WO2010061443A1 - Network management program, network management method, and network management server - Google Patents

Network management program, network management method, and network management server Download PDF

Info

Publication number
WO2010061443A1
WO2010061443A1 PCT/JP2008/071505 JP2008071505W WO2010061443A1 WO 2010061443 A1 WO2010061443 A1 WO 2010061443A1 JP 2008071505 W JP2008071505 W JP 2008071505W WO 2010061443 A1 WO2010061443 A1 WO 2010061443A1
Authority
WO
WIPO (PCT)
Prior art keywords
information processing
processing terminal
program
terminal device
encryption
Prior art date
Application number
PCT/JP2008/071505
Other languages
French (fr)
Japanese (ja)
Inventor
杉中順子
Original Assignee
緒方延泰
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 緒方延泰 filed Critical 緒方延泰
Priority to PCT/JP2008/071505 priority Critical patent/WO2010061443A1/en
Publication of WO2010061443A1 publication Critical patent/WO2010061443A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/18Network architectures or network communication protocols for network security using different networks or channels, e.g. using out of band channels
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/061Network architectures or network communication protocols for network security for supporting key management in a packet data network for key exchange, e.g. in peer-to-peer networks

Definitions

  • the present invention relates to a network management technique for managing transmission / reception of an encrypted file performed between a plurality of information processing terminal devices connected to a network.
  • the public key method is preferable from the viewpoint of secrecy because a file encrypted with the public key can be decrypted only with the private key of the receiving information terminal.
  • a method of setting an expiration date for the public key or authenticating the public key is also adopted, but it is effective because it can be input by a third party before the expiration date or impersonated the certificate authority. There are limits.
  • Patent Document 1 if the common key is changed, the secrecy can be further improved.
  • a computer provided with two modem circuits or ISDN interface circuits is used.
  • the first channel is connected to a receiver via a router via the Internet or an in-house network, and the second channel is connected via an exchange.
  • An electronic authentication system that directly connects to a recipient via a public line or an in-house communication line is described.
  • the document file is encrypted with a secret key and transmitted on the first channel, and the public key is transmitted on the second channel. Since the public key and the private key can be changed every time the document is transmitted, the possibility of being stolen by a third party is reduced. JP 2002-51038 A
  • the object of the present invention is to update the encryption program between the sender and the decryption program with the receiver at a predetermined timing by the management server on the network, thereby improving the confidentiality of the file to be transmitted / received. It is to raise it further.
  • a network management server includes a plurality of encryption programs and a corresponding decryption program in a network management server that manages transmission / reception of encrypted files performed between a plurality of information processing terminal devices connected to a network. And a selection means for selecting one encryption program for an information processing terminal device that can be a transmission source and a one decryption program for an information processing terminal device that can be a transmission destination, respectively.
  • Distribution means for distributing at least the encrypted encryption / decryption program before transmission of the file, management means for managing the encryption program and the decryption program distributed to each information processing terminal device, and transmission source information Receiving means for receiving a file that has been encrypted and transmitted by the processing terminal device, and whether the received file Extraction means for specifying each of the information processing terminal devices of the transmission source and the transmission destination, and decoding for decoding the file transmitted from the information processing terminal of the transmission source with a corresponding decoding program according to management information of the management means Means, an encryption means for encrypting the decrypted file with an encryption program corresponding to a decryption program distributed to the information processing terminal device of the transmission destination extracted by the extraction means, and the encryption means And a transmission unit configured to transmit the encrypted file to the information processing terminal device of the transmission destination detected by the detection unit.
  • the network management program of the present invention is a network management program for managing transmission / reception of encrypted files performed between a plurality of information processing terminal devices connected to a network by a network management server. And a storage means for storing the corresponding decryption program, one encryption program for the information processing terminal device that can be the transmission source, and one decryption program for the information processing terminal device that can be the transmission destination, respectively.
  • Selection means for delivering the selected encryption / decryption program at least before transmission of the file, management means for managing the encryption program and decryption program delivered to each information processing terminal device, transmission source Receive files that have been encrypted and sent by other information processing terminal devices
  • a communication unit an extraction unit that identifies each information processing terminal device of a transmission source and a transmission destination from the received file, and a decoding program that corresponds to a file transmitted from the information processing terminal of the transmission source by management information of the management unit
  • Decrypting means for decrypting with, an encrypting means for encrypting the decrypted file with an encryption program corresponding to the decryption program distributed to the information processing terminal device of the transmission destination extracted by the extracting means
  • the network management server is caused to function as a transmission unit that transmits a file encrypted by the encryption unit to a destination information processing terminal device detected by the detection unit.
  • the network management method of the present invention is a network management method in which a network management server manages transmission / reception of an encrypted file performed between a plurality of information processing terminal devices connected to a network.
  • the encryption program and the corresponding decryption program are stored, and the selecting means stores one encryption program in the information processing terminal device that can be the transmission source and one decryption program in the information processing terminal device that can be the transmission destination.
  • the management unit manages the encryption program and the decryption program distributed to each information processing terminal device, and the distribution unit selects the selected encryption and decryption program at least for the file.
  • the receiving means encrypts the transmitted file and sends it to the information processing terminal device
  • the extracting means identifies the information processing terminal device of the transmission source and the transmission destination from the received file
  • the decoding means manages the file transmitted from the information processing terminal of the transmission source by the management means
  • the encryption unit and the transmission unit transmit the file encrypted by the encryption unit to the information processing terminal device of the transmission destination detected by the detection unit.
  • the storage means stores a plurality of encryption programs and corresponding decryption programs. Then, one encryption program selected by the selection unit by the selection unit is selected by the distribution unit by the distribution unit, and the selection unit by the selection unit selects the information processing terminal unit by which the transmission unit can be the transmission destination. The one decrypted program is distributed at least before transmission of the file.
  • the management means manages the encryption program and the decryption program distributed to each information processing terminal device. When a file encrypted and transmitted by the information processing terminal device of the transmission source is received by the reception unit, the information processing terminal device of the transmission source and the transmission destination is specified from the received file by the extraction unit.
  • the decryption means extracts a decryption program corresponding to the file transmitted from the information processing terminal of the transmission source according to the management information of the management means, and decrypts with this decryption program.
  • the encrypted means encrypts the decrypted file with an encryption program corresponding to the decryption program distributed to the information processing terminal device of the transmission destination extracted by the extraction means, and thereafter the transmission means
  • the file encrypted by the encryption unit is transmitted to the information processing terminal device of the transmission destination specified by the extraction unit.
  • the file transmitted from the information processing terminal device of the transmission source is changed to a ciphertext that differs almost every transmission, and the encrypted file is transmitted from the information processing terminal device of the transmission source by the network management server. Since the ciphertext is substantially different from the ciphertext and is transmitted to the information processing terminal device of the transmission destination (that is, received by the information processing terminal device of the transmission destination), the confidentiality is remarkably improved. Further, since different encryption programs and decryption programs can be distributed (provided) to a large number of information processing terminal devices, this network is used, for example (having authority to access this network). Even if there are many members, efficient security management can be realized easily.
  • the network management server distributes a predetermined method, for example, a complicated rule or a random encryption program and decryption program, for the server administrator, which encryption program is currently in each information processing terminal device. Therefore, it is not known which decryption program is in a distributed state, and security from an artificial aspect is ensured.
  • the distribution means distributes one encryption program and decryption program selected by a predetermined method to each information processing terminal device at a predetermined timing. According to this configuration, since each information processing terminal device always has one encryption program and decryption program, it is possible to support transmission of encrypted files and reception of encrypted files. In addition, since each information processing terminal device has different encryption programs and decryption programs in the direction of time, even if the encryption program or decryption program leaks temporarily for some reason, At this point, since there is another encryption program and decryption program, confidentiality is ensured.
  • the predetermined timing is every preset period. According to this configuration, since the encryption program and the decryption program are periodically updated, the significance of illegal acquisition or theft of the encryption program and the decryption program is lost. Note that the term “periodic” refers to every predetermined time, every day, every few days, and the like, and can be set based on network traffic and the required security level.
  • the selection means when the selection means receives a transmission request signal including information on a transmission source and a transmission destination, which is transmitted prior to transmission of a file from the information processing terminal device of the transmission source, the transmission request signal 1 is selected for the information processing terminal device that has transmitted the message, and one decryption program is selected for the information processing terminal device that is the transmission destination, and the distribution means transmits the transmission request signal.
  • the selected encryption program is distributed to the terminal device, and the selected decryption program is distributed to the information processing terminal device of the transmission destination. According to this configuration, the encryption program is distributed immediately before the transmission of the file, and the decryption program is distributed to the transmission destination of the transmission file at the same time. Even if done, the program is virtually useless.
  • the predetermined method in the present invention is to select at random. According to this configuration, the server administrator itself cannot grasp the current distribution status of the encryption program and the decryption program, and cannot leak from the human side.
  • a random method typically, a method in which a random number generator or the like is provided and the corresponding encryption program and decryption program are individually set based on the generated random value can be employed.
  • the distribution means in the present invention distributes a plurality of encryption programs and corresponding decryption programs to all information processing terminal devices in advance, and corresponds to the encryption programs and the same at the predetermined timing.
  • the identification information for identifying the decryption program is distributed by the predetermined method. According to this configuration, since the encryption program and the decryption program are not distributed directly from the network management server, it is possible to extremely limit the chance of unauthorized acquisition.
  • the present invention includes a member management unit, wherein the network is a dedicated network provided together with the Internet, and the member management unit sets authority to permit connection to the dedicated network in the information processing terminal device It is characterized by being. According to this configuration, since the use of the dedicated network is restricted to file transmission / reception between members, it is difficult to enter from other networks, and high security management is possible.
  • a file transmitted from the information processing terminal device of the transmission source is changed to a ciphertext that differs almost every transmission, and the encrypted file is transmitted from the information processing terminal device of the transmission source by the network management server. Since the ciphertext that is substantially different from the transmitted ciphertext is transmitted to the information processing terminal device of the transmission destination, the confidentiality can be significantly improved.
  • the network management server distributes the encryption program and the decryption program in a predetermined method, for example, a complicated rule or at random, for the server administrator, which information processing terminal device currently has Without knowing which encryption program and which decryption program are distributed, it is possible to ensure security from an artificial viewpoint.
  • FIG. 1 is an overall schematic configuration diagram of the Internet and a dedicated network system.
  • 1 is a configuration diagram illustrating an embodiment of an information processing terminal device 1.
  • FIG. 4 is a block configuration diagram of the information processing terminal device 1.
  • FIG. It is a block diagram of the functional part relevant to this invention among the functional blocks of the management server 2.
  • FIG. 5 is a flowchart of a program distribution process executed by the control unit 200 using a management program of the management server 2.
  • 6 is a flowchart of a file relay process executed by the control unit 200 using a management program of the management server 2. It is a flowchart of other program delivery processing (II) performed by the control part 200 using the management program of the management server 2.
  • II program delivery processing
  • FIG. 1 is an overall schematic configuration diagram of the Internet and a dedicated network system.
  • This system includes the Internet 4 and a dedicated network 5 different from the Internet 4.
  • the dedicated network 5 is configured such that only members who have become members are authorized to connect, so that information can be exchanged between the members via the dedicated network 5.
  • the dedicated network 5 supports electronic payment between members registered in the established organization. For example, payment in general commercial transactions, for example, issuance of invoices from dealer stores, Various electronic documents (referred to as files) regardless of whether they are received, issued from the purchaser to the account of the contract financial institution that issued the invoice (ie, payment), issued, or other electronic payments This makes it possible to perform transmission / reception processing.
  • the system shown in FIG. 1 includes an information processing terminal device 1 owned by each member and a management server 2 arranged in a management organization that manages information exchanged between the information processing terminal devices 1.
  • both the Internet 4 and the dedicated network 5 are communicably connected via a contracted provider (ISP) 3.
  • ISP contracted provider
  • Each information processing terminal device 1 only needs to be connected to the dedicated network 5 and does not necessarily have to be connected to the Internet 4 (see, for example, the information processing terminal device 1 at the right end of FIG. 1).
  • Management server 2 is connected to a dedicated network 5.
  • the management server 2 may be installed in one ISP 3.
  • FIG. 2 is a configuration diagram showing an embodiment of the information processing terminal device 1.
  • the information processing terminal device 1 includes a known personal computer terminal (hereinafter referred to as a personal computer terminal) 10 and an information processing device 11 interposed between the personal computer terminal 10 and the ISP 3.
  • the personal computer terminal 10 is a general personal computer connected to the Internet 4 via a corresponding ISP 3, and uses a browser in the computer to store public information on a website and the like. Information (not shown) can be searched and viewed.
  • the information processor 11 has a built-in router function, is positioned as a modem, for example, and has a predetermined information processing function (for example, related to the electronic payment described above).
  • FIG. 3 is a block diagram of the information processing terminal device 1.
  • the personal computer terminal 10 includes an input unit 10a for inputting information and an instruction for information processing, and a monitor 10b for displaying information. Further, the personal computer terminal 10 is roughly divided into a hard disk (HDD) 101, a control board unit including an information processing unit 102 and a storage unit 103 configured by a CPU (Central processing unit), a monitor 10b for displaying various images, An input unit 10a composed of a keyboard, a mouse and other operation members for inputting the operation instructions and information, and a disc loading unit 10c for detachably loading a disc such as a CDROM.
  • HDD hard disk
  • a control board unit including an information processing unit 102 and a storage unit 103 configured by a CPU (Central processing unit)
  • a monitor 10b for displaying various images
  • An input unit 10a composed of a keyboard, a mouse and other operation members for inputting the operation instructions and information
  • a disc loading unit 10c for detachably loading
  • the information processing unit 11 has a predetermined shape, for example, a rectangular parallelepiped housing, and is provided with a modulator and a demodulator (not shown) for executing an original modem function, and for input / output at an appropriate place on the surface. Wiring terminals are provided.
  • the modulator modulates information created by the personal computer terminal 10 over the Internet 4 and information created by the personal computer terminal 10 or the information processor 11 into a signal form that can be transmitted through the dedicated network 5.
  • the signal received via the Internet 4 is demodulated into a signal form that can be processed by the personal computer terminal 10 and the signal received via the dedicated network 5 by the information processor 11.
  • the information processor 11 includes a liquid crystal panel or a plasma display panel at an appropriate surface, and includes a display unit 11a that displays an image and an operation unit 11b such as a touch panel that is stacked on the display unit 11a.
  • the information processor 11 includes a control unit 110, a router function unit 120, and a data storage unit 130.
  • the control unit 110 includes a CPU, and executes a creation support process for information (file) such as a required document or image, a data storage process, and a file transmission / reception process.
  • the data storage unit 130 includes a ROM and a RAM.
  • the ROM stores a processing program (OS program, application program) for performing various operations (including a mode installed from the outside), and various documents.
  • the RAM stores electronic files and the like related to its own electronic payment.
  • the router function unit 120 distributes (routes) information transmission paths among the personal computer terminal 10, the control unit 110 of the information processing device 11, the Internet 4, and the dedicated network 5. When only the information processing unit 11 is activated, the router function unit 120 is set by the information processing unit 11 so that the dedicated network 5 and the control unit 110 can transmit and receive information, and is disconnected from the Internet 4.
  • a routing setting process is performed at the time of activation as follows. That is, when the personal computer terminal 10 is used in a normal mode, the router function unit 120 of the information processing device 11 is connected to the personal computer terminal 10 and another computer on the Internet 4 via the ISP 3 and the Internet 4. Routing is set as follows. In this state, the information processor 11 is simply made part of the transmission path by the router function unit 120.
  • the personal computer terminal 10 when the personal computer terminal 10 is used as an auxiliary to the information processing device 11, the personal computer terminal 10 is activated in a state where a predetermined disk, for example, a CDROM is loaded in the disk loading unit 10c.
  • a predetermined disk for example, a CDROM is loaded in the disk loading unit 10c.
  • the personal computer terminal 10 is connected only to the control unit 110 (and the data storage unit 130) of the information processing device 11, and through the information processing device 11, the ISP 3, and the dedicated network 5,
  • the router function unit 120 is routed so as to be connected to the other information processing terminal device 1 and the management server 2.
  • the address information indicating the transmission destination added to a predetermined position of each packet as a transmission or reception signal is a global IP address based on the Internet 4 protocol, or this global IP address is attached.
  • Address for identifying a specific local IP address (MAC address) according to, for example, Ethernet (registered trademark) for the dedicated network 5 that is different from the private network (in a form that is identifiable from the global IP address) Information (routing table and arp (Address Resolution Protocol) table) is set. The packet is checked against the table and transmitted only to the route with the matching address, thereby limiting (switching) the transmission path.
  • the control unit 200 of the management server 2 to be described later sets the address according to the above for a new member who wishes to become a member, thereby permitting access to the dedicated network as a member (authorization is granted). It will be.
  • a dual boot personal computer is preferably employed as the personal computer terminal 10 as an aspect for realizing such processing.
  • An example of the dual boot process will be briefly described below.
  • the HDD 101 includes an MBR1 (Master Boot Recorder) area in which a master boot program is written, an OS1 area in which an operation system program (OS1) such as Windows (registered trademark) is written, a document creation browser, a mailer, and the like. It includes an AP1 area in which various application programs are written.
  • the storage unit 103 includes a BIOSROM, which checks the memory and peripheral devices, and stores a BIOS program that activates the MBR1 program of the HDD 101 when the disk loading unit 10c is not loaded with a CDROM.
  • the RAM in the storage unit 103 is a program that is sequentially expanded (read) from the HDD 101 when the personal computer terminal 10 is activated.
  • the application program activated by the OS1 program includes a communication control program for routing setting that permits connection between the personal computer terminal 10 and the Internet 4 to the router function unit 120 of the information processor 11. It is. Specifically, the address information is set for setting a transmission path that connects only the personal computer terminal 10 and the Internet 4.
  • the CDROM loaded in the disk loading unit 10c has an MBR2 (Master Boot Recorder) area in which a master boot program is written, an OS2 area in which an operation system program (OS2) of a type different from OS1 is written, It includes an AP2 area in which a communication application program such as transmission / reception of information with the document or the information processor 11 is written.
  • MBR2 Master Boot Recorder
  • OS2 operation system program
  • AP2 area in which a communication application program such as transmission / reception of information with the document or the information processor 11 is written.
  • the BIOS program stored in the BIOS ROM in the storage unit 103 checks the memory and peripheral devices, and if the CD ROM is loaded in the disk loading unit 10c, the CD ROM MBR2 program takes precedence over the HDD 101. Is to start. When the personal computer terminal 10 is started up, the programs in the storage unit 103 are sequentially loaded from the CDROM. Of the various application programs activated by the OS2 program, only the personal computer terminal 10 and the control unit 110 of the information processor 11 and the data storage unit 130 are connected to the router function unit 120 of the information processor 11. A communication control program for routing setting to allow is included. Specifically, the address information is set for setting a transmission path that connects only the personal computer terminal 10 and the information processor 11 (and the data storage unit 130).
  • the personal computer terminal 10 is connected to the Internet 4 side, or is connected only to the dedicated network 5 via the information processor 11.
  • control unit 110 of the information processing device 11 uses the dedicated network 5 via the document creation unit 111, the personal computer terminal 10, and the ISP 3 to create various documents necessary for electronic payment based on the operation of the operation unit 11 b.
  • Communication control unit 112 that performs data communication with the communication side, an address setting unit 113 that assigns a transmission source and transmission destination address (transmission source information, transmission destination information) in a transmission document file (predetermined position of each packet), and a display unit 11a Is provided with a display control unit 114 for performing a confirmation display of the input contents.
  • the data storage unit 130 is a document form storage unit 131 that stores forms of various documents, a self and member address information storage unit 132, and a distribution program storage that stores an encryption program and a decryption program distributed from the management server 2. Section 133 and a display image storage section 134.
  • the information processing unit 102 of the personal computer terminal 10 includes a document creation unit 1021 that creates various documents, a communication control unit 1022 that performs communication processing of information with the Internet 4 or with the information processing device 11, And a display control unit 1023.
  • the storage unit 103 includes a document creation data storage unit 1031 and a display image storage unit 1032 for storing application programs for document creation and forms of various documents, in addition to the program data necessary for the dual boot described above.
  • FIG. 4 is a block diagram of functional parts related to the present invention in the functional blocks of the management server 2.
  • the management server 2 includes a control unit 200 configured by a microcomputer, a ROM 210, and a RAM 220.
  • the ROM 210 includes a member information storage unit 211 that stores member information such as a member's name, name, and address, a management program storage unit 212 that stores a management program for executing the entire management process, and a plurality of types of encryption programs. And an encryption / decryption program storage unit 213 in which a composite program corresponding to each encryption program is stored.
  • the RAM 220 temporarily stores data being processed. For example, a file information storage unit 221 that stores a file transmission / reception history, files, and the like of each member for management as necessary, and a distribution data storage described later. Part 222 is provided.
  • the encryption program stored in the encryption / decryption program storage unit 213 and the types of decryption programs corresponding to the respective encryption programs are about tens to hundreds.
  • substitution expression that replaces a character or phrase in a general format with another character or symbol (group)
  • two characters or three
  • a spelling substitution formula that changes a character group such as a character to another character or symbol (group)
  • a dictionary formula that changes to another character or symbol group in units of characters, words, phrases, short sentences, etc., or two or more substitution tables
  • a multi-table expression that encrypts while changing the table according to the rules
  • a random number (character) expression that encrypts by adding a random number (letter) to a single-format ciphertext converted to a number (character)
  • Encrypted text that is frequently updated using lexicographic or spelling ciphers is often updated with character substitutions, secondary expressions that are encrypted with spelling substitutions, and the first part is used as the key, and then the original text or cipher is used as the
  • control unit 200 includes a selection unit 201, a distribution unit 202, a management unit 203, a communication processing unit 204, a sender / receiver information extraction unit 205, a decryption processing unit 206, an encryption processing unit 207, and a timer 208.
  • the selection unit 201 selects an encryption program and a decryption program that are provided regularly or irregularly for each information processing terminal device 1 of each member. For example, when it is assumed that the encryption program E10 and the decryption program D30 are currently distributed to the information processing terminal device 1 of a certain member (in this example, the encryption programs are E01 to E100, the decryption program 100 types are prepared as shown in D01 to D100.) As an encryption program and a decryption program distributed this time, for example, an encryption program E25 and a decryption program D08 are selected. Is. The correspondence between the encryption program and the decryption program distributed to the information processing terminal device 1 of a certain member is not necessary. Therefore, the selection unit 201 randomly selects an encryption program and a decryption program, for example, by using a random value obtained from a random number generator.
  • variation information such as time axis information in a complicated selection rule, for example, a general rule expression, or in advance, an encryption program and a decryption
  • variation information such as time axis information in a complicated selection rule, for example, a general rule expression, or in advance
  • an encryption program and a decryption Many or all combinations with the program are prepared, and any one of them may be selected preferably at random. More specifically, the following method, that is, a method of incorporating variation information can be employed. These can be similarly applied to selection of a decryption program.
  • the encryption program is set as a serial number of E01 to E100.
  • the number of packets is acquired as variation information, and the number is accumulated in a predetermined internal memory unit for each transmission source.
  • logical processing of the cumulative number so far and the serial number of the program in this case, the value 100 (binary format), for example, logical product calculation processing is performed. If the logical product is “0”, E01 is selected as the encryption program, and for the other, “1” is added to the calculated value to select the encryption program. If variation information is included in this way, a logical value between 0 and 100 is obtained, and irregularity is substantially ensured.
  • the encryption program is a serial number of E01 to E100, and identification information (for example, the MAC address described above) is previously set in the binary format in the information processing device 11.
  • identification information for example, the MAC address described above
  • the management server 2 extracts the addition value (binary format) of the identification information and the time stamp from the received file, and adds this addition value and the serial number of the program (binary format), here the value 100 (binary format).
  • Logical processing for example, logical product calculation processing is performed. If the logical product is “0”, E01 is selected as the encryption program, and for the other, “1” is added to the calculated value to select the encryption program. If variation information is included in this way, a logical value between 0 and 100 is obtained, and irregularity is substantially ensured.
  • the selection unit 201 uses time information from the timer 208 in a mode in which distribution (that is, update) of a new encryption program and decryption program is executed by reaching a predetermined time.
  • update time it is generally considered at night, especially around midnight, when there are few opportunities for data transmission and reception. Further, the update cycle may be in units of one day, but may be shorter or in units of several days.
  • the distribution unit 202 distributes the encryption program and the decryption program selected by the selection unit 201 to the corresponding information processing terminal device 1.
  • the distribution unit 202 performs distribution processing on the information processing terminal devices 1 of all members.
  • the management unit 203 stores the combination of the selected encryption program and decryption program and the information processing terminal device 1 that is the distribution destination as distribution management information for collation in the distribution data storage unit 222 for each update. is there.
  • the communication processing unit 204 receives the document file transmitted from the information processing terminal device 1 as the transmission source to the information processing terminal device 1 as the transmission destination, so that the management server 2 manages it, and transmits it to the transmission destination after predetermined processing. This is to perform so-called relay processing.
  • the sender / receiver information extraction unit 205 performs processing for acquiring (extracting) transmission source information and transmission destination information from the received document file.
  • the decryption processing unit 206 refers to the distribution data storage unit 222 with respect to the received document file, identifies the transmission source encryption program, and performs decryption processing using the corresponding decryption program.
  • the encryption processing unit 207 refers to the distribution data storage unit 222 for the plain text document file decrypted by the decryption processing unit 206, identifies the decryption program of the transmission destination, and encrypts it with the corresponding encryption program. Processing is performed.
  • FIG. 5 is a flowchart of the program distribution process executed by the control unit 200 using the management program of the management server 2.
  • step S1 it is determined whether or not the timer 208 has reached a predetermined time (step S1), and if not, the process exits this flow. On the other hand, if the predetermined time has been reached, a selection process is executed (step S3).
  • the combination information of the encryption program and the decryption program for each information processing terminal device 1 obtained by the selection process is stored in the distribution data storage unit 222 (step S5).
  • step S7 it is determined whether or not the combination of the encryption program and the decryption program is set for all the information processing terminal devices 1 (step S7). If the selection process is completed for the device 1, the encryption program and the decryption program stored in the distribution data storage unit 222 are distributed to the corresponding information processing terminal device 1. Each information processing terminal device 1 receives the distributed encryption program and decryption program and stores them in the distribution program storage unit 133. When the document file is transmitted from the information processing terminal device 1 via the dedicated network 5, the plain text document is converted into cipher text by the encryption program currently stored in the distribution program storage unit 133 and transmitted. Will be.
  • FIG. 6 is a flowchart of the file relay process executed by the control unit 200 using the management program of the management server 2.
  • a document file has been received from the information processing terminal device 1 (step S21). If not received, this flow is exited.
  • extraction processing of information relating to the information processing terminal device 1 of the transmission source and the transmission destination included in a predetermined position in the received document file is performed (step S23).
  • the corresponding encryption program is identified with reference to the distribution data storage unit 222, and the ciphertext is decompressed using the decryption program corresponding to the identified encryption program.
  • a common culture is performed (step S25).
  • the corresponding decryption program is identified with reference to the distribution data storage unit 222, and the received document file that has been plainly written using the encryption program corresponding to the identified decryption program is stored. Encryption is performed (step S27).
  • the encrypted document file is transmitted to the information processing terminal device 1 that is the transmission destination (step ST29).
  • the management server 2 converts the transmitted document file into a ciphertext using a decryption program stored in the distribution program storage unit 133.
  • FIG. 7 is a flowchart of another program distribution process (II) executed by the control unit 200 using the management program of the management server 2.
  • the encryption program and the decryption program distributed from the management server 2 are selected corresponding to the transmission of the document file, and are distributed immediately before the transmission.
  • the encryption program is selected for the transmission source, and the decryption program is selected and distributed to the transmission destination.
  • the processing of selecting and distributing the encryption program and the decryption program at a predetermined timing to all of the information processing terminal devices 1 as shown in the figure becomes unnecessary.
  • a transmission request is issued to the management server 2.
  • the original document file is transmitted. That is, the transmission request information is transmitted to the management server 2 immediately before a predetermined document is created by the information processing terminal device 1 of the transmission source, and the generated document is filed and encrypted and transmitted to the predetermined transmission destination. Is done.
  • the information processing terminal device 1 includes transmission source information and transmission destination information in transmission request information.
  • the management server 2 determines whether or not transmission request information has been received (step S41). If the transmission request information has not been received, this flow is exited. On the other hand, if transmission request information has been received, transmission source information and transmission destination information are extracted from the received transmission request information (step ST43). Next, a process of selecting a combination of the encryption program for the extracted transmission source and the decryption program for the transmission destination is executed (step S45). When the selection process is completed, the encryption program for the transmission source information processing terminal device 1 and the decryption program for the transmission destination information processing terminal device 1 obtained in the selection process are stored in the distribution data storage unit 222. It is stored in an updated manner (step S47).
  • the encryption program and the decryption program stored in the distribution data storage unit 222 are distributed to the corresponding information processing terminal devices 1 of the transmission source and the transmission destination (step S49).
  • the information processing terminal device 1 that is the transmission source receives the encrypted program that has been distributed and stores it in the distribution program storage unit 133. Further, the information processing terminal device 1 as the transmission destination receives the decrypted program distributed and stores it in the distributed program storage unit 133.
  • the document file is transmitted from the information processing terminal device 1 as the transmission source via the dedicated network 5
  • the plain text document is distributed by the encryption program that has been distributed and newly stored in the distribution program storage unit 133. It is sent as ciphertext.
  • the management server 2 executes the file relay process shown in FIG. Therefore, when receiving the document file from the management server 2, the information processing terminal device 1 as the transmission destination performs plain culture of the ciphertext using the decryption program newly distributed recently.
  • the destination information processing terminal device 1 executes the decryption process in response to the reception of the document file, but the information processing terminal device 1 is activated.
  • the decryption program stored in the distribution program storage unit 133 cannot decompress past received files.
  • the decryption program distributed at the time of reception of the document file is stored until the document file is decrypted, and after decryption, the corresponding decryption program is stored. This should be deleted.
  • the decryption program during that period may be updated by a newly delivered decryption program as usual.
  • the present invention can employ the following modes.
  • the distribution unit 202 distributes a plurality of encryption programs and corresponding decryption programs to all the information processing terminal devices 1 in advance, instead of distributing the encryption program and the decryption program at a predetermined timing.
  • the identification information for identifying (identifying) the encryption program and the decryption program at a predetermined timing may be selected and distributed at random, for example. According to this, since the encryption program and the decryption program are not repeatedly distributed over the dedicated network, leakage at the time of program distribution can be prevented.
  • the management server 2 is not necessarily limited to one, and a plurality of management servers 2 may be provided. Each management server can change the assignment for each information processing terminal device 1 or in the direction of time. For example, in the temporal direction, the present embodiment may be executed periodically with different management servers when viewed from a certain information processing terminal device 1.
  • the present invention provides a plurality of encryption programs and corresponding decryption programs in a network management server that manages transmission / reception of encrypted files performed between a plurality of information processing terminal devices connected to a network. And a selection means for selecting one encryption program for an information processing terminal device that can be a transmission source and a one decryption program for an information processing terminal device that can be a transmission destination, respectively.
  • Distribution means for distributing at least the encrypted encryption / decryption program before transmission of the file, management means for managing the encryption program and the decryption program distributed to each information processing terminal device, and transmission source information
  • a receiving means for receiving a file encrypted and transmitted by the processing terminal device; a sender and a receiver from the received file; Extracting means for identifying each information processing terminal device of the transmission destination, decoding means for decoding the file transmitted from the information processing terminal of the transmission source by a corresponding decoding program according to management information of the management means, An encryption means for encrypting the decrypted file with an encryption program corresponding to a decryption program distributed to the information processing terminal device of the transmission destination extracted by the extraction means; and encrypted by the encryption means Transmission means for transmitting the received file to the destination information processing terminal device detected by the detection means.
  • the distribution unit distributes one encryption program and decryption program selected by a predetermined method to each information processing terminal device at a predetermined timing. According to this, since each information processing terminal device always has one encryption program and decryption program, it is possible to cope with transmission of encrypted files and reception of encrypted files. In addition, since each information processing terminal device has an encryption program and a decryption program that differ with time, even if the encryption program or the decryption program leaks temporarily for some reason, At this point, since there is another encryption program and decryption program, confidentiality is ensured.
  • the predetermined timing may be set for each preset period. According to this configuration, since the encryption program and the decryption program are regularly updated, the significance of illegal acquisition or theft of the encryption program and the decryption program is lost. Note that “regular” means every predetermined time, every day, every few days, or the like.
  • the selection means receives a transmission request signal including information on a transmission source and a transmission destination that is transmitted prior to transmission of a file from the information processing terminal device of the transmission source, the information that transmitted the transmission request signal
  • the processing terminal device selects one encryption program
  • the transmission destination information processing terminal device selects one decryption program
  • the distribution means selects the information processing terminal device that has transmitted the transmission request signal. It is preferable that the encrypted program is distributed and the selected decryption program is distributed to the information processing terminal device of the transmission destination. According to this, since the encryption program is distributed immediately before the transmission of the file and the decryption program is distributed to the transmission destination of the transmission file at the same time, even if unauthorized acquisition is possible in advance, the encryption is performed. It becomes possible to make the program and the decryption program useless.
  • the predetermined method is preferably a method of selecting at random. According to this configuration, the server administrator itself cannot grasp the current distribution status of the encryption program and the decryption program, and cannot leak from the human side.
  • identification information for distributing a plurality of encryption programs and corresponding decryption programs to all information processing terminal devices in advance and identifying the encryption program and the corresponding decryption program at the predetermined timing Is preferably distributed by the predetermined method. According to this configuration, since the encryption program and the decryption program are not distributed directly from the network management server, the opportunity for unauthorized acquisition is suppressed.
  • a member management unit is provided, and the network is a dedicated network that is provided alongside the Internet, and the member management unit sets an authority to permit connection to the dedicated network to the information processing terminal device. Is preferred. According to this, since the use of the dedicated network is limited to file transmission / reception between members, it becomes difficult to enter from other networks, and high security management becomes possible.
  • the network management server selects and distributes the encryption program in advance to the information processing terminal device that is the transmission source and the decryption program in advance to the information processing terminal device that is the transmission destination,
  • the network management server decrypts the file from the transmission source, encrypts it by another method, and transmits it to the transmission destination.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Information Transfer Between Computers (AREA)
  • Storage Device Security (AREA)

Abstract

A selection section (201) selects one encryption program and decryption program selected by a predetermined method for information processing terminals (1), which a distribution section (202) distributes. When a communication processing section (204) receives a file encrypted and transmitted by a information processing terminal (1) of a transmission source, a transmitter/receiver information extracting section (205) identifies each information processing terminal (1) of the transmission source and transmission destination from the received file, which a decryption processing section (206) decrypts. An encryption processing section (207) then encrypts the decrypted file using the encryption program corresponding to the decryption program distributed to the information processing terminal (1) of the transmission destination, which the communication processing section (204) transmits to the information processing terminal (1) of the transmission destination.

Description

ネットワーク管理プログラム、ネットワーク管理方法及びネットワーク管理サーバNetwork management program, network management method, and network management server
本発明は、ネットワークに接続された複数の情報処理端末装置の間で行われる暗号化されたファイルの送受信を管理するネットワーク管理技術に関する。 The present invention relates to a network management technique for managing transmission / reception of an encrypted file performed between a plurality of information processing terminal devices connected to a network.
パーソナルコンピュータ等の情報端末で作成された文書ファイルをインターネット等のネットワークを介して他の情報端末に送信する場合、パケットに分けて送信される。このパケットは、ネットワーク上においてパケットキャプチャー機能を利用すれば第三者が入手することが可能であることから、秘密漏洩の虞がある。そこで、ネットワークを介して情報を送信する場合のセキュリティーを確保するために、送信対象となる平文のファイルを暗号化して送信し、受信側の情報端末で復号化することで、受信ファイルを元の平文に戻すようにしたセキュリティー方式が、近年、一般的に採用されている。セキュリティー方式としては、共通鍵を用いる方式や公開鍵を用いる方式が周知である。共通鍵方式は、鍵自体の送信における秘匿性に課題がある。一方、公開鍵方式は、公開鍵で暗号化されたファイルは受信側の情報端末の秘密鍵でしか復号できないため、秘匿性の観点から好ましい。また、公開鍵に使用期限を設定したり、公開鍵に認証を付ける方法も採用されているが、期限前に第三者に入力されたり、認証局へのなりすましも考えられることから、効果には限界はある。 When a document file created by an information terminal such as a personal computer is transmitted to another information terminal via a network such as the Internet, the document file is transmitted divided into packets. Since this packet can be obtained by a third party using a packet capture function on the network, there is a risk of secret leakage. Therefore, in order to ensure security when sending information over the network, the plaintext file to be sent is encrypted and sent, and the received file is decrypted by the receiving information terminal. In recent years, a security method for returning to plaintext has been generally adopted. As a security method, a method using a common key and a method using a public key are well known. The common key method has a problem in secrecy in transmission of the key itself. On the other hand, the public key method is preferable from the viewpoint of secrecy because a file encrypted with the public key can be decrypted only with the private key of the receiving information terminal. In addition, a method of setting an expiration date for the public key or authenticating the public key is also adopted, but it is effective because it can be input by a third party before the expiration date or impersonated the certificate authority. There are limits.
さらに、共通鍵方式において、特許文献1に示すように、共通鍵を変更するようにすれば、一層秘匿性向上が実現できる。特許文献1には、モデム回路またはISDNインターフェース回路を2つ設けたコンピュータを使用するもので、第1チャンネルは、ルータ経由でインターネットや社内ネットワークにより受信者に接続し、第2チャンネルは交換機経由で公衆回線や社内通信回線により受信者に直接接続する電子認証システムが記載されている。そして、文書ファイルは秘密鍵で暗号化して第1チャンネルで送信し、公開鍵は第2チャンネルで送信するようにしている。公開鍵と秘密鍵を文書送信毎に変更することができるので、第三者に盗み見される可能性は勢い低減する。
特開2002-51038号公報 Furthermore, in the common key system, as shown in Patent Document 1, if the common key is changed, the secrecy can be further improved. In Patent Document 1, a computer provided with two modem circuits or ISDN interface circuits is used. The first channel is connected to a receiver via a router via the Internet or an in-house network, and the second channel is connected via an exchange. An electronic authentication system that directly connects to a recipient via a public line or an in-house communication line is described. The document file is encrypted with a secret key and transmitted on the first channel, and the public key is transmitted on the second channel. Since the public key and the private key can be changed every time the document is transmitted, the possibility of being stolen by a third party is reduced.
JP 2002-51038 A
 しかしながら、特許文献1による公開鍵方式では、ルータ経由でインターネットや社内ネットワークを用いて受信者に接続する第1チャネルと、交換機経由で公衆回線や社内通信回線を用いて受信者に接続する第2チャネルとを必要とするため、構成が複雑な特別なものとなり、また、送信者に対する操作負担が増大する。また、公開鍵の作成プログラムが情報端末に格納される態様では、機械的乃至は電気的なアクセスを通して公開鍵作成プログラム自身が盗まれ易い。公開鍵作成プログラムが盗用されると、送受されるファイルがパケットキャプチャーによって盗まれて容易に解読されてしまうという虞がある。 However, in the public key system disclosed in Patent Document 1, a first channel that connects to a recipient via the router using the Internet or an in-house network, and a second channel that connects to the recipient using a public line or an in-house communication line via an exchange. Since a channel is required, the configuration becomes special and the operation burden on the sender increases. Further, in a mode in which the public key creation program is stored in the information terminal, the public key creation program itself is easily stolen through mechanical or electrical access. If a public key creation program is stolen, there is a risk that a file to be transmitted or received may be stolen by packet capture and easily decrypted.
本発明の目的は、ネットワーク上の管理サーバによって、送信者との間の暗号化プログラム及び受信者との間の復号化プログラムを所定のタイミングで更新することで、送受されるファイルの秘匿性を一層高めることである。 The object of the present invention is to update the encryption program between the sender and the decryption program with the receiver at a predetermined timing by the management server on the network, thereby improving the confidentiality of the file to be transmitted / received. It is to raise it further.
本発明のネットワーク管理サーバは、ネットワークに接続された複数の情報処理端末装置の間で行われる暗号化されたファイルの送受信を管理するネットワーク管理サーバにおいて、複数の暗号化プログラム及び対応する復号化プログラムを記憶する記憶手段と、送信元となり得る情報処理端末装置に1の暗号化プログラムを、送信先となり得る情報処理端末装置に1の復号化プログラムをそれぞれ所定の方法で選択する選択手段と、選択された暗号化、復号化プログラムを、少なくともファイルの送信前に配信する配信手段と、各情報処理端末装置に配信している暗号化プログラム及び復号化プログラムを管理する管理手段と、送信元の情報処理端末装置で暗号化され、送信されてきたファイルを受信する受信手段と、受信したファイルから送信元及び送信先の各情報処理端末装置を特定する抽出手段と、前記送信元の情報処理端末から送信されてきたファイルを前記管理手段の管理情報によって対応する復号化プログラムで復号化する復号化手段と、前記復号化されたファイルを前記抽出手段で抽出された送信先の情報処理端末装置に配信した復号化プログラムに対応する暗号化プログラムで暗号化する暗号化手段と、前記暗号化手段によって暗号化されたファイルを前記検出手段で検出した送信先の情報処理端末装置へ送信する送信手段とを備えたことを特徴とするものである。 A network management server according to the present invention includes a plurality of encryption programs and a corresponding decryption program in a network management server that manages transmission / reception of encrypted files performed between a plurality of information processing terminal devices connected to a network. And a selection means for selecting one encryption program for an information processing terminal device that can be a transmission source and a one decryption program for an information processing terminal device that can be a transmission destination, respectively. Distribution means for distributing at least the encrypted encryption / decryption program before transmission of the file, management means for managing the encryption program and the decryption program distributed to each information processing terminal device, and transmission source information Receiving means for receiving a file that has been encrypted and transmitted by the processing terminal device, and whether the received file Extraction means for specifying each of the information processing terminal devices of the transmission source and the transmission destination, and decoding for decoding the file transmitted from the information processing terminal of the transmission source with a corresponding decoding program according to management information of the management means Means, an encryption means for encrypting the decrypted file with an encryption program corresponding to a decryption program distributed to the information processing terminal device of the transmission destination extracted by the extraction means, and the encryption means And a transmission unit configured to transmit the encrypted file to the information processing terminal device of the transmission destination detected by the detection unit.
また、本発明のネットワーク管理プログラムは、ネットワークに接続された複数の情報処理端末装置の間で行われる暗号化されたファイルの送受信をネットワーク管理サーバで管理するネットワーク管理プログラムにおいて、複数の暗号化プログラム及び対応する復号化プログラムを記憶する記憶手段、送信元となり得る情報処理端末装置に1の暗号化プログラムを、送信先となり得る情報処理端末装置に1の復号化プログラムをそれぞれ所定の方法で選択する選択手段、選択された暗号化、復号化プログラムを、少なくともファイルの送信前に配信する配信手段、各情報処理端末装置に配信している暗号化プログラム及び復号化プログラムを管理する管理手段、送信元の情報処理端末装置で暗号化され、送信されてきたファイルを受信する受信手段、受信したファイルから送信元及び送信先の各情報処理端末装置を特定する抽出手段、前記送信元の情報処理端末から送信されてきたファイルを前記管理手段の管理情報によって対応する復号化プログラムで復号化する復号化手段、前記復号化されたファイルを前記抽出手段で抽出された送信先の情報処理端末装置に配信した復号化プログラムに対応する暗号化プログラムで暗号化する暗号化手段、前記暗号化手段によって暗号化されたファイルを前記検出手段で検出した送信先の情報処理端末装置へ送信する送信手段、として前記ネットワーク管理サーバを機能させるものである。 The network management program of the present invention is a network management program for managing transmission / reception of encrypted files performed between a plurality of information processing terminal devices connected to a network by a network management server. And a storage means for storing the corresponding decryption program, one encryption program for the information processing terminal device that can be the transmission source, and one decryption program for the information processing terminal device that can be the transmission destination, respectively. Selection means, delivery means for delivering the selected encryption / decryption program at least before transmission of the file, management means for managing the encryption program and decryption program delivered to each information processing terminal device, transmission source Receive files that have been encrypted and sent by other information processing terminal devices A communication unit, an extraction unit that identifies each information processing terminal device of a transmission source and a transmission destination from the received file, and a decoding program that corresponds to a file transmitted from the information processing terminal of the transmission source by management information of the management unit Decrypting means for decrypting with, an encrypting means for encrypting the decrypted file with an encryption program corresponding to the decryption program distributed to the information processing terminal device of the transmission destination extracted by the extracting means, The network management server is caused to function as a transmission unit that transmits a file encrypted by the encryption unit to a destination information processing terminal device detected by the detection unit.
また、本発明のネットワーク管理方法は、ネットワークに接続された複数の情報処理端末装置の間で行われる暗号化されたファイルの送受信をネットワーク管理サーバで管理するネットワーク管理方法において、記憶手段が、複数の暗号化プログラム及び対応する復号化プログラムを記憶し、選択手段が、送信元となり得る情報処理端末装置に1の暗号化プログラムを、送信先となり得る情報処理端末装置に1の復号化プログラムをそれぞれ所定の方法で選択し、管理手段が、各情報処理端末装置に配信している暗号化プログラム及び復号化プログラムを管理し、配信手段が、選択された暗号化、復号化プログラムを、少なくともファイルの送信前に配信し、受信手段が、送信元の情報処理端末装置で暗号化され、送信されてきたファイルを受信し、抽出手段が、受信したファイルから送信元及び送信先の各情報処理端末装置を特定し、復号化手段が、前記送信元の情報処理端末から送信されてきたファイルを前記管理手段の管理情報によって対応する復号化プログラムで復号化し、暗号化手段が、前記復号化されたファイルを前記抽出手段で抽出された送信先の情報処理端末装置に配信した復号化プログラムに対応する暗号化プログラムで暗号化し、送信手段が、前記暗号化手段によって暗号化されたファイルを前記検出手段で検出した送信先の情報処理端末装置へ送信することを特徴とするものである。 The network management method of the present invention is a network management method in which a network management server manages transmission / reception of an encrypted file performed between a plurality of information processing terminal devices connected to a network. The encryption program and the corresponding decryption program are stored, and the selecting means stores one encryption program in the information processing terminal device that can be the transmission source and one decryption program in the information processing terminal device that can be the transmission destination. The management unit manages the encryption program and the decryption program distributed to each information processing terminal device, and the distribution unit selects the selected encryption and decryption program at least for the file. Deliver before transmission, and the receiving means encrypts the transmitted file and sends it to the information processing terminal device And the extracting means identifies the information processing terminal device of the transmission source and the transmission destination from the received file, and the decoding means manages the file transmitted from the information processing terminal of the transmission source by the management means An encryption program corresponding to a decryption program that is decrypted by a corresponding decryption program according to information, and wherein the encryption means distributes the decrypted file to a destination information processing terminal device extracted by the extraction means. The encryption unit and the transmission unit transmit the file encrypted by the encryption unit to the information processing terminal device of the transmission destination detected by the detection unit.
これらの発明によれば、記憶手段は、複数の暗号化プログラム及び対応する復号化プログラムを記憶している。そして、配信手段によって、送信元となり得る情報処理端末装置に選択手段によって所定の方法で選択された1の暗号化プログラムが、及び送信先となり得る情報処理端末装置に選択手段によって所定の方法で選択された1の復号化プログラムが、少なくともファイルの送信前に配信される。管理手段は、各情報処理端末装置に配信している暗号化プログラム及び復号化プログラムを管理している。そして、送信元の情報処理端末装置で暗号化され、送信されてきたファイルが受信手段によって受信されると、抽出手段によって、受信したファイルから送信元及び送信先の各情報処理端末装置が特定され、復号化手段によって、前記送信元の情報処理端末から送信されてきたファイルが前記管理手段の管理情報によって対応する復号化プログラムが抽出され、この復号化プログラムで復号化が行われる。次いで、暗号化手段によって、前記復号化されたファイルが前記抽出手段で抽出された送信先の情報処理端末装置に配信した復号化プログラムに対応する暗号化プログラムで暗号化され、この後、送信手段によって、前記暗号化手段によって暗号化されたファイルが前記抽出手段で特定された送信先の情報処理端末装置へ送信される。 According to these inventions, the storage means stores a plurality of encryption programs and corresponding decryption programs. Then, one encryption program selected by the selection unit by the selection unit is selected by the distribution unit by the distribution unit, and the selection unit by the selection unit selects the information processing terminal unit by which the transmission unit can be the transmission destination. The one decrypted program is distributed at least before transmission of the file. The management means manages the encryption program and the decryption program distributed to each information processing terminal device. When a file encrypted and transmitted by the information processing terminal device of the transmission source is received by the reception unit, the information processing terminal device of the transmission source and the transmission destination is specified from the received file by the extraction unit. The decryption means extracts a decryption program corresponding to the file transmitted from the information processing terminal of the transmission source according to the management information of the management means, and decrypts with this decryption program. Next, the encrypted means encrypts the decrypted file with an encryption program corresponding to the decryption program distributed to the information processing terminal device of the transmission destination extracted by the extraction means, and thereafter the transmission means Thus, the file encrypted by the encryption unit is transmitted to the information processing terminal device of the transmission destination specified by the extraction unit.
従って、送信元の情報処理端末装置から送信されるファイルがほぼ送信毎に異なる暗号文とされ、しかも暗号化されたファイルは、ネットワーク管理サーバで、前記送信元の情報処理端末装置から送信された暗号文とはほぼ異なる暗号文とされて送信先の情報処理端末装置に送信される(すなわち、送信先の情報処理端末装置で受信される)ので、秘匿性が格段に向上する。また、多数の情報処理端末装置に対して、異なる暗号化プログラム、復号化プログラムを配信(提供)し得るようにしたので、本ネットワークを利用する、例えば(本ネットワークにアクセス可能な権限を有する)会員が多数であっても効率良いセキュリティー管理が簡易に実現可能となる。また、ネットワーク管理サーバによって所定の方法、例えば複雑なルール乃至は無作為に暗号化プログラム、復号化プログラムが配信されるので、サーバ管理者にとっても、各情報処理端末装置に現在、どの暗号化プログラム、どの復号化プログラムが配信された状態にあるのか判らず、人為面からのセキュリティー性が確保される。 Accordingly, the file transmitted from the information processing terminal device of the transmission source is changed to a ciphertext that differs almost every transmission, and the encrypted file is transmitted from the information processing terminal device of the transmission source by the network management server. Since the ciphertext is substantially different from the ciphertext and is transmitted to the information processing terminal device of the transmission destination (that is, received by the information processing terminal device of the transmission destination), the confidentiality is remarkably improved. Further, since different encryption programs and decryption programs can be distributed (provided) to a large number of information processing terminal devices, this network is used, for example (having authority to access this network). Even if there are many members, efficient security management can be realized easily. In addition, since the network management server distributes a predetermined method, for example, a complicated rule or a random encryption program and decryption program, for the server administrator, which encryption program is currently in each information processing terminal device. Therefore, it is not known which decryption program is in a distributed state, and security from an artificial aspect is ensured.
また、本発明における前記配信手段は、各情報処理端末装置に所定の方法で選択した1の暗号化プログラム及び復号化プログラムを所定のタイミングで配信することを特徴とする。この構成によれば、各情報処理端末装置は、常に1つの暗号化プログラムおよび復号化プログラムを持つので、暗号化されたファイルの送信、暗号化されたファイルの受信に対応可能となる。また、各情報処理端末装置は、経時方向において異なる暗号化プログラム及び復号化プログラムを持つことになるため、仮に何等かの理由によって一時的に暗号化プログラムあるいは復号化プログラムが漏れたとしても、後の時点では、別の暗号化プログラム、復号化プログラムを持っているので、秘匿性が確保される。 The distribution means according to the present invention distributes one encryption program and decryption program selected by a predetermined method to each information processing terminal device at a predetermined timing. According to this configuration, since each information processing terminal device always has one encryption program and decryption program, it is possible to support transmission of encrypted files and reception of encrypted files. In addition, since each information processing terminal device has different encryption programs and decryption programs in the direction of time, even if the encryption program or decryption program leaks temporarily for some reason, At this point, since there is another encryption program and decryption program, confidentiality is ensured.
また、本発明における前記所定のタイミングは予め設定された周期毎である。この構成によれば、暗号化プログラム及び復号化プログラムの更新が周期的に行われるので、暗号化プログラム及び復号化プログラムの不正入手乃至は窃用の意義は失われる。なお、周期的とは、所定時刻毎とか、1日毎、数日毎等が考えられ、ネットワークのトラフィック等や要求セキュリティーレベルとに基づいて設定可能である。 In the present invention, the predetermined timing is every preset period. According to this configuration, since the encryption program and the decryption program are periodically updated, the significance of illegal acquisition or theft of the encryption program and the decryption program is lost. Note that the term “periodic” refers to every predetermined time, every day, every few days, and the like, and can be set based on network traffic and the required security level.
 また、本発明において、前記選択手段は、送信元の情報処理端末装置からのファイルの送信に先立って送信される、送信元及び送信先の情報を含む送信要求信号を受信すると、前記送信要求信号を送信した情報処理端末装置に1の暗号化プログラムを選択すると共に、前記送信先の情報処理端末装置に1の復号化プログラムを選択し、前記配信手段は、前記送信要求信号を送信した情報処理端末装置に選択された暗号化プログラムを配信すると共に、前記送信先の情報処理端末装置に選択された復号化プログラムを配信することを特徴とする。この構成によれば、ファイルの送信直前に暗号化プログラムが配信され、かつ送信ファイルの送信先に対して、同時点で復号化プログラムを配信するので、これらプログラムが、万が一に、事前に不正入手されたとしても、そのプログラムは実質無用となる。 In the present invention, when the selection means receives a transmission request signal including information on a transmission source and a transmission destination, which is transmitted prior to transmission of a file from the information processing terminal device of the transmission source, the transmission request signal 1 is selected for the information processing terminal device that has transmitted the message, and one decryption program is selected for the information processing terminal device that is the transmission destination, and the distribution means transmits the transmission request signal. The selected encryption program is distributed to the terminal device, and the selected decryption program is distributed to the information processing terminal device of the transmission destination. According to this configuration, the encryption program is distributed immediately before the transmission of the file, and the decryption program is distributed to the transmission destination of the transmission file at the same time. Even if done, the program is virtually useless.
また、本発明における前記所定の方法は、無作為に選択することである。この構成によれば、サーバ管理者自体も、現状における暗号化プログラム及び復号化プログラムの配信状況を把握することはできず、人為面からの漏洩も不可能となる。なお、無作為の方法としては、代表的には、乱数発生器等を設け、発生する乱数値に基づいて対応する暗号化プログラム、復号化プログラムが個別に設定される方法が採用可能である。 Further, the predetermined method in the present invention is to select at random. According to this configuration, the server administrator itself cannot grasp the current distribution status of the encryption program and the decryption program, and cannot leak from the human side. As a random method, typically, a method in which a random number generator or the like is provided and the corresponding encryption program and decryption program are individually set based on the generated random value can be employed.
また、本発明における前記配信手段は、複数の暗号化プログラム及びこれに対応する復号化プログラムを予め全ての情報処理端末装置に配信しておき、前記所定のタイミングで暗号化プログラム及びこれに対応する復号化プログラムを識別する識別情報を前記所定の方法で配信することを特徴とする。この構成によれば、ネットワーク管理サーバから直接、暗号化プログラム及び復号化プログラムが配信されないため、不正入手の機会を極めて制限することが可能となる。 Also, the distribution means in the present invention distributes a plurality of encryption programs and corresponding decryption programs to all information processing terminal devices in advance, and corresponds to the encryption programs and the same at the predetermined timing. The identification information for identifying the decryption program is distributed by the predetermined method. According to this configuration, since the encryption program and the decryption program are not distributed directly from the network management server, it is possible to extremely limit the chance of unauthorized acquisition.
また、本発明は、会員管理手段を備え、前記ネットワークは、インターネットと併設された専用ネットワークであり、前記会員管理手段は、前記専用ネットワークへの接続を許可する権限を情報処理端末装置に設定するものであることを特徴とする。この構成によれば、専用ネットワークの使用が会員間でのファイル送受信に制限されるため、他のネットワークから侵入することが困難となり、高いセキュリティー管理が可能となる。 In addition, the present invention includes a member management unit, wherein the network is a dedicated network provided together with the Internet, and the member management unit sets authority to permit connection to the dedicated network in the information processing terminal device It is characterized by being. According to this configuration, since the use of the dedicated network is restricted to file transmission / reception between members, it is difficult to enter from other networks, and high security management is possible.
 本発明によれば、送信元の情報処理端末装置から送信されるファイルをほぼ送信毎に異なる暗号文とし、しかも暗号化されたファイルを、ネットワーク管理サーバで、前記送信元の情報処理端末装置から送信された暗号文とはほぼ異なる暗号文にして送信先の情報処理端末装置に送信するようにしたので、秘匿性を格段に向上させることができる。 According to the present invention, a file transmitted from the information processing terminal device of the transmission source is changed to a ciphertext that differs almost every transmission, and the encrypted file is transmitted from the information processing terminal device of the transmission source by the network management server. Since the ciphertext that is substantially different from the transmitted ciphertext is transmitted to the information processing terminal device of the transmission destination, the confidentiality can be significantly improved.
 また、多数の情報処理端末装置に対して、異なる暗号化プログラム、復号化プログラムを配信(提供)し得るようにしたので、本ネットワークを利用する、例えば会員が多数であっても効率良いセキュリティー管理を簡易に実現できる。 In addition, since different encryption programs and decryption programs can be distributed (provided) to a large number of information processing terminal devices, efficient security management using this network, for example, even if there are a large number of members Can be realized easily.
 さらに、ネットワーク管理サーバによって所定の方法、例えば複雑なルールで乃至は無作為に暗号化プログラム、復号化プログラムを配信するようにしたので、サーバ管理者にとっても、各情報処理端末装置に現在、どの暗号化プログラム、どの復号化プログラムが配信された状態にあるのか判らず、人為面からのセキュリティー性を確保できる。 Further, since the network management server distributes the encryption program and the decryption program in a predetermined method, for example, a complicated rule or at random, for the server administrator, which information processing terminal device currently has Without knowing which encryption program and which decryption program are distributed, it is possible to ensure security from an artificial viewpoint.
インターネット及び専用ネットワークシステムの全体概略構成図である。1 is an overall schematic configuration diagram of the Internet and a dedicated network system. 情報処理端末装置1の一実施形態を示す構成図である。1 is a configuration diagram illustrating an embodiment of an information processing terminal device 1. FIG. 情報処理端末装置1のブロック構成図である。4 is a block configuration diagram of the information processing terminal device 1. FIG. 管理サーバ2の機能ブロックの内、本発明に関連する機能部分のブロック図である。It is a block diagram of the functional part relevant to this invention among the functional blocks of the management server 2. FIG. 管理サーバ2の管理プログラムを用いて制御部200によって実行されるプログラム配信処理のフローチャートである。5 is a flowchart of a program distribution process executed by the control unit 200 using a management program of the management server 2. 管理サーバ2の管理プログラムを用いて制御部200によって実行されるファイル中継処理のフローチャートである。6 is a flowchart of a file relay process executed by the control unit 200 using a management program of the management server 2. 管理サーバ2の管理プログラムを用いて制御部200によって実行される他のプログラム配信処理(II)のフローチャートである。It is a flowchart of other program delivery processing (II) performed by the control part 200 using the management program of the management server 2. FIG.
符号の説明Explanation of symbols
1 情報処理端末装置
10 パソコン端末
11 情報処理器
2 管理サーバ(ネットワーク管理サーバ)
200 制御部
201 選択部
202 配信部(配信手段)
203 管理部(管理手段)
204 通信処理部
205 送受者情報抽出部(抽出手段)
206 復号処理部
207 暗号処理部
208 タイマ
211 管理プログラム記憶部
212 暗号・復号化プログラム記憶部(記憶手段)
221 配信データ記憶部
5 専用ネットワーク DESCRIPTION OF SYMBOLS 1 Information processing terminal device 10 Personal computer terminal 11 Information processor 2 Management server (network management server)
200 Control Unit 201 Selection Unit 202 Distribution Unit (Distribution Means)
203 management section (management means)
204 Communication processing unit 205 Sender information extraction unit (extraction means)
206 Decryption Processing Unit 207 Encryption Processing Unit 208 Timer 211 Management Program Storage Unit 212 Encryption / Decryption Program Storage Unit (Storage Unit)
221 Distribution data storage unit 5 Dedicated network
 図1は、インターネット及び専用ネットワークシステムの全体概略構成図である。このシステムはインターネット4及びインターネット4とは別の専用ネットワーク5を備えている。専用ネットワーク5は、会員になった者に対してのみ、接続が許可される権限を付与されることで、専用ネットワーク5を中継して会員間での情報の授受を可能にしたものである。具体的には、専用ネットワーク5は、設立された団体に登録された会員間での電子決済等を支援するもので、例えば、一般的な商取引における決済、例えば業者店舗からの請求書の発行、受領や、購買者側から請求書発行元の契約金融機関の口座への入金(すなわち支払い)指示書、その受領書の発行、その他、電子決済の如何を問わず種々の電子書面(ファイルという)での送受信処理を可能とするものである。 FIG. 1 is an overall schematic configuration diagram of the Internet and a dedicated network system. This system includes the Internet 4 and a dedicated network 5 different from the Internet 4. The dedicated network 5 is configured such that only members who have become members are authorized to connect, so that information can be exchanged between the members via the dedicated network 5. Specifically, the dedicated network 5 supports electronic payment between members registered in the established organization. For example, payment in general commercial transactions, for example, issuance of invoices from dealer stores, Various electronic documents (referred to as files) regardless of whether they are received, issued from the purchaser to the account of the contract financial institution that issued the invoice (ie, payment), issued, or other electronic payments This makes it possible to perform transmission / reception processing.
 図1に示すシステムは、各会員が所有する情報処理端末装置1、及びこれら各情報処理端末装置1間で授受される情報の管理を行う管理機関に配設された管理サーバ2を備える。本実施形態では、インターネット4及び専用ネットワーク5の双方に、それぞれ契約しているプロバイダ(ISP)3を介して通信可能に接続されている。また、各情報処理端末装置1は専用ネットワーク5に接続されておれば足り、必ずしもインターネット4に接続されなくてもよい(例えば、図1の右端の情報処理端末装置1参照)。 The system shown in FIG. 1 includes an information processing terminal device 1 owned by each member and a management server 2 arranged in a management organization that manages information exchanged between the information processing terminal devices 1. In the present embodiment, both the Internet 4 and the dedicated network 5 are communicably connected via a contracted provider (ISP) 3. Each information processing terminal device 1 only needs to be connected to the dedicated network 5 and does not necessarily have to be connected to the Internet 4 (see, for example, the information processing terminal device 1 at the right end of FIG. 1).
 管理サーバ2は専用ネットワーク5に接続されている。なお、管理サーバ2はISP3の一つに設置する態様であってもよい。 Management server 2 is connected to a dedicated network 5. The management server 2 may be installed in one ISP 3.
 図2は、情報処理端末装置1の一実施形態を示す構成図である。情報処理端末装置1は、公知のパーソナルコンピュータ端末(以下、パソコン端末)10と、パソコン端末10とISP3との間に介設される情報処理器11とから構成されている。パソコン端末10は、対応するISP3を介してインターネット4に接続されている一般的なパーソナルコンピュータであり、コンピュータ内のブラウザを利用して、Webサイト上の公開情報等を記憶する一般的な情報記憶部(図略)から情報の検索及び閲覧が可能なものである。情報処理器11は、ルータ機能を内蔵する、例えばモデムとして位置付けされ、かつ所定の(例えば前述した電子決済に関する)情報処理機能も備えたものである。 FIG. 2 is a configuration diagram showing an embodiment of the information processing terminal device 1. The information processing terminal device 1 includes a known personal computer terminal (hereinafter referred to as a personal computer terminal) 10 and an information processing device 11 interposed between the personal computer terminal 10 and the ISP 3. The personal computer terminal 10 is a general personal computer connected to the Internet 4 via a corresponding ISP 3, and uses a browser in the computer to store public information on a website and the like. Information (not shown) can be searched and viewed. The information processor 11 has a built-in router function, is positioned as a modem, for example, and has a predetermined information processing function (for example, related to the electronic payment described above).
 図3は、情報処理端末装置1のブロック構成図を示すものである。パソコン端末10は、情報の入力や情報処理の指示を与えるための入力部10aと、情報の表示を行うモニタ10bとを備えている。また、パソコン端末10は、大別してハードディスク(HDD)101、CPU(Central Processing Unit)から構成される情報処理部102及び記憶部103を備える制御基板部と、各種画像を表示するモニタ10bと、各種の操作指示及び情報入力を行うキーボードやマウスその他の操作部材からなる入力部10aと、ディスク例えばCDROMを着脱可能に装填するディスク装填部10cとを備える。 FIG. 3 is a block diagram of the information processing terminal device 1. The personal computer terminal 10 includes an input unit 10a for inputting information and an instruction for information processing, and a monitor 10b for displaying information. Further, the personal computer terminal 10 is roughly divided into a hard disk (HDD) 101, a control board unit including an information processing unit 102 and a storage unit 103 configured by a CPU (Central processing unit), a monitor 10b for displaying various images, An input unit 10a composed of a keyboard, a mouse and other operation members for inputting the operation instructions and information, and a disc loading unit 10c for detachably loading a disc such as a CDROM.
情報処理器11は、所定形状、例えば直方体の筐体を有し、内部に、本来のモデム機能を実行するための図略の変調器及び復調器を備えていると共に、表面適所に入出力用配線端子を備えている。変調器は、パソコン端末10で作成された情報をインターネット4で、またパソコン端末10や情報処理器11で作成された情報を専用ネットワーク5で伝送可能な信号形態に変調するものであり、復調器は、インターネット4経由で受信した信号をパソコン端末10で、また専用ネットワーク5経由で受信した信号を情報処理器11で処理可能な信号形態に復調するものである。 The information processing unit 11 has a predetermined shape, for example, a rectangular parallelepiped housing, and is provided with a modulator and a demodulator (not shown) for executing an original modem function, and for input / output at an appropriate place on the surface. Wiring terminals are provided. The modulator modulates information created by the personal computer terminal 10 over the Internet 4 and information created by the personal computer terminal 10 or the information processor 11 into a signal form that can be transmitted through the dedicated network 5. In this case, the signal received via the Internet 4 is demodulated into a signal form that can be processed by the personal computer terminal 10 and the signal received via the dedicated network 5 by the information processor 11.
情報処理器11は、表面適所に、液晶パネルやプラズマディスプレイパネルからなり、画像を表示する表示部11a、表示部11aに積層配置されたタッチパネル等の操作部11bを備えている。情報処理器11は、制御部110、ルータ機能部120及びデータ記憶部130を有する。制御部110は、CPUを備え、所要の文書や画像等の情報(ファイル)の作成支援処理、データ保管処理、及びファイルの送受信処理を実行させるものである。 The information processor 11 includes a liquid crystal panel or a plasma display panel at an appropriate surface, and includes a display unit 11a that displays an image and an operation unit 11b such as a touch panel that is stacked on the display unit 11a. The information processor 11 includes a control unit 110, a router function unit 120, and a data storage unit 130. The control unit 110 includes a CPU, and executes a creation support process for information (file) such as a required document or image, a data storage process, and a file transmission / reception process.
データ記憶部130は、ROMとRAMとを備え、ROMには、各種動作を行わせるための処理プログラム(OSプログラム、アプリケーションプログラム)が格納され(外部からインストールされる態様を含む)、さらに各種書面のフォームデータ等が格納され、一方、RAMには、自己の電子決済に関連する電子ファイル等を保管するものである。 The data storage unit 130 includes a ROM and a RAM. The ROM stores a processing program (OS program, application program) for performing various operations (including a mode installed from the outside), and various documents. On the other hand, the RAM stores electronic files and the like related to its own electronic payment.
ルータ機能部120は、パソコン端末10、情報処理器11の制御部110、インターネット4、専用ネットワーク5との間で情報の伝送路を振り分ける(ルーティングする)ものである。ルータ機能部120は、情報処理器11のみが起動された場合には、情報処理器11によって専用ネットワーク5と制御部110とが情報を送受信可能に設定され、インターネット4とは切り離される。 The router function unit 120 distributes (routes) information transmission paths among the personal computer terminal 10, the control unit 110 of the information processing device 11, the Internet 4, and the dedicated network 5. When only the information processing unit 11 is activated, the router function unit 120 is set by the information processing unit 11 so that the dedicated network 5 and the control unit 110 can transmit and receive information, and is disconnected from the Internet 4.
 一方、パソコン端末10が起動される場合には、以下のように、起動に際してルーティング設定処理が施される。すなわち、パソコン端末10を通常の態様で使用する際には、情報処理器11のルータ機能部120は、ISP3及びインターネット4を介してパソコン端末10とインターネット4上の他のコンピュータとが接続されるようにルーティング設定される。この状態では、情報処理器11はルータ機能部120によって単に伝送路の一部とされる。 On the other hand, when the personal computer terminal 10 is activated, a routing setting process is performed at the time of activation as follows. That is, when the personal computer terminal 10 is used in a normal mode, the router function unit 120 of the information processing device 11 is connected to the personal computer terminal 10 and another computer on the Internet 4 via the ISP 3 and the Internet 4. Routing is set as follows. In this state, the information processor 11 is simply made part of the transmission path by the router function unit 120.
 他方、パソコン端末10を情報処理器11の補助として使用する際には、パソコン端末10は、ディスク装填部10cに所定のディスク、例えばCDROMが装填された状態で起動される。この場合には、後述するようにしてパソコン端末10は情報処理器11の制御部110(及びデータ記憶部130)とのみ接続されると共に、情報処理器11とISP3及び専用ネットワーク5を介して、他の情報処理端末装置1、管理サーバ2と接続されるようにルータ機能部120はルーティング設定される。ルーティング設定は、例えば、送信乃至は受信信号としての各パケットの所定位置に付加されている送信先を示すアドレス情報が、インターネット4用の規約に基づくグローバルIPアドレスか、このグローバルIPアドレスの付し方とは異なる(グローバルIPアドレスとは識別可能な形態である)専用ネットワーク5用の、例えばイーサネット(登録商標)用等に準じた所定のローカルIPアドレス(MACアドレス)かを識別するためのアドレス情報(ルーティングテーブルやarp(Address Resolution Protocol)テーブル)の設定を行うものである。パケットは、テーブルと照合されて、アドレスの一致したルートへのみ送信され、これにより伝送路を制限する(切り換える)ことができる。なお、後述する管理サーバ2の制御部200は、新たに入会希望の会員に対して、上記に従ったアドレスを設定することで、会員として専用ネットワークへのアクセスが許可される(権限が付与される)ことになる。 On the other hand, when the personal computer terminal 10 is used as an auxiliary to the information processing device 11, the personal computer terminal 10 is activated in a state where a predetermined disk, for example, a CDROM is loaded in the disk loading unit 10c. In this case, as will be described later, the personal computer terminal 10 is connected only to the control unit 110 (and the data storage unit 130) of the information processing device 11, and through the information processing device 11, the ISP 3, and the dedicated network 5, The router function unit 120 is routed so as to be connected to the other information processing terminal device 1 and the management server 2. In the routing setting, for example, the address information indicating the transmission destination added to a predetermined position of each packet as a transmission or reception signal is a global IP address based on the Internet 4 protocol, or this global IP address is attached. Address for identifying a specific local IP address (MAC address) according to, for example, Ethernet (registered trademark) for the dedicated network 5 that is different from the private network (in a form that is identifiable from the global IP address) Information (routing table and arp (Address Resolution Protocol) table) is set. The packet is checked against the table and transmitted only to the route with the matching address, thereby limiting (switching) the transmission path. The control unit 200 of the management server 2 to be described later sets the address according to the above for a new member who wishes to become a member, thereby permitting access to the dedicated network as a member (authorization is granted). It will be.
 かかる処理を実現する態様として、パソコン端末10は、例えばデュアルブート式のパーソナルコンピュータが採用されることが好ましい。デュアルブート処理の一例を以下に簡単に説明しておく。 For example, a dual boot personal computer is preferably employed as the personal computer terminal 10 as an aspect for realizing such processing. An example of the dual boot process will be briefly described below.
HDD101は、マスターブートプログラムが書き込まれたMBR1(Master Boot Recorder)領域と、例えばWindows(登録商標)等のオペレーションシステムプログラム(OS1)が書き込まれたOS1領域と、文書作成用、ブラウザ、メーラ等の各種アプリケーションプログラムが書き込まれたAP1領域を含む。また、記憶部103内にはBIOSROMを備え、メモリや周辺機器をチェックし、ディスク装填部10cにCDROMが装填されていない場合には、HDD101のMBR1プログラムを起動させるBIOSプログラムを格納している。記憶部103内のRAMは、パソコン端末10の起動に際して、HDD101から順次プログラムが展開される(読み込まれる)ものである。なお、OS1プログラムによって起動させられるアプリケーションプログラムのうちには、情報処理器11のルータ機能部120に対して、パソコン端末10とインターネット4との接続を許可するルーティング設定のための通信制御プログラムが含まれている。具体的には、パソコン端末10とインターネット4とのみを接続する伝送路を設定するためのアドレス情報の設定である。 The HDD 101 includes an MBR1 (Master Boot Recorder) area in which a master boot program is written, an OS1 area in which an operation system program (OS1) such as Windows (registered trademark) is written, a document creation browser, a mailer, and the like. It includes an AP1 area in which various application programs are written. The storage unit 103 includes a BIOSROM, which checks the memory and peripheral devices, and stores a BIOS program that activates the MBR1 program of the HDD 101 when the disk loading unit 10c is not loaded with a CDROM. The RAM in the storage unit 103 is a program that is sequentially expanded (read) from the HDD 101 when the personal computer terminal 10 is activated. The application program activated by the OS1 program includes a communication control program for routing setting that permits connection between the personal computer terminal 10 and the Internet 4 to the router function unit 120 of the information processor 11. It is. Specifically, the address information is set for setting a transmission path that connects only the personal computer terminal 10 and the Internet 4.
一方、ディスク装填部10cに装填されるCDROMには、マスターブートプログラムが書き込まれたMBR2(Master Boot Recorder)領域と、OS1とは異なる種類のオペレーションシステムプログラム(OS2)が書き込まれたOS2領域と、文書乃至は情報処理器11との間での情報の送受信等の通信アプリケーションプログラムが書き込まれたAP2領域を含む。 On the other hand, the CDROM loaded in the disk loading unit 10c has an MBR2 (Master Boot Recorder) area in which a master boot program is written, an OS2 area in which an operation system program (OS2) of a type different from OS1 is written, It includes an AP2 area in which a communication application program such as transmission / reception of information with the document or the information processor 11 is written.
また、記憶部103内のBIOSROMに格納されているBIOSプログラムは、メモリや周辺機器をチェックし、ディスク装填部10cにCDROMが装填されている場合には、HDD101に優先して、CDROMのMBR2プログラムを起動させるものである。記憶部103内のRAMには、パソコン端末10の起動に際して、CDROMから順次プログラムが展開される。なお、OS2プログラムによって起動させられる各種アプリケーションプログラムのうちには、情報処理器11のルータ機能部120に対して、パソコン端末10と情報処理器11の制御部110、データ記憶部130とのみの接続を許可するルーティング設定のための通信制御プログラムが含まれている。具体的には、パソコン端末10と情報処理器11(及びデータ記憶部130)とのみを接続する伝送路を設定するためのアドレス情報の設定である。 The BIOS program stored in the BIOS ROM in the storage unit 103 checks the memory and peripheral devices, and if the CD ROM is loaded in the disk loading unit 10c, the CD ROM MBR2 program takes precedence over the HDD 101. Is to start. When the personal computer terminal 10 is started up, the programs in the storage unit 103 are sequentially loaded from the CDROM. Of the various application programs activated by the OS2 program, only the personal computer terminal 10 and the control unit 110 of the information processor 11 and the data storage unit 130 are connected to the router function unit 120 of the information processor 11. A communication control program for routing setting to allow is included. Specifically, the address information is set for setting a transmission path that connects only the personal computer terminal 10 and the information processor 11 (and the data storage unit 130).
 かかる方法を採用することで、パソコン端末10をインターネット4側に接続したり、情報処理器11を経て専用ネットワーク5のみと接続したりする。 By adopting such a method, the personal computer terminal 10 is connected to the Internet 4 side, or is connected only to the dedicated network 5 via the information processor 11.
 図3に戻り、情報処理器11の制御部110は、操作部11bの操作に基づいて電子決済に必要な各種の文書を作成する文書作成部111、パソコン端末10及びISP3を介して専用ネットワーク5側とデータ通信を行う通信制御部112、送信文書ファイル中(各パケットの所定位置)に送信元、送信先のアドレス(送信元情報、送信先情報)を付与するアドレス設定部113及び表示部11aに入力内容の確認表示等を行うための表示制御部114を備えている。データ記憶部130は、各種文書のフォームを記憶する文書フォーム記憶部131、自己及び会員のアドレス情報記憶部132、管理サーバ2から配信されてくる暗号化プログラムや復号化プログラムを記憶する配信プログラム記憶部133及び表示画像記憶部134を備えている。 Returning to FIG. 3, the control unit 110 of the information processing device 11 uses the dedicated network 5 via the document creation unit 111, the personal computer terminal 10, and the ISP 3 to create various documents necessary for electronic payment based on the operation of the operation unit 11 b. Communication control unit 112 that performs data communication with the communication side, an address setting unit 113 that assigns a transmission source and transmission destination address (transmission source information, transmission destination information) in a transmission document file (predetermined position of each packet), and a display unit 11a Is provided with a display control unit 114 for performing a confirmation display of the input contents. The data storage unit 130 is a document form storage unit 131 that stores forms of various documents, a self and member address information storage unit 132, and a distribution program storage that stores an encryption program and a decryption program distributed from the management server 2. Section 133 and a display image storage section 134.
 同様に、パソコン端末10の情報処理部102は、各種の文書を作成する文書作成部1021、インターネット4との間あるいは情報処理機11との間での情報の通信処理を行う通信制御部1022、及び表示制御部1023を備えている。記憶部103は、前述したデュアルブートに必要なプログラムデータの他、文書作成のためのアプリケーションプログラムや各種文書のフォームを記憶する文書作成データ記憶部1031及び表示画像記憶部1032を備えている。 Similarly, the information processing unit 102 of the personal computer terminal 10 includes a document creation unit 1021 that creates various documents, a communication control unit 1022 that performs communication processing of information with the Internet 4 or with the information processing device 11, And a display control unit 1023. The storage unit 103 includes a document creation data storage unit 1031 and a display image storage unit 1032 for storing application programs for document creation and forms of various documents, in addition to the program data necessary for the dual boot described above.
 図4は、管理サーバ2の機能ブロックの内、本発明に関連する機能部分のブロック図である。管理サーバ2は、マイクロコンピュータによって構成される制御部200、ROM210及びRAM220で構成されている。ROM210は、会員の氏名、名称、アドレス等の会員情報を記憶する会員情報記憶部211、管理処理全体を実行するための管理プログラムが格納された管理プログラム記憶部212と、複数種類の暗号化プログラム及び各暗号化プログラムに対応する複合化プログラムが記憶された暗号・復号化プログラム記憶部213とを備える。RAM220は、処理途中のデータを一時的に記憶するもので、例えば、必要に応じて各会員のファイル送受信履歴、ファイル類等を管理用に記憶するファイル情報記憶部221、及び後述する配信データ記憶部222を備えている。 FIG. 4 is a block diagram of functional parts related to the present invention in the functional blocks of the management server 2. The management server 2 includes a control unit 200 configured by a microcomputer, a ROM 210, and a RAM 220. The ROM 210 includes a member information storage unit 211 that stores member information such as a member's name, name, and address, a management program storage unit 212 that stores a management program for executing the entire management process, and a plurality of types of encryption programs. And an encryption / decryption program storage unit 213 in which a composite program corresponding to each encryption program is stored. The RAM 220 temporarily stores data being processed. For example, a file information storage unit 221 that stores a file transmission / reception history, files, and the like of each member for management as necessary, and a distribution data storage described later. Part 222 is provided.
 上記において、暗号・復号化プログラム記憶部213に記憶される暗号化プログラム及び各暗号化プログラムに対応する復号化プログラムの種類としては、数十乃至は百数十程度を想定している。 In the above description, it is assumed that the encryption program stored in the encryption / decryption program storage unit 213 and the types of decryption programs corresponding to the respective encryption programs are about tens to hundreds.
 暗号の種類としては、コンピュータで処理可能な範囲において、種々の方式が採用可能である。例えば、一般形式中の、文字または語句等を他文字または記号(群)で置き換える換字式としては、単一の文字を他の文字・記号(群)に換える文字置換式や、2文字や3文字等の文字群を他の文字や記号(群)に換える綴字換字式や、文字、単語、句及び短文等を単位として他の文字や記号群に換える辞書式や、2種以上の換字表を作って規則に従って表を変えながら暗号化してゆく多表式や、数字(文字)化した単一形式の暗号文に乱数(字)を加えて暗号化する乱数(字)式や、更新が頻繁にできない辞書式または綴字式暗号で暗号化した暗号文をしばしば更新する文字換字、綴字換字式で暗号化する2次式や、最初の部分を鍵として暗号化して後は原文または暗号を鍵として逐次暗号化してゆく連鎖式や、ストリップという細片に不規則にアルファベットが2回繰り返してあるものを数十回使用して暗号化するストリップ式がある。また、文字または単語を基本として、文章と異なる配列に置き換える転置式もある。そして、同一方式の暗号化でも、具体的なやり方を微妙に変更する等によって得られる暗号を、別の暗号として扱えば、多数の暗号化プログラムが準備できる。 As the type of encryption, various methods can be adopted as long as it can be processed by a computer. For example, as a substitution expression that replaces a character or phrase in a general format with another character or symbol (group), a character substitution expression that replaces a single character with another character / symbol (group), two characters, or three A spelling substitution formula that changes a character group such as a character to another character or symbol (group), a dictionary formula that changes to another character or symbol group in units of characters, words, phrases, short sentences, etc., or two or more substitution tables A multi-table expression that encrypts while changing the table according to the rules, and a random number (character) expression that encrypts by adding a random number (letter) to a single-format ciphertext converted to a number (character) Encrypted text that is frequently updated using lexicographic or spelling ciphers is often updated with character substitutions, secondary expressions that are encrypted with spelling substitutions, and the first part is used as the key, and then the original text or cipher is used as the key. As a result, it is not suitable for a chaining system that encrypts sequentially or a strip called strip. There are strips formula to encrypt those alphabet law is are repeated twice using several tens of times. There is also a transposition formula that replaces an array different from a sentence based on characters or words. Even with the same type of encryption, a number of encryption programs can be prepared if the encryption obtained by slightly changing the specific method is handled as another encryption.
 図4に戻り、制御部200は、選択部201、配信部202、管理部203、通信処理部204、送受者情報抽出部205、復号処理部206、暗号処理部207、及びタイマ208を備える。 Returning to FIG. 4, the control unit 200 includes a selection unit 201, a distribution unit 202, a management unit 203, a communication processing unit 204, a sender / receiver information extraction unit 205, a decryption processing unit 206, an encryption processing unit 207, and a timer 208.
 選択部201は、各会員の情報処理端末装置1毎に定期的あるいは不定期で提供する暗号化プログラム及び復号化プログラムを選択するものである。例えば、ある会員の情報処理端末装置1に、現在、暗号化プログラムE10と復号化プログラムD30が配信されているとした場合(なお、この例では、暗号化プログラムはE01~E100まで、復号化プログラムD01~D100まで、のように、それぞれ100種類準備されているものとする。)に、今回配信する暗号化プログラム、復号化プログラムとして、例えば暗号化プログラムE25と復号化プログラムD08というように選択するものである。ある会員の情報処理端末装置1に配信する暗号化プログラムと復号化プログラムとは対応関係は不要である。従って、選択部201は、暗号化プログラムと復号化プログラムとを個別に、例えば乱数発生器から得られる乱数値を利用するなどして、それぞれ無作為に選出するようにしている。 The selection unit 201 selects an encryption program and a decryption program that are provided regularly or irregularly for each information processing terminal device 1 of each member. For example, when it is assumed that the encryption program E10 and the decryption program D30 are currently distributed to the information processing terminal device 1 of a certain member (in this example, the encryption programs are E01 to E100, the decryption program 100 types are prepared as shown in D01 to D100.) As an encryption program and a decryption program distributed this time, for example, an encryption program E25 and a decryption program D08 are selected. Is. The correspondence between the encryption program and the decryption program distributed to the information processing terminal device 1 of a certain member is not necessary. Therefore, the selection unit 201 randomly selects an encryption program and a decryption program, for example, by using a random value obtained from a random number generator.
 あるいは、複雑な選択ルール、例えば一般的なルール式中に、時間軸情報等の変動情報を盛り込ませるなどして個別に選出するようにしてもよいし、さらには、予め暗号化プログラムと復号化プログラムとの組合せを多数乃至は全て準備しておき、そのいずれかを、好ましくは無作為に選択する方式としてもよい。より具体的には、以下の方法、すなわち変動情報を盛り込む方法が採用可能である。これらは、復号化プログラムの選択にも同様に適用可能である。 Alternatively, it may be individually selected by including variation information such as time axis information in a complicated selection rule, for example, a general rule expression, or in advance, an encryption program and a decryption Many or all combinations with the program are prepared, and any one of them may be selected preferably at random. More specifically, the following method, that is, a method of incorporating variation information can be employed. These can be similarly applied to selection of a decryption program.
 すなわち、暗号化プログラムをE01~E100の連番としておく。そして、送信元からのファイルを受信する毎に、そのパケット数を変動情報として取得し、その数を送信元毎に所定の内部メモリ部に累積させていく。そして、受信毎に、それまでの累積数とプログラムの連番(バイナリー形式)、ここでは値100(バイナリー形式)との論理処理、例えば論理積の演算処理を施す。論理積が“0”あれば、暗号化プログラムをE01を選択し、その他については、算出値に“1”を加算して、暗号化プログラムを選択する。このように変動情報を盛り込むようにすれば、論理値として値0~100の間で得られ、かつ実質的に不規則性も確保される。 That is, the encryption program is set as a serial number of E01 to E100. Each time a file from the transmission source is received, the number of packets is acquired as variation information, and the number is accumulated in a predetermined internal memory unit for each transmission source. For each reception, logical processing of the cumulative number so far and the serial number of the program (binary format), in this case, the value 100 (binary format), for example, logical product calculation processing is performed. If the logical product is “0”, E01 is selected as the encryption program, and for the other, “1” is added to the calculated value to select the encryption program. If variation information is included in this way, a logical value between 0 and 100 is obtained, and irregularity is substantially ensured.
 また、他の方法としては、同様に、暗号化プログラムをE01~E100の連番とし、また、情報処理機11には予め識別情報(例えば前述したMACアドレス)がバイナリー形式で設定されているものとする。そして、送信元からファイルを送信する毎に送信時刻の情報(バイナリー形式)であるタイムスタンプを変動情報として識別情報に加算する。管理サーバ2は、受信したファイル内から、識別情報とタイムスタンプの加算値(バイナリー形式)を抽出し、この加算値とプログラムの連番(バイナリー形式)、ここでは値100(バイナリー形式)との論理処理、例えば論理積の演算処理を施す。論理積が“0”あれば、暗号化プログラムをE01を選択し、その他については、算出値に“1”を加算して、暗号化プログラムを選択する。このように変動情報を盛り込むようにすれば、論理値として値0~100の間で得られ、かつ実質的に不規則性も確保される。 As another method, similarly, the encryption program is a serial number of E01 to E100, and identification information (for example, the MAC address described above) is previously set in the binary format in the information processing device 11. And Each time a file is transmitted from the transmission source, a time stamp which is transmission time information (binary format) is added to the identification information as variation information. The management server 2 extracts the addition value (binary format) of the identification information and the time stamp from the received file, and adds this addition value and the serial number of the program (binary format), here the value 100 (binary format). Logical processing, for example, logical product calculation processing is performed. If the logical product is “0”, E01 is selected as the encryption program, and for the other, “1” is added to the calculated value to select the encryption program. If variation information is included in this way, a logical value between 0 and 100 is obtained, and irregularity is substantially ensured.
 選択部201は、所定の時刻に達することで、新たな暗号化プログラム、復号化プログラムの配信(すなわち更新)を実行する態様では、タイマ208からの時刻情報を用いて行うようにしている。更新時刻としては、一般的にデータ送受信の機会が少ない夜間、特に真夜中辺りが考えられる。また、更新周期としては、1日単位でもよいが、より短くでもよく、あるいは数日単位であってもよい。 The selection unit 201 uses time information from the timer 208 in a mode in which distribution (that is, update) of a new encryption program and decryption program is executed by reaching a predetermined time. As the update time, it is generally considered at night, especially around midnight, when there are few opportunities for data transmission and reception. Further, the update cycle may be in units of one day, but may be shorter or in units of several days.
 配信部202は、選択部201で選択された暗号化プログラムと復号化プログラムとを対応する会員の情報処理端末装置1に配信するものである。配信部202は、この実施形態では、全ての会員の情報処理端末装置1に配信処理を行う。 The distribution unit 202 distributes the encryption program and the decryption program selected by the selection unit 201 to the corresponding information processing terminal device 1. In this embodiment, the distribution unit 202 performs distribution processing on the information processing terminal devices 1 of all members.
 管理部203は、選択した暗号化プログラム及び復号化プログラムと配信先である情報処理端末装置1との組合せを照合のための配信管理情報として、更新毎に配信データ記憶部222に記憶するものである。 The management unit 203 stores the combination of the selected encryption program and decryption program and the information processing terminal device 1 that is the distribution destination as distribution management information for collation in the distribution data storage unit 222 for each update. is there.
 通信処理部204は、送信元の情報処理端末装置1から送信先の情報処理端末装置1へ送信される文書ファイルを管理サーバ2が管理するべく、一旦受信し、所定の処理後に送信先に送信するという、いわゆる中継処理を行うためのものである。 The communication processing unit 204 receives the document file transmitted from the information processing terminal device 1 as the transmission source to the information processing terminal device 1 as the transmission destination, so that the management server 2 manages it, and transmits it to the transmission destination after predetermined processing. This is to perform so-called relay processing.
 送受者情報抽出部205は、受信した文書ファイルから、送信元情報及び送信先情報を取得(抽出)する処理を行うものである。 The sender / receiver information extraction unit 205 performs processing for acquiring (extracting) transmission source information and transmission destination information from the received document file.
 復号処理部206は、受信した文書ファイルを、配信データ記憶部222内を参照して送信元の暗号化プログラムを特定し、対応する復号化プログラムで復号処理を施すものである。 The decryption processing unit 206 refers to the distribution data storage unit 222 with respect to the received document file, identifies the transmission source encryption program, and performs decryption processing using the corresponding decryption program.
 暗号処理部207は、復号処理部206で復号化された、すなわち平文の文書ファイルを、配信データ記憶部222内を参照して送信先の復号化プログラムを特定し、対応する暗号化プログラムで暗号処理を施すものである。 The encryption processing unit 207 refers to the distribution data storage unit 222 for the plain text document file decrypted by the decryption processing unit 206, identifies the decryption program of the transmission destination, and encrypts it with the corresponding encryption program. Processing is performed.
 図5は、管理サーバ2の管理プログラムを用いて制御部200によって実行されるプログラム配信処理のフローチャートである。先ず、タイマ208が所定時刻に達したか否かが判断され(ステップS1)、達していなければ、本フローを抜ける。一方、所定時刻に達したのであれば、選択処理が実行される(ステップS3)。選択処理によって得られた、各情報処理端末装置1毎の暗号化プログラムと復号化プログラムの組合せ情報が配信データ記憶部222に格納される(ステップS5)。 FIG. 5 is a flowchart of the program distribution process executed by the control unit 200 using the management program of the management server 2. First, it is determined whether or not the timer 208 has reached a predetermined time (step S1), and if not, the process exits this flow. On the other hand, if the predetermined time has been reached, a selection process is executed (step S3). The combination information of the encryption program and the decryption program for each information processing terminal device 1 obtained by the selection process is stored in the distribution data storage unit 222 (step S5).
 次いで、全ての情報処理端末装置1に対して暗号化プログラムと復号化プログラムの組合せが設定されたか否かが判断され(ステップS7)、途中であれば、ステップS3に戻り、全ての情報処理端末装置1に対して選択処理が終了したのであれば、配信データ記憶部222に格納されている暗号化プログラム及び復号化プログラムが対応する情報処理端末装置1に配信される。各情報処理端末装置1では、配信されてきた暗号化プログラム及び復号化プログラムを受信し、配信プログラム記憶部133に記憶する。そして、情報処理端末装置1から専用ネットワーク5を経由して文書ファイルを送信する場合は、平文の文書が配信プログラム記憶部133に現に記憶されている暗号化プログラムによって暗号文とされて、送信されることになる。 Next, it is determined whether or not the combination of the encryption program and the decryption program is set for all the information processing terminal devices 1 (step S7). If the selection process is completed for the device 1, the encryption program and the decryption program stored in the distribution data storage unit 222 are distributed to the corresponding information processing terminal device 1. Each information processing terminal device 1 receives the distributed encryption program and decryption program and stores them in the distribution program storage unit 133. When the document file is transmitted from the information processing terminal device 1 via the dedicated network 5, the plain text document is converted into cipher text by the encryption program currently stored in the distribution program storage unit 133 and transmitted. Will be.
 図6は、管理サーバ2の管理プログラムを用いて制御部200によって実行されるファイル中継処理のフローチャートである。まず、情報処理端末装置1から文書ファイルが受信されたか否かが判断され(ステップS21)、受信されたのでなければ、本フローを抜ける。一方、受信されたのであれば、受信した文書ファイル中の所定位置に含まれる送信元及び送信先の情報処理端末装置1に関する情報の抽出処理が行われる(ステップS23)。次いで、抽出した送信元情報を元に、配信データ記憶部222を参照して対応する暗号化プログラムを特定し、特定した暗号化プログラムに対応する復号化プログラムを用いて暗号文を解凍することで平文化を行う(ステップS25)。次いで、抽出した送信先情報を元に、配信データ記憶部222を参照して対応する復号化プログラムを特定し、特定した復号化プログラムに対応する暗号化プログラムを用いて平文化した受信文書ファイルの暗号化を行う(ステップS27)。次いで、暗号化された文書ファイルを送信先の情報処理端末装置1に送信する(ステップST29)。そして、送信先の情報処理端末装置1では、管理サーバ2によって暗号文とされ、送信されてきた文書ファイルを、配信プログラム記憶部133に記憶されている復号化プログラムを用いて平文化される。 FIG. 6 is a flowchart of the file relay process executed by the control unit 200 using the management program of the management server 2. First, it is determined whether or not a document file has been received from the information processing terminal device 1 (step S21). If not received, this flow is exited. On the other hand, if it has been received, extraction processing of information relating to the information processing terminal device 1 of the transmission source and the transmission destination included in a predetermined position in the received document file is performed (step S23). Next, based on the extracted transmission source information, the corresponding encryption program is identified with reference to the distribution data storage unit 222, and the ciphertext is decompressed using the decryption program corresponding to the identified encryption program. A common culture is performed (step S25). Next, based on the extracted transmission destination information, the corresponding decryption program is identified with reference to the distribution data storage unit 222, and the received document file that has been plainly written using the encryption program corresponding to the identified decryption program is stored. Encryption is performed (step S27). Next, the encrypted document file is transmitted to the information processing terminal device 1 that is the transmission destination (step ST29). In the information processing terminal device 1 as the transmission destination, the management server 2 converts the transmitted document file into a ciphertext using a decryption program stored in the distribution program storage unit 133.
 図7は、管理サーバ2の管理プログラムを用いて制御部200によって実行される他のプログラム配信処理(II)のフローチャートである。図7に示す実施形態は、管理サーバ2から配信される暗号化プログラム及び復号化プログラムが文書ファイルの送信に対応して選択され、送信直前に配信されるようにしたものである。この態様によれば、文書ファイルの送信が発生する際に、当該、送信元に対して暗号化プログラムが、送信先に対して復号化プログラムが選択され、かつ配信されるのみで、図5に示すような情報処理端末装置1の全てに所定のタイミングで一括的に暗号化プログラム及び復号化プログラムを選択し、かつ配信する処理が不要となる。 FIG. 7 is a flowchart of another program distribution process (II) executed by the control unit 200 using the management program of the management server 2. In the embodiment shown in FIG. 7, the encryption program and the decryption program distributed from the management server 2 are selected corresponding to the transmission of the document file, and are distributed immediately before the transmission. According to this aspect, when a document file is transmitted, the encryption program is selected for the transmission source, and the decryption program is selected and distributed to the transmission destination. The processing of selecting and distributing the encryption program and the decryption program at a predetermined timing to all of the information processing terminal devices 1 as shown in the figure becomes unnecessary.
より具体的には、ある情報処理端末装置1から専用ネットワーク5に対して文書ファイルを送信する場合、先ず、管理サーバ2に送信要求が発せられる。次いで、管理サーバ2から送信要求に対応した応答情報の受信を受けて、本来の文書ファイルの送信を行うようにしたものである。すなわち、送信元の情報処理端末装置1で所定の文書を作成し、所定の送信先に、作成した文書をファイル化及び暗号化して送信する直前に、管理サーバ2に対して送信要求情報の送信が行われる。情報処理端末装置1は、送信要求情報に送信元情報及び送信先情報を含めるものである。 More specifically, when a document file is transmitted from a certain information processing terminal device 1 to the dedicated network 5, first, a transmission request is issued to the management server 2. Next, upon receipt of response information corresponding to the transmission request from the management server 2, the original document file is transmitted. That is, the transmission request information is transmitted to the management server 2 immediately before a predetermined document is created by the information processing terminal device 1 of the transmission source, and the generated document is filed and encrypted and transmitted to the predetermined transmission destination. Is done. The information processing terminal device 1 includes transmission source information and transmission destination information in transmission request information.
 まず、管理サーバ2は、送信要求情報の受信の有無の判断を行う(ステップS41)。送信要求情報が受信されていないのであれば、本フローを抜ける。一方、送信要求情報を受信したのであれば、受信した送信要求情報中から送信元情報及び送信先情報の抽出処理を行う(ステップST43)。次いで、抽出した送信元に対しての暗号化プログラムと送信先に対しての復号化プログラムの組合せの選択処理が実行される(ステップS45)。選択処理が終了すると、選択処理によって得られた、送信元の情報処理端末装置1に対して暗号化プログラムが、送信先の情報処理端末装置1に対して復号化プログラムが配信データ記憶部222に更新的に記憶される(ステップS47)。 First, the management server 2 determines whether or not transmission request information has been received (step S41). If the transmission request information has not been received, this flow is exited. On the other hand, if transmission request information has been received, transmission source information and transmission destination information are extracted from the received transmission request information (step ST43). Next, a process of selecting a combination of the encryption program for the extracted transmission source and the decryption program for the transmission destination is executed (step S45). When the selection process is completed, the encryption program for the transmission source information processing terminal device 1 and the decryption program for the transmission destination information processing terminal device 1 obtained in the selection process are stored in the distribution data storage unit 222. It is stored in an updated manner (step S47).
 次いで、配信データ記憶部222に格納された暗号化プログラム及び復号化プログラムが対応する送信元及び送信先の各情報処理端末装置1に配信される(ステップS49)。送信元の情報処理端末装置1では、配信されてきた暗号化プログラムを受信して配信プログラム記憶部133に記憶する。また、送信先の情報処理端末装置1では、配信されてきた復号化プログラムを受信して配信プログラム記憶部133に記憶する。そして、送信元の情報処理端末装置1から専用ネットワーク5を経由して文書ファイルを送信する場合は、平文の文書が、今般配信されて配信プログラム記憶部133に新たに記憶された暗号化プログラムによって暗号文とされて、送信されることになる。一方、管理サーバ2は、図6に示すファイル中継処理を実行する。従って、送信先の情報処理端末装置1は、管理サーバ2から文書ファイルを受信すると、今般新たに配信されてきた復号化プログラムを用いて暗号文の平文化を行う。 Next, the encryption program and the decryption program stored in the distribution data storage unit 222 are distributed to the corresponding information processing terminal devices 1 of the transmission source and the transmission destination (step S49). The information processing terminal device 1 that is the transmission source receives the encrypted program that has been distributed and stores it in the distribution program storage unit 133. Further, the information processing terminal device 1 as the transmission destination receives the decrypted program distributed and stores it in the distributed program storage unit 133. When the document file is transmitted from the information processing terminal device 1 as the transmission source via the dedicated network 5, the plain text document is distributed by the encryption program that has been distributed and newly stored in the distribution program storage unit 133. It is sent as ciphertext. On the other hand, the management server 2 executes the file relay process shown in FIG. Therefore, when receiving the document file from the management server 2, the information processing terminal device 1 as the transmission destination performs plain culture of the ciphertext using the decryption program newly distributed recently.
なお、図5に示す実施形態において、送信先の情報処理端末装置1は文書ファイルの受信に応答して復号化処理を実行する場合には問題がないが、情報処理端末装置1が起動されて、あるいは文書ファイルが読み出された時点で、異なる暗号化プログラムが配信されている場合が想定できる。この場合には、上記の実施形態に従えば、配信プログラム記憶部133の復号化プログラムでは過去の受信ファイルを解凍することができない。この場合の対策として、各情報処理端末装置1において、文書ファイルの受信時点で配信されている復号化プログラムを、当該文書ファイルが復号されるまで保管しておき、復号後に、対応する復号化プログラムについては、これを消去するようにすればよい。一方、ある期間内に受信ファイルがない場合には、その間の復号化プログラムは通常処理通り、新たに配信される復号化プログラムによって更新されるようにすればよい。 In the embodiment shown in FIG. 5, there is no problem when the destination information processing terminal device 1 executes the decryption process in response to the reception of the document file, but the information processing terminal device 1 is activated. Alternatively, it can be assumed that a different encryption program is distributed when the document file is read out. In this case, according to the above embodiment, the decryption program stored in the distribution program storage unit 133 cannot decompress past received files. As a countermeasure in this case, in each information processing terminal device 1, the decryption program distributed at the time of reception of the document file is stored until the document file is decrypted, and after decryption, the corresponding decryption program is stored. This should be deleted. On the other hand, if there is no received file within a certain period, the decryption program during that period may be updated by a newly delivered decryption program as usual.
また、図7に示す実施形態において、送信先の情報処理端末装置1は文書ファイルの受信に応答して復号化処理を実行する場合には問題がないが、情報処理端末装置1が起動されて、あるいは文書ファイルが読み出された時点で、複数の文書ファイルが、それぞれ異なる暗号化プログラムで受信されている場合が想定できる。この場合には、上記の実施形態に従えば、配信プログラム記憶部133には1つの復号化プログラムしか記憶されていないため、直近の1つの受信ファイル以外の受信ファイルを解凍することができない。この場合の対策として、各情報処理端末装置1において、文書ファイルの受信に対応して配信された復号化プログラムを、当該文書ファイルが復号されるまで保管しておき、復号後に、対応する復号化プログラムについては、これを消去するようにすればよい。 In the embodiment shown in FIG. 7, there is no problem when the destination information processing terminal device 1 executes the decryption process in response to the reception of the document file, but the information processing terminal device 1 is activated. Alternatively, it can be assumed that a plurality of document files are received by different encryption programs when the document file is read. In this case, according to the above embodiment, since only one decryption program is stored in the distribution program storage unit 133, it is not possible to decompress received files other than the most recent one received file. As a countermeasure in this case, in each information processing terminal device 1, the decryption program distributed corresponding to the reception of the document file is stored until the document file is decrypted, and after decryption, the corresponding decryption program is stored. You can delete the program.
 なお、本発明は、以下の態様を採用することができる。 The present invention can employ the following modes.
(1)配信部202は、暗号化プログラム、復号化プログラムを所定のタイミングで配信する代わりに、複数の暗号化プログラム及びこれに対応する復号化プログラムを予め全ての情報処理端末装置1に配信して記憶させておき、所定のタイミングで暗号化プログラム、復号化プログラムを識別(特定)する識別情報を、例えば無作為に選択して配信するようにしてもよい。これによれば、暗号化プログラム、復号化プログラムが専用ネットワーク上を繰り返し配信されることがなくなるので、プログラム配信時における漏洩を防止できる。 (1) The distribution unit 202 distributes a plurality of encryption programs and corresponding decryption programs to all the information processing terminal devices 1 in advance, instead of distributing the encryption program and the decryption program at a predetermined timing. The identification information for identifying (identifying) the encryption program and the decryption program at a predetermined timing may be selected and distributed at random, for example. According to this, since the encryption program and the decryption program are not repeatedly distributed over the dedicated network, leakage at the time of program distribution can be prevented.
(2)管理サーバ2は1台に限定される必要はなく、複数台を設けてもよい。各管理サーバは、情報処理端末装置1毎に、あるいは経時方向で分担を変更することが可能である。例えば、経時方向では、ある1つの情報処理端末装置1から見たとき、周期的に、異なる管理サーバとの間で本実施形態が実行されるようにしてもよい。 (2) The management server 2 is not necessarily limited to one, and a plurality of management servers 2 may be provided. Each management server can change the assignment for each information processing terminal device 1 or in the direction of time. For example, in the temporal direction, the present embodiment may be executed periodically with different management servers when viewed from a certain information processing terminal device 1.
以上のとおり、本発明は、ネットワークに接続された複数の情報処理端末装置の間で行われる暗号化されたファイルの送受信を管理するネットワーク管理サーバにおいて、複数の暗号化プログラム及び対応する復号化プログラムを記憶する記憶手段と、送信元となり得る情報処理端末装置に1の暗号化プログラムを、送信先となり得る情報処理端末装置に1の復号化プログラムをそれぞれ所定の方法で選択する選択手段と、選択された暗号化、復号化プログラムを、少なくともファイルの送信前に配信する配信手段と、各情報処理端末装置に配信している暗号化プログラム及び復号化プログラムを管理する管理手段と、送信元の情報処理端末装置で暗号化され、送信されてきたファイルを受信する受信手段と、受信したファイルから送信元及び送信先の各情報処理端末装置を特定する抽出手段と、前記送信元の情報処理端末から送信されてきたファイルを前記管理手段の管理情報によって対応する復号化プログラムで復号化する復号化手段と、前記復号化されたファイルを前記抽出手段で抽出された送信先の情報処理端末装置に配信した復号化プログラムに対応する暗号化プログラムで暗号化する暗号化手段と、前記暗号化手段によって暗号化されたファイルを前記検出手段で検出した送信先の情報処理端末装置へ送信する送信手段とを備えたことを特徴とするものである。本発明において、前記配信手段は、各情報処理端末装置に所定の方法で選択した1の暗号化プログラム及び復号化プログラムを所定のタイミングで配信することが好ましい。これによれば、各情報処理端末装置は、常に1の暗号化プログラム及び復号化プログラムを持つので、暗号化されたファイルの送信、暗号化されたファイルの受信に対応可能となる。また、各情報処理端末装置は、経時的に異なる暗号化プログラム及び復号化プログラムを持つことになるため、仮に何等かの理由によって一時的に暗号化プログラムあるいは復号化プログラムが漏れたとしても、後の時点では、別の暗号化プログラム、復号化プログラムを持っているので、秘匿性が確保される。 As described above, the present invention provides a plurality of encryption programs and corresponding decryption programs in a network management server that manages transmission / reception of encrypted files performed between a plurality of information processing terminal devices connected to a network. And a selection means for selecting one encryption program for an information processing terminal device that can be a transmission source and a one decryption program for an information processing terminal device that can be a transmission destination, respectively. Distribution means for distributing at least the encrypted encryption / decryption program before transmission of the file, management means for managing the encryption program and the decryption program distributed to each information processing terminal device, and transmission source information A receiving means for receiving a file encrypted and transmitted by the processing terminal device; a sender and a receiver from the received file; Extracting means for identifying each information processing terminal device of the transmission destination, decoding means for decoding the file transmitted from the information processing terminal of the transmission source by a corresponding decoding program according to management information of the management means, An encryption means for encrypting the decrypted file with an encryption program corresponding to a decryption program distributed to the information processing terminal device of the transmission destination extracted by the extraction means; and encrypted by the encryption means Transmission means for transmitting the received file to the destination information processing terminal device detected by the detection means. In the present invention, it is preferable that the distribution unit distributes one encryption program and decryption program selected by a predetermined method to each information processing terminal device at a predetermined timing. According to this, since each information processing terminal device always has one encryption program and decryption program, it is possible to cope with transmission of encrypted files and reception of encrypted files. In addition, since each information processing terminal device has an encryption program and a decryption program that differ with time, even if the encryption program or the decryption program leaks temporarily for some reason, At this point, since there is another encryption program and decryption program, confidentiality is ensured.
また、前記所定のタイミングを予め設定された周期毎としてもよい。この構成によれば、暗号化プログラム及び復号化プログラムの更新が定期的に行われるので、暗号化プログラム及び復号化プログラムの不正入手乃至は窃用の意義は失われる。なお、定期的とは、所定時刻毎とか、1日毎、数日毎等が考えられる。 The predetermined timing may be set for each preset period. According to this configuration, since the encryption program and the decryption program are regularly updated, the significance of illegal acquisition or theft of the encryption program and the decryption program is lost. Note that “regular” means every predetermined time, every day, every few days, or the like.
 また、前記選択手段は、送信元の情報処理端末装置からのファイルの送信に先立って送信される、送信元及び送信先の情報を含む送信要求信号を受信すると、前記送信要求信号を送信した情報処理端末装置に1の暗号化プログラムを選択すると共に、前記送信先の情報処理端末装置に1の復号化プログラムを選択し、前記配信手段は、前記送信要求信号を送信した情報処理端末装置に選択された暗号化プログラムを配信すると共に、前記送信先の情報処理端末装置に選択された復号化プログラムを配信することが好ましい。これによれば、ファイルの送信直前に暗号化プログラムが配信され、かつ送信ファイルの送信先に対して、同時点で復号化プログラムを配信するので、事前に不正入手できたとしても、その暗号化プログラムや復号化プログラムを無用とすることが可能となる。 Further, when the selection means receives a transmission request signal including information on a transmission source and a transmission destination that is transmitted prior to transmission of a file from the information processing terminal device of the transmission source, the information that transmitted the transmission request signal The processing terminal device selects one encryption program, the transmission destination information processing terminal device selects one decryption program, and the distribution means selects the information processing terminal device that has transmitted the transmission request signal. It is preferable that the encrypted program is distributed and the selected decryption program is distributed to the information processing terminal device of the transmission destination. According to this, since the encryption program is distributed immediately before the transmission of the file and the decryption program is distributed to the transmission destination of the transmission file at the same time, even if unauthorized acquisition is possible in advance, the encryption is performed. It becomes possible to make the program and the decryption program useless.
また、前記所定の方法を、無作為に選択する方法とすることが好ましい。この構成によれば、サーバ管理者自体も、現状における暗号化プログラム及び復号化プログラムの配信状況を把握することはできず、人為面からの漏洩も不可能となる。 The predetermined method is preferably a method of selecting at random. According to this configuration, the server administrator itself cannot grasp the current distribution status of the encryption program and the decryption program, and cannot leak from the human side.
また、複数の暗号化プログラム及びこれに対応する復号化プログラムを予め全ての情報処理端末装置に配信しておき、前記所定のタイミングで暗号化プログラム及びこれに対応する復号化プログラムを識別する識別情報を前記所定の方法で配信することが好ましい。この構成によれば、ネットワーク管理サーバから直接、暗号化プログラム及び復号化プログラムが配信されないため、不正入手の機会が抑制される。 Also, identification information for distributing a plurality of encryption programs and corresponding decryption programs to all information processing terminal devices in advance and identifying the encryption program and the corresponding decryption program at the predetermined timing Is preferably distributed by the predetermined method. According to this configuration, since the encryption program and the decryption program are not distributed directly from the network management server, the opportunity for unauthorized acquisition is suppressed.
 また、会員管理手段を備え、前記ネットワークは、インターネットと併設された専用ネットワークであり、前記会員管理手段は、前記専用ネットワークへの接続を許可する権限を情報処理端末装置に設定するものとすることが好ましい。これによれば、専用ネットワークの使用が会員間でのファイル送受信に制限されるため、他のネットワークから侵入することが困難となり、高いセキュリティー管理が可能となる。 In addition, a member management unit is provided, and the network is a dedicated network that is provided alongside the Internet, and the member management unit sets an authority to permit connection to the dedicated network to the information processing terminal device. Is preferred. According to this, since the use of the dedicated network is limited to file transmission / reception between members, it becomes difficult to enter from other networks, and high security management becomes possible.
 本発明は、ネットワーク管理サーバによって、送信元となる情報処理端末装置に予め暗号化プログラムを、送信先となる情報処理端末装置に予め復号化プログラムを所定の方法で選択して配信しておき、ネットワーク管理サーバが送信元からのファイルを復号し、更に別の方法で暗号化して送信先に送信する。これにより、送受されるファイルの秘匿性を一層高めることが可能となる。 In the present invention, the network management server selects and distributes the encryption program in advance to the information processing terminal device that is the transmission source and the decryption program in advance to the information processing terminal device that is the transmission destination, The network management server decrypts the file from the transmission source, encrypts it by another method, and transmits it to the transmission destination. As a result, it is possible to further improve the confidentiality of the transmitted / received file.

Claims (9)

  1. ネットワークに接続された複数の情報処理端末装置の間で行われる暗号化されたファイルの送受信を管理するネットワーク管理サーバにおいて、
    複数の暗号化プログラム及び対応する復号化プログラムを記憶する記憶手段と、
    送信元となり得る情報処理端末装置に1の暗号化プログラムを、送信先となり得る情報処理端末装置に1の復号化プログラムをそれぞれ所定の方法で選択する選択手段と、
    選択された暗号化、復号化プログラムを、少なくともファイルの送信前に配信する配信手段と、
    各情報処理端末装置に配信している暗号化プログラム及び復号化プログラムを管理する管理手段と、
    送信元の情報処理端末装置で暗号化され、送信されてきたファイルを受信する受信手段と、
    受信したファイルから送信元及び送信先の各情報処理端末装置を特定する抽出手段と、
    前記送信元の情報処理端末から送信されてきたファイルを前記管理手段の管理情報によって対応する復号化プログラムで復号化する復号化手段と、
    前記復号化されたファイルを前記抽出手段で抽出された送信先の情報処理端末装置に配信した復号化プログラムに対応する暗号化プログラムで暗号化する暗号化手段と、
    前記暗号化手段によって暗号化されたファイルを前記検出手段で検出した送信先の情報処理端末装置へ送信する送信手段とを備えたことを特徴とするネットワーク管理サーバ。     In a network management server that manages transmission / reception of encrypted files performed between a plurality of information processing terminal devices connected to a network,
    Storage means for storing a plurality of encryption programs and corresponding decryption programs;
    Selection means for selecting one encryption program for an information processing terminal device that can be a transmission source and one decryption program for an information processing terminal device that can be a transmission destination by a predetermined method;
    A delivery means for delivering the selected encryption / decryption program at least before transmission of the file;
    Management means for managing the encryption program and the decryption program distributed to each information processing terminal device;
    Receiving means for receiving a file encrypted and transmitted by the information processing terminal device of the transmission source;
    Extraction means for identifying each information processing terminal device of the transmission source and the transmission destination from the received file;
    Decryption means for decrypting a file transmitted from the information processing terminal of the transmission source by a corresponding decryption program according to management information of the management means;
    Encryption means for encrypting the decrypted file with an encryption program corresponding to the decryption program distributed to the information processing terminal device of the transmission destination extracted by the extraction means;
    A network management server comprising: a transmission unit configured to transmit a file encrypted by the encryption unit to a destination information processing terminal device detected by the detection unit.
  2. 前記配信手段は、各情報処理端末装置に所定の方法で選択した1の暗号化プログラム及び復号化プログラムを所定のタイミングで配信することを特徴とする請求項1記載のネットワーク管理サーバ。 The network management server according to claim 1, wherein the distribution unit distributes one encryption program and decryption program selected by a predetermined method to each information processing terminal device at a predetermined timing.
  3. 前記所定のタイミングは予め設定された周期毎である請求項1又は2記載のネットワーク管理サーバ。 3. The network management server according to claim 1, wherein the predetermined timing is every preset period.
  4. 前記選択手段は、送信元の情報処理端末装置からのファイルの送信に先立って送信される、送信元及び送信先の情報を含む送信要求信号を受信すると、前記送信要求信号を送信した情報処理端末装置に1の暗号化プログラムを選択すると共に、前記送信先の情報処理端末装置に1の復号化プログラムを選択し、
     前記配信手段は、前記送信要求信号を送信した情報処理端末装置に選択された暗号化プログラムを配信すると共に、前記送信先の情報処理端末装置に選択された復号化プログラムを配信することを特徴とする請求項1記載のネットワーク管理サーバ。     When the selection unit receives a transmission request signal including information on a transmission source and a transmission destination that is transmitted prior to transmission of a file from the information processing terminal device of the transmission source, the information processing terminal that has transmitted the transmission request signal Selecting one encryption program for the device, selecting one decryption program for the information processing terminal device of the transmission destination,
    The distribution means distributes the selected encryption program to the information processing terminal device that has transmitted the transmission request signal, and distributes the selected decryption program to the information processing terminal device of the transmission destination. The network management server according to claim 1.
  5. 前記所定の方法は、無作為に選択することである請求項1~4のいずれかに記載のネットワーク管理サーバ。 5. The network management server according to claim 1, wherein the predetermined method is to select at random.
  6. 前記配信手段は、複数の暗号化プログラム及びこれに対応する復号化プログラムを予め全ての情報処理端末装置に配信しておき、前記所定のタイミングで暗号化プログラム及びこれに対応する復号化プログラムを識別する識別情報を前記所定の方法で配信することを特徴とする請求項1~5のいずれかに記載のネットワーク管理サーバ。 The distribution means distributes a plurality of encryption programs and corresponding decryption programs to all information processing terminal devices in advance, and identifies the encryption program and the corresponding decryption program at the predetermined timing. 6. The network management server according to claim 1, wherein identification information to be distributed is distributed by the predetermined method.
  7. 会員管理手段を備え、
    前記ネットワークは、インターネットと併設された専用ネットワークであり、
    前記会員管理手段は、前記専用ネットワークへの接続を許可する権限を情報処理端末装置に設定するものであることを特徴とする請求項1~6のいずれかに記載のネットワーク管理サーバ。     With membership management means,
    The network is a dedicated network attached to the Internet,
    The network management server according to any one of claims 1 to 6, wherein the member management means sets an authority to permit connection to the dedicated network to an information processing terminal device.
  8. ネットワークに接続された複数の情報処理端末装置の間で行われる暗号化されたファイルの送受信をネットワーク管理サーバで管理するネットワーク管理プログラムにおいて、
    複数の暗号化プログラム及び対応する復号化プログラムを記憶する記憶手段、
    送信元となり得る情報処理端末装置に1の暗号化プログラムを、送信先となり得る情報処理端末装置に1の復号化プログラムをそれぞれ所定の方法で選択する選択手段、
    選択された暗号化、復号化プログラムを、少なくともファイルの送信前に配信する配信手段、
    各情報処理端末装置に配信している暗号化プログラム及び復号化プログラムを管理する管理手段、
    送信元の情報処理端末装置で暗号化され、送信されてきたファイルを受信する受信手段、
    受信したファイルから送信元及び送信先の各情報処理端末装置を特定する抽出手段、
    前記送信元の情報処理端末から送信されてきたファイルを前記管理手段の管理情報によって対応する復号化プログラムで復号化する復号化手段、
    前記復号化されたファイルを前記抽出手段で抽出された送信先の情報処理端末装置に配信した復号化プログラムに対応する暗号化プログラムで暗号化する暗号化手段、
    前記暗号化手段によって暗号化されたファイルを前記検出手段で検出した送信先の情報処理端末装置へ送信する送信手段、として前記ネットワーク管理サーバを機能させるネットワーク管理プログラム。     In a network management program for managing transmission / reception of encrypted files performed between a plurality of information processing terminal devices connected to a network with a network management server,
    Storage means for storing a plurality of encryption programs and corresponding decryption programs;
    Selection means for selecting one encryption program for an information processing terminal device that can be a transmission source, and one decryption program for an information processing terminal device that can be a transmission destination, respectively.
    A delivery means for delivering the selected encryption and decryption program at least before transmission of the file;
    Management means for managing the encryption program and the decryption program distributed to each information processing terminal device;
    A receiving means for receiving a file encrypted and transmitted by the information processing terminal device of the transmission source;
    Extraction means for identifying each information processing terminal device of the transmission source and the transmission destination from the received file;
    Decoding means for decoding a file transmitted from the information processing terminal of the transmission source by a corresponding decoding program according to management information of the management means;
    An encryption means for encrypting the decrypted file with an encryption program corresponding to the decryption program distributed to the information processing terminal device of the transmission destination extracted by the extraction means;
    A network management program for causing the network management server to function as a transmission unit that transmits a file encrypted by the encryption unit to a destination information processing terminal device detected by the detection unit.
  9. ネットワークに接続された複数の情報処理端末装置の間で行われる暗号化されたファイルの送受信をネットワーク管理サーバで管理するネットワーク管理方法において、
    記憶手段が、複数の暗号化プログラム及び対応する復号化プログラムを記憶し、
    選択手段が、送信元となり得る情報処理端末装置に1の暗号化プログラムを、送信先となり得る情報処理端末装置に1の復号化プログラムをそれぞれ所定の方法で選択し、
    管理手段が、各情報処理端末装置に配信している暗号化プログラム及び復号化プログラムを管理し、
    配信手段が、選択された暗号化、復号化プログラムを、少なくともファイルの送信前に配信し、
    受信手段が、送信元の情報処理端末装置で暗号化され、送信されてきたファイルを受信し、
    抽出手段が、受信したファイルから送信元及び送信先の各情報処理端末装置を特定し、
    復号化手段が、前記送信元の情報処理端末から送信されてきたファイルを前記管理手段の管理情報によって対応する復号化プログラムで復号化し、
    暗号化手段が、前記復号化されたファイルを前記抽出手段で抽出された送信先の情報処理端末装置に配信した復号化プログラムに対応する暗号化プログラムで暗号化し、
    送信手段が、前記暗号化手段によって暗号化されたファイルを前記検出手段で検出した送信先の情報処理端末装置へ送信することを特徴とするネットワーク管理方法。     In a network management method for managing transmission / reception of encrypted files performed between a plurality of information processing terminal devices connected to a network with a network management server,
    The storage means stores a plurality of encryption programs and corresponding decryption programs,
    The selecting means selects one encryption program for an information processing terminal device that can be a transmission source, and one decryption program for an information processing terminal device that can be a transmission destination, respectively.
    The management means manages the encryption program and the decryption program distributed to each information processing terminal device,
    The distribution means distributes the selected encryption / decryption program at least before sending the file,
    The receiving means receives the file that has been encrypted and transmitted by the information processing terminal device of the transmission source,
    The extraction means identifies each information processing terminal device of the transmission source and the transmission destination from the received file,
    The decryption means decrypts the file transmitted from the information processing terminal of the transmission source with a decryption program corresponding to the management information of the management means,
    The encryption means encrypts the decrypted file with an encryption program corresponding to the decryption program distributed to the information processing terminal device of the transmission destination extracted by the extraction means,
    A network management method, wherein the transmission means transmits the file encrypted by the encryption means to a destination information processing terminal device detected by the detection means.
PCT/JP2008/071505 2008-11-27 2008-11-27 Network management program, network management method, and network management server WO2010061443A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/JP2008/071505 WO2010061443A1 (en) 2008-11-27 2008-11-27 Network management program, network management method, and network management server

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/JP2008/071505 WO2010061443A1 (en) 2008-11-27 2008-11-27 Network management program, network management method, and network management server

Publications (1)

Publication Number Publication Date
WO2010061443A1 true WO2010061443A1 (en) 2010-06-03

Family

ID=42225336

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2008/071505 WO2010061443A1 (en) 2008-11-27 2008-11-27 Network management program, network management method, and network management server

Country Status (1)

Country Link
WO (1) WO2010061443A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2488753A (en) * 2011-02-24 2012-09-12 Carlos Eduardo Bevilacqua Leal Encrypted communication
JP2015072685A (en) * 2013-09-24 2015-04-16 シカゴ マーカンタイル エクスチェンジ,インク.Chicago Mercantile Exchange, Inc. Secure exchange feed market data embargo

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2000261427A (en) * 1999-03-05 2000-09-22 Toshiba Corp Encryption communication terminal, encryption communication center equipment, encryption communication system and storage medium
JP2001237872A (en) * 2000-02-21 2001-08-31 Murata Mach Ltd Mail system
JP2001352320A (en) * 2000-06-08 2001-12-21 Junko Suginaka Cipher text transferring method and device

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2000261427A (en) * 1999-03-05 2000-09-22 Toshiba Corp Encryption communication terminal, encryption communication center equipment, encryption communication system and storage medium
JP2001237872A (en) * 2000-02-21 2001-08-31 Murata Mach Ltd Mail system
JP2001352320A (en) * 2000-06-08 2001-12-21 Junko Suginaka Cipher text transferring method and device

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2488753A (en) * 2011-02-24 2012-09-12 Carlos Eduardo Bevilacqua Leal Encrypted communication
JP2015072685A (en) * 2013-09-24 2015-04-16 シカゴ マーカンタイル エクスチェンジ,インク.Chicago Mercantile Exchange, Inc. Secure exchange feed market data embargo
JP2019215914A (en) * 2013-09-24 2019-12-19 シカゴ マーカンタイル エクスチェンジ,インク.Chicago Mercantile Exchange, Inc. Secure exchange feed market data embargo

Similar Documents

Publication Publication Date Title
US10447476B2 (en) Multi-key graphic cryptography for encrypting file system acceleration
CN101605137B (en) Safe distribution file system
CN100530275C (en) Information processing device, printing device, print data transmission method, printing method,
US8880879B2 (en) Accelerated cryptography with an encryption attribute
US20060269053A1 (en) Network Communication System and Communication Device
CN105103488A (en) Policy enforcement with associated data
US6944762B1 (en) System and method for encrypting data messages
CN1985466A (en) Method of delivering direct proof private keys in signed groups to devices using a distribution CD
US20030210791A1 (en) Key management
JP2009103774A (en) Secret sharing system
JP2007280181A (en) Electronic document processing program and electronic document processor
JPH118620A (en) System and method for efficiently executing authentication of communication channel and facilitating detection of illegal forgery
JP4167476B2 (en) Data protection / storage method / server
CN108965279A (en) Data processing method, device, terminal device and computer readable storage medium
US6968458B1 (en) Apparatus and method for providing secure communication on a network
JP5288901B2 (en) Key management server, terminal, communication system, key distribution method, key distribution program, key reception method, and key reception program
JP2004072151A (en) Terminal with file encryption function
JP2007020065A (en) Decryption backup method, decryption restoration method, attestation device, individual key setting machine, user terminal, backup equipment, encryption backup program, decryption restoration program
WO2010061443A1 (en) Network management program, network management method, and network management server
CN106453300A (en) Data encryption and decryption method and device, and data transmission system
WO2011058629A1 (en) Information management system
JPWO2008132968A1 (en) Data storage method, client device, storage device, and program
JP5158625B2 (en) Encrypted mail transmission / reception system including an external device storing a secret ID
JP2000112860A (en) Method for safe information transmitting/sharing service
JPH07162408A (en) Data delivery method

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 08878400

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 08878400

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: JP