JP6749794B2 - Program and server - Google Patents

Description

The present invention relates to a program and a server.

2. Description of the Related Art Conventionally, electronic mail has been used as a communication tool, and there is an MTA (Mail Transfer Agent) that receives an electronic mail from a MUA (Mail User Agent) and delivers (delivers, sends, transfers) the electronic mail. To do.

Here, MUA is a client program used to send and receive e-mail in terminals on the Internet, and MTA receives and delivers e-mail on the network through SMTP (Simple Mail Transfer Protocol). A server (mail server).

As a conventional technique, for example, there is a mail system that encrypts an attached file when the attached file exists in the email and delivers the email to which the encrypted file is attached to a destination (Patent Document 1).

For example, according to the first embodiment shown in Patent Document 1, the receiving terminal 24 inquires of the attached file encryption device 17 for the password for decrypting the encrypted file and attaches it. When the file encryption device 17 succeeds in the authentication, the password can be transmitted to the terminal 24, and the terminal 24 can decrypt the encrypted file by the received password (see FIG. 2 of Patent Document 1).

Further, according to the second embodiment shown in Patent Document 1, the terminal 16 on the transmitting side accesses the designated URL (URL is an abbreviation for Uniform Resource Locator. The same applies hereinafter) to encrypt the attached file. The computerization device 57 is caused to transmit the password to the destination terminal 24. Then, the terminal 24 receives the password for decrypting the encrypted file from the attached file encryption device 57, and the terminal 24 can decrypt the encrypted file with the received password (Patent Document (See FIG. 11 of 1)

JP, 2008-187280, A

However, in the first example of the prior art, the sender (sender) sends an e-mail or a password with an attached file, and then, if he/she notices an erroneous transmission, or if the password is provided for a given reason. If you want to cancel, you cannot cancel the provision of the password, and there is a risk that a third party can view the contents of the attached file.

Also, in the second example of the prior art, the sender (sender) cannot cancel the password notification after clicking the URL for notifying the destination (receiver) of the password. , A third party may be able to view the contents of the attached file.

The present invention has been made in view of the above-mentioned problems, and when sending an email to which an encrypted file is attached to a destination, a password for decrypting the encrypted file can be more securely used. To provide a manageable program and server.

(1) The present invention is
A program for a server to send a specified e-mail,
A receiving unit for receiving the email sent from the sender,
When an attachment file exists in the e-mail, an encryption processing unit that performs a process of encrypting the attachment file to generate an encrypted file and a process of generating a password for decrypting the encrypted file When,
An encrypted file electronic mail to which the encrypted file is attached instead of the attached file, and password inquiry information associated with the password, a transmission unit for transmitting to the destination,
In association with the password, a password control unit for setting the disclosure of the password or non-disclosure,
When the password inquiry information is accepted, and when the password is set to be public, the computer functions as a password providing unit that provides the password,
The password control unit,
The present invention relates to a program that sets the password to be public when the disclosure instruction of the password is received from the sender, and sets the password to be private when the disclosure instruction of the password is received from the sender.

The present invention also relates to an information storage medium in which the above program is stored. The present invention also relates to a server configured as each of the above parts.

According to the present invention, when the password disclosure instruction is received from the sender, the password is set to be public, and when the password disclosure instruction is received from the sender, the password is set to be secret. It is possible to flexibly manage the disclosure/non-disclosure of the information according to the intention of the sending user.

For example, even if the password is set to public, if the sender user sets the password private before the password is known to the destination user, the password will be provided even after sending the encrypted file email. The content of the attached file can be made unreadable by disabling the third party from decrypting the encrypted file.

(2) Further, the program, information storage medium, and server of this application example are
When the transmission of the encrypted file electronic mail is completed, the computer may further function as a transmission completion notification unit that notifies the sender of a transmission completion notification mail including information about the password.

According to the present invention, since the sender receives the transmission completion notification mail, the sender user can re-notify the necessity of setting the password public or private, and changes the password from public to private. Alternatively, the setting can be made without forgetting to change the password from private to public.

(3) Further, the program, information storage medium, and server of this application example are
The transmitter is
The encrypted file electronic mail and the inquiry information electronic mail including the password inquiry information may be individually transmitted to the destination.

According to the present invention, since the encrypted file electronic mail and the inquiry information electronic mail are individually transmitted to the destinations, the encrypted file electronic mail and the inquiry information electronic mail can be separately controlled.

(4) Further, the program, information storage medium, and server of this application example are
The transmitting unit,
The inquiry information electronic mail may be transmitted after a predetermined period from the time of transmitting the encrypted file electronic mail.

According to the present invention, the inquiry information e-mail is transmitted after a predetermined period of time from the transmission of the encrypted file e-mail, so that the sender user can set whether the password is public or private until the predetermined period ends. There is a time to review and reset. On the other hand, since the destination user receives the encrypted information and then the inquiry information email, the destination user receives the encrypted file email with the encrypted file attached, and then decrypts the encrypted file. It is possible to naturally perform a series of operations of obtaining and decrypting the password of.

(5) Further, the program, information storage medium, and server of this application example are
The transmitter is
The encrypted file electronic mail including the password inquiry information may be transmitted to the destination.

According to the present invention, since the password inquiry information is included in the encrypted file email, the destination user can clearly recognize the correspondence between the password inquiry information and the encrypted file email. Further, the destination user can prevent the password inquiry information from being lost.

(6) Further, the program, information storage medium, and server of this application example are
The password control unit,
The number of times the password inquiry information is received may be counted, and when the number of times exceeds a predetermined number, the password may be set to be secret.

According to the present invention, when the number of times the password inquiry information is received reaches the predetermined number or more, the password is set to be private, so that the disclosure of the password can be restricted and unnecessary leakage of the password can be prevented. be able to.

(7) Further, the program, information storage medium, and server of this application example are
The password control unit,
When there are a plurality of destinations of the e-mail, the password may be set to be public or private for each destination.

According to the present invention, it is possible to set the disclosure or non-disclosure of the password for each destination, so that the password can be managed according to the user.

An example of the functional block of the server of this embodiment. The figure showing the outline of the processing of the server of this embodiment. The figure which shows an example of the text of the inquiry information electronic mail of this embodiment. An example of information stored in the password storage unit 173 of the present embodiment. An example of the mail list screen of the password control target of this embodiment. An example of a password disclosure/non-disclosure setting screen of the present embodiment. An example of a password disclosure/non-disclosure setting screen of the present embodiment. 8A and 8B are examples of the password browsing screen of the present embodiment. An example of the text of the transmission completion notification mail of this embodiment. FIG. 10A shows a schematic diagram of the encrypted file electronic mail Ms and the inquiry information electronic mail Mp of the present embodiment. Further, FIG. 10B shows a schematic diagram of the encrypted file electronic mail Ms of this embodiment. The flowchart figure which shows the flow of a process of this embodiment. The flowchart figure which shows the flow of a process of this embodiment. The flowchart figure which shows the flow of a process of this embodiment.

The present embodiment will be described below. The present embodiment described below does not unreasonably limit the content of the present invention described in the claims. Moreover, not all of the configurations described in the present embodiment are essential configuration requirements of the invention.

1. Configuration FIG. 1 is an example of a functional block diagram of the server 10 of the present embodiment. The server 10 according to the present embodiment does not have to include all the units illustrated in FIG. 1, and may have a configuration in which some of the units are omitted.

The storage unit 170 stores programs and various data for causing a computer to function as each unit of the processing unit 100, and also functions as a storage area of the processing unit 100.

The storage unit 170 includes a temporary storage area and a storage. Storage is a device such as a hard disk, an optical disk, a flash memory, or a magnetic tape, which permanently stores data. The storage unit 170 may also store the programs and data stored in the information storage medium 180.

The storage unit 170 of this embodiment includes a main storage unit 171, which is used as a work area, a user information storage unit 172, and a password storage unit 173. It should be noted that a part of these may be omitted.

The main storage unit 171 can be realized by a RAM or the like. The main storage unit 171 is a storage area used in the processing of this embodiment. The user information storage unit 172 stores user information (user account, password, email address, etc.). The user information storage unit 172 may be configured by a DB (DB is an abbreviation for database; the same applies below). The password storage unit 173 stores a password and public or private information of the password. The password storage unit 173 may be configured by a DB.

The information storage medium 180 (computer readable medium) stores programs and data, and its function is an optical disk (CD, DVD), magneto-optical disk (MO), magnetic disk, hard disk, magnetic tape. Alternatively, it can be realized by a memory (ROM) or the like. The information storage medium 180 is a storage.

Further, the information storage medium 180 can store a program for causing a computer to function as each unit of the present embodiment (a program for causing a computer to execute the process of each unit).

The processing unit 100 performs various processes of this embodiment based on programs and data stored in the storage unit 170 and the information storage medium 180.

The processing unit 100 includes an electronic mail processing unit (MTA) 110 and a Web processing unit 120.

The electronic mail processing unit 110 receives and delivers electronic mail on the network via SMTP. The email processing unit 110 of this embodiment includes a receiving unit 111, a transmitting unit 112, a password control unit 113, a password providing unit 114, a transmission completion notifying unit 115, an analyzing unit 116, and an encryption processing unit 117.

The receiving unit 111 performs a process of receiving the electronic mail transmitted by the MUA 22 of the sender terminal 20 and having the envelope destination specified.

The transmission unit 112 performs a process of transmitting (delivery, delivery, transfer) the electronic mail received by the reception unit 111 to a destination.

In particular, when the email received by the receiving unit 111 includes an attached file, the sending unit 112 according to the present exemplary embodiment includes an encrypted file email to which an encrypted file is attached instead of the attached file, and the encrypted file email. The inquiry information including the password inquiry information associated with the password for decrypting the file is transmitted to the destination.

The transmission unit 112 may individually transmit the encrypted file email and the inquiry information email including the inquiry information to the destinations. For example, the transmission unit 112 may transmit the inquiry information e-mail after a predetermined period (for example, 5 minutes) from the time of transmitting the encrypted file e-mail.

Further, the transmitting unit 112 may transmit the encrypted file electronic mail including the inquiry information to the destination.

The password control unit 113 associates the password for decrypting the encrypted file with the password and sets whether the password is open or closed. For example, when the password control unit 113 receives a password disclosure instruction from the sender, it sets the password to be public. In addition, the password control unit 113 sets the password to be secret when the secret disclosure instruction of the password is received from the sender.

Further, the password control unit 113 may count the number of times the password inquiry information is received, and set the password to be private when the number of times reaches a predetermined number or more.

Further, the password control unit 113 may set the disclosure or non-disclosure of the password for each destination when there are a plurality of email destinations.

The password providing unit 114 provides the password when the password inquiry information is received and the password is set to be public. For example, the password providing unit 114 provides the password to the user when the password inquiry information is received from the user's terminal and the password is set to be public.

Here, "providing" the password includes both a method of notifying the password by e-mail and a control so that the password can be browsed by the Web server.

When the transmission of the encrypted file electronic mail is completed, the transmission completion notification unit 115 notifies the sender of a transmission completion notification mail including information about the password.

The analysis unit 116 performs a process of analyzing the received electronic mail. For example, a process of analyzing the envelope destination, the envelope sender, the message header, and the body part of the message body is performed. For example, the process of extracting the domain from the envelope destination, the process of extracting To, Cc, Bcc, Subject, Message-ID from the message header, the process of extracting the body of the message body, and the message Performs processing such as extracting attached files from the body part.

The encryption processing unit 117 performs encryption processing of the attached file when the attached file exists in the electronic mail received by the receiving unit 111, and the encrypted file and the password for decrypting the encrypted file. Produces and.

The Web processing unit 120 uses an HTTP (Hypertext Transfer Protocol) to respond to a request from a client software such as a Web browser 21 installed in the terminal 20 in an HTML (Hyper Text Markup).
(Language) A process of transmitting (providing) data such as a document or an image, and a process of receiving data accepted by the Web browser 21 of the terminal. Then, the server performs mail processing, DB update processing, and the like based on the information received from each terminal of the administrator and the user.

The administrator UI unit 121 performs a process of transmitting (providing) data for management setting and the like to the administrator terminal 20 in response to an access request from the Web browser 21 of the administrator terminal 20, and the information from the terminal 20. Is received.

That is, the administrator UI unit 121 adds, deletes, and updates each data in the DB based on the input from the administrator. Only the administrator is authorized to access the web page (URL) of the administrator UI.

The user UI unit 122 performs a login process and a process of controlling a web page of information related to the logged-in user to be browseable in response to a request from the web browser 21 of the terminal 20.

For example, the user UI unit 122 controls the web page for accepting password inquiry information and a password disclosure instruction or a password disclosure instruction in response to a request from the web browser 21 of the terminal 20.

The database processing unit 130 performs processing of registering, updating, and deleting data stored in the database (DB). For example, the database processing unit 130 causes the administrator UI unit 121 and the user UI unit 122 to update the database based on the data received from the terminal 20.

Note that the email processing unit 110, the Web processing unit 120, the database processing unit 130, and the storage unit 170 may be executed by one device, or may be distributed to different devices and execute each process depending on the purpose of the process. You may do it.

2. Overview FIG. 2 shows an overview of the processing flow of the server (mail server) 10 of this embodiment. The server of this embodiment has an MTA function of receiving an electronic mail including an envelope destination, an envelope sender, and a message, and delivering the electronic mail. The server 10 is also referred to as a “relay device” or an “information processing device” that controls the relay of electronic mail.

First, the server 10 of the present embodiment receives an electronic mail transmitted from the MUA 22 of the terminal 20, analyzes the received electronic mail, and determines whether or not there is an attached file.

If the server 10 determines that there is an attached file, the server 10 performs a process of encrypting the attached file to generate an encrypted file. The server 10 also generates a password for decrypting the encrypted file.

Then, the server 10 transmits to the destination an encrypted file electronic mail to which an encrypted file is attached instead of the attached file and an inquiry information electronic mail including password inquiry information (for example, URL) associated with the password.

The sender user A associates the password with an instruction to disclose or hide the password, and the server 10 associates the password with the password to set the disclosure or non-disclosure. In other words, the server 10 sets the password to be public when it receives the password disclosure instruction from the sender's terminal of the user A, and sets the password to public when it receives the password nondisclosure instruction from the user A's terminal. Set to private.

Then, the server 10 of the present embodiment provides the password to the terminal of the user B when the password inquiry information is received from the terminal of the user B as the destination and the password is set to be public. For example, since the server 10 functions as a web server, the password is controlled to be viewable by the web browser of the terminal of the user B.

As described above, according to the present embodiment, since the attachment file can be automatically encrypted by the server 10, the sender user A can save the labor of the encryption work. In addition, it is possible to prevent falsification of attached files and information leakage of attached files.

Further, the user B can browse the password by clicking the URL of the password inquiry information and viewing the password when the password is set to be public.

In addition, since the user A can set the disclosure to the secret again, the password can be kept secret even when the user A later learns that the information is not desired to be shown to the user B. it can. For example, if the public setting is set to public before the user B acquires the password, it is possible to prevent the information leakage of the password and the attached file.

It should be noted that the server 10 performs a process of directly transmitting an electronic mail having no attached file.

Here, the MTA sending an e-mail means a process of sending the received e-mail to another MTA via SMTP, or a local for sending to a user who has an account in the same system in which the server 10 operates. It also includes a process of sending to a delivery agent MDA (Mail Delivery Agent), and a case of sending to a user who has an account in the same system in which the server 10 operates without going through the MDA.

In the following description, the sender A (A@xxx.com) creates the email M with the attached file F, and the destination of the email M is the user B (B@yyy.com). A case will be described as an example.

3. Description of Encryption Process First, if the attachment file F exists in the email M received from the terminal 20-A of the user A, the server 10 encrypts the attachment file F and generates an encrypted file Fs. .. The server 10 also generates a password for decrypting the encrypted file Fs.

Then, the server 10 transmits the encrypted file electronic mail Ms to which the encrypted file Fs is attached instead of the attached file F.

The server 10 generates a password for decrypting the encrypted file Fs based on the given algorithm. In order to prevent the password character string from being easily analyzed, the password may be a character string of 20 digits or more including symbols, numbers, uppercase letters, and lowercase letters.

Then, the server 10 generates the encrypted file Fs in the ZIP format based on the password. That is, the user B receiving the encrypted file e-mail Ms cannot restore the original file F unless the password is specified.

In this way, the server 10 automatically encrypts the attachment file, so that it is possible to prevent a situation in which the sender mistakenly sends the attachment file F without encrypting it and thus makes a human error. You can

The server 10 may generate the encrypted file Fs by various methods, not limited to the ZIP format. Further, when the email M has a plurality of attachment files F, the server 10 compresses the plurality of attachment files F in the ZIP format to generate one encrypted file Fs. One encrypted file Fs may be generated for each file F.

4. Explanation of Password Inquiry Information When sending the encrypted file email Ms, the server 10 sends the inquiry information email Mp including the password inquiry information (for example, URL) associated with the password to the destination (B@yyy.com). Send.

The password inquiry information is information for inquiring the password of the encrypted file Fs, and is, for example, the URL of the server 10. The password inquiry information (URL) is a URL associated with the password. The password inquiry information (URL) may be a URL associated with the identification information (for example, message ID) of the encrypted file email Ms.

FIG. 3 shows an example of the body of the inquiry information electronic mail Mp received by the destination user B. For example, the text of the inquiry information electronic mail Mp includes the subject Ba of the encrypted file electronic mail Ms, the date Bb, the explanatory text Bc indicating the method of acquiring the password, and the password inquiry information Bd.

The password inquiry information Bd is associated with the password and indicates the URL of the website where the password can be browsed.

Further, the server 10 may transmit the inquiry information electronic mail Mp to the destination (B@yyy.com) after a predetermined period (for example, 5 minutes) from the transmission time T1 of the electronic mail Ms. By doing this, it is possible to allow the sender user A to review the password disclosure/nondisclosure settings and reset them until the predetermined period ends. It should be noted that the server 10 may set the length of the predetermined period based on the instruction from the sending user A to set the predetermined period.

5. Description of Information Regarding Password In this embodiment, the password is set to be public or private in association with the password. FIG. 4 is an example of information stored in the password storage unit 173 of the server 10. For example, in the password storage unit 173, the sender, destination, password, disclosure flag F, expiration date, and access count K of the encrypted file email are associated with the ID for identifying the encrypted file email. Remembered.

For example, the ID is identification information that can uniquely identify the encrypted file email, for example, the Message-ID of the email. Further, the sender indicates the envelope From. The destination indicates the envelope To. The password is a password used to decrypt the encrypted file. The open flag F indicates whether the password is open or closed. For example, the disclosure flag F=1 means that the password is disclosed, and the password disclosure flag F=0 means that the password is not disclosed.

In the example of FIG. 4, the public flag F=1 for the encrypted file electronic mail with the ID of 0001, so the user B of the destination (B@yyy.com) can obtain the password. With respect to the encrypted file electronic mail of No. 0003, since the disclosure flag F=0, the user G of the destination (G@zzz.com) cannot acquire the password.

The expiration date indicates the date and time of the expiration date when the password can be acquired. The access count K is the number of times the password inquiry information is received. In other words, it indicates the number of times the password inquiry information (URL) for acquiring the password has been accessed.

The password stored in the password storage unit 173 may be a character string (hash value or the like) for requesting the password, instead of the password itself.

6. Description of Setting Password Disclosure or Disclosure For example, when the server 10 according to the present exemplary embodiment receives a password disclosure instruction from the sender, the server 10 sets the password to be public and receives the password nondisclosure instruction from the sender. Password, set the password private.

As an initial state, the server 10 sets the initial value of the public flag F associated with the password to 1. That is, in the initial state, the password is made public. Then, when the “non-disclosure” instruction (F=0) is received from the sender, the value of the disclosure flag F is updated to 0.

When the terminal of the sender user A logs in based on the input of the user A, as shown in FIG. 5, the list screen GA for setting the disclosure/non-disclosure of the password is displayed by the Web browser.

On the list screen GA, a list of encrypted file e-mails from which the user A (A@xxx.com) is the sender is displayed. For example, when the user A clicks on the subject, the user A can refer to the content (header, text, attached file, etc.) of the encrypted file email that has been sent and has been sent.

For example, when the details button Ea is clicked on the list screen GA, the password disclosure/non-disclosure setting screen GB is displayed.

FIG. 6 shows an example of the password disclosure/nondisclosure setting screen GB. For example, on the password disclosure/non-disclosure setting screen GB, a summary Ca of the encrypted file email Ms, a disclosure check box Cb, and a confirm button Cc are displayed. In FIG. 6, the check box Cb of the check box for publicizing the encrypted file e-mail is checked, which means that it is “public”.

For example, when the user A unchecks the disclosure check box Cb and clicks the confirm button Cc, the terminal 20 of the user A transmits a non-disclosure instruction (F=0) to the server 10 in association with the password “df8godfsioh”. To do. When the server 10 receives the non-disclosure instruction (F=0) associated with the password “df8godfsioh” from the terminal 20 of the user A, the server 10 sets the value of the disclosure flag F associated with the password “df8godfsioh” to 0. (Update.

On the other hand, if the current state of the encrypted file e-mail is “non-public”, that is, if the open check box Cb is not checked, clicking the check button and the confirmation button Cc causes the user A The terminal 20 transmits a disclosure instruction (F=1) to the server 10 in association with the password “df8godfsioh”. When the server 10 receives the disclosure instruction (F=1) of the password associated with the password “df8godfsioh” from the terminal 20 of the user A, the server 10 sets the value of the disclosure flag F associated with the password “df8godfsioh” to 1. Set (update).

Further, the server 10 may set the initial value of the public flag F associated with the password “df8godfsioh” to 0 as an initial state. That is, in the initial state, the password "df8godfsioh" is kept private. The value of the disclosure flag F may be updated to 1 when the instruction (F=1) to set the password "df8godfsioh" to "public" from the sender user A is received.

When the initial state of the password disclosure/non-disclosure is set to the public state, that is, when the initial value of the disclosure flag F is set to 1, the time for the sender user A to instruct from public to public is reduced. You can However, when the sender user A wants to change from the public state to the private state, the destination user B may be able to obtain the password before the change.

On the other hand, when the initial state of the password disclosure/non-disclosure is set to non-disclosure, that is, when the initial value of the disclosure flag F is set to 0, it is troublesome for the sender A to instruct from public to non-disclosure. As a result, the sender user A can securely control the disclosure/nondisclosure of the password. That is, when the user A wants to cancel the disclosure of the attached file after transmitting the encrypted file email Ms to the user B who is the destination, at least by keeping the password private, the user A attaches it to the user B. You can make the contents of a file inaccessible.

The server 10 may set the disclosure or non-disclosure of the password for each destination when there are a plurality of email destinations.

For example, as shown in FIG. 7, when there are two destinations of B@yyy.com and C@yyy.com, the disclosure check Cb1 and Cb2 are provided for each destination, and the sender user A Make it possible to give public and private instructions. By doing so, it is possible to manage a password suitable for the destination user.

7. Description of Password Providing The server 10 provides the password when the password inquiry information is received and the password is set to be public.

For example, when the public/private state of the password for the encrypted file electronic mail Ms with ID 0001 is public (when the public flag F=1), the user B of the destination (B@yyy.com) , Can get the password. That is, the destination user B can access the password browsing screen GC and browse the password “df8godfsioh” as shown in FIG. 8A by clicking the password inquiry information Bd (for example, URL) in FIG. be able to.

As shown in FIG. 8A, the password screen GC may display various information such as the subject Da and the date Db regarding the encrypted file email Ms, in addition to the password of the encrypted file email Ms.

On the other hand, when the public/private state of the password for the encrypted file electronic mail Ms with the ID 0001 is private (when the public flag F=0), the user B of the destination (B@yyy.com) Can not browse the password. That is, when the destination user B clicks the password inquiry information Bd (for example, URL) shown in FIG. 3, it is possible that the password cannot be browsed as shown in the password screen GD as shown in FIG. 8B. The information Dd is displayed.

In the present embodiment, a user other than the destination user B (eg, user C, user D, etc.) can access the password inquiry information (URL). For example, when the password is open to the public, the user B can teach the password inquiry information (URL) to the user C so that the user C can browse the password inquiry information (URL). Further, the server 10 may notify the access code for accessing the password inquiry information (URL) by an inquiry information e-mail, and at the time of accessing the password inquiry information (URL), the server 10 may perform authentication by the access code. .. In this way, only the user who knows the access code in addition to the password inquiry information (URL) can access.

8. Description of Delivery Completion Notification Mail In the present embodiment, when the transmission of the encrypted file electronic mail Ms is completed, the transmission completion notification mail Me including the information regarding the password is notified to the terminal 20 of the sender A. May be. The user A can be urged to be careful about setting the password to be public or private, and the user A is again required to change the password from public to private or to change the password from private to public. This is because it can be recognized again and the setting can be performed.

FIG. 9 shows an example of the body of the transmission completion notification mail Me. The transmission completion notification mail Me includes information such as the subject Fa of the encrypted file electronic mail Ms and the transmission date Fb.

In addition, as shown in FIG. 9, a password such as information Fc indicating the state of the password (public or private) and information Fd of the URL of the website for changing the password from public to private or from private to public. Display information about.

For example, when the user A clicks the information Fd related to the password, the password disclosure/non-disclosure setting screen GB shown in FIG. 6 is displayed. By doing so, the user A can promptly set whether the password is open or closed.

9. Example of Encrypted File E-mail Ms As shown in FIG. 10A, the server 10 of the present embodiment separately provides an encrypted file e-mail Ms and an inquiry information e-mail Mp including password inquiry information Bd. In the above description, the example of sending to the terminal of the user B who is the destination has been described. However, the encrypted file electronic mail Ms including the password inquiry information Bd may be sent to the terminal of the user B who is the destination.

For example, the server 10 attaches the encrypted file Fs and the password inquiry information file Fp including the password inquiry information Bd to the encrypted file email Ms, as shown in FIG. 10(B). In this way, the destination user B can clearly recognize the correspondence relationship between the password inquiry information Bd and the encrypted file Fs, and thus can obtain the password for decrypting the encrypted file Fs. The trouble of finding out the password inquiry information Bd can be prevented. The server 10 may describe the password inquiry information Bd in the header or the body of the encrypted file email Ms without attaching the password inquiry information file Fp.

10. Control Based on Number of Times of Accepting Password Inquiry Information The server 10 of the present embodiment sets the initial value of the number of times K of accepting password inquiry information to 0, counts the number of times K each time the password inquiry information is accepted, and The password may be set to be secret when the number of times K exceeds a predetermined number.

For example, the server 10 automatically sets the password to be private when the number K of times the password inquiry information is received becomes 1 or more (K≧1). In this way, it is possible to limit the number of times the password inquiry information (URL) is accessed, and it is possible to reduce the chances of information leakage of the password as much as possible.

Also, the sender A notices that the encrypted file e-mail has been sent to an unintended party, and refers to the number K when attempting to keep the password private, so that the security status can be facilitated. Can be determined. That is, when the number of times K is 0, the sender user A can determine that the leakage of information about the content of the encrypted file can be prevented and that it is in time for ensuring security, and when the number of times K is 1 or more. In some cases (when the number of times K is not 0), it can be determined that it is too late to prevent information leakage.

That is, if the number of times K is 0, the sender user A can determine that the password has not been referenced by anyone yet, and the encrypted file cannot be decrypted. If the number of times K is 1 or more, It can be determined that the password has already been referred to by the user such as the destination user B and the password can be decrypted.

11. Flowcharts The processing flow of this embodiment will be described with reference to FIGS. 11A, 11B, and 11C.

First, as shown in FIG. 11A, the terminal 20-A of the user A (A@xxx.com) on the sending side sends an attached file e-mail (step S1). The destination of the attached file email is user B (B@yyy.com).

When the server 10 receives the attached file email (step S11), the server 10 encrypts the attached file (step S12) and generates an encrypted file email (step S13).

Further, the server 10 sends the encrypted file electronic mail to the destination (step S14). Then, the destination user B's terminal 20-B receives the encrypted file e-mail (step S100).
The server also transmits a transmission completion notification mail to the sender (step S15). The terminal 20-A of the sender user A receives the transmission completion notification mail (step S2).

Then, the server sends the inquiry information electronic mail to the destination (step S16). The terminal 20-B of the destination user B receives the inquiry information electronic mail (step S101).

Next, referring to FIG. 11B, the terminal 20-B of the destination user B accesses the password inquiry information (URL) (step S102).

Upon receiving the password inquiry information (step S17), the server 10 determines whether or not the password is open (step S18).

If the password is open to the public (Y in step S18), the password is made visible and a web page is generated (step S19). On the other hand, if the password is not disclosed (N in step S18), the password is made unreadable and a web page is generated (step S20). For example, a Web page without a password is generated.

When the password can be browsed, the terminal 20-B of the destination user B browses the password (step S103) and performs a process of decrypting the encrypted file with the password (step S104). Note that the terminal 20-B cannot decrypt the encrypted file if the password cannot be browsed.

The terminal 20-A of the sender user A can issue a password disclosure/nondisclosure instruction after step S2. As shown in FIG. 11C, when there is a password disclosure instruction (Y in step S3), the terminal 20-A transmits the password disclosure instruction to the server 10 (step S4).

Upon receiving the password disclosure instruction (step S21), the server 10 sets the password to be public (step S22).

In addition, when there is an instruction to hide the password (Y in step S5), the terminal 20-A transmits the password non-disclosure instruction to the server 10 (step S6).

Upon receiving the password private instruction (step S23), the server 10 sets the password private (step S24). This is the end of the process.

12. Application Example (1) Application Example of Password Public or Private Control In the present embodiment, an example in which the sender user A sets the password public or private is described, but a user other than the sender public or private You may set it as secret.

For example, the server 10 sets a group made up of a plurality of users in advance. For example, it is assumed that a group G1 to which the sender user A, the user E, and the user F belong is defined. Then, when the server 10 receives a password disclosure instruction from the user E and the user F of the same group G1 as the sender user A, the server 10 sets the password to be public, and the user of the same group G1 as the sender user A. The password may be set to be private when the private instruction of the password is received from E or the user F.

By doing this, if the users E and F of the same group G1 as the sender A find that they are sending encrypted files that should not be sent to the destination, the password of the encrypted file to the destination is sent. Can be prevented from disclosure.

In addition, when the superior of the user A who is the sender (“the superior” is also referred to as “inspector” or “specific user”) is set in advance, the server 10 discloses the password from the superior or You may make it accept a private instruction. That is, the server 10 may set the password to be public when receiving the password disclosure instruction from the superior, and may set the password to be private when receiving the password disclosure instruction from the superior. ..

In the server 10, the sender user A (A@xxx.com) designates a plurality of destinations (for example, user B (B@yyy.com) and user J (J@xxx.com)). When sending a newsletter, user J who owns the mail address that contains the same domain name (xxx.com) as the sender (A@xxx.com) included in the newsletter will be instructed to disclose or hide the password. You may make it accept. That is, the server 10 may set the password to be public when receiving the disclosure instruction from the user J, and may set the password to be private when receiving the password nondisclosure instruction from the user J.

Further, the server 10 is a case where, for example, the user B (B@yyy.com) and the user K (k@xxx.com) are registered in the mailing list (ML@xxx.com), and When user A sends an e-mail addressed to the mailing list (ML@xxx.com), it is registered in the mailing list and the same domain name (xxx.com) as the sender (A@x xx.com) An instruction to disclose or hide the password may be received from the user K who owns the email address (k@xxx.com) including the password. That is, the server 10 may set the password to be public when the password disclosure instruction is received from the user K, and may set the password to be private when the password disclosure instruction is received from the user K. ..

Note that the server 10 does not accept a password disclosure instruction from a user other than the sender (for example, users E, E, superiors, user J, and user K), but only a password nondisclosure instruction from the user other than the sender. May be accepted.

(2) Others The electronic mail of the present embodiment is not limited to SMTP, and may be sent and received by a given protocol.

Further, the data of this embodiment, for example, e-mail data, attached file data, and encrypted file data may be stored in a storage area on the Internet called a cloud.

Further, the server 10 of the present embodiment may encrypt the attachment files of all the received emails, or may encrypt the attachment files of the emails that satisfy the given rule. You may control. For example, the server 10 may set the rule condition in advance based on the input information from the administrator or the user.

10 servers, 20 terminals,
100 processing unit, 110 electronic mail processing unit (MTA), 111 receiving unit, 112 transmitting unit, 113 password control unit, 114 password providing unit, 115 transmission completion notifying unit, 116 analyzing unit, 117 encryption processing unit, 120 Web processing Parts, 121 administrator UI part, 122 user UI part, 130 database processing part, 170 storage part, 171 main storage part, 172 user information storage part, 173 password storage part, 180 information storage medium, 21 web browser, 22 MUA

Claims (12)

A program for a server to send a specified e-mail,
A receiving unit for receiving the email sent from the sender,
When an attachment file exists in the e-mail, an encryption processing unit that performs a process of encrypting the attachment file to generate an encrypted file and a process of generating a password for decrypting the encrypted file When,
An encrypted file electronic mail to which the encrypted file is attached instead of the attached file , and password inquiry information associated with the password, a transmission unit for transmitting to the destination,
In association with the password, a password control unit for setting the disclosure of the password or non-disclosure,
When the password inquiry information is accepted, and when the password is set to be public, the computer functions as a password providing unit that provides the password,
The password control unit,
When the disclosure instruction of the password is accepted from the sender, the password is set to be public, and when the private instruction of the password is accepted from the sender, the password is set to be private ,
When a password disclosure instruction is received from a predetermined user other than the sender, the password is set to be public, and when the password confidential instruction is received from the predetermined user, the password is not disclosed. A program characterized by setting to . A program for a server to send a specified e-mail,
A receiving unit for receiving the email sent from the sender,
When an attachment file exists in the e-mail, an encryption processing unit that performs a process of encrypting the attachment file to generate an encrypted file and a process of generating a password for decrypting the encrypted file When,
An encrypted file electronic mail to which the encrypted file is attached instead of the attached file , and password inquiry information associated with the password, a transmission unit for transmitting to the destination,
In association with the password, a password control unit for setting the disclosure of the password or non-disclosure,
When the password inquiry information is accepted, and when the password is set to be public, the computer functions as a password providing unit that provides the password,
The password control unit,
When the disclosure instruction of the password is accepted from the sender, the password is set to be public, and when the private instruction of the password is accepted from the sender, the password is set to be private ,
When a password disclosure instruction is not accepted from a predetermined user other than the sender, and a password non-disclosure instruction is received from the predetermined user, and when the password non-disclosure instruction is received from the predetermined user. And a program for setting the password to be private . In claim 1 or 2,
As a setting unit that sets a group made up of a plurality of users in advance, the computer further functions,
The password control unit ,
A program, wherein a user other than the sender that belongs to the same group as the sender is the predetermined user. In claim 1 or 2,
The password control unit,
A program characterized in that the user who is the superior of the sender is the predetermined user. In claim 1 or 2,
The password control unit,
In the case where a plurality of destinations are specified in the electronic mail, a user who is a user other than the sender and whose domain is the same as the sender of the plurality of destinations is the predetermined user. A program characterized by. In claim 1 or 2,
The password control unit,
When the destination of the e-mail is a mailing list, a user other than the sender, of the mail addresses registered in the mailing list whose domain is the same as the sender, is defined as the predetermined user. A program characterized by: A server that sends an email with a specified destination,
A receiving unit for receiving the email sent from the sender,
When an attachment file exists in the e-mail, an encryption processing unit that performs a process of encrypting the attachment file to generate an encrypted file and a process of generating a password for decrypting the encrypted file When,
An encrypted file electronic mail to which the encrypted file is attached instead of the attached file , and password inquiry information associated with the password, a transmission unit for transmitting to the destination,
In association with the password, a password control unit for setting the disclosure of the password or non-disclosure,
A case where the password inquiry information is received, and including a password providing unit which provides the password when the password is set to be public,
The password control unit,
When the disclosure instruction of the password is accepted from the sender, the password is set to be public, and when the private instruction of the password is accepted from the sender, the password is set to be private ,
When a password disclosure instruction is received from a predetermined user other than the sender, the password is set to be public, and when the password confidential instruction is received from the predetermined user, the password is not disclosed. A server characterized by being set to . A server that sends an email with a specified destination,
A receiving unit for receiving the email sent from the sender,
When an attachment file exists in the e-mail, an encryption processing unit that performs a process of encrypting the attachment file to generate an encrypted file and a process of generating a password for decrypting the encrypted file When,
An encrypted file electronic mail to which the encrypted file is attached instead of the attached file , and password inquiry information associated with the password, a transmission unit for transmitting to the destination,
In association with the password, a password control unit for setting the disclosure of the password or non-disclosure,
A case where the password inquiry information is received, and including a password providing unit which provides the password when the password is set to be public,
The password control unit,
When the disclosure instruction of the password is accepted from the sender, the password is set to be public, and when the private instruction of the password is accepted from the sender, the password is set to be private ,
When a password disclosure instruction is not accepted from a predetermined user other than the sender, and a password non-disclosure instruction is received from the predetermined user, and when the password non-disclosure instruction is received from the predetermined user. A server characterized in that the password is set to be private . In Claim 7 or 8,
Further including a setting unit for setting a group composed of a plurality of users in advance,
The password control unit ,
A server characterized in that a user other than the sender that belongs to the same group as the sender is the predetermined user. In Claim 7 or 8,
The password control unit,
The server, wherein the user who is the superior of the sender is the predetermined user. In Claim 7 or 8,
The password control unit,
In the case where a plurality of destinations are specified in the electronic mail, a user who is a user other than the sender and whose domain is the same as the sender of the plurality of destinations is the predetermined user. A server characterized by. In Claim 7 or 8,
The password control unit,
When the destination of the e-mail is a mailing list, a user other than the sender, of the mail addresses registered in the mailing list whose domain is the same as the sender, is defined as the predetermined user. A server characterized by:

Images