JP2002049568A - System and method for ciphering electronic mail - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide a system and a method for electronic mail ciphering which can send and receive electronic mail safely and efficiently. SOLUTION: A WWW browser 3 that at least more than one terminal has ciphers and sends electronic mail by https, deciphers the ciphered electronic mail by received https, and displays it on the screen and a mail server 1 stores the received electronic mail; and a WWW server 2 deciphers the ciphered electronic mail by the https sent from the terminal and sends it to the mail server 1, and the electronic mail sent from the mail server 1 is ciphered by the https and sent to the terminal equipped with the WWW browser 3.

Description

DETAILED DESCRIPTION OF THE INVENTION

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to an electronic mail encryption system and an encryption method, and more particularly to an electronic mail encryption system and an encryption method when electronic mail is transmitted and received by a WWW browser provided in a terminal. .

[0002]

2. Description of the Related Art At present, with the development of the Internet, improving security of data handled in the network has become an important issue.

In particular, an e-mail transmission / reception system on the World Wide Web (hereinafter simply referred to as WWW) can store e-mail in a mail server.
Since e-mail can be sent and received at the convenience of the user, it is widely used because of its simplicity. With this, it is necessary to improve security such as confidentiality and prevention of data duplication when handling e-mail. I have.

[0004] For this reason, conventionally, there has been proposed a method of transmitting and receiving an electronic mail by encrypting the electronic mail.

Conventionally, transmission and reception of this type of e-mail after encrypting it is often used to prevent the contents of the e-mail from being read by a third party other than the sender and the receiver.

[0006] For example, as an example of an electronic mail encryption transmission / reception method, an “electronic mail encryption method and encryption system” disclosed in Japanese Patent Application Laid-Open No. 8-251156 will be described below.

[0007] The method of encrypting and transmitting e-mail described in this publication enables each user of a communication network to create key information and publish a public key to enable encryption, thereby enabling security. It is intended to improve.

[0008] Specifically, as preparation, each user creates each key information with dedicated software and registers it in the center in advance. When encrypting an e-mail to be transmitted, the main body of the e-mail is encrypted with a data key, the data key is encrypted with a master key, and the two encrypted data are transmitted as e-mail data. The terminal receiving the two encrypted data decrypts the encrypted data key data using the master key and decrypts the encrypted e-mail data using the decrypted data key. And receive e-mail.

Therefore, according to this conventional method for transmitting and receiving an encrypted electronic mail, it is possible to effectively prevent forgery and duplication of the electronic mail and to provide a highly secure electronic mail encryption method.

[0010]

However, in the above-mentioned conventional method for encrypting and transmitting e-mail, it is necessary to specify a terminal that performs transmission and reception, and to share a key between the specified terminals. Must create key information and make this key information public, which reduces the efficiency of e-mail encryption and impairs network security. Have.

In the conventional electronic mail encryption system as described above, since the electronic mail is encrypted and decrypted on each terminal, each of the terminals performs encryption and decryption, respectively. It is necessary to provide hardware and software for decryption, and there is a problem that the cost of the terminal for performing encryption and decryption increases.

The present invention has been made in view of the above circumstances, and an object of the present invention is to provide an e-mail encryption system and an e-mail encryption method capable of transmitting and receiving e-mail safely and efficiently. Aim.

[0013]

In order to achieve the above object, an electronic mail encryption system according to the present invention transmits an electronic mail by encrypting the electronic mail with https, and encrypting the electronic mail with the received https. At least one or more terminals equipped with a WWW browser for decrypting the mail and displaying it on the screen, a mail server for storing the received electronic mail, and decrypting the electronic mail encrypted by https transmitted from the terminal. A WWW server that transmits the e-mail transmitted from the mail server to the mail server and encrypts the e-mail by using https and transmits the e-mail to the terminal.

Therefore, according to the present invention, when sending and receiving electronic mail between the terminal and the mail server,
Between the WWW server and the terminal, the e-mail is transmitted as a hypertext transfer pro.
E-mail can be transmitted and received safely because it is encrypted by https, which is a security-enhanced type protocol in tocol (hereinafter simply referred to as http).

When encrypting an e-mail, W
Since the WWW server and the WWW browser perform https encryption, it is not necessary to create and publish key information of each terminal, so that the efficiency of e-mail encryption can be improved and its security can be improved. Can be improved.

Further, since the electronic mail is encrypted and decrypted by the WWW browser provided in the terminal to perform transmission and reception, it is not necessary to provide a new member when encrypting and decrypting the electronic mail and transmitting and receiving the electronic mail. .

Further, the user of the terminal receives a message from the WWW server.
The contents of the e-mail encrypted and transferred by ftps can be read on the screen of the terminal equipped with the WWW browser, and conversely, the contents of the e-mail written on the screen of the terminal equipped with the WWW browser can be encrypted by https Can be transferred to a WWW server.
Transmission and reception of an e-mail encrypted by tps can be performed at a terminal at an arbitrary place on the Internet.

[0018] In the above-described electronic mail encryption system, the WWW server may transmit the ht transmitted from the terminal.
The e-mail encrypted by tps is decrypted, and the e-mail is encrypted by https and output, and the e-mail decrypted by the httpd is transmitted to the mail server and transmitted from the mail server. Common to receive e-mail
You may comprise so that it may have Gateway Interface.

By configuring the WWW server in this way, the encryption and decryption of electronic mail can be performed by the WW server.
Http, which is an http server provided in the W server
pd (hyper text transfer pr
photo gate, and sends and receives e-mails to and from the mail server through Common Gate.
way Interface (hereinafter referred to as CGI)
Similarly, in the terminal, since the WWW browser provided in the terminal encrypts and decrypts the e-mail, if the terminal is a WWW browser compatible with https for performing the encryption and decryption, Since the mail can be encrypted and decrypted, the electronic mail can be encrypted and decrypted without using any special members.

The method for encrypting electronic mail according to the present invention comprises the steps of:
A step of encrypting the e-mail by https using a WWW browser provided in the terminal and transmitting the encrypted e-mail to httpd provided in a WWW server, and decrypting the encrypted e-mail using httpd provided in the WWW server; Gateway Interfa
sending to the ce, and the Common Gateway
e-mail sent to the ay Interface
A step of transmitting an e-mail from a terminal to a mail server, the step of transmitting an e-mail to a mail server in accordance with a mail transmission program provided in the Common Gateway Interface;
ay Interface is Common Gate
receiving an e-mail from the mail server according to a mail receiving program provided in the wayInterface,
Outputting the received e-mail to the httpd, the httpd encrypting the e-mail output to the httpd by the https, and transmitting the encrypted e-mail to a terminal provided with a WWW browser, and A terminal that has received the e-mail, decrypts the e-mail received by the WWW browser, and displays the e-mail. The e-mail is transmitted from the mail server to the terminal.

Therefore, according to the present invention, when an electronic mail is transmitted from a terminal to a mail server, the electronic mail is encrypted by https using a WWW browser provided in the terminal, transmitted to a WWW server, and provided in the WWW server. Httpd decrypts this email and returns the Co
In the case where the monmon Gateway Interface transmits the decrypted e-mail to the mail server based on the e-mail transmission program, and when the e-mail is transmitted from the mail server to the terminal, the Common Gateway
Gateway Interface receives an e-mail from the mail server based on the e-mail receiving program, transmits the received e-mail to httpd,
Since ttpd encrypts the transmitted e-mail with https and transmits it to the WWW browser, when encrypting and decrypting the e-mail as in the prior art,
The trouble of creating key information in each terminal can be omitted, and the security can be improved because the key information does not need to be made public.

Further, the encryption and decryption of the electronic mail
Since it is performed by https, a general WWW browser can perform encryption and decryption of e-mail, and does not require a special member for encryption and decryption of e-mail. It is possible to suppress an increase in cost when encrypting and decrypting the electronic mail.

[0023]

DESCRIPTION OF THE PREFERRED EMBODIMENTS Next, an embodiment of an electronic mail encryption system and an encryption method according to the present invention will be described in detail with reference to the drawings.

FIG. 1 is a conceptual diagram showing the configuration of an embodiment of an electronic mail encryption system according to the present invention. This figure 1
As shown in FIG. 1, the e-mail encryption system includes a mail server 1 for storing received e-mails,
It is composed of a WWW server 2 that receives an e-mail from the mail server 1 and receives an e-mail encrypted by the WWW browser 3 from the WWW browser 3, and a WWW browser 3 for displaying the e-mail transmitted to and received from the mail server 1. ing.

The above-described WWW server 2 has a CG having a mail receiving program and a mail sending program 4.
I (Common Gateway Interface)
e) httpd6 for transmitting and receiving e-mails to and from the CGI 5 and transmitting and receiving e-mails encrypted by https with the WWW browser 3. Here, https described below is Open
n Systems Interconnection
Security in (open system interconnection)
y Socket Layer (hereinafter simply referred to as SSL) is used.

The http provided in the WWW server 2
d6 is commonly used https (SS
Any type may be used as long as L) can be used. In addition, encrypted communication is performed with the WWW browser 3 by https in a normal method.

The WWW browser 3 is a commercially available http
Any device that supports ps (SSL) may be used, and it need not be provided in a terminal at a specific place on the Internet. Therefore, the WWW browser 3 is
What is necessary is just to be in the terminal of arbitrary places which can communicate with tpd6.

The mail server 1 is located on the same computer as the WWW server 2, and its functions are no different from those of UNIX (registered trademark) sendmail, which is generally widely used. That is, it is not necessary to provide the mail server 1 with a special member for encrypting the electronic mail.

Next, an electronic mail encryption method according to the present invention will be described with reference to FIG.

When the WWW browser 3 sends a request to subscribe to the e-mail stored in the mail server 1 to the httpd 6, the httpd 6 outputs a mail reception request to the mail receiving program 4 of the CGI 5.

The mail receiving program 4 having received the mail receiving request outputs the mail receiving request to the mail server 1. The mail server 1 that has received the mail reception request transmits the requested e-mail to the CGI 5. And CGI
The mail receiving program 4 provided for the ordinary Po
Receive e-mail by p protocol. The CGI 5 outputs the received e-mail to httpd6.

Httpd6 sends an e-mail to html (h
hyper text mark-up language
e), and encrypted by https to WW
Send to W browser 3.

On the other hand, when the transmission data of the e-mail is transmitted from the WWW browser 3 to the httpd 6, the transmitted e-mail is encrypted by the https between the WWW browser 3 and the httpd 6 and transferred.

The httpd 6 outputs the transmitted e-mail to the mail transmission program 4 via the CGI 5. The e-mail sending program 4 that has received the e-mail
The e-mail is transmitted to the mail server 1 by a normal smpt protocol.

Therefore, according to the electronic mail encryption method, the transmission and reception of the electronic mail between the WWW browser 3 and the httpd 6 is performed by using the electronic mail encrypted by the https, so that the electronic mail is transmitted over the network. Properly confidential emails at
When performing encryption, there is no need to provide a special member for encryption in the terminal, so that an increase in the cost of the terminal can be suppressed.

Next, an example of a screen display of the WWW browser 3 in the electronic mail encryption system shown in FIG. 1 will be described with reference to FIG.

FIG. 2 shows the WWW browser 3 shown in FIG.
1 shows an example of a screen display by the following. However, the same members as those in the electronic mail encryption system shown in FIG. As shown in FIG. 2, the WWW browser 3 accesses the WWW server 2 and displays a password input screen 21 for sending and receiving e-mail on the WWW browser 3.
On this screen, items to be exchanged with a transmission / reception program provided in the CGI are described. Here, when the user name and password of the mail server 1 are input, a screen 23 for selecting an e-mail transmission / reception is displayed under the control of the CGI 5 shown in FIG.

When an e-mail reception is selected, an e-mail list screen 25 is displayed, and a list of e-mail titles reaching the mail server 1 can be viewed. When the title of the e-mail to be viewed is selected on this screen, the contents of the e-mail can be viewed on the e-mail reception / browsing screen 27.

When e-mail transmission is selected on the reception / transmission selection screen, an e-mail transmission screen 29 is displayed, in which information for writing an e-mail and transmitting it to the WWW server 2 can be input.

Since all communication between the WWW server 2 and the WWW browser 3 is encrypted by https, the information displayed on the screen and the information to be input reach the WWW server 2 after being encrypted. Data flows between the WWW server 2 and the mail server 1 by ordinary pop and smtp. However, since the mail server 1 and the httpd 6 are on the same computer, the e-mail does not flow on the network. There is no gender problem.

Therefore, according to one embodiment of the electronic mail encryption method, when a terminal equipped with the WWW browser 3 receives an electronic mail, the received electronic mail is encrypted by https, Further, when an electronic mail is transmitted from a terminal equipped with the WWW browser 3 to the mail server, since the electronic mail is encrypted by the WWW browser 3, the security of the electronic mail can be improved. Since a special member for decoding is not required for each terminal, it is possible to suppress an increase in the cost of the terminal.

Next, an embodiment of an electronic mail encryption system according to the present invention will be described in more detail with reference to the drawings. FIG. 3 shows a schematic diagram of an embodiment of an electronic mail encryption system according to the present invention.

As shown in FIG. 3, the electronic mail encryption system comprises an electronic mail between a company network (intranet) 39 and a terminal 37 outside the company, that is, on a network outside the company (Internet). It is assumed that mail is exchanged.

The in-company network 39 includes a mail server 31 for storing the received e-mail and the WWW server 3
3 and fi to prevent the entry of unnecessary data from outside
rewall35.

The corporate network 39 is a firewall
135, and therefore the normal transmission and reception of e-mail inside it is not encrypted. However, when e-mail data flows to a network outside the company, encryption is performed.

In this case, the firewall 35 is set so that only the WWW server 33 can access from outside the company. Thus, the WWW server 33 can communicate with the terminal 37 outside the company. The WWW server 33 is a commercially available encryption server using https (SSL),
All communication with the terminal 37 outside the company is encrypted by https. The WWW server 33 has a built-in CGI program for sending and receiving electronic mail to and from the mail server 31.

The operation of the electronic mail encryption system shown in FIG. 3 will be described in detail. Referring to FIG. 3, in order to receive the electronic mail stored in the mail server 31 from the terminal 37 outside the company, first, the terminal 3 outside the company
The server accesses the WWW server 33 using a WWW browser (not shown) incorporated in the server 7.

The WWW server 33 has a screen indicating that the e-mail has been received. If the user name and password of the mail server 31 are input from a WWW browser on a terminal 37 outside the company, the screen is displayed on the mail server 31 via the CGI program. Is displayed.

At this time, the electronic mail is transferred without being encrypted between the mail server 31 and the WWW server 33, but the electronic mail is transferred between the WWW server 33 and the terminal 37 outside the company.
The data is encrypted and transferred by ps (SSL).

Conversely, from the terminal 37 outside the company, the mail server 3
In order to send an e-mail to the terminal 37, the WWW server 33 displays the WWW of the terminal 37 outside the company on the e-mail transmission screen.
Enter the content of the e-mail from the browser. Then W
The WW server 33 transmits the e-mail input via the CGI program to the mail server 31. At this time, between the terminal 37 outside the company and the WWW server 33, the contents of the e-mail are encrypted by https and transferred.

Therefore, according to this embodiment, when transmitting / receiving the e-mail stored in the mail server 31 at the external terminal 37 connected to the external network, the e-mail encrypted by https is used. Since the electronic mail is exchanged between the WWW server 33 and the terminal 37 outside the company, the electronic mail can be transmitted and received safely.

Also, the encryption and decryption of an e-mail
WWW server 33 or W provided on terminal 37 outside the company
It is performed by a WW browser. In particular, since a WWW browser can use a general one as long as it is compatible with https, a special member is particularly provided for encrypting and decrypting an e-mail. Since there is no need to provide the terminal, it is possible to encrypt and decrypt the electronic mail while suppressing an increase in the cost of the terminal 37 outside the company.

Further, since the terminal 37 outside the company only needs to have a WWW browser compatible with https, it is possible to transmit and receive the encrypted e-mail from an arbitrary position on the company network.

[0054]

As is apparent from the above description, according to the present invention, by using the encrypted communication technology called https (SSL) adopted in the World Wide Web, the communication between the WWW server and the WWW browser can be realized. Encrypted data in all communication between the devices, so you can encrypt and send e-mail without specifying the individual who sends and receives or the terminal, and you can use dedicated software from any place on the network It is possible to provide an electronic mail encryption system and an encryption method capable of transmitting and receiving an encrypted electronic mail without using the electronic mail, and improving its security and efficiency.

Further, since the encryption is performed using the information in the WWW server and the information in the WWW browser, there is no need for information on individuals or individual terminals for encrypting electronic mail. Therefore, it is not necessary to disclose a key or the like, and it is possible to provide an electronic mail encryption system and an electronic mail encryption method that can efficiently perform electronic mail encryption.

[Brief description of the drawings]

FIG. 1 is a conceptual diagram of an embodiment of an electronic mail encryption system according to the present invention.

FIG. 2 is a view showing an example of a display screen by a WWW browser in the electronic mail encryption system shown in FIG. 1;

FIG. 3 is a schematic diagram of an embodiment of an electronic mail encryption system according to the present invention.

[Explanation of symbols]

Reference Signs List 1 mail server 2 WWW server 3 WWW browser 4 mail receiving program and mail sending program 5 CGI (Common Gateway Inte
6 httpd 21 Password input screen 23 Receiving / sending selection screen 25 E-mail list screen 27 E-mail reception / browsing screen 29 E-mail transmission screen 31 Mail server 33 WWW server 35 firewall 37 Outside terminal 39 Corporate network

Claims (5)

[Claims] An electronic mail is sent to WWW (World Wid).
at least a browser provided with a browser for encrypting and transmitting the encrypted e-mail by the encrypted communication technology adopted in the de Web) and decrypting the received e-mail by the encrypted communication technology and displaying the e-mail on a screen. One or more terminals, a mail server for storing received e-mails, and an e-mail encrypted by the encrypted communication technology transmitted from the terminal, decrypted and transmitted to the mail server, and A WWW server for encrypting the electronic mail transmitted from the mail server by the encrypted communication technique and transmitting the encrypted electronic mail to the terminal. 2. The electronic mail encryption system according to claim 1, wherein said browser comprises a WWW browser. 3. The WWW server decrypts the e-mail transmitted from the terminal and encrypted by the encrypted communication technique, and outputs the e-mail after encrypting the e-mail by the encrypted communication technique. httpd, a Common Gateway that sends an email decrypted by the httpd to a mail server, and receives an email sent from the mail server.
3. The e-mail encryption system according to claim 1, further comprising: y Interface. 4. An electronic mail is encrypted by a browser provided in a terminal by an encryption communication technique adopted in WWW (World Wide Web), and W
Transmitting to the httpd provided in the WWW server; decrypting the encrypted e-mail using the httpd provided in the WWW server;
transmitting the e-mail sent to the CommonGatewayInterface to the CommonGateway.
An e-mail transmission step from a terminal to a mail server, comprising: a step of transmitting an e-mail to a mail server according to a mail transmission program provided in the Interface; and the CommonGatewayInterface.
, Common GatewayInterface
Receiving an e-mail from a mail server according to a mail receiving program provided in the server, and outputting the received e-mail to the httpd, and the httpd converting the e-mail output to the httpd into the encrypted communication technology. A mail server comprising: a step of transmitting the encrypted e-mail to a terminal provided with a browser; and a step of receiving the encrypted e-mail and decoding and displaying the e-mail received by the browser. And transmitting an e-mail from the terminal to the terminal. 5. The method according to claim 4, wherein the browser comprises a WWW browser.