes the computer system 900 to execute the functions of the encrypted mail processing apparatuses 1, 1a, and 1b may be stored in the CD-ROM 921, inserted into the CD-ROM drive 905, and transferred to the hard disk 914. Alternatively, the program may be transmitted to the computer 901 via a network such as the Internet and stored on the hard disk 914. The program is loaded into the RAM 913 at the time of execution. Note that the program may be loaded directly from the CD-ROM 921 or a network. Further, the program may be read into the computer system 900 via another recording medium (for example, a DVD or a memory card) instead of the CD-ROM 921.

  The program may not necessarily include an operating system (OS) that causes the function 901 of the encrypted mail processing device 1, 1a, 1b to be executed by the computer 901 indicating the details of the computer, or a third-party program. The program may include only a part of an instruction that calls an appropriate function or module in a controlled manner to obtain a desired result. It is well known how the computer system 900 operates, and a detailed description thereof will be omitted.

  The encrypted mail processing devices 1, 1a, 1b are not limited to the stationary computer system 900 as described above, but may be realized by a portable computer system such as a smartphone, a tablet terminal, or a notebook PC. In this case, of the hardware shown in FIGS. 16 and 17, the hard disk 914, the CD-ROM drive 905, and the CD-ROM 921 may be replaced with, for example, a flash memory, a memory card slot, and a memory card, respectively. , The keyboard 902 and the mouse 903 can be replaced with, for example, a touch panel.

  Note that, in the programs described in the above embodiments and modifications, the transmission step of transmitting information and the reception step of receiving information do not include processing performed only by hardware (such as a network card).

  The computer that executes the program may be a single computer or a plurality of computers. That is, centralized processing or distributed processing may be performed.

  In each of the above embodiments and modifications, two or more communication units (such as the transmission unit 15 and the reception unit 14) existing in one device may be physically realized by one medium. Not even.

  Further, in each of the above-described embodiments and modifications, each process (each function) may be realized by being centrally processed by a single device (system), or may be distributed by a plurality of devices. It may be realized by.

  The present invention is not limited to the above embodiments, and various modifications are possible, and it goes without saying that they are also included in the scope of the present invention.

  As described above, the encrypted mail processing device and the like according to the present invention can obviate the necessity of accepting the input for decryption again for the encrypted attached file. And the processing load can be reduced, which is useful as an encrypted mail processing device or the like.

1, 1a, 1b Encrypted mail processing device 11, 11a, 11b Storage unit 12 Reception unit 13, 13a, 13b Processing unit 14 Reception unit 15 Transmission unit 111 Mail storage unit 112 Input storage unit 113 Decrypted file storage unit 121 Input Receiving unit 122 Instruction receiving unit 131, 131a Decryption unit 132, 132a, 132b File processing unit 133, 133a, 133b Storage unit 134 Request unit

Claims (8)

An input accepting unit that accepts a decryption input, which is an input for decryption, with respect to an encrypted attached file, which is an attached file of an email;
Based on the decryption input, a decryption unit that decrypts the encrypted attached file,
For the encrypted attached file, an instruction receiving unit that receives an instruction regarding a process that cannot be performed unless decryption is performed,
When the instruction is received in a state where the attached file is closed after the decryption input is received for the attached file, the decryption unit is obtained by performing decryption based on the decryption input. A file processing unit that performs processing corresponding to the instruction on the decrypted attached file ,
A storage unit that stores a release input received by the input reception unit for the encrypted attached file in association with the encrypted attached file,
The decryption unit,
If the decryption input is stored at the time of receiving the instruction, based on the stored decryption input, perform decryption on the encrypted attached file,
The file processing unit,
The decryption unit performs a process corresponding to the instruction on the decrypted attached file obtained by performing decryption based on the stored decryption input,
The instruction is a first instruction related to a first process for the encrypted attached file, or a second instruction related to a second process other than the first process for the encrypted attached file,
A requesting unit for requesting the release input also when the release input has been received at the time of receiving the first instruction,
The file processing unit,
In response to receiving the first instruction, the decryption unit performs a first process on the decrypted attached file obtained by performing decryption based on the decryption input for the request,
In response to receiving the second instruction, the stored decrypted attachment file or the decrypted attachment obtained by the decryption unit performing decryption based on the stored decryption input. An encrypted mail processing device that performs a second process on a file . An input accepting unit that accepts a decryption input, which is an input for decryption, with respect to an encrypted attached file, which is an attached file of an email;
Based on the decryption input, a decryption unit that decrypts the encrypted attached file,
For the encrypted attached file, an instruction receiving unit that receives an instruction regarding a process that cannot be performed unless decryption is performed,
When the instruction is received in a state where the attached file is closed after the decryption input is received for the attached file, the decryption unit obtains the decryption based on the decryption input. A file processing unit that performs processing corresponding to the instruction on the decrypted attached file ,
A storage unit for storing the decrypted attached file obtained by performing decryption by the decryption unit on the encrypted attached file, in association with the encrypted attached file,
The file processing unit,
At the time of receiving the instruction, if the decrypted attached file is stored, perform a process corresponding to the instruction on the stored decrypted attached file,
The instruction is a first instruction related to a first process for the encrypted attached file, or a second instruction related to a second process other than the first process for the encrypted attached file,
A requesting unit for requesting the release input also when the release input has been received at the time of receiving the first instruction,
The file processing unit,
In response to receiving the first instruction, the decryption unit performs a first process on the decrypted attached file obtained by performing decryption based on the decryption input for the request,
In response to receiving the second instruction, the stored decrypted attachment file or the decrypted attachment obtained by the decryption unit performing decryption based on the stored decryption input. An encrypted mail processing device that performs a second process on a file . The first instruction is an output instruction,
The second instruction is a search instruction,
The first process is an output process,
3. The encrypted mail processing device according to claim 1 , wherein the second process is a search process. A receiving unit for receiving the mail,
And a transmission unit for transmitting the mail.
The encrypted attached file is attached to a received mail received by the receiving unit, an unsent mail to be transmitted by the transmitting unit, or a transmitted mail corresponding to the mail transmitted by the transmitting unit. The encrypted mail processing device according to any one of claims 1 to 3 , wherein the encrypted mail processing device is configured to: An encrypted mail processing method performed by an input reception unit, a decryption unit, an instruction reception unit , a file processing unit , a storage unit, and a request unit ,
The input receiving unit is an attached file of the mail, for the encrypted attached file, an input receiving step of receiving a decryption input which is an input for decryption,
The decryption unit, based on the decryption input, decrypting the encrypted attached file, a decryption step,
An instruction receiving step in which the instruction receiving unit receives an instruction regarding a process that cannot be performed without decrypting the encrypted attached file;
When the file processing unit receives the instruction in a state where the attached file is closed after the release input is received for the attached file, the decryption unit performs encryption based on the release input. and a file processing step of performing processing corresponding to the instruction to decrypt previously attachment obtained by performing a release seen including,
The storage unit further includes a storage step of storing a release input received by the input reception unit for the encrypted attached file in association with the encrypted attached file,
The decryption unit,
If the decryption input is stored at the time of receiving the instruction, based on the stored decryption input, perform decryption on the encrypted attached file,
The file processing unit,
The decryption unit performs a process corresponding to the instruction on the decrypted attached file obtained by performing decryption based on the stored decryption input,
The instruction is a first instruction related to a first process for the encrypted attached file, or a second instruction related to a second process other than the first process for the encrypted attached file,
The requesting unit further includes a requesting step of requesting the release input even when the release input has been received at the time of receiving the first instruction,
The file processing unit,
In response to receiving the first instruction, the decryption unit performs a first process on the decrypted attached file obtained by performing decryption based on the decryption input for the request,
In response to receiving the second instruction, the stored decrypted attachment file or the decrypted attachment obtained by the decryption unit performing decryption based on the stored decryption input. An encrypted mail processing method that performs the second processing on a file . An encrypted mail processing method performed by an input reception unit, a decryption unit, an instruction reception unit , a file processing unit , a storage unit, and a request unit ,
The input receiving unit is an attached file of the mail, for the encrypted attached file, an input receiving step of receiving a decryption input which is an input for decryption,
The decryption unit, based on the decryption input, decrypting the encrypted attached file, a decryption step,
An instruction receiving step in which the instruction receiving unit receives an instruction regarding a process that cannot be performed without decrypting the encrypted attached file;
When the file processing unit receives the instruction in a state where the attached file is closed after the release input is received for the attached file, the decryption unit performs encryption based on the release input. and a file processing step of performing processing corresponding to the instruction to decrypt previously attachment obtained by performing a release seen including,
A storage step of storing the decrypted attachment file obtained by the decryption unit performing decryption on the encrypted attached file in association with the encrypted attached file. In addition,
The file processing unit,
At the time of receiving the instruction, if the decrypted attached file is stored, perform a process corresponding to the instruction on the stored decrypted attached file,
The instruction is a first instruction related to a first process for the encrypted attached file, or a second instruction related to a second process other than the first process for the encrypted attached file,
The requesting unit further includes a requesting step of requesting the release input even when the release input has been received at the time of receiving the first instruction,
The file processing unit,
In response to receiving the first instruction, the decryption unit performs a first process on the decrypted attached file obtained by performing decryption based on the decryption input for the request,
In response to receiving the second instruction, the stored decrypted attachment file or the decrypted attachment obtained by the decryption unit performing decryption based on the stored decryption input. An encrypted mail processing method that performs the second processing on a file . Computer
An input accepting unit that accepts a decryption input, which is an input for decryption, with respect to an encrypted attached file, which is an attached file of an email;
Based on the decryption input, a decryption unit that decrypts the encrypted attached file,
For the encrypted attached file, an instruction receiving unit that receives an instruction regarding a process that cannot be performed unless decryption is performed,
When the instruction is received in a state where the attached file is closed after the decryption input is received for the attached file, the decryption unit is obtained by performing decryption based on the decryption input. Functioning as a file processing unit that performs processing corresponding to the instruction on the decrypted attached file ,
Said computer,
The release input received by the input receiving unit for the encrypted attached file, further function as a storage unit for storing in association with the encrypted attached file,
The decryption unit,
If the decryption input is stored at the time of receiving the instruction, based on the stored decryption input, perform decryption on the encrypted attached file,
The file processing unit,
The decryption unit performs a process corresponding to the instruction on the decrypted attached file obtained by performing decryption based on the stored decryption input,
The instruction is a first instruction related to a first process for the encrypted attached file, or a second instruction related to a second process other than the first process for the encrypted attached file,
Said computer,
Even when the release input has been received at the time of reception of the first instruction, further function as a request unit that requests the release input,
The file processing unit,
In response to receiving the first instruction, the decryption unit performs a first process on the decrypted attached file obtained by performing decryption based on the decryption input for the request,
In response to receiving the second instruction, the stored decrypted attachment file or the decrypted attachment obtained by the decryption unit performing decryption based on the stored decryption input. A program for performing a second process on a file . Computer
An input accepting unit that accepts a decryption input, which is an input for decryption, with respect to an encrypted attached file, which is an attached file of an email;
Based on the decryption input, a decryption unit that decrypts the encrypted attached file,
For the encrypted attached file, an instruction receiving unit that receives an instruction regarding a process that cannot be performed unless decryption is performed,
When the instruction is received in a state where the attached file is closed after the decryption input is received for the attached file, the decryption unit obtains the decryption based on the decryption input. Functioning as a file processing unit that performs processing corresponding to the instruction on the decrypted attached file ,
Said computer,
The decrypted attachment obtained by performing decryption by the decryption unit on the encrypted attached file, further function as a storage unit that stores in association with the encrypted attached file,
The file processing unit,
At the time of receiving the instruction, if the decrypted attached file is stored, perform a process corresponding to the instruction on the stored decrypted attached file,
The instruction is a first instruction related to a first process for the encrypted attached file, or a second instruction related to a second process other than the first process for the encrypted attached file,
Said computer,
Even when the release input has been received at the time of reception of the first instruction, further function as a request unit that requests the release input,
The file processing unit,
In response to receiving the first instruction, the decryption unit performs a first process on the decrypted attached file obtained by performing decryption based on the decryption input for the request,
In response to receiving the second instruction, the stored decrypted attachment file or the decrypted attachment obtained by the decryption unit performing decryption based on the stored decryption input. A program for performing a second process on a file .

Images