JP6276517B2 - E-mail processing system - Google Patents

Description

The present invention relates to electronic mail processing system.

In recent years, in an electronic mail processing system, electronic mail is exchanged between terminal devices via a network, and the number of users and usage frequency are increasing as the Internet spreads. In such an e-mail processing system, when confidential information is exchanged via a network, an encrypted file with a password added to the confidential file, which is confidential information, is attached to the e-mail and sent, and the password is later transferred to another e-mail. Sending by e-mail is performed.
For example, Patent Document 1 discloses a technique in which a password (encryption key) is automatically generated, an attached file attached to an e-mail is encrypted with the generated password, and then the encrypted file is attached to the e-mail. Is described.

JP 2010-21746 A

  By the way, the electronic mail is relayed (transferred) between a plurality of server apparatuses existing on the network, and is transmitted to the mail server of the transmission destination. Therefore, in Patent Document 1, for example, when the password is later transmitted to another destination e-mail address by another e-mail, the encrypted file and the password are transmitted via the same transfer path. become. In this case, there is a possibility that the third party obtains the encrypted file and the password by monitoring the transfer path. As described above, with the technique described in Patent Document 1, confidential information cannot be transmitted and received safely.

The present invention has been made to solve the above problems, and its object is sensitive information is to provide a child mail processing system power that can reduce the possibility of leaking on the transfer path.

In order to solve the above problem, an aspect of the present invention is an electronic mail processing system including an electronic mail processing device that processes electronic mail and a terminal device that receives the electronic mail transmitted by the electronic mail processing device. When the attached file is attached to the e-mail, the e-mail processing apparatus transmits the e-mail to the first e-mail address and the same user as the first e-mail address. An address storage unit that stores a second e-mail address having a domain name different from that of the first e-mail address in association with the first e-mail address; Search as a first e-mail address, and obtain the second e-mail address corresponding to the e-mail address of the destination An address acquisition unit and a first e-mail in which the attached file encrypted based on a password is attached to the e-mail address of the transmission destination and attached file information indicating identification information of the attached file is added. And a transmission control unit for transmitting the second e-mail including the attached file information and the password to the second e-mail address acquired by the address acquisition unit, and the first e-mail uniquely A generation unit that generates a two-dimensional code including mail identification information to be identified, and the transmission control unit sends the two-dimensional code generated by the generation unit attached to the first electronic mail, The second email including the email identification information and the password is transmitted, and the first email address is a local email. An e-mail address at which the e-mail is received by the terminal device via the network, and the second e-mail address is received by the terminal device via a radio access network by a mobile communication system. The terminal device includes a first terminal device that receives the first electronic mail and a second terminal device that receives the second electronic mail, The second terminal device is a portable terminal device connectable to a radio access network by a mobile communication system, and is based on the two-dimensional code attached to the first e-mail received by the first terminal device. The mail identification information is acquired, and based on the acquired mail identification information, the previous e-mail of the plurality of received second e-mails The second electronic mail address is an electronic mail address assigned to the portable terminal device. The second electronic mail address includes a search unit that searches for the second electronic mail including the recorded mail identification information.
Another embodiment of the present invention is an electronic mail processing apparatus for processing of electronic mail, if the attachment to the e-mail is attached, the first e-mail address, the first e-mail An address storage unit that transmits an email to the same user as the address and stores a second email address having a domain name different from that of the first email address; An address acquisition unit that searches for an e-mail address of a destination of the e-mail as the first e-mail address, and acquires the second e-mail address corresponding to the e-mail address of the destination; The attached file encrypted based on the password is attached to the e-mail address of the e-mail address, and the attached file identification information is attached. Transmission control for transmitting a first e-mail with file information added thereto and transmitting a second e-mail including the attached file information and the password to the second e-mail address acquired by the address acquisition unit An electronic mail processing apparatus.

  Further, according to one aspect of the present invention, in the above-described electronic mail processing apparatus, the electronic mail processing apparatus includes an encryption processing unit that generates an encrypted file obtained by encrypting the attached file based on the password, The transmission control unit transmits the first e-mail attached with the encrypted file instead of the attached file to the e-mail address of the transmission destination, and sends the second e-mail address to the second e-mail address. An electronic mail is transmitted.

  According to another aspect of the present invention, in the above-described electronic mail processing device, the second electronic mail address is transmitted to a terminal device that receives the electronic mail via a network different from the first electronic mail address. It is an e-mail address where the e-mail is received.

  In one embodiment of the present invention, in the above-described electronic mail processing apparatus, the first electronic mail address is an electronic mail address at which the electronic mail is received by the terminal device via a local area network, The second e-mail address is an e-mail address at which the e-mail is received by the terminal device via a radio access network by a mobile communication system.

  Further, according to one aspect of the present invention, in the above-described electronic mail processing apparatus, the transmission control unit has an electronic mail address of a transmission destination of the second electronic mail in accordance with a confidentiality set for the electronic mail. And controlling whether or not to execute the second e-mail transmission process.

  According to another aspect of the present invention, in the above-described electronic mail processing device, the sensitivity is determined based on a security risk in the transfer path of the first electronic mail or the second electronic mail. And

One embodiment of the present invention is an e-mail processing method for processing e-mail, wherein the address acquisition unit includes a first e-mail address when the attached file is attached to the e-mail; An e-mail address that transmits an e-mail to the same user as the first e-mail address, and stores a second e-mail address having a domain name different from that of the first e-mail address An address acquisition step of searching the address storage unit for an email address of the destination of the email as the first email address, and acquiring the second email address corresponding to the email address of the destination And the transmission control unit attaches the attached file encrypted based on the password to the destination e-mail address. , Transmits the first e-mail added with the attachment information indicating identification information of the attached file, the acquired by the address acquisition section a second e-mail address, including the attached file information and the password And a transmission control step of transmitting a second electronic mail.

  According to the present invention, it is possible to reduce the possibility of leakage of confidential information on the transfer path.

It is a block diagram which shows an example of the electronic mail processing system by 1st Embodiment. It is a block diagram which shows an example of the client terminal (transmission source) in 1st Embodiment. It is a block diagram which shows an example of a data structure of the address memory | storage part in this embodiment. It is a block diagram which shows an example of the client terminal (reception destination) in 1st Embodiment. It is a block diagram which shows an example of the mobile telephone in 1st Embodiment. It is an image figure explaining an example of operation | movement of the electronic mail processing system in 1st Embodiment. It is a flowchart which shows an example of operation | movement of the electronic mail processing apparatus in 1st Embodiment. It is a flowchart which shows an example of the password search process of the mobile telephone in 1st Embodiment. It is a block diagram which shows an example of the client terminal (transmission source) in 2nd Embodiment. It is a flowchart which shows an example of operation | movement of the electronic mail processing apparatus in 2nd Embodiment. It is a block diagram which shows an example of the electronic mail processing system by 3rd Embodiment. It is a block diagram which shows an example of the client terminal (transmission source) in 3rd Embodiment. It is a flowchart which shows an example of operation | movement of the electronic mail processing apparatus in 3rd Embodiment. It is a block diagram which shows an example of the email processing system by 4th Embodiment. It is a block diagram which shows an example of the client terminal (transmission source) in 4th Embodiment. It is a block diagram which shows an example of the mobile telephone in 4th Embodiment. It is a flowchart which shows an example of operation | movement of the electronic mail processing apparatus in 4th Embodiment. It is a flowchart which shows an example of the password search process of the mobile telephone in 4th Embodiment. It is a block diagram which shows an example of the electronic mail processing system by 5th Embodiment. It is a block diagram which shows an example of the client terminal (reception destination) and mobile telephone in 5th Embodiment. It is a block diagram which shows an example of the mobile telephone in 6th Embodiment. It is a block diagram which shows an example of the electronic mail processing system by 7th Embodiment. It is a block diagram which shows an example of the client terminal (reception destination) in 7th Embodiment. It is a block diagram which shows an example of the electronic mail processing system by 8th Embodiment.

Hereinafter, an electronic mail processing system and an electronic mail processing apparatus according to an embodiment of the present invention will be described with reference to the drawings.
[First Embodiment]
FIG. 1 is a block diagram showing an example of an electronic mail processing system 1 according to the first embodiment.
In this figure, an e-mail processing system 1 includes a client terminal 2 that is an e-mail transmission source, a mail server 3, a base GW (gateway) (4, 5), and a terminal device that is an e-mail receiving destination ( A client terminal 6 and a mobile phone 7).

The client terminal 2 and the mail server 3 are connected via a LAN (Local Area Network) N1 and also connected to an IP (Internet Protocol) network N2 via a base GW4. The client terminal 6 is connected to the LAN (N3) and is connected to the IP network N2 via the base GW5. The mobile phone 7 is connected to the IP network N2 via the mobile carrier network N4.
Here, the LAN (N1) is, for example, an in-company LAN and a local network built in the company. The IP network N2 is an Internet protocol communication network (Internet). The LAN (N3) is, for example, a local network to which the client terminal 6 that is an email recipient is connected. The mobile carrier network N4 (radio access network) is a communication network using a mobile communication system to which the mobile phone 7 can be connected.

The base GW4 connects the LAN (N1) and the IP network N2, and transfers, for example, an electronic mail transmitted from the mail server 3 to the IP network N2.
The base GW5 connects the LAN (N3) and the IP network N2, and transfers, for example, an electronic mail transmitted via the IP network N2 to the LAN (N3).

  The client terminal 2 is a terminal device such as a personal computer, for example. The user creates an email using the client terminal 2, and the client terminal 2 transmits the created email to the mail server 3. In the present embodiment, the client terminal 2 includes the electronic mail processing apparatus 100. Details of the client terminal 2 and the email processing apparatus 100 will be described later with reference to FIG.

  The mail server 3 is a server device that manages transmission / reception of electronic mails. For example, the electronic mail transmitted from the client terminal 2 is transmitted to a designated transmission destination (reception destination) via the IP network N2.

  The client terminal 6 (first terminal device) is a terminal device such as a personal computer, for example. The client terminal 6 is a terminal device that receives an email transmitted from the client terminal 2 (the email processing apparatus 100) via the LAN (N3).

  The mobile phone 7 (second terminal device) is, for example, a terminal device (mobile terminal device) such as a smartphone. The mobile phone 7 is a terminal device that receives an electronic mail transmitted from the client terminal 2 (electronic mail processing apparatus 100) via the mobile carrier network N4.

  In the present embodiment, the terminal device includes a client terminal 6 (first terminal device) and a mobile phone 7 (second terminal device). The client terminal 6 and the mobile phone 7 receive an e-mail. It is a terminal device owned by the previous user.

Next, the configuration of the client terminal 2 and the electronic mail processing apparatus 100 will be described with reference to FIG.
FIG. 2 is a block diagram illustrating an example of the client terminal 2 (transmission source) in the present embodiment.
In this figure, the client terminal 2 includes a control unit 10, a display unit 21, an address storage unit 22, and a LAN communication unit 23.

The display unit 21 is, for example, a display device such as a liquid crystal display device, and displays an operation screen when operating the client terminal 2, an e-mail created based on user input, and the like.
The LAN communication unit 23 is connected to the LAN (N1). For example, when transmitting an email, the LAN communication unit 23 transmits the email to the mail server 3 via the LAN (N1).

The address storage unit 22 is different from the normal e-mail address of the transmission destination (first e-mail address) and the domain name of the normal e-mail address, for example, the e-mail address of the mobile phone 7 (second e-mail address). (Mail address) is stored in association with each other. Here, the mail address of the mobile phone 7 is an e-mail address that transmits an e-mail to the same user as the normal e-mail address. That is, the second e-mail address is an e-mail address assigned to the mobile phone 7 (for example, a mail address of MMS (Multimedia Messaging Service)).
The address storage unit 22 stores in advance a set of a normal electronic mail address and a mail address of the mobile phone 7 for a plurality of users. Here, the data configuration stored in the address storage unit 22 will be described with reference to FIG.

FIG. 3 is a diagram illustrating an example of a data configuration stored in the address storage unit 22 according to the present embodiment.
In this figure, the address storage unit 22 stores “No.”, “name”, “type”, and “mail address” in association with each other. The “type” includes “normal” and “mobile phone”, and the address storage unit 22 stores a normal electronic mail address and a mail address of the mobile phone 7 in association with each other. Here, “No.” indicates an item number of registration information for managing an e-mail address, and “Name” is information indicating the name of a registered user. “Type” indicates the type of the email address, and “Mail address” indicates the stored email address.

For example, in the example illustrated in FIG. 3, the registration information with “1” as “No.” indicates registration information with “Name” as “Taro XX”, and “Mail Address” with “Normal” as “Type”. This indicates that (ordinary e-mail address) is “AAAAA@XXXX.com”. In addition, the registration information with “No.” being “1” indicates that “mail address” (mail address of the mobile phone 7) whose “type” is “mobile phone” is “BBBBBB@ZZZZZ.ne.jp”. Is shown.
Here, the normal e-mail address and the e-mail address of the mobile phone 7 are e-mail addresses having different domain names, and the e-mail is sent to the terminal devices (client terminal 6 and mobile phone 7) via different networks. The email address that will be received.

Returning to FIG. 2, the control unit 10 is a processor including, for example, a CPU (Central Processing Unit) and the like, and comprehensively controls the client terminal 2. The control unit 10 includes a mail creation processing unit 11, a mail transmission monitoring unit 12, an address acquisition unit 13, a password generation unit 14, an encryption processing unit 15, and a transmission control unit 16.
The client terminal 2 includes an electronic mail processing device 100, and includes a mail transmission monitoring unit 12, an address acquisition unit 13, a password generation unit 14, an encryption processing unit 15, a transmission control unit 16, an address storage unit 22, and The LAN communication unit 23 corresponds to the electronic mail processing apparatus 100.

The mail creation processing unit 11 executes a process for creating an email to be transmitted in response to an input by the user. The mail creation processing unit 11 creates an email having an email address of a transmission destination (reception destination) and a text that is a message for the transmission destination (reception destination). Attach an attached file. The mail creation processing unit 11 outputs a mail transmission request for outputting the created electronic mail to the electronic mail processing apparatus 100.
The mail creation processing unit 11 may be part of mail transmission / reception software (hereinafter referred to as mail software) realized by, for example, a CPU and a program stored in a storage unit (not shown).

  The mail transmission monitoring unit 12 detects a mail transmission request from the mail creation processing unit 11, and determines whether or not an attached file is included in the electronic mail requested to be transmitted based on the detected mail transmission request.

When the mail transmission monitoring unit 12 determines that the attached file is attached to the e-mail (when the attached file is attached to the e-mail), the address acquiring unit 13 sets the address storage unit 22 to the e-mail transmission destination. Is searched as a normal e-mail address (first e-mail address). Then, the address acquisition unit 13 acquires the mail address (second email address) of the mobile phone 7 corresponding to the destination email address. The address acquisition unit 13 outputs the acquired email address of the mobile phone 7 to the transmission control unit 16.
In addition, as a result of searching the address storage unit 22, the address acquisition unit 13 cannot find the e-mail address of the e-mail transmission destination, or the mobile phone 7 associated with the e-mail address of the e-mail transmission destination. If the e-mail address is not stored, the process of acquiring the e-mail address of the mobile phone 7 is not executed.

  The password generation unit 14 generates a password that is an encryption key for encrypting the attached file. For example, the password generation unit 14 generates a random password based on a random number. For example, when the mail transmission monitoring unit 12 determines that the attached file is included in the email, the password generation unit 14 generates a password. The password generation unit 14 outputs the generated password to the transmission control unit 16.

  The encryption processing unit 15 generates an encrypted file obtained by encrypting the attached file based on the password generated by the password generation unit 14. The encryption processing unit 15 outputs the encrypted encrypted file to the transmission control unit 16.

  The transmission control unit 16 transmits a first e-mail in which an encrypted file is attached instead of an attached file to a destination e-mail address (the above-described normal e-mail address). Further, the transmission control unit 16 transmits a second e-mail including the attached file information indicating the identification information of the attached file and the password to the e-mail address of the mobile phone 7 acquired by the address acquiring unit 13. Here, the attached file information is, for example, a file name of the attached file, a mail ID (identification information) that can uniquely identify the attached file or an e-mail to which the attached file is added. The transmission control unit 16 adds the attached file information to the first e-mail and transmits it.

  Specifically, when the mail transmission monitoring unit 12 determines that the attached file is included in the e-mail, the transmission control unit 16 is associated with the e-mail address of the transmission destination with respect to the address acquisition unit 13. The mail address of the telephone 7 is acquired. The transmission control unit 16 causes the password generation unit 14 to generate a password when the address acquisition unit 13 can acquire the mail address of the mobile phone 7, and encrypts the attached file based on the password in the encryption processing unit 15. Generate a encrypted file. Then, the transmission control unit 16 transmits the first e-mail including the attached file information to the destination e-mail address and attaching the encrypted file instead of the attached file, and the e-mail address of the mobile phone 7 A second e-mail including the attached file information and password is transmitted. Here, the transmission control unit 16 causes the LAN communication unit 23 to transmit the first electronic mail and the second electronic mail to the mail server 3 via the LAN (N1).

  The transmission control unit 16 is requested to send a mail by the mail creation processing unit 11 when there is no attached file in the e-mail or when the address acquisition unit 13 cannot acquire the mail address of the mobile phone 7. The e-mail is transmitted to the mail server 3 as it is.

  As described above, the e-mail processing apparatus 100 transmits the first e-mail including the encrypted attachment to the normal e-mail address, and sets the second e-mail including the password to the normal e-mail address. It transmits to the mail address of the associated mobile phone 7. Here, the e-mail address of the mobile phone 7 is an e-mail address having a domain name different from that of a normal e-mail address, and the first e-mail and the second pail pass through different network paths. Sent to the recipient. For example, a normal e-mail address is an e-mail address at which an e-mail is received by the client terminal 6 via a LAN (Local Area Network) N1, and a mail address of the mobile phone 7 is a mobile communication system. This is an e-mail address where the e-mail is received by the mobile phone 7 via the carrier network N4 (radio access network).

  The electronic mail processing apparatus 100 may be a mail software plug-in realized by a CPU and a program stored in a storage unit (not shown), for example. Here, the plug-in is a program for adding software functions.

Next, the configuration of the client terminal 6 will be described with reference to FIG.
FIG. 4 is a block diagram illustrating an example of the client terminal 6 (reception destination) in the present embodiment.
In this figure, the client terminal 6 includes a control unit 50, a display unit 61, a storage unit 62, and a LAN communication unit 63. Here, the client terminal 6 is a terminal device that receives the first electronic mail to which the encrypted file is attached via the LAN (N3).

The display unit 61 is, for example, a display device such as a liquid crystal display device, and displays an operation screen when operating the client terminal 6, a received electronic mail, and the like.
The storage unit 62 stores information used for various processes in the client terminal 6. The storage unit 62 stores e-mail received by the client terminal 6, for example.
The LAN communication unit 63 is connected to the LAN (N3). For example, when receiving an e-mail, the LAN communication unit 63 receives an e-mail from the mail server 3 via the LAN (N3).

  The control unit 50 is a processor including a CPU, for example, and controls the client terminal 6 in an integrated manner. The control unit 50 includes a mail reception processing unit 51, a mail display processing unit 52, a password acquisition unit 53, and a decryption processing unit 54.

  The mail reception processing unit 51 executes a process of receiving an email transmitted to the user who is the owner of the client terminal 6 (the above-described normal email address). The mail reception processing unit 51 stores the received electronic mail in the storage unit 62 and causes the display unit 61 to display the received electronic mail with respect to the mail display processing unit 52. The mail reception processing unit 51 receives an email from the mail server 3 via the LAN communication unit 63 via the LAN (N3).

The mail display processing unit 52 causes the display unit 61 to display the electronic mail received from the mail server 3 by the mail reception processing unit 51 via the LAN (N3). When the email display processing unit 52 displays the email, if the email is the first email to which the encrypted file is attached by the email processing apparatus 100, the email display processing unit 52 includes the attachment included in the first email. The file information is displayed on the display unit 61 together with the contents of the e-mail.
The mail reception processing unit 51 and the mail display processing unit 52 may be a part of mail software realized by a CPU and a program stored in a storage unit (not shown), for example.

  The password acquisition unit 53 executes processing for acquiring a password included in the second e-mail received by the mobile phone 7. In this embodiment, the password acquisition part 53 acquires a password by the input of the password from a keyboard (not shown) etc. by a user, for example.

  The decryption processing unit 54 performs processing for decrypting the encrypted file attached to the received first electronic mail based on the password acquired by the password acquisition unit 53 and returning it to the original attached file.

Next, the configuration of the mobile phone 7 will be described with reference to FIG.
FIG. 5 is a block diagram showing an example of the mobile phone 7 in the present embodiment.
In this figure, the mobile phone 7 includes a control unit 80, a display unit 71, a storage unit 72, and a wireless communication unit 73. Here, the mobile phone 7 is a terminal device that receives the second electronic mail including the password and the attached file information via the mobile carrier network N4.

The display unit 71 is, for example, a display device such as a liquid crystal display device, and displays an operation screen when operating the mobile phone 7, a received e-mail, and the like.
The storage unit 72 stores information used for various processes in the mobile phone 7. The storage unit 72 stores e-mail received by the mobile phone 7, for example.
The wireless communication unit 73 is connected to the mobile carrier network N4. For example, when receiving an e-mail, the wireless communication unit 73 is, for example, a 3G mobile communication system (third generation mobile communication system) or a 4G mobile communication system (fourth generation mobile communication). The electronic mail from the mail server 3 is received via the portable carrier network N4 by a communication system).

  The control unit 80 is a processor including, for example, a CPU and controls the mobile phone 7 in an integrated manner. The control unit 80 includes a mail reception processing unit 81, a password search unit 82, and a password display processing unit 83.

The mail reception processing unit 81 executes a process of receiving an electronic mail transmitted to the user who is the owner of the mobile phone 7 (the mail address of the mobile phone 7 described above). The mail reception processing unit 81 stores the received electronic mail in the storage unit 72 and causes the display unit 61 to display the received electronic mail. The mail reception processing unit 81 receives an email from the mail server 3 via the wireless communication unit 73 via the mobile carrier network N4.
The mail reception processing unit 81 may be a part of mail software realized by a CPU and a program stored in a storage unit (not shown), for example.

  Based on the attached file information, the password search unit 82 searches for a second e-mail including a password corresponding to the attached file information from among a plurality of e-mails stored in the storage unit 72. Here, the attached file information is information that is input to the mobile phone 7 by the user, for example, attached file information included in the first electronic mail displayed on the display unit 61 of the client terminal 6. The password search unit 82 causes the password display processing unit 83 to display the second e-mail including the searched password on the display unit 71, thereby displaying a password for decrypting the encrypted file of the first e-mail. To display.

The password display processing unit 83 causes the display unit 71 to display the second e-mail including the password searched by the password search unit 82 and causes the display unit 71 to display the password for decrypting the encrypted file of the first e-mail.
Note that the password search unit 82 and the password display processing unit 83 may be application software of the mobile phone 7 realized by a CPU and a program stored in a storage unit (not shown), for example.

Next, the operation of the electronic mail processing system 1 in the present embodiment will be described with reference to the drawings.
First, the outline of the operation of the electronic mail processing system 1 in the present embodiment will be described with reference to FIG.

FIG. 6 is an image diagram for explaining an example of the operation of the electronic mail processing system 1 in the present embodiment.
In this figure, the same components as those shown in FIG.
In this figure, a route R1 is an email (first email and second email) transmitted from the client terminal 2 (the email processing apparatus 100) to the mail server 3 via the LAN (N1). Shows the route. The route R2 is a route of the first electronic mail transmitted from the mail server 3 to the client terminal 6 via the LAN (N1), the base GW4, the IP network N2, the base GW5, and the LAN (N3) in this order. Is shown. The route R3 indicates the route of the second electronic mail transmitted from the mail server 3 to the mobile phone 7 via the LAN (N1), the base GW4, the IP network N2, and the mobile carrier network N4 in this order. Yes.

  As shown in FIG. 6, the first e-mail attached with the encryption file transmitted by the e-mail processing apparatus 100 is transmitted to the client terminal 6 via the path R1 and the path R2, and the client terminal 6 A first e-mail is received. The second e-mail including the password transmitted by the e-mail processing apparatus 100 is transmitted to the mobile phone 7 via the route R1 and the route R3, and the mobile phone 7 receives the second e-mail. To do. Here, the first e-mail and the second e-mail are transmitted to the respective terminal devices via different paths in the section between the path R2 and the path R3.

  Further, the user U1 as a transmission destination (reception destination) acquires the password included in the received second electronic mail by the mobile phone 7 and inputs the acquired password to the client terminal 6. That is, the client terminal 6 acquires a password by the password acquisition unit 53. The client terminal 6 executes a process of decrypting the encrypted file attached to the received first electronic mail based on the acquired password and returning it to the original attached file. Accordingly, the user U1 can safely obtain (acquire) the attached file attached to the electronic mail by the transmission source user.

Next, the operation of the e-mail processing apparatus 100 will be described with reference to FIG.
FIG. 7 is a flowchart showing an example of the operation of the e-mail processing apparatus 100 in the present embodiment.

  In this figure, first, the electronic mail processing apparatus 100 of the client terminal 2 determines whether or not there is a mail transmission request (step S101). That is, the mail transmission monitoring unit 12 of the electronic mail processing apparatus 100 detects a mail transmission request from the mail creation processing unit 11 and determines whether there is a mail transmission request. If the mail transmission monitoring unit 12 determines that there is a mail transmission request (step S101: YES), the process proceeds to step S102. If the mail transmission monitoring unit 12 determines that there is no mail transmission request (step S101: NO), the process returns to step S101.

  Next, in step S102, the mail transmission monitoring unit 12 determines based on the detected mail transmission request whether or not there is an attached file in the email requested to be transmitted. The transmission control unit 16 of the electronic mail processing apparatus 100 advances the process to step S103 when the mail transmission monitoring unit 12 determines that the attached file is included in the electronic mail (step S102: YES). In addition, when the mail transmission monitoring unit 12 determines that the attached file is not included in the e-mail (step S102: NO), the transmission control unit 16 advances the processing to step S109.

  Next, in step S103, the transmission control unit 16 determines whether or not the transmission address is registered in the address storage unit 22. In other words, the transmission control unit 16 causes the address acquisition unit 13 to search the address storage unit 22 using the e-mail address (transmission address) of the e-mail transmission destination as a normal e-mail address (first e-mail address). The address acquisition unit 13 determines whether or not the transmission address is registered in the address storage unit 22 based on whether or not the transmission address is stored in the address storage unit 22. If the transmission address is registered in the address storage unit 22 (step S103: YES), the transmission control unit 16 advances the process to step S104. If the transmission address is not registered in the address storage unit 22 (step S103: NO), the transmission control unit 16 advances the process to step S109.

  Next, in step S104, the address acquisition unit 13 acquires the email address (second email address) of the mobile phone 7 corresponding to the searched transmission address. The address acquisition unit 13 outputs the acquired email address of the mobile phone 7 to the transmission control unit 16.

  Next, the password generation unit 14 of the electronic mail processing apparatus 100 generates a password (step S105). That is, the transmission control unit 16 causes the password generation unit 14 to generate a password that is an encryption key for encrypting the attached file. For example, the password generation unit 14 generates a random password based on a random number, and outputs the generated password to the transmission control unit 16.

  Next, the encryption processing unit 15 of the email processing apparatus 100 encrypts the attached file (step S106). That is, the transmission control unit 16 causes the encryption processing unit 15 to generate an encrypted file obtained by encrypting the attached file based on the password generated by the password generation unit 14.

  Next, the transmission control unit 16 transmits an e-mail (first e-mail) with an encrypted file attached to a normal transmission address (step S107). That is, the transmission control unit 16 sends the first electronic mail with the encrypted file attached to the transmission address (the above-described normal electronic mail address) instead of the attached file via the LAN (N1, N3) (route R1 in FIG. 6). And route R2).

  Next, the transmission control unit 16 transmits an e-mail (second e-mail) including the password to the e-mail address of the mobile phone 7 (step S108). That is, the transmission control unit 16 sends the second e-mail including the attached file information indicating the identification information of the attached file and the password to the e-mail address of the mobile phone 7 acquired by the address acquiring unit 13 in the LAN (N1) and the mobile phone. Transmission is performed via the carrier network N4 (route R1 and route R3 in FIG. 6). After the process of step S108 is completed, the transmission control unit 16 ends the e-mail process.

  In step S109, the transmission control unit 16 transmits the e-mail as it is to a normal transmission address. That is, the transmission control unit 16 transmits the e-mail to the transmission address as it is via the LAN (N1, N3) (route R1 and route R2 in FIG. 6).

  After the process of step S108 or step S109 is completed, the transmission control unit 16 ends the e-mail transmission process.

Next, e-mail reception processing in the client terminal 6 and the mobile phone 7 will be described.
The mail reception processing unit 81 of the mobile phone 7 transmits an e-mail transmitted to the user who is the owner of the mobile phone 7 (the mail address of the mobile phone 7 described above) via the wireless communication unit 73. Received from the mail server 3 via N4.
In addition, the mail reception processing unit 51 of the client terminal 6 transmits an e-mail transmitted to the user who is the owner of the client terminal 6 (the above-described normal e-mail address) via the LAN communication unit 63 via the LAN ( N3) is received from the mail server 3.

  And the password acquisition part 53 of the client terminal 6 acquires the password contained in the 2nd electronic mail which the mobile telephone 7 received, for example by the input from the keyboard (not shown) etc. by a user. The decryption processing unit 54 decrypts the encrypted file attached to the received first electronic mail based on the password acquired by the password acquisition unit 53, and returns the original attached file. As a result, the receiving user (user U1 in FIG. 6) can safely obtain (acquire) the attached file attached to the e-mail by the sending user.

Note that the mobile phone 7 in this embodiment has a function of searching for a second electronic mail including a password. Next, the password search function will be described with reference to FIG.
FIG. 8 is a flowchart showing an example of the password search process of the mobile phone 7 in the present embodiment.

  In this figure, first, the password search unit 82 of the mobile phone 7 acquires attached file information (step S201). That is, the attached file information included in the first e-mail displayed on the display unit 61 of the client terminal 6 is input to the mobile phone 7 by the receiving user (user U1 in FIG. 6), and the password Thus, the search unit 82 acquires attached file information.

  Next, the password search unit 82 searches for an e-mail containing the password based on the attached file information (step S202). That is, the password search unit 82 searches for a second e-mail including a password corresponding to the attached file information from among a plurality of e-mails stored in the storage unit 72 based on the acquired attached file information. .

Next, the password search unit 82 displays an e-mail including the searched password (step S203). That is, the password search unit 82 displays a password for decrypting the encrypted file of the first e-mail by causing the password display processing unit 83 to display the second e-mail including the searched password on the display unit 71. Display on the unit 71.
Thereby, the electronic mail processing system 1 in this embodiment can search easily the password corresponding to an encryption file. Therefore, the e-mail processing system 1 according to the present embodiment is, for example, a case where time has elapsed since receiving the first e-mail attached with the encrypted file and the second e-mail including the password. However, confidential information can be easily obtained by decrypting the encrypted file.

  As described above, the e-mail processing system 1 includes the e-mail processing device 100 that processes e-mails, and the terminal devices (client terminal 6 and mobile phone 7) that receive e-mails transmitted by the e-mail processing device 100. It has. The electronic mail processing apparatus 100 includes an address acquisition unit 13, an encryption processing unit 15, and a transmission control unit 16. Here, the address acquisition unit 13 is an ordinary e-mail address and an e-mail address that transmits an e-mail to the same user as the ordinary e-mail address when an attached file is attached to the e-mail. Thus, the address storage unit 22 that stores the mail address of the mobile phone 7 having a different domain name in association with the normal e-mail address is searched with the e-mail address of the e-mail transmission destination as the normal e-mail address. . The address acquisition unit 13 acquires the mail address of the mobile phone 7 corresponding to the destination e-mail address from the address storage unit 22. Then, the transmission control unit 16 transmits the first e-mail in which the attached file (encrypted file) encrypted based on the password is attached to the destination e-mail address (ordinary e-mail address). Further, the transmission control unit 16 transmits the second e-mail including the password to the e-mail address of the mobile phone 7 acquired by the address acquisition unit 13.

  As a result, the electronic mail processing system 1 according to the present embodiment allows the attachment file (encrypted file) encrypted based on the password and the password corresponding to the encrypted file to have different transfer paths (for example, the path R2 and the path R3). To the recipient user via a different route). Therefore, in the electronic mail processing system 1 according to the present embodiment, for example, the possibility that a third party acquires an encrypted file and a password is reduced by monitoring the transfer path. Therefore, the e-mail processing system 1 in the present embodiment can reduce the possibility that confidential information leaks on the transfer path.

  As a technique for safely distributing confidential information, for example, a technique using an AD (active directory) system is known. In the technology using this AD (active directory) system, it is necessary to provide a management server device that manages access to confidential information. On the other hand, the e-mail processing system 1 in the present embodiment does not need to provide a management server device that manages access to confidential information as in the technique using an AD (active directory) system, for example. There is an advantage that the possibility of information leakage can be reduced.

In the present embodiment, the electronic mail processing apparatus 100 includes an encryption processing unit 15 that generates an encrypted file obtained by encrypting an attached file based on a password. Then, the transmission control unit 16 transmits the first e-mail with the encrypted file attached instead of the attached file to the e-mail address of the transmission destination, and sends the second e-mail to the e-mail address of the mobile phone 7. Send.
As a result, the electronic mail processing system 1 according to the present embodiment can automatically encrypt and send the attached file, thereby reducing the possibility of leaking confidential information without the user being aware of it.

In the present embodiment, the email address of the mobile phone 7 is an email address at which the mobile phone 7 receives an email via a network (for example, the mobile carrier network N4) different from the normal email address. .
As a result, the e-mail processing system 1 in the present embodiment ensures that the encrypted file obtained by encrypting the attached file and the password corresponding to the encrypted file are transmitted to the recipient user via different transfer paths. be able to.

In this embodiment, the normal e-mail address is an e-mail address at which an e-mail is received by the terminal device (client terminal 6) via the local area network. The e-mail address of the mobile phone 7 is an e-mail that is received by the terminal device (mobile phone 7) via a radio access network (mobile carrier network N4) by a mobile communication system (for example, 3G mobile communication system). Address.
Thereby, the e-mail processing system 1 in the present embodiment can transmit the password to the terminal device (mobile phone 7) without going through the LAN (N3) to which the terminal device (client terminal 6) is connected. it can. For this reason, the e-mail processing system 1 in the present embodiment reduces the possibility of leaking confidential information even when, for example, an administrator who manages the LAN (N3) attempts to illegally acquire confidential information. There is an advantage that you can.

In the present embodiment, the terminal device includes a client terminal 6 (first terminal device) that receives the first electronic mail, and a mobile phone 7 (second terminal device) that receives the second electronic mail. And are included. The mobile phone 7 is a mobile terminal device that can be connected to a radio access network (mobile carrier network N4) by a mobile communication system (for example, 3G mobile communication system), and the mail address of the mobile phone 7 is assigned to the mobile terminal device. E-mail address (for example, MMS mail address).
Thereby, the e-mail processing system 1 in the present embodiment can easily use the client terminal 6 connected to the existing in-house LAN (for example, LAN (N3)) and the mobile phone 7 to easily perform confidential information. Can be reduced. That is, the e-mail processing system 1 in the present embodiment can reduce the possibility of leakage of confidential information by simple means.

In the present embodiment, the mobile phone 7 uses the attached file of the plurality of second e-mails received based on the attached file information included in the first e-mail received by the client terminal 6. A password search unit 82 is provided for searching for a second e-mail containing information and a password.
Thereby, the e-mail processing system 1 in the present embodiment can reduce the time required for searching for a password. Therefore, the e-mail processing system 1 according to the present embodiment can improve the problem that it takes a long time to search for a password when, for example, it is desired to reopen the encrypted file after a while.

  According to this embodiment, the electronic mail processing apparatus 100 processes an electronic mail, and includes an address acquisition unit 13, an encryption processing unit 15, and a transmission control unit 16. The address acquisition unit 13 is an ordinary e-mail address and an e-mail address that transmits an e-mail to the same user as the ordinary e-mail address when an attached file is attached to the e-mail. The e-mail address is stored in association with the e-mail address of the mobile phone 7 having a different domain name, and the e-mail address of the e-mail transmission destination is searched as a normal e-mail address. The address acquisition unit 13 acquires the mail address of the mobile phone 7 corresponding to the destination e-mail address from the address storage unit 22. Then, the encryption processing unit 15 generates an encrypted file obtained by encrypting the attached file based on the password. Then, the transmission control unit 16 transmits the first electronic mail with the encrypted file attached instead of the attached file to the destination electronic mail address (ordinary electronic mail address). Further, the transmission control unit 16 transmits the second e-mail including the password to the e-mail address of the mobile phone 7 acquired by the address acquisition unit 13.

  As a result, the electronic mail processing apparatus 100 according to the present embodiment has an effect of reducing the possibility of confidential information leaking on the transfer path, as in the electronic mail processing system 1 of the present embodiment.

  In addition, according to the present embodiment, the e-mail processing method is an e-mail processing method for processing e-mail, and includes an address acquisition step, an encryption processing step, and a transmission control step. In the address acquisition step, when the attached file is attached to the e-mail, the address acquisition unit 13 transmits the e-mail to the normal e-mail address and the same user as the normal e-mail address. The address storage unit 22 that stores the mail address of the mobile phone 7 having a domain name different from the normal e-mail address in association with the e-mail address of the e-mail transmission destination as the normal e-mail address. A search is made to obtain the mail address of the mobile phone 7 corresponding to the destination e-mail address. In the encryption processing step, the encryption processing unit 15 generates an encrypted file obtained by encrypting the attached file based on the password. In the transmission control step, the transmission control unit 16 transmits the first e-mail attached with the encrypted file instead of the attached file to the e-mail address of the transmission destination, and the second e-mail acquired by the address acquisition unit. A second e-mail including a password is transmitted to the e-mail address.

  As a result, the e-mail processing method according to the present embodiment can reduce the possibility of confidential information leaking on the transfer path, similar to the e-mail processing system 1 and the e-mail processing apparatus 100 in the present embodiment. There is an effect.

[Second Embodiment]
Next, an electronic mail processing system 1 and an electronic mail processing apparatus 100a according to a second embodiment will be described with reference to the drawings.
In the present embodiment, an example will be described in which the e-mail processing apparatus 100a changes the password transmission method in accordance with the confidentiality set for the e-mail by the user. The configuration of the e-mail processing system 1 in the present embodiment is the same as that of the e-mail processing system 1 in the first embodiment shown in FIGS.

Here, the configuration of the client terminal 2 including the electronic mail processing apparatus 100a will be described with reference to FIG.
FIG. 9 is a block diagram illustrating an example of the client terminal 2 (transmission source) in the second embodiment.
In this figure, the same components as those shown in FIG. 2 are denoted by the same reference numerals, and the description thereof is omitted.

In FIG. 9, the client terminal 2 includes a control unit 10 a, a display unit 21, an address storage unit 22, and a LAN communication unit 23.
The control unit 10a is, for example, a processor including a CPU and the like, and comprehensively controls the client terminal 2. The control unit 10a includes a mail creation processing unit 11, a mail transmission monitoring unit 12, an address acquisition unit 13, a password generation unit 14, an encryption processing unit 15, a transmission control unit 16a, a confidentiality confirmation unit 17, and a password display processing unit 18. It has.

  The client terminal 2 includes an electronic mail processing device 100a, and includes a mail transmission monitoring unit 12, an address acquisition unit 13, a password generation unit 14, an encryption processing unit 15, a transmission control unit 16a, a confidentiality confirmation unit 17, The password display processing unit 18, the address storage unit 22, and the LAN communication unit 23 correspond to the electronic mail processing apparatus 100a.

  The present embodiment is different from the first embodiment in that the control unit 10a includes a confidentiality confirmation unit 17 and a password display processing unit 18, and the transmission control unit 16a executes a process according to the confidentiality.

The confidentiality confirmation unit 17 confirms the confidentiality set by the user who creates the email. Here, confidentiality is, for example, an index indicating the importance of confidential information of an attached file, and a plurality of levels can be set according to the importance. In this embodiment, the confidentiality is, for example, “high” having the highest importance, “low” having the lowest importance, and “medium” corresponding to an intermediate level between “high” and “low”. A case of 3 levels will be described.
The confidentiality confirmation unit 17 confirms the confidentiality (whether “high”, “medium”, or “low”) set in the electronic mail, and outputs the confirmation result to the transmission control unit 16a.

The transmission control unit 16a in the present embodiment executes the transmission process of the second e-mail and the e-mail address of the transmission destination of the second e-mail according to the confidentiality set for the e-mail. To control.
Specifically, the transmission control unit 16a does not transmit the second e-mail including the password when the confidentiality is “high”. In this case, the transmission control unit 16 a causes the password display processing unit 18 to display the password generated by the password generation unit 14 on the display unit 21. As a result, the user who sends the e-mail notifies the recipient's user of the password displayed on the display unit 21 by means other than e-mail such as facsimile or telephone.

Further, when the confidentiality is “medium”, the transmission control unit 16a transmits the second e-mail including the password to the e-mail address of the mobile phone 7 as in the first embodiment.
Further, when the confidentiality is “low”, the transmission control unit 16 a transmits the second electronic mail including the password to the normal electronic mail address addressed to the client terminal 6.

The transmission control unit 16a transmits the first e-mail attached with the encrypted file to a normal e-mail address addressed to the client terminal 6 regardless of the level of confidentiality.
In the transmission control unit 16a, other processes are the same as those of the transmission control unit 16 in the first embodiment.

  The password display processing unit 18 executes processing for displaying the password generated by the password generation unit 14 on the display unit 21 when the confidentiality is “high”.

  In the present embodiment, the configurations and operations of the client terminal 6 and the mobile phone 7 are the same as those in the first embodiment, and thus description thereof is omitted here.

Next, the operation of the electronic mail processing apparatus 100a in the present embodiment will be described with reference to FIG.
FIG. 10 is a flowchart showing an example of the operation of the e-mail processing apparatus 100a in the present embodiment.
In this figure, the processes in steps S301 to S307 and S312 are the same as the processes in steps S101 to S107 and S109 shown in FIG.

  In step S308, the confidentiality confirmation unit 17 of the electronic mail processing apparatus 100a confirms the confidentiality specified by the user, and the transmission control unit 16a branches the process according to the confidentiality. The transmission control unit 16a of the electronic mail processing apparatus 100a advances the process to step S309 when the confidentiality is “high” (sensitive density = high). Further, when the confidentiality is “medium” (sensitivity = medium), the transmission control unit 16a advances the process to step S310. Further, when the sensitivity is “low” (sensitivity = low), the transmission control unit 16a advances the process to step S310.

  Next, in step S309, the email processing apparatus 100a displays the password on the display unit 21. That is, when the confidentiality is “high”, the transmission control unit 16a causes the password display processing unit 18 to display the password generated by the password generation unit 14 on the display unit 21, and ends the process.

  In step S310, the e-mail processing apparatus 100a executes the same process as in step S108 shown in FIG. That is, when the confidentiality is “medium”, the transmission control unit 16a includes the attachment file information indicating the identification information of the attachment file and the password in the mail address of the mobile phone 7 acquired by the address acquisition unit 13. 2 e-mail is transmitted via the LAN (N1) and the mobile carrier network N4 (route R1 and route R3 in FIG. 6). After the process of step S310 is completed, the transmission control unit 16a ends the e-mail process.

  In step S311, the e-mail processing apparatus 100a transmits an e-mail including a password to a normal transmission address. That is, when the confidentiality is “low”, the transmission control unit 16a sends the second e-mail including the password to the normal transmission address (normal e-mail address) as the LAN (N1) and the LAN (N3). Transmission is performed via a route (route R1 and route R2 in FIG. 6). After the process of step S311 is completed, the transmission control unit 16a finishes the e-mail process.

  In this embodiment, in step S303, the transmission control unit 16a advances the process to step S313 when the transmission address is not registered in the address storage unit 22 (step S303: NO).

  In step S313, the transmission control unit 16a determines whether the confidentiality is “medium” (sensitive density = medium). When the sensitivity is “medium” (sensitivity = medium) (step S313: YES), the transmission control unit 16a advances the process to step S312, and when the sensitivity is “high” or “low”. In (Step S313: NO), the process proceeds to Step S305.

As described above, in the electronic mail processing system 1 in the present embodiment, the transmission control unit 16a, according to the confidentiality set for the electronic mail, the electronic mail address of the transmission destination of the second electronic mail, and It controls whether or not to execute the second e-mail transmission process.
Thereby, the e-mail processing system 1 and the e-mail processing apparatus 100a in the present embodiment can appropriately transmit confidential information by e-mail according to the set confidentiality.

In the above example, the case where the user sets the confidentiality has been described. However, the confidentiality may be determined based on the security risk in the transfer path of the first electronic mail or the second electronic mail. Good.
For example, the confidentiality may be determined in accordance with the transfer route of electronic mail and the number of hops (transfer count). Specifically, the e-mail processing apparatus 100a uses the “ping” command, the “traceroute (tracert)” command, or the like to check the transfer route or the number of hops (transfer count) in the transmission of the destination e-mail. To do. For example, the email processing apparatus 100a may set the confidentiality higher as the number of hops increases, or may set the confidentiality depending on whether the number of hops is equal to or greater than a predetermined threshold. Good. In addition, the e-mail processing apparatus 100a may set a high sensitivity when passing through a black list (for example, a specific server, a specific region, a specific country, etc.) of a predetermined transfer path. Good.

  Further, the e-mail processing apparatus 100a may set the sensitivity according to the domain name of the destination e-mail address. For example, the e-mail processing apparatus 100a sets the sensitivity low when the domain name is in the same company, and increases the sensitivity when the domain name is outside the company or a predetermined domain name. Set.

  As described above, by determining the confidentiality based on the security risk in the transfer path, the e-mail processing system 1 and the e-mail processing apparatus 100a in the present embodiment can transfer the confidential information according to the security risk in the transfer path. The possibility of leaking above can be reduced.

[Third Embodiment]
Next, an e-mail processing system 1 and an e-mail processing apparatus 100b according to a third embodiment will be described with reference to the drawings.
In the present embodiment, another example in which the e-mail processing apparatus 100b changes the password transmission method according to the confidentiality set for the e-mail by the user will be described.
In the second embodiment, when the confidentiality is “high”, the second e-mail including the password is not transmitted, but the password is received by the recipient by means other than e-mail such as facsimile or verbal communication. In contrast to contacting the user, in this embodiment, when the confidentiality is “high”, the e-mail processing apparatus 100b includes a password including a password by means other than the LAN (N1) (for example, a public wireless LAN). Send 2 emails.

FIG. 11 is a block diagram illustrating an example of the electronic mail processing system 1 according to the present embodiment.
In this figure, an e-mail processing system 1 includes a client terminal 2 including an e-mail processing apparatus 100b, a mail server 3, a base GW (4, 5), and a terminal apparatus (client terminal 6) that is a destination of e-mail. And a mobile phone 7).
In this figure, the same components as those shown in FIGS. 1 and 6 are denoted by the same reference numerals, and the description thereof is omitted.

  In the present embodiment, the client terminal 2 includes an electronic mail processing device 100b, and the electronic mail processing device 100b is configured to be able to transmit an electronic mail via a route R4 via a public wireless LAN (N5). Different from the second embodiment.

Next, the configuration of the client terminal 2 and the e-mail processing apparatus 100b in this embodiment will be described with reference to FIG.
FIG. 12 is a block diagram illustrating an example of the client terminal 2 (transmission source) in the present embodiment.
In this figure, the same components as those shown in FIG. 9 are denoted by the same reference numerals, and the description thereof is omitted.

In FIG. 12, the client terminal 2 includes a control unit 10b, a display unit 21, an address storage unit 22, a LAN communication unit 23, and a wireless LAN communication unit 24.
The control unit 10b is, for example, a processor including a CPU and the like, and comprehensively controls the client terminal 2. The control unit 10b includes a mail creation processing unit 11, a mail transmission monitoring unit 12, an address acquisition unit 13, a password generation unit 14, an encryption processing unit 15, a transmission control unit 16b, and a confidentiality confirmation unit 17.

  The client terminal 2 includes an electronic mail processing device 100b, and includes a mail transmission monitoring unit 12, an address acquisition unit 13, a password generation unit 14, an encryption processing unit 15, a transmission control unit 16b, a confidentiality confirmation unit 17, The address storage unit 22, the LAN communication unit 23, and the wireless LAN communication unit 24 correspond to the email processing apparatus 100b.

This embodiment is different from the second embodiment in that the e-mail processing apparatus 100b includes the wireless LAN communication unit 24, and the control unit 10b does not include the password display processing unit 18.
The wireless LAN communication unit 24 is a communication unit that can be connected to the public wireless LAN (N5). For example, when transmitting an electronic mail, the wireless LAN communication unit 24 transmits the electronic mail via the public wireless LAN (N5).

When the confidentiality is “high”, the transmission control unit 16 b in this embodiment transmits the second electronic mail including the password to the mail address of the mobile phone 7 via the wireless LAN communication unit 24. In this case, the transmission control unit 16b causes the wireless LAN communication unit 24 to send the second e-mail including the password via the public wireless LAN (N5) (route R4 in FIG. 11) and Send to email address.
Note that the processing performed by the transmission control unit 16b when the sensitivity is “medium” and “low” is the same as that in the second embodiment, and thus the description thereof is omitted here.

Next, the operation of the electronic mail processing apparatus 100b in this embodiment will be described with reference to FIG.
FIG. 13 is a flowchart showing an example of the operation of the e-mail processing apparatus 100b in the present embodiment.
In this figure, the processes in steps S401 to S407 and S412 are the same as the processes in steps S301 to S307 and S312 shown in FIG.

  In step S408, the confidentiality confirmation unit 17 of the electronic mail processing apparatus 100b confirms the confidentiality specified by the user, and the transmission control unit 16b branches the process according to the confidentiality. The transmission control unit 16b of the electronic mail processing apparatus 100b advances the process to step S409 when the confidentiality is “high” (sensitive density = high). In addition, when the confidentiality is “medium” (sensitivity = medium), the transmission control unit 16b advances the process to step S410. The transmission control unit 16b advances the process to step S410 when the confidentiality is “low” (sensitive density = low).

  Next, in step S409, the transmission control unit 16b of the electronic mail processing apparatus 100b transmits an electronic mail including a password to the mail address of the mobile phone 7 from the public wireless LAN (N5). That is, when the confidentiality is “high”, the transmission control unit 16 b indicates the identification information of the attached file to the email address of the mobile phone 7 acquired by the address acquisition unit 13 with respect to the wireless LAN communication unit 24. The second electronic mail including the attached file information and the password is transmitted via the public wireless LAN (N5) and the mobile carrier network N4 (route R4 in FIG. 11). After the process of step S409 is completed, the transmission control unit 16b ends the e-mail process.

  In step S410, the transmission control unit 16b performs the same process as in step S310 shown in FIG. 10, and transmits an email including the password in the email address of the mobile phone 7 from the LAN (N1). That is, when the confidentiality is “medium”, the transmission control unit 16b includes, in the email address of the mobile phone 7 acquired by the address acquisition unit 13, the attachment file information indicating the identification information of the attachment file and the password. 2 e-mails are transmitted via the LAN (N1) and the mobile carrier network N4 (route R1 and route R3 in FIG. 11). After the process of step S410 is completed, the transmission control unit 16b ends the e-mail process.

  In step S411, the transmission control unit 16b executes the same process as in step S311 shown in FIG. 10, and transmits an e-mail including a password in a normal transmission address from the LAN (N1). That is, when the confidentiality is “low”, the transmission control unit 16b sends the second e-mail including the password to the normal transmission address (normal e-mail address) as the LAN (N1) and the LAN (N3). Transmission is performed via a route (route R1 and route R2 in FIG. 11). After the process of step S411 is completed, the transmission control unit 16b ends the process of the e-mail.

In the present embodiment, in step S403, the transmission control unit 16b advances the process to step S413 when the transmission address is not registered in the address storage unit 22 (step S403: NO).
In step S413, the transmission control unit 16b determines whether or not the confidentiality is “low” (sensitive density = low). When the sensitivity is “low” (sensitivity = low) (step S413: YES), the transmission control unit 16b advances the process to step S405, and when the sensitivity is “high” or “medium”. In (Step S413: NO), the process proceeds to Step S412.

As described above, in the electronic mail processing system 1 in this embodiment, the electronic mail processing apparatus 100b includes the wireless LAN communication unit 24 and the transmission control unit 16b that can be connected to the public wireless LAN (N5). When the confidentiality is “high”, the transmission control unit 16b transmits, to the wireless LAN communication unit 24, the mail address of the mobile phone 7 that includes attachment file information indicating attachment file identification information and a password. 2 e-mail is transmitted via the public wireless LAN (N5) and the mobile carrier network N4 (route R4 in FIG. 11).
As a result, in the electronic mail processing system 1 and the electronic mail processing apparatus 100b according to the present embodiment, when the confidentiality is “high”, for example, an administrator who manages the LAN (N1) and the LAN (N3) Even if it is an attempt to obtain the information illegally, the possibility of leakage of confidential information can be reduced. That is, the e-mail processing system 1 and the e-mail processing apparatus 100b according to the present embodiment transmit an e-mail when the confidentiality is “high” than when the confidentiality is “medium” or “low”. Can improve security.

In the example described above, the case where the e-mail processing device 100b changes the transmission path of the second e-mail including the password according to the confidentiality has been described. The electronic mail may be transmitted via the public wireless LAN (N5) and the mobile carrier network N4 (route R4 in FIG. 11).
In this case, the e-mail processing apparatus 100b has a possibility that the confidential information may be leaked even when the administrator who manages the LAN (N1) and the LAN (N3) tries to acquire the confidential information illegally. Since it can reduce, possibility that confidential information will leak can be reduced compared with 1st and 2nd embodiment.

[Fourth Embodiment]
Next, an e-mail processing system 1 and an e-mail processing apparatus 100c according to a fourth embodiment will be described with reference to the drawings.
In the present embodiment, an example will be described in which the mobile phone 7 searches for a second electronic mail including a password based on a two-dimensional code. That is, the e-mail processing apparatus 100c generates a two-dimensional code including mail identification information for uniquely identifying the first e-mail described above, and sends the first e-mail including the generated two-dimensional code to the client terminal 6. Send. The client terminal 6 displays the two-dimensional code included in the received first electronic mail on the display unit 61, and the mobile phone 7 includes a password based on the two-dimensional code displayed on the display unit 61 of the client terminal 6. Search for the second e-mail. Here, the two-dimensional code is, for example, a QR code (registered trademark), a barcode, or the like.

FIG. 14 is a block diagram illustrating an example of the electronic mail processing system 1 according to the present embodiment.
In this figure, an e-mail processing system 1 includes a client terminal 2 including an e-mail processing apparatus 100c, a mail server 3, a base GW (4, 5), and a terminal apparatus (client terminal 6) that is a destination of e-mail. And a mobile phone 7).
In this figure, the same components as those shown in FIGS. 1 and 6 are denoted by the same reference numerals, and the description thereof is omitted.

  In the present embodiment, the client terminal 2 includes an electronic mail processing device 100c, the electronic mail processing device 100c has a function of generating a two-dimensional code C1, and the mobile phone 7 has a function of reading the two-dimensional code C1. However, this is different from the first embodiment.

Next, the configuration of the client terminal 2 and the email processing apparatus 100c in the present embodiment will be described with reference to FIG.
FIG. 15 is a block diagram illustrating an example of the client terminal 2 (transmission source) in the present embodiment.
In this figure, the same components as those shown in FIG. 2 are denoted by the same reference numerals, and the description thereof is omitted.

In FIG. 15, the client terminal 2 includes a control unit 10 c, a display unit 21, an address storage unit 22, and a LAN communication unit 23.
The control unit 10c is, for example, a processor including a CPU and the like, and comprehensively controls the client terminal 2. The control unit 10c includes a mail creation processing unit 11, a mail transmission monitoring unit 12, an address acquisition unit 13, a password generation unit 14, an encryption processing unit 15, a transmission control unit 16c, and a two-dimensional code generation unit 19.
The client terminal 2 includes an electronic mail processing device 100c, and includes a mail transmission monitoring unit 12, an address acquisition unit 13, a password generation unit 14, an encryption processing unit 15, a transmission control unit 16c, and a two-dimensional code generation unit 19. The address storage unit 22 and the LAN communication unit 23 correspond to the electronic mail processing apparatus 100c.

This embodiment is different from the first embodiment in that the control unit 10c of the electronic mail processing apparatus 100c includes a transmission control unit 16c and a two-dimensional code generation unit 19.
The two-dimensional code generation unit 19 (generation unit) generates, for example, a two-dimensional code C1 including attached file information (for example, mail ID) that is mail identification information that uniquely identifies the first electronic mail. As described above, the two-dimensional code C1 includes, for example, a QR code (registered trademark), a barcode, and the like.

In addition, the transmission control unit 16c in the present embodiment includes the two-dimensional code C1 generated by the two-dimensional code generation unit 19 in the first electronic mail with the encrypted file attached, and transmits the first electronic mail to the transmission destination electronic mail address. . Further, the transmission control unit 16c transmits a second e-mail including the password and the above-described mail ID included in the two-dimensional code C1.
In the transmission control unit 16c, other processes are the same as those of the transmission control unit 16 in the first embodiment.

Next, the configuration of the mobile phone 7 in this embodiment will be described with reference to FIG.
FIG. 16 is a block diagram showing an example of the mobile phone 7 in the present embodiment.
In this figure, the same components as those shown in FIG. 5 are denoted by the same reference numerals, and the description thereof is omitted.

In FIG. 16, the mobile phone 7 includes a control unit 80 a, a display unit 71, a storage unit 72, a wireless communication unit 73, and an imaging unit 74. The present embodiment is different from the first embodiment in that the mobile phone 7 includes a control unit 80a instead of the control unit 80 and includes an imaging unit 74 for reading the two-dimensional code C1.
The imaging unit 74 captures an image of the two-dimensional code C1 included in the first email displayed on the display unit 61 of the client terminal 6.

  The control unit 80a is, for example, a processor including a CPU and the like, and comprehensively controls the mobile phone 7. The control unit 80a includes a mail reception processing unit 81, a password search unit 82a, a password display processing unit 83, and a two-dimensional code acquisition unit 84.

  The two-dimensional code acquisition unit 84 causes the imaging unit 74 to capture an image of the two-dimensional code C1 included in the first email displayed on the display unit 61 of the client terminal 6, and acquires the two-dimensional code C1 as a captured image. To do.

The password search unit 82a (search unit) acquires a mail ID (mail identification information) based on the two-dimensional code C1 attached to the first electronic mail received by the client terminal 6, and uses the acquired mail ID as the acquired mail ID. Based on the received second electronic mail, the second electronic mail including the mail ID is searched. That is, the password search unit 82a searches for the second electronic mail including the mail ID included in the two-dimensional code C1 based on the two-dimensional code C1 acquired by the imaging unit 74 and the two-dimensional code acquisition unit 84.
In addition, the password search unit 82a displays the password for decrypting the encrypted file of the first e-mail by causing the password display processing unit 83 to display the second e-mail including the searched password on the display unit 71. Display on the unit 71.

Next, the operation of the electronic mail processing system 1 in the present embodiment will be described with reference to the drawings.
First, with reference to FIG. 14, the outline | summary of operation | movement of the electronic mail processing system 1 in this embodiment is demonstrated.

  As shown in FIG. 14, the electronic mail processing apparatus 100c generates a two-dimensional code C1 including a mail ID by the two-dimensional code generation unit 19 and attaches the generated two-dimensional code C1 and an encrypted file to the first electronic mail. To your normal email address. The first e-mail attached with the two-dimensional code C1 including the mail ID and the encrypted file transmitted by the e-mail processing apparatus 100c is transmitted to the client terminal 6 via the path R1 and the path R2, and the client terminal 6 Receives the first e-mail and displays the two-dimensional code C1 included in the first e-mail on the display unit 61.

In addition, the e-mail processing apparatus 100 c transmits a second e-mail including the mail ID and password to the e-mail address of the mobile phone 7. The second e-mail including the mail ID and password transmitted by the e-mail processing apparatus 100c is transmitted to the mobile phone 7 via the route R1 and the route R3, and the mobile phone 7 receives the second e-mail. Receive.
In the mobile phone 7, the two-dimensional code acquisition unit 84 acquires the two-dimensional code C <b> 1 based on the image of the two-dimensional code C <b> 1 captured by the imaging unit 74. The mobile phone 7 searches for the second e-mail based on the acquired two-dimensional code C1, and displays the password included in the second e-mail on the display unit 71.

  In addition, the user U1 who is a transmission destination (reception destination) acquires the password displayed on the display unit 71 of the mobile phone 7 and inputs the acquired password to the client terminal 6. That is, the client terminal 6 acquires a password by the password acquisition unit 53. The client terminal 6 executes a process of decrypting the encrypted file attached to the received first electronic mail based on the acquired password and returning it to the original attached file. Accordingly, the user U1 can safely obtain (acquire) the attached file attached to the electronic mail by the transmission source user.

Next, the operation of the e-mail processing apparatus 100c will be described with reference to FIG.
FIG. 17 is a flowchart showing an example of the operation of the e-mail processing apparatus 100c in the present embodiment.

  In this figure, the processing of step S501 to step S506 and step S510 is the same as the processing of step S101 to step S106 and step S109 shown in FIG.

  In step S507, the two-dimensional code generation unit 19 of the electronic mail processing apparatus 100b generates a two-dimensional code C1 including the mail ID. Here, the mail ID is, for example, mail identification information that uniquely identifies the first electronic mail.

  Next, the transmission control unit 16c transmits an electronic mail (first electronic mail) with the encrypted file and the two-dimensional code C1 attached to the normal transmission address (step S508). That is, the transmission control unit 16c sends the first e-mail with the encrypted file and the two-dimensional code C1 attached to the transmission address (the above-described normal e-mail address) instead of the attached file via the LAN (N1, N3) ( The data is transmitted through the route R1 and the route R2) in FIG.

  Next, the transmission control unit 16c transmits an email (second email) including the password and the email ID to the email address of the mobile phone 7 (step S509). That is, the transmission control unit 16c sends the second electronic mail including the above-described mail ID and password to the mail address of the mobile phone 7 acquired by the address acquisition unit 13 via the LAN (N1) and the mobile carrier network N4 (FIG. 6). Route R1 and route R3). After the process of step S509 is completed, the transmission control unit 16c ends the e-mail process.

Next, the password search function of the mobile phone 7 in this embodiment will be described with reference to FIG.
FIG. 18 is a flowchart showing an example of password search processing of the mobile phone 7 in the present embodiment.

  In this figure, first, the two-dimensional code acquisition unit 84 of the mobile phone 7 acquires the two-dimensional code C1 (step S601). That is, the two-dimensional code acquisition unit 84 causes the imaging unit 74 to capture an image of the two-dimensional code C1 included in the first e-mail displayed on the display unit 61 of the client terminal 6, and acquires the two-dimensional code C1. To do.

Next, the password search unit 82a of the mobile phone 7 acquires a mail ID based on the two-dimensional code C1 (step S602).
Next, the password search unit 82a searches for an e-mail containing the password (step S603). That is, the password search unit 82a searches for a second e-mail including a password corresponding to the attached file information from among a plurality of e-mails stored in the storage unit 72 based on the acquired mail ID.

Next, the password search unit 82a displays an e-mail containing the searched password (step S604). That is, the password search unit 82a displays the password for decrypting the encrypted file of the first e-mail by causing the password display processing unit 83 to display the second e-mail including the searched password on the display unit 71. Display on the unit 71.
Thereby, the electronic mail processing system 1 in this embodiment can search easily the password corresponding to an encryption file. Therefore, the e-mail processing system 1 according to the present embodiment is, for example, a case where time has elapsed since receiving the first e-mail attached with the encrypted file and the second e-mail including the password. However, confidential information can be easily obtained by decrypting the encrypted file.
In step S604, the password search unit 82a may cause the display unit 71 to display information such as the sender name of the mail and the reception date / time included in the searched second electronic mail together with the password.

As described above, in the electronic mail processing system 1 according to the present embodiment, the electronic mail processing apparatus 100c uses the two-dimensional code C1 including the mail identification information (for example, the mail ID) that uniquely identifies the first electronic mail. A two-dimensional code generation unit 19 is provided. The transmission control unit 16c sends the two-dimensional code C1 generated by the two-dimensional code generation unit 19 as an attachment to the first electronic mail, and transmits the second electronic mail including the mail identification information and the password. Then, the mobile phone 7 acquires the mail identification information based on the two-dimensional code C1 attached to the first electronic mail received by the client terminal 6, and receives the plurality of received information based on the acquired mail identification information. A password search unit 82a for searching for the second e-mail including the e-mail identification information in the second e-mail.
As a result, the e-mail processing system 1 according to the present embodiment reliably searches for a password by using the two-dimensional code C1 even when it is desired to reopen the encrypted file after a while, for example. Therefore, convenience can be improved.

[Fifth Embodiment]
Next, an electronic mail processing system 1 according to a fifth embodiment will be described with reference to the drawings.
In the present embodiment, an example will be described in which the mobile phone 7 transmits a password acquired by the second e-mail to the client terminal 6 using an NFC (Near Field Communication) interface.

FIG. 19 is a block diagram illustrating an example of the electronic mail processing system 1 according to the present embodiment.
In this figure, an e-mail processing system 1 includes a client terminal 2 provided with an e-mail processing apparatus 100, a mail server 3, a base GW (4, 5), and a terminal apparatus (client terminal 6) that is an e-mail receiving destination. And a mobile phone 7).
In this figure, the same components as those shown in FIGS. 1 and 6 are denoted by the same reference numerals, and the description thereof is omitted.

As shown in FIG. 19, the client terminal 6 and the mobile phone 7 in this embodiment have a communication function by NFC.
The present embodiment is different from the first embodiment in that the mobile phone 7 transfers the password to the client terminal 6 using NFC communication.

Next, the configuration of the client terminal 6 and the mobile phone 7 in this embodiment will be described with reference to FIG.
FIG. 20 is a block diagram illustrating an example of the client terminal 6 (reception destination) and the mobile phone 7 according to the fifth embodiment.
In this figure, the same components as those shown in FIGS. 4 and 5 are denoted by the same reference numerals, and the description thereof is omitted.

The mobile phone 7 in this embodiment includes a control unit 80b, a display unit 71, a storage unit 72, a wireless communication unit 73, and an NFC communication unit 75.
The control unit 80b is a processor including a CPU, for example, and controls the mobile phone 7 in an integrated manner. The control unit 80b includes a mail reception processing unit 81, a password search unit 82, a password display processing unit 83, and a password transfer processing unit 85.

In addition, the client terminal 6 in this embodiment includes a control unit 50a, a display unit 61, a storage unit 62, a LAN communication unit 63, and an NFC communication unit 64.
The control unit 50a is a processor including a CPU, for example, and controls the client terminal 6 in an integrated manner. The control unit 50a includes a mail reception processing unit 51, a mail display processing unit 52, a password acquisition unit 53a, and a decryption processing unit 54.

The NFC communication unit 75 and the NFC communication unit 64 perform short-range wireless communication by NFC.
The password transfer processing unit 85 executes a process of transferring the password included in the second electronic mail to the client terminal 6 via the NFC communication unit 64 and the NFC communication unit 75. For example, the password transfer processing unit 85 transfers the password searched by the password search unit 82 to the client terminal 6.

  The password acquisition unit 53a acquires the password transferred by the password transfer processing unit 85 of the mobile phone 7 via the NFC communication unit 64 and the NFC communication unit 75. Further, the password acquisition unit 53a may cause the decryption processing unit 54 to execute the decryption process of the encrypted file based on the acquired password.

The password acquisition unit 53a may be, for example, a plug-in of mail software (reception side) realized by a CPU and a program stored in a storage unit (not shown).
In this case, the password acquisition unit 53a performs the following process to decrypt the encrypted file.
For example, when an encrypted file that is an encrypted attached file is designated by the user by double clicking or the like on the client terminal 6, the password acquisition unit 53a puts the NFC communication unit 75 into a data reception waiting state. In this state, when the user brings the mobile phone 7 close to the NFC communication unit 75 of the client terminal 6, short-range wireless communication between the NFC communication unit 75 and the NFC communication unit 64 is started, and password transfer of the mobile phone 7 is performed. The processing unit 85 transfers the password to the client terminal 6. The password to be transferred may be selected from the second e-mail received by the mobile phone 7 by the user, or from the client terminal 6 via the NFC communication unit 64 and the NFC communication unit 75. 7 may be a password searched by the password search unit 82 based on attached file information such as the mail ID output in FIG. Based on the acquired password, the password acquisition unit 53a decrypts the encrypted file designated by double clicking or the like.

  As described above, the e-mail processing system 1 in the present embodiment transfers the password included in the second e-mail from the mobile phone 7 to the client terminal 6 by short-range wireless communication. Thereby, since the encrypted file and the password can be managed in the client terminal 6, the electronic mail processing system 1 in the present embodiment can improve convenience when the encrypted file is decrypted. .

[Sixth Embodiment]
Next, an electronic mail processing system 1 according to a sixth embodiment will be described with reference to the drawings.
In the present embodiment, an example will be described in which the mobile phone 7 distributes the password acquired by the second e-mail to the client terminal 6 by using the wireless LAN WEB function.

FIG. 21 is a block diagram showing an example of the mobile phone 7 in the present embodiment.
In this figure, the mobile phone 7 includes a control unit 80c, a display unit 71, a storage unit 72, a wireless communication unit 73, and a wireless LAN communication unit 76.
The control unit 80c is a processor including a CPU, for example, and controls the mobile phone 7 in an integrated manner. The control unit 80 c includes a mail reception processing unit 81, a password search unit 82, and a WEB (web) server processing unit 86.
In this figure, the same components as those shown in FIG. 5 are denoted by the same reference numerals, and the description thereof is omitted.

  The wireless LAN communication unit 76 is a communication unit that can be connected to the LAN (N3). For example, when distributing the password, the wireless LAN communication unit 76 transmits the password to the client terminal 6 via the LAN (N3).

  When the e-mail received by the e-mail reception processing unit 81 is the second e-mail, the WEB server processing unit 86 saves it in an HTML (Hyper Text Markup Language) file describing the password included in the second e-mail. Then, it is made public on the LAN (N3) via the wireless LAN communication unit 76 as WEB.

In the present embodiment, the client terminal 6 connects to a WEB having a predetermined URL (Uniform Resource Locator), and acquires a password published on the WEB.
The password disclosed on the WEB is a list of all passwords of the received second e-mail, and may be displayed in association with the mail ID and password, or the mail ID is input on the WEB. Alternatively, the password searched using the password search unit 82 may be used.

  As described above, in the present embodiment, the client terminal 6 acquires a password from the mobile phone 7 by using the WEB function based on the wireless LAN. As a result, the client terminal 6 can centrally manage the encrypted file and the password, so that the e-mail processing system 1 in the present embodiment can improve convenience when decrypting the encrypted file. .

[Seventh Embodiment]
Next, an e-mail processing system 1a according to a seventh embodiment will be described with reference to the drawings.
In the present embodiment, an example will be described in which both a first electronic mail and a second electronic mail are received by one terminal device (client terminal 6a).

FIG. 22 is a block diagram showing an example of an electronic mail processing system 1a according to this embodiment.
In this figure, an e-mail processing system 1a includes a client terminal 2 provided with an e-mail processing apparatus 100, a mail server 3, a base GW (4, 5), and a terminal apparatus (client terminal 6a) that is an e-mail receiving destination. ).
In this figure, the same components as those shown in FIGS. 1 and 6 are denoted by the same reference numerals, and the description thereof is omitted.

  As shown in FIG. 22, in the electronic mail processing system 1a in the present embodiment, the client terminal 6a has a function capable of being connected to both the LAN (N3) and the public wireless LAN (N5). Here, the route R5 of the second electronic mail is a route transmitted from the mail server 3 to the client terminal 6a via the LAN (N1), the base GW4, the IP network N2, and the public wireless LAN (N5) in this order. It is. Note that the email address of the second email may not be the email address of the mobile phone 7 as long as the email address has a domain name different from the email address of the first email.

FIG. 23 is a block diagram illustrating an example of the client terminal 6a (reception destination) in the present embodiment.
In this figure, the client terminal 6a includes a control unit 50b, a display unit 61, a storage unit 62, a LAN communication unit 63, and a wireless LAN communication unit 65.
The control unit 50b is, for example, a processor including a CPU and the like, and comprehensively controls the client terminal 6a. The control unit 50b includes a mail reception processing unit 51, a mail display processing unit 52, a password acquisition unit 53b, and a decryption processing unit 54.
In this figure, the same components as those shown in FIG. 4 are denoted by the same reference numerals, and the description thereof is omitted.

The wireless LAN communication unit 65 is a communication unit that can be connected to the public wireless LAN (N5). For example, when receiving the second electronic mail, the wireless LAN communication unit 65 receives the electronic mail via the public wireless LAN (N5). .
The password acquisition unit 53b acquires a password included in the second e-mail received via the public wireless LAN (N5).

  As described above, in the present embodiment, one client terminal 6a passes through different paths (different paths between the path R2 and the path R5), and includes a first e-mail attached with an encrypted file and a password. 2 e-mails are received. Thereby, the e-mail processing system 1a in the present embodiment reduces the possibility that the third party obtains the encrypted file and the password by monitoring the transfer path, for example. As in the sixth embodiment, it is possible to reduce the possibility of leakage of confidential information on the transfer path.

  In addition, since the client terminal 6a can centrally manage the encrypted file and the password, the e-mail processing system 1a in the present embodiment can improve convenience when decrypting the encrypted file.

[Eighth Embodiment]
Next, an e-mail processing system 1b according to an eighth embodiment will be described with reference to the drawings.
In each of the above-described embodiments, the case where the client terminal 2 includes the electronic mail processing device 100 (100a to 100c) has been described. However, the mail server 3 includes the electronic mail processing device 100 (100a to 100c). It is also possible to execute similar processing. In the present embodiment, an example in which the mail server 3 includes the electronic mail processing apparatus 100 will be described.

FIG. 24 is a block diagram showing an example of an electronic mail processing system 1b according to this embodiment.
In this figure, an e-mail processing system 1b includes a client terminal 2, a mail server 3a including an e-mail processing apparatus 100, a base GW (4, 5), and a terminal apparatus (client terminal 6) that is an e-mail receiving destination. And a mobile phone 7).
In this figure, the same components as those shown in FIGS. 1 and 6 are denoted by the same reference numerals, and the description thereof is omitted.

  In this figure, as in the first embodiment, the e-mail processing apparatus 100 includes a second e-mail including a first e-mail attached with an encrypted file obtained by encrypting an attached file and a password corresponding to the encrypted file. Mail is sent to the recipient user via a different transfer path. Therefore, the e-mail processing system 1b in the present embodiment reduces the possibility that a third party obtains an encrypted file and a password by monitoring the transfer path, for example. Similar to the seventh embodiment, it is possible to reduce the possibility of leakage of confidential information on the transfer path.

The present invention is not limited to the above embodiments, and can be modified without departing from the spirit of the present invention.
For example, although each of the above embodiments has been described with respect to a case where it is carried out independently, it may be carried out by combining the above embodiments.

Further, in each of the above embodiments, the case where the attached file is automatically encrypted by the encryption processing unit 15 has been described. However, the present invention is not limited to this, and an encrypted file manually encrypted by the user is electronically stored. You may attach it to an email.
Further, the e-mail processing apparatus 100 (100a to 100c) may be configured such that the user can select (specify) whether or not the attached file is automatically encrypted by the encryption processing unit 15.

Further, in each of the above embodiments, the case where the password is generated by the password generation unit 14 has been described, but the present invention is not limited to this. For example, the password may be determined in advance or specified by the user.
Moreover, although the password generation part 14 demonstrated the example which produces | generates a password based on a random number, even if it produces | generates based on a predetermined | prescribed security policy (For example, more than a predetermined number of characters including both a capital letter and a small letter, etc.) Good. In addition, the generation method and generation conditions of the password may be changed according to the sensitivity described above.

Further, in each of the above embodiments, the case where the address storage unit 22 is included in the electronic mail processing apparatus 100 (100a to 100c) has been described, but the present invention is not limited to this. For example, the address storage unit 22 may be provided in a server device connected to a network. The mail server 3 may include an address storage unit 22.
Further, in each of the embodiments described above, the mode in which the e-mail address for sending the password is acquired from the address storage unit 22 has been described. However, the present invention is not limited to this. For example, it may be acquired from a list file such as an emergency contact address registered in advance.

In the third and fourth embodiments described above, the confidentiality may be the importance level of the mail or may be determined in advance by the destination. Further, the confidentiality may be determined in advance in the address book according to the transmission destination.
In the fifth embodiment, the case where the password is transferred from the mobile phone 7 to the client terminal 6 using NFC has been described. However, instead of NFC, a USB interface or Bluetooth (Bluetooth (registered trademark)) is used. Other interfaces such as may be used.

In each of the above embodiments, the second electronic mail may be a mobile phone that includes a password as an attached file.
In each of the above embodiments, the mail server 3 is provided on the LAN (N1). However, the mail server 3 may be provided on the IP network N2.
In each of the above embodiments, the case where the mobile phone 7 is used as an example of the terminal device has been described. However, another mobile terminal such as a PDA (Personal Digital Assistant) may be used.

Further, in each of the embodiments described above, the mode in which the e-mail is transmitted as it is when the transmission address is not stored (registered) in the address storage unit 22 has been described. However, the present invention is not limited to this. For example, an example in which the e-mail processing device 100 (100a to 100c) sends an attached file as it is even when the transmission address is not stored (registered) in the address storage unit 22 has been described. When not stored (registered) in the unit 22, the electronic mail itself may not be transmitted. In this case, since an e-mail is not transmitted to a destination not registered in the address storage unit 22, the e-mail processing device 100 (100a to 100c) is in the case of an erroneous transmission with an incorrect e-mail address of the destination ( In the case of transmission to an unregistered e-mail address), leakage of confidential information can be prevented.
The electronic mail processing apparatus 100 (100a to 100c) transmits the first electronic mail with the encrypted file attached even when the transmission address is not stored (registered) in the address storage unit 22, You may comprise so that an email may not be transmitted. Also in this case, since the second e-mail including the password is not transmitted to the destination not registered in the address storage unit 22, the e-mail processing device 100 (100a to 100c) sets the e-mail address of the destination. In the case of erroneous transmission, it is possible to prevent leakage of confidential information.

Note that a program for realizing the functions of each component included in the electronic mail processing system 1 (1a, 1b) in the present invention is recorded on a computer-readable recording medium, and the program recorded on the recording medium is stored in the computer system. The processing in each component included in the above-described electronic mail processing system 1 (1a, 1b) may be performed by causing the processing to be read and executed. Here, “loading and executing a program recorded on a recording medium into a computer system” includes installing the program in the computer system. The “computer system” here includes an OS and hardware such as peripheral devices.
Further, the “computer system” may include a plurality of computer devices connected via a network including a communication line such as the Internet, WAN, LAN, and dedicated line. The “computer-readable recording medium” refers to a storage device such as a flexible medium, a magneto-optical disk, a portable medium such as a ROM and a CD-ROM, and a hard disk incorporated in a computer system. As described above, the recording medium storing the program may be a non-transitory recording medium such as a CD-ROM.

  The recording medium also includes a recording medium provided inside or outside that is accessible from the distribution server in order to distribute the program. It should be noted that the program is divided into a plurality of parts and downloaded at different timings, and then combined with each component included in the e-mail processing system 1 (1a, 1b) and the distribution server that distributes each of the divided programs is different. It may be. Furthermore, a “computer-readable recording medium” holds a program for a certain period of time, such as a volatile memory (RAM) inside a computer system that becomes a server or client when the program is transmitted via a network. Including things. The program may be for realizing a part of the functions described above. Furthermore, what can implement | achieve the function mentioned above in combination with the program already recorded on the computer system, what is called a difference file (difference program) may be sufficient.

  Moreover, you may implement | achieve part or all of the function mentioned above as integrated circuits, such as LSI (Large Scale Integration). Each function described above may be individually made into a processor, or a part or all of them may be integrated into a processor. Further, the method of circuit integration is not limited to LSI, and may be realized by a dedicated circuit or a general-purpose processor. In addition, when an integrated circuit technology that replaces LSI appears due to the advancement of semiconductor technology, an integrated circuit based on the technology may be used.

1, 1a, 1b E-mail processing system 2 Client terminal (source)
3, 3a Mail server 4, 5 GW
6, 6a Client terminal (receiver)
7 Mobile phone 10, 10a, 10b, 10c, 50, 50a, 50b, 80, 80a, 80b, 80c Control unit 11 Mail creation processing unit 12 Mail transmission monitoring unit 13 Address acquisition unit 14 Password generation unit 15 Encryption processing unit 16 , 16a, 16b, 16c Transmission control unit 17 Confidentiality confirmation unit 18, 83 Password display processing unit 19 Two-dimensional code generation unit 21, 61, 71 Display unit 22 Address storage unit 23, 63 LAN communication unit 24, 65, 76 Wireless LAN communication unit 51, 81 Mail reception processing unit 52 Mail display processing unit 53, 53a, 53b Password acquisition unit 54 Decoding processing unit 62, 72 Storage unit 64, 75 NFC communication unit 73 Wireless communication unit 74 Imaging unit 82, 82a Password search Part 84 two-dimensional code acquisition part 85 password transfer processing part 86 WE The server processing unit 100,100a, 100b, 100c e-mail processing apparatus N1, N3 LAN
N2 IP network N4 Mobile carrier network N5 Public wireless LAN
C1 2D code

Claims (1)

An electronic mail processing system comprising an electronic mail processing device for processing electronic mail and a terminal device for receiving the electronic mail transmitted by the electronic mail processing device,
The e-mail processing device includes:
A first e-mail address and an e-mail address that transmits an e-mail to the same user as the first e-mail address when an attached file is attached to the e-mail, An address storage unit that stores a second e-mail address having a different domain name in association with the e-mail address of the e-mail address as the first e-mail address; An address acquisition unit that acquires the second email address corresponding to the email address of the destination;
Attaching the attached file encrypted based on a password to the destination email address, sending a first email with attached file information indicating identification information of the attached file, and sending the address A transmission control unit for transmitting a second e-mail including the attached file information and the password to the second e-mail address acquired by the acquisition unit ;
A generator for generating a two-dimensional code including mail identification information for uniquely identifying the first electronic mail ;
The transmission control unit
The two-dimensional code generated by the generation unit is attached to the first e-mail and sent, and the second e-mail including the e-mail identification information and the password is transmitted,
The first e-mail address is an e-mail address at which the e-mail is received by the terminal device via a local area network;
The second e-mail address is an e-mail address where the e-mail is received by the terminal device via a radio access network by a mobile communication system,
The terminal device includes a first terminal device that receives the first e-mail and a second terminal device that receives the second e-mail,
The second terminal device is a portable terminal device connectable to a radio access network by a mobile communication system, and the two-dimensional code attached to the first e-mail received by the first terminal device. Based on the acquired mail identification information, the second electronic mail including the mail identification information is retrieved from the plurality of received second electronic mails based on the acquired mail identification information. It has a search part,
The second e-mail address is an e-mail address assigned to the mobile terminal device.
E-mail processing system comprising a call.

Images