JP2005258855A - Communication history monitoring system and information exchange method - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide a network use situation monitoring system allowing certain monitoring of information transmitted/received via a network. <P>SOLUTION: When the transmission/reception of the information via the Internet 10 by a Web browser, mailer or the like is performed in a monitoring target terminal 11, history information showing a history of the transmission/reception of the information is generated and encrypted, and is uploaded to a server 12 according to a prescribed condition. The server 12 stores the history information uploaded from the monitoring target terminal 11 with the history information encrypted, and makes a terminal 13 for a manager download it in response to a request from the terminal 13 for the manager. The terminal 13 for the manager downloads the history information from the server 12 and decrypts it, and displays contents of the history information on a display screen. Processing in the monitoring target terminal 11 is executed in a background such that it is not known by a user of the monitoring target terminal 11. <P>COPYRIGHT: (C)2005,JPO&NCIPI

Description

  The present invention relates to a communication history monitoring system, a communication history recording device constituting the communication history monitoring system, a communication history management device, a program for realizing these devices, a communication history monitoring method in the communication history monitoring system, and information Regarding the exchange method.

  With the dramatic expansion of Internet usage, everyone can access a variety of content, regardless of location and time. For this reason, improper use of the Internet, such as minors accessing harmful content such as adult-oriented content, or employees accessing content that is not ethically desirable using a computer installed in the company. It became a problem. Therefore, various methods for preventing such inappropriate use of the Internet have been proposed.

  For example, in a terminal device connected to a communication line (Internet), when information that is not desired to be given to a child is input from the communication line, browsing of the information is prohibited (see Patent Document 1).

  In addition, in a terminal device connected to the Internet, a password is added to an image that seems to be harmful content among images downloaded from the Internet, and when the password is not input, the image cannot be displayed (patent) Reference 2).

  Furthermore, in a computer connected to the Internet, a first web page browser and a second web page browser that cannot access a specific web page are installed, and only a user who has a specific authority can access the first web page browser. There was something that could be started. This is because a user other than a user with specific authority is forced to use a second web page browser that cannot access a specific web page, and access to the specific web page is restricted. It was.

Japanese Patent Laid-Open No. 11-45285 JP-A-11-306118 JP 2002-318787 A

  In addition to this, a firewall device is installed at the connection point between the LAN and the external network, and this firewall device restricts access to specific websites on the external network, or only accesses to specific websites. There were methods to allow.

In the above conventional method, in order to forcibly block or eliminate access to harmful content and web pages, it is necessary to investigate and set in advance the content and web pages that should not be accessed. It was.
For example, in the apparatus disclosed in Patent Document 1, when information input from a communication line is related to a preset keyword, the information is deleted and cannot be displayed. Yes, it was necessary to set keywords in advance. Further, in the apparatus disclosed in Patent Document 2, it is necessary for the user to determine whether or not to add a password for each image received from the Internet. Furthermore, in the computer disclosed in Patent Document 3, the URL address of a web page whose access should be restricted has to be set in advance.

  However, the content provided via the Internet is increasing at a remarkable rate. Therefore, in order to reliably limit inappropriate Internet usage, it is necessary to continue to investigate the increase in content that should not be accessed, but this is virtually impossible. In other words, it is impossible to completely limit inappropriate use of the Internet by the above conventional methods, and it is inefficient and burdensome to judge whether or not it is inappropriate for many contents and web pages. It was a big work.

  In view of this problem, the present inventors have an idea that a technique for reliably monitoring transmission / reception of information via the Internet is more effective than a technique for eliminating specific information provided via the Internet. And this led to the present invention.

SUMMARY OF THE INVENTION An object of the present invention is to provide a communication history monitoring system related to a network usage state that can reliably monitor information transmitted / received via a network.
It is another object of the present invention to provide an information exchange method capable of exchanging information via a network without impairing confidentiality.

  In order to achieve the above object, a communication history recording apparatus of the present invention generates communication information for transmitting / receiving information to / from an external device via a communication line, and history information indicating a history of information transmission / reception by the communication means. History information generation means, encryption means for encrypting history information generated by the history information generation means, and history information transmission control means for transmitting history information encrypted by the encryption means by the communication means With.

  In the communication history recording apparatus of the present invention, the history information generating means may be any of a web browser program, an e-mail transmission / reception program, a messaging program, and a peer-to-peer data exchange system program executed in the communication history recording apparatus. Alternatively, the history information may be generated by acquiring information transmitted / received based on the operation of one or more programs.

  The communication history recording apparatus according to the present invention further comprises execution condition setting means for causing the communication means to receive setting information via the communication line and determining an execution condition based on the received setting information, and generating the history information The means may be configured to generate the history information in accordance with the execution condition set by the execution condition setting means.

  In the communication history recording apparatus of the present invention, when connected to the external device via the communication means, processing to be performed on the connection according to the execution condition set by the execution condition setting means It is good also as a structure further provided with the connection control determination means to determine, and the connection control execution means to perform the process determined by the said connection control determination means.

  The communication history management device of the present invention includes an information reading unit that reads information from a portable recording medium, a history information acquisition unit that acquires history information generated by the communication history recording device of the present invention, and the information reading unit. Decoding means for decoding history information acquired by the history information acquisition means based on information read from the recording medium, display means for displaying history information decoded by the decoding means on a display screen, and the decoding Erasing means for erasing the decrypted history information after use of the history information decrypted by the means is completed.

  The communication history monitoring system of the present invention is a communication history monitoring system in which a communication history recording device, a communication history management device, and a server are connected via a communication line, and the communication history recording device includes: Communication means for transmitting / receiving information to / from an external device via a communication line, history information generating means for generating history information indicating a history of information transmission / reception by the communication means, and history information generated by the history information generating means Encrypting means for encrypting, and history information transmission control means for transmitting history information encrypted by the encrypting means to the server by the communication means, the server from the communication history recording device Receiving means for receiving transmitted history information; storage means for storing history information received by the receiving means in an encrypted state; and the communication history management device Transmission means for transmitting history information stored in the storage means to the communication history management apparatus when transmission of history information is requested from the communication history management apparatus, the communication history management apparatus History information acquisition means for requesting transmission of information and receiving history information transmitted from the server in response to the request, decoding means for decoding history information received by the history information acquisition means, and the decoding means Display means for displaying the history information decrypted by the above on the display screen.

  In the communication history monitoring system of the present invention, the server stores a correspondence relationship between one or more specific communication history recording devices and a specific communication history management device, and the transmission means includes the communication When history information transmission is requested from the history management device, only history information received from the communication history recording device corresponding to the communication history management device may be transmitted.

  In the information exchange method of the present invention, in a system in which a first terminal device, a second terminal device, and a server are connected via a communication line, information to be exchanged is exchanged by the first terminal device. Encrypted and transmitted to the server, the server stores the correspondence between the first terminal device and the second terminal device, and receives information on the exchange target transmitted from the first terminal device Then, the encrypted state is stored, and when transmission of information is requested from the second terminal device, the stored information is associated with the second terminal device. Only the information to be exchanged transmitted from the first terminal device is transmitted to the second terminal device, the second terminal device requests the server to transmit information, and responds to this request Information sent from the server Receives, it is to decode the received information.

  According to the communication history recording apparatus of the present invention, the communication history recording apparatus includes a communication unit that transmits / receives information to / from an external device via a communication line, the history information generation unit generates history information indicating a history of transmission / reception of information by the communication unit, Since the history information generated by the history information generation means is encrypted by the encryption means, and the history information transmission control means causes the encrypted history information to be transmitted by the communication means, it is transmitted and received from the communication history recording device via the communication line. The history of recorded information can be recorded reliably. Furthermore, since history information can be acquired in other devices connected to the communication line, it is possible to monitor the transmission / reception status of information in the communication history recording device in devices other than the communication history recording device. Moreover, since the history information is encrypted, even a user who operates the communication history recording apparatus cannot view the contents of the history information unless the person has the decryption method and information necessary for the decryption. . Therefore, it is possible to securely conceal the status of information transmission / reception and monitoring itself in the communication history recording apparatus.

  In the communication history recording apparatus of the present invention, the history information generating means is any one of a web browser program, an e-mail transmission / reception program, a messaging program, and a peer-to-peer data exchange system program executed in the communication history recording apparatus. The history information is generated for almost all cases in which information is transmitted / received via a communication line in a general computer by acquiring the information transmitted / received based on the operation of the above program and generating the history information. it can. This makes it possible to reliably monitor the transmission / reception of information by the communication history recording device.

  In the communication history recording apparatus of the present invention, the execution condition is set by the execution condition setting unit based on the setting information received via the communication line, and the execution set by the execution condition setting unit by the history information generation unit When history information is generated according to conditions, it is possible to specify an execution condition of processing for generating history information in a communication history recording device by another device connected via a communication line. As a result, the history information generated by the history information generating means includes necessary information and eliminates unnecessary information. Therefore, the communication history recording apparatus can be efficiently used while ensuring necessary usability. Can be monitored.

  Further, in the communication history recording apparatus of the present invention, when connected to an external device via the communication means, the connection control determining means performs the connection according to the execution condition set by the execution condition setting means. When the process to be determined is determined and the process determined by the connection control determination unit is executed by the connection control execution unit, connection to an external device can be permitted or blocked, or can be permitted with certain conditions. Therefore, in the communication history recording apparatus, inappropriate use of the communication line can be prevented. Furthermore, since the connection control determination means determines the processing (permission, blocking, etc.) to be performed on the connection based on the execution condition, it determines whether the connection to the external device is possible based on the optimum condition. In addition, the determination conditions can be easily changed.

  According to the present invention, in the communication history management device provided with the information reading means for reading information from the portable recording medium, the history information generated by the communication history recording device of the present invention is acquired by the history information acquisition means. The history information acquired by the history information acquisition means is decoded by the decoding means based on the information read from the recording medium, the decoded history information is displayed on the display screen by the display means, and the decoded history information can be used. Since the decrypted history information is erased by the erasure means after the completion, the transmission / reception of information via the communication line in the communication history recording apparatus can be easily monitored at a place separated from the communication history recording apparatus. Further, it is possible to store information necessary for decoding the history information only in the portable recording medium and read it every time the history information is decoded. Further, by deleting the decrypted history information after use, it is possible to prevent the decrypted history information from being touched by others. Thereby, the confidentiality of history information can be ensured more reliably.

  According to the present invention, in the communication history monitoring system in which the communication history recording device, the communication history management device, and the server are connected via the communication line, the communication history recording device is connected via the communication line. A communication means for transmitting / receiving information to / from an external device is provided, history information indicating a history of information transmission / reception by the communication means is generated by the history information generation means, and the generated history information is encrypted by the encryption means and encrypted. The history information is transmitted to the server by the history information transmission control means, the server receives the history information transmitted from the communication history recording device by the receiving means, and stores the received history information in an encrypted state, When transmission of history information is requested from the communication history management device, the history information stored in the storage means is transmitted to the communication history management device by the transmission means, and the communication history The logical device requests the server to transmit history information by the history information acquisition means, receives the history information transmitted from the server in response to the request, decodes the received history information by the decoding means, Since the decrypted history information is displayed on the display screen, the history of information transmitted / received from the communication history recording device via the communication line is reliably recorded, and the transmission / reception status of the information in the communication history recording device is indicated by the communication history. It can be monitored in the management device. The history information is encrypted and decrypted only by the communication history management device. Therefore, if the person has the decryption method and the information necessary for the decryption and cannot use the communication history management device, the communication is performed. Even the user who operates the history recording device cannot see the contents of the history information. Therefore, it is possible to securely conceal the status of information transmission / reception and monitoring itself in the communication history recording apparatus. Further, since the information necessary for decrypting the history information can be stored only in the portable recording medium and read each time the history information is decrypted, the confidentiality of the history information can be ensured more reliably. .

  In the communication history monitoring system of the present invention, the server stores a correspondence relationship between the specific one or a plurality of communication history recording devices and the specific communication history management device, and the transmission unit receives the history from the communication history management device. When the transmission of information is requested, when only the history information received from the communication history recording device corresponding to the communication history management device is transmitted, the history information generated in the communication history recording device is the communication Since it can be acquired only by the communication history management device corresponding to the history recording device, there is no fear that the history information is acquired by an unauthorized person. Thereby, the confidentiality of history information can be ensured more reliably.

  According to the information exchange method of the present invention, in the system in which the first terminal device, the second terminal device, and the server are connected via a communication line, the first terminal device to the second terminal device The information to be exchanged can be transmitted to the terminal device without fail. That is, the information encrypted in the first terminal device is stored in the server while being encrypted, and transmitted to the second terminal device. Furthermore, the information transmitted from the first terminal device to the server can be received only by the second terminal device corresponding to the first terminal device. For this reason, the information to be exchanged cannot be decrypted and used unless it has a method for decoding the information to be exchanged and information necessary for the decryption and can use the second terminal device. This makes it possible to exchange information among a plurality of terminal devices while maintaining extremely high confidentiality.

Hereinafter, embodiments of the present invention will be described with reference to the drawings.
FIG. 1 is a diagram showing a schematic configuration of a network usage status monitoring system 1 according to an embodiment of the present invention.
As shown in FIG. 1, the network usage status monitoring system 1 has a configuration in which devices to be monitored 11, a server 12, and an administrator terminal 13 are connected via the Internet 10.

  The Internet 10 is configured to include various communication lines such as a dedicated line, a public telephone line, a satellite communication line, and various servers (not shown), and a specific aspect thereof is not particularly limited. A server, firewall, gateway provided by ISP (Internet Service Provider), NSP (Network Service Provider), or the like, between each device of the monitoring target terminal 11, the server 12, and the administrator terminal 13 and the Internet 10. Although it is good also as a structure which various apparatuses, such as, may interpose, it is not illustrated here.

  The network usage status monitoring system 1 is a user (administrator) using the administrator terminal 13 to determine what action the user (managed person) using the monitoring target terminal 11 has taken using the Internet 10. Is a system for monitoring. The user (managed person) who uses the monitoring target terminal 11 is, for example, a child or a company employee. The user (administrator) who uses the manager terminal 13 is a person who has authority to manage the manager within a predetermined range, such as a guardian or a company manager.

  In the network usage status monitoring system 1, one or a plurality of monitoring target terminals 11 and a manager terminal 13 are combined. That is, the monitoring target terminal 11 used by the manager is associated with the manager terminal 13 used by the manager who has the authority to manage the manager. The correspondence relationship between the managed person and the administrator is stored in advance in the server 12 as a relationship between the monitoring target terminal 11 and the manager terminal 13 as described later.

  In the network usage status monitoring system 1, the monitoring target terminal 11 has key information therein beforehand. Further, a legitimate user (administrator) who uses the manager terminal 13 has a portable recording medium in which key information is recorded in advance. The key information held by the monitoring target terminal 11 and the key information recorded on the portable recording medium possessed by the administrator are combined in the same manner as the correspondence relationship between the managed person and the administrator. For this reason, when the monitoring target terminal 11 encrypts the information based on the key information, this information is a portable recording medium possessed by the manager corresponding to the manager who uses the monitoring target terminal 11. Decryption is possible only with the key information recorded in

The monitoring target terminal 11 can be realized by a personal computer, a PDA (Personal Digital Assistance), a mobile phone, or the like, or various devices having a function of transmitting and receiving images and messages by connecting to the Internet. The manager terminal 13 can be realized by various devices such as a personal computer and a PDA.
The server 12 is a device that mediates transmission / reception of information between the monitoring target terminal 11 and the administrator terminal 13, and specifically stores information uploaded from the monitoring target terminal 11 temporarily, The stored information is downloaded in response to a request from the administrator terminal 13.

FIG. 2 is a block diagram illustrating a functional configuration of the monitoring target terminal 11.
As shown in FIG. 2, the monitored terminal 11 includes a CPU (Central Processing Unit) 111, a RAM (Random Access Memory) 112, a storage device 113, an input device 114, a display device 115, and a communication control device 116. These units are connected by a bus 117.

  The CPU 111 reads a basic control program or an application program stored in the storage device 113 in response to an input operation on the input device 114, expands it in the work area of the RAM 112, and executes it.

For example, the CPU 111 reads out and executes an e-mail transmission / reception program (so-called mailer) stored in the storage device 113, processes e-mail creation, editing, storage, and the e-mail transmission / reception process by the communication control device 116. Execute.
In addition, the CPU 111 reads out and executes a web browser program stored in the storage device 113, so that a web connected to the Internet 10 is based on a URL (Uniform Resource Locator) designated by an operation of the input device 114. The server is accessed, the web page is downloaded and displayed on the display device 115. In addition, when using a service such as an electronic bulletin board system (BBS: Bulletin Board System) executed by a web server connected to the Internet 10, the CPU 111 sends information inputted by the input device 114 to the web server. Send. Similarly, the CPU 111 has a server connected to the outside of the Internet 10 by a technology such as CGI (Common Gateway Interface), PHP (PHP: Hypertext Preprocessor), SSI (Server Side Include), and ASP (Active Server Pages). When executed, the information input from the input device 114 is transmitted in response to a request from these external programs.
Further, the CPU 111 is connected to the Internet 10 in order to read and execute a messaging program (so-called instant messenger or the like) stored in the storage device 113 and transmit / receive messages to / from other computers connected to the Internet 10. A message is transmitted to and received from a predetermined messaging server or another computer.
The CPU 111 reads and executes a program for a peer-to-peer data exchange system stored in the storage device 113, performs peer-to-peer data communication processing with other computers connected to the Internet 10, Send and receive file lists and data files.

In addition, when the monitored terminal 11 is activated and the operation of the entire system is started, the CPU 111 automatically reads out and executes the network usage status recording program stored in the storage device 113, and records the network usage status recording described later. The process (FIG. 5) is executed. This network usage status recording process is executed regardless of the input operation from the input device 114, and does not perform various notifications on the display device 115 during the operation. That is, the CPU 111 executes the network usage status recording process in a form that the user does not notice at all, and the user who uses the monitoring target terminal 11 sets the monitoring target terminal 11 without knowing the execution status of the network usage status recording process. Will be used.
Further, the CPU 111 reads the setting file 11b stored in the storage device 113, and sets the execution condition of the network usage status recording process based on the information included in the setting file 11b.

  The RAM 112 forms a work area for temporarily storing programs executed by the CPU 111 and data.

  The storage device 113 is a storage device including an optical or magnetic recording medium or a semiconductor storage device, and stores various programs and data executed by the CPU 111. Further, the storage device 113 stores authentication information 11a, a setting file 11b, key information 11c, and a history information file 11d generated by the CPU 111.

  The authentication information 11 a is stored in the storage device 113 when the network usage status recording program is installed in the monitoring target terminal 11. The authentication information 11a is used for authentication processing when uploading the history information file 11d from the monitoring target terminal 11 to the server 12 in the network usage status recording processing (FIG. 5).

  The setting file 11b includes information for determining an execution condition when the CPU 111 executes the network usage status recording process, and is appropriately downloaded from the server 12 to the monitoring target terminal 11 in the network usage status recording process.

  Here, the execution condition is, for example, the type of information to be recorded as history information in the network usage status recording process (FIG. 5). That is, in the network usage status recording process, information transmitted and received by programs such as a web browser program, an e-mail transmission / reception program, a messaging program, and a peer-to-peer data exchange system program executed on the monitored terminal 11 is transmitted / received. It is possible to collect information contents, date and time of transmission / reception, information about the other party, and include it in the history information. Is all the information that can be collected necessary, or is only part of the information sufficient? Depends on the purpose of use of the network usage status monitoring system 1. For this reason, if what kind of information is collected and recorded as history information in the network usage status recording process is determined according to the execution condition, necessary information is provided to the user using the administrator terminal 13; In addition, useless information can be omitted and various user needs can be met.

  The execution condition includes an execution condition of an access filter that blocks access to a specific server in the network usage status recording process. That is, during the operation of the access filter (FIG. 5) described later, the monitored terminal 11 is a program such as a web browser program, an e-mail transmission / reception program, a messaging program, a peer-to-peer data exchange system program, etc. When a connection to an external server or other computer via the Internet 10 is requested, the requested connection is permitted (connected), rejected (not connected), and the connection time is monitored (a certain time has elapsed) Connection is prohibited later), only when certain conditions are met, only when a specific administrator approves, permission, forced change of connection destination, etc. ,Execute. In the operation of this access filter, it is desirable that the criteria for determining the processing for the connection request can be changed according to the situation, and it is optimal if it can be changed according to the user's needs. Therefore, the monitoring target terminal 11 can determine various settings related to the operation of the access filter by the setting file 11b.

  The key information 11c is information used as an encryption key when data is encrypted in the network usage status recording process.

  The history information file 11d is obtained by encrypting information collected and analyzed in the network usage status recording process based on the key information 11c.

  The input device 114 includes a pointing device such as a mouse, a tablet, a trackball, and a touch pad, and a keyboard. The input device 114 generates an operation signal according to a user operation and outputs the operation signal to the CPU 111. When the monitoring target terminal 11 is a small device such as a PDA, the input device 114 replaces a pointing device such as a mouse and a keyboard with a touch panel integrated with a display screen, and characters from operations on the touch panel. And a character input circuit for recognizing.

  The display device 115 displays various screens on the display screen of a display device such as a CRT (Cathode Ray Tube) or LCD (Liquid Crystal Display) according to the control of the CPU 111.

  The communication control device 116 includes an IP (Internet Protocol), an ICMP (Internet Control Message Protocol), a TCP (Transmission Control Protocol), a UDP (User Datagram Protocol F), and an HTTP (HyperText Tr TP). Post Office Protocol), APOP (Authenticated Post Office Protocol), SMTP (Simple Mail Transfer Protocol), IMAP (Internet Message Access Protocol), T Operation based on various protocols such as ELNET, ICQ protocol, SIP (Session Initiation Protocol), etc. is executed, and between the server 12 and various devices such as a web server or a computer (not shown) via the Internet 10 under the control of the CPU 111 Send and receive data with.

FIG. 3 is a block diagram illustrating a functional configuration of the server 12.
As shown in FIG. 3, the server 12 includes a CPU 121, a RAM 122, a storage device 123, a communication control device 124, and a recording medium writing device 125, and these units are connected by a bus 126.

The CPU 121 reads out the basic control program and application program stored in the storage device 123, expands them in the work area of the RAM 122, and executes them.
Further, the CPU 121 executes a response process (FIG. 6) and a file backup process (FIG. 7) described later by executing a program stored in the storage device 123.

  The RAM 122 forms a work area for temporarily storing programs executed by the CPU 121 and data.

The storage device 123 is a storage device that includes an optical or magnetic recording medium or a semiconductor storage device, and stores various programs and data executed by the CPU 121. In the storage device 123, a normal area 123a and a backup area 123b are provided as storage areas for storing various data.
The normal area 123a is used, for example, when executing response processing (FIG. 6), and is an area accessed by the CPU 121 during normal operation. The normal area 123a stores authentication information 12a, a setting file 12b, and a history information file 12c.
On the other hand, the backup area 123b is an area in which the file 12d processed by the file backup process (FIG. 7) is stored, and is hardly accessed during normal operation.

The authentication information 12a stored in the normal area 123a is information for performing authentication processing on the monitoring target terminal 11 or the manager terminal 13 that has accessed the server 12 via the Internet 10, and is stored in the normal area 123a in advance. Is done. The authentication information 12a includes, for example, the user name and password of an authorized user who uses the monitoring target terminal 11 and the administrator terminal 13.
The setting file 12b includes data for determining execution conditions when the network usage status recording process is executed in the monitoring target terminal 11. The setting file 12b is uploaded from the administrator terminal 13 in the response process (FIG. 6), and is transmitted by the monitoring target terminal 11. Downloaded.
The history information file 12c is a history information file 11d recorded / created in the monitoring target terminal 11 and uploaded from the monitoring target terminal 11 in response processing. The history information file 12c is stored in the normal area 123a while being encrypted by the monitoring target terminal 11, and is downloaded by the manager terminal 13 in the response process while being encrypted.

Both the setting file 12b and the history information file 12c stored in the normal area 123a are associated with the specific monitoring target terminal 11 and the manager terminal 13 corresponding to the monitoring target terminal 11. That is, the server 12 stores a combination (correspondence relationship) between the monitoring target terminal 11 and the manager terminal 13 so as to match the correspondence relationship between the managed person and the manager described above. Correspondingly, the setting file 12b and the history information file 12c are stored in the normal area 123a. Therefore, the setting file 12b and the history information file 12c can be uploaded and downloaded only by the monitoring target terminal 11 and the manager terminal 13 to which they correspond, and by the other monitoring target terminal 11 and the administrator terminal 13 Cannot be processed.
The information indicating the combination of the monitoring target terminal 11 and the manager terminal 13 may be stored in the normal area 123a or may be stored in an area other than the normal area 123a in the storage device 123. good.

  The communication control device 124 performs operations based on various protocols similarly to the communication control device 116 of FIG. 2 according to control by the CPU 121, and various devices such as the monitoring target terminal 11 and the administrator terminal 13 via the Internet 10. Send and receive data to and from the other.

  The recording medium writing device 125 is a device that records information on a portable optical or magnetic recording medium or a recording medium using a semiconductor memory device (hereinafter referred to as an external recording medium). The history information file 12c stored in the storage device 123 is recorded on the external recording medium. In addition, as an external recording medium that can be recorded by the recording medium writing device 125, various recording media compliant with standards established so far by various manufacturers and organizations or standards established in the future can be used. It may be one that can only record information (so-called write-once type), or one that can record and erase information (so-called rewritable type), and has a specific size, data capacity, and file format. Etc. are optional. The method of setting the external recording medium in the recording medium writing device 125 is arbitrary, and may be set automatically. Further, the interface with the external recording medium in the recording medium writing device 125 can take various forms according to the type of the external recording medium. For example, it drives a disk-type or cartridge-type external recording medium. A driving device, various connectors, and the like can be used.

FIG. 4 is a block diagram showing a functional configuration of the manager terminal 13.
As shown in FIG. 4, the manager terminal 13 includes a CPU 131, a RAM 132, a storage device 133, a recording medium reading device 134, an input device 135, a display device 136, and a communication control device 137, each of which is a bus. 138 is connected.

The CPU 131 controls each unit of the manager terminal 13 by reading out the basic control program and application program stored in the storage device 133, developing them in the work area of the RAM 132, and executing them.
Further, the CPU 131 reads out and executes the network usage status management program stored in the storage device 133 in response to an input operation on the input device 135, and executes a network usage status management process (FIG. 8) described later.

  The RAM 132 forms a work area for temporarily storing programs executed by the CPU 131, data, and the like.

  The storage device 133 is a storage device that includes an optical or magnetic recording medium or a semiconductor storage device, and stores various programs and data executed by the CPU 131. The storage device 133 stores a setting file 13a and a history information file 13b.

The setting file 13a includes information for determining an execution condition when the network usage status recording process is executed in the monitoring target terminal 11. The setting file 13a is created by an input operation or the like using the input device 135 in the administrator terminal 13, and is uploaded to the server 12 in the network usage status management process (FIG. 8).
The history information file 13b is obtained by downloading the history information file 12c stored in the storage device 123 of the server 12 in the network usage status management process.

  The recording medium reading device 134 is a device that reads information from a portable optical or magnetic recording medium or a recording medium using a semiconductor memory device (hereinafter referred to as an external recording medium), and receives information from the external recording medium. Read and output to CPU 131. As the external recording medium that can be read by the recording medium reading device 134, various recording media compliant with the standards established so far or the standards established in the future can be used, and only information can be recorded. (So-called write-once type) may be used, and information may be recorded and erased (so-called rewritable type), and the specific size, data capacity, file format, etc. are arbitrary. Further, the interface with the external recording medium in the recording medium reading device 134 can take various forms according to the type of the external recording medium. For example, driving for driving a disk-type or cartridge-type external recording medium. Devices, various connectors, and the like can be used.

  In the recording medium reader 134, an external recording medium on which key information is recorded is set in the network usage status management process (FIG. 8). In the network usage status management process, the recording medium reader 134 reads key information from the set external recording medium and outputs the key information to the CPU 131.

  The input device 135 includes a pointing device such as a mouse, a tablet, a trackball, and a touch pad, and a keyboard. The input device 135 generates an operation signal according to a user operation and outputs the operation signal to the CPU 131. The input device 135 may be configured by a touch panel integrated with a display screen and a character input circuit that recognizes a character from an operation on the touch panel.

  The display device 136 displays various screens on the display screen of a display device such as a CRT or LCD according to the control of the CPU 131.

  The communication control device 137 performs operations based on various protocols in the same manner as the communication control device 116 in FIG. 2 according to the control of the CPU 131, and with the server 12, a web server (not shown) or various devices of a computer via the Internet 10. Send and receive data between.

FIG. 5 is a flowchart showing network usage status recording processing executed by the monitoring target terminal 11.
The network usage status recording process shown in FIG. 5 is started when the system of the monitoring target terminal 11 starts operation (step S11).

  First, the CPU 111 reads the setting file 11b stored in the storage device 113 and the history information file 11d stored in the storage device 113 when the network usage status recording process was performed previously (step S12). Here, when reading the history information file 11 d from the storage device 113, the CPU 111 stores the history information file 11 d in the RAM 112 and deletes it from the storage device 113.

  Subsequently, the CPU 111 determines an execution condition or the like of the network usage status recording process based on the information included in the setting file 11b read out in step S12, and reflects it in the currently executed process (step S13).

Thereafter, the CPU 111 starts the operation of the access filter based on the execution condition determined in step S13 (step S14). The access filter refers to an external server or other computer via the Internet 10 by a program such as a web browser program, an e-mail transmission / reception program, a messaging program, a peer-to-peer data exchange system program executed on the monitored terminal 11. When the connection is requested, the process for the requested connection is determined and executed in accordance with the execution condition determined in step S13. Processing for the requested connection is allowed (connected), rejected (not connected), monitored for connection time (prohibition of connection after a certain period of time), permitted only when certain conditions are met There are various processes such as permission and forced change of the connection destination only when a specific administrator approves. Moreover, when permitting only when a certain condition is satisfied, a condition for permitting can be presented to the user.
In the operation of this access filter, the processing for the requested connection is determined based on, for example, the IP address or URL. Therefore, when determining the execution conditions in step S13, an access filter table may be created and stored in the storage device 113. The access filter table is, for example, a table in which a connection destination IP address, URL, computer name, and the like are associated with processing for connection. If such a table is stored in the storage device 113, when a connection is requested, whether the requested connection should be permitted or rejected, connection time can be monitored and connection can be made only within a certain period of time. It is possible to efficiently determine whether or not to do so.
Note that the operation of the access filter is continuously executed from the start of step S14 until the monitored terminal 11 is stopped.

Each time the monitored terminal 11 is operated by the user and information is transmitted / received via the Internet 10, the CPU 111 collects and analyzes information transmitted / received by the communication control device 116 (step S15).
The information collected here includes information transmitted / received to / from a server device connected via the Internet 10, information transmitted / received to / from other computers connected via the Internet 10, and these For example, the contents of requests and data sent to a DNS (Domain Name System) server or web server by a web browser program, responses sent from these servers, and various files (HTML (HyperText Markup) (Language) file, etc.) and the date and time when these pieces of information were sent and received. In addition, for example, it includes the titles and contents of messages transmitted and received by the messaging program, information about the transmission destination and source computer of the message and the user of the computer, and the date and time when the information was transmitted and received. Further, for example, it includes the contents of the file list transmitted and received by the program for the peer-to-peer data exchange system, the file names and contents of the files to be transmitted and received, the date and time when these information were transmitted and received, and the IP address of the destination computer for transmission and reception. Further, for example, it includes the header and body of an email sent and received by the email sending and receiving program, the file names and contents of attached files, and the date and time when these pieces of information were sent and received. Furthermore, it is good also as what includes the file size at the time of transmitting / receiving said various files.
The information collected in step S15 can include a history related to the operation of the access filter started in step S14. That is, during the operation of the access filter, information related to connection to an external server or other computer requested by a program such as a web browser program, an e-mail transmission / reception program, a messaging program, or a peer-to-peer data exchange system program (partner Information such as the IP address, URL, computer name, etc.) and the type of processing executed by the access filter may be collected in step S15.

  In step S15, the CPU 111 collects information to be transmitted and received, extracts various information to be stored as a communication history, creates a history information file (for example, a text file) including the extracted information, and temporarily stores it in the RAM 112. To store. If a history information file has already been stored in the RAM 112, it is possible to always keep only one history information file by adding newly extracted information to the previously stored history information file. It is possible, and a plurality of history information files may be stored in the RAM 112. In the latter case, for example, if the file creation date and time are included in the file name, there is no possibility that the file names of a plurality of files match.

Then, the CPU 111 determines whether or not the information upload condition is satisfied in the monitoring target terminal 11 (step S16).
The information upload condition is a condition for transmitting the file created in step S15 to the server 12, and is set when the network usage status recording program is installed in the monitored terminal 11 or set by the setting file 11b. Is done. As information upload conditions, for example, (1) a line is established between the communication control device 116 and the Internet 10, and communication with the server 12 is possible without newly performing line connection processing. 2) that a predetermined time (for example, 3 hours, 6 hours) has passed, (3) the total file size of the history information files stored in the RAM 112 exceeds a certain size, and the like. . When multiple conditions are set in this way, it is possible to arbitrarily set whether it is necessary to satisfy all the conditions, or whether the information upload condition is considered to be satisfied if some conditions are satisfied. is there.

  When it is determined that the information upload condition is not satisfied (step S16; No), the CPU 111 determines whether or not the system termination process of the monitoring target terminal 11 is being performed (step S17). If the system termination process is not executed, the CPU 111 returns to step S15.

  If the system termination process has been executed (step S17; Yes), the CPU 111 encrypts the history information file stored in the RAM 112 based on the key information 11c (step S18). Furthermore, the CPU 111 stores the encrypted file as the history information file 11d in the storage device 113, deletes the history information file from the RAM 112 (step S19), and ends this process.

  When the information upload condition is satisfied (step S16; Yes), the CPU 111 encrypts the history information file stored in the RAM 112 based on the key information 11c (step S20), and transmits it to the server 12 via the Internet 10. Upload (step S21).

  Further, the CPU 111 determines whether or not the setting file corresponding to the monitoring target terminal 11 has been updated in the server 12 (step S22). If the setting file has been updated, the CPU 111 downloads the setting file and sets the setting file. 11b is stored in the storage device 113 (step S23), the execution condition of the network usage status recording process is determined based on the information included in the newly stored setting file 11b, and the determined condition is reflected (step S23). S24), the process returns to step S15.

  The processing in step S22 will be described in detail. First, the CPU 111 requests a file list from the server 12, and receives and analyzes the file list transmitted from the server 12 in response to this request. When the received file list includes a setting file that is newer than the setting file 11b stored in the storage device 113, the server 12 requests the server 12 to download the setting file and responds to this request. Then, the setting file transmitted from the server 12 is stored in the storage device 113 as a new setting file 11b. Here, the CPU 111 may delete the setting file 11b previously stored in the storage device 113, or may perform processing such as assigning a different file name to avoid duplication of the file name. 11b may be left in the storage device 113.

  If the setting file corresponding to the monitoring target terminal 11 has not been updated in the server 12 (step S22; No), the CPU 111 ends the access to the server 12 and returns to step S15.

Through the above network usage status recording process, the information transmitted to the Internet 10 by the monitoring target terminal 11 and the information received from the Internet 10 so that the user using the monitoring target terminal 11 does not notice the monitoring target terminal 11. Can be recorded and uploaded to the server 12. In this network usage status recording process, the CPU 111 accesses the server 12 and uploads the history information file only when the information upload condition is satisfied. For example, the monitored terminal 11 is not connected to the Internet 10. Thus, dial-up connection is not performed to access the server 12, and the user is not suspicious. Further, when the information upload condition is not satisfied, the history information file temporarily stored in the RAM 112 is encrypted and stored as the history information file 11d in the storage device 113, so that the monitored terminal 11 is operated. The user does not see the contents of the history information file 11d. The history information file 11 d stored in the storage device 113 is read out and stored in the RAM 112 when the network usage status recording process is executed next time, and is deleted from the storage device 113. Therefore, there is no fear that unnecessary files are accumulated in the storage device 113, and the user who uses the monitoring target terminal 11 does not have a suspicious impression.
Further, the CPU 111 executes the network usage status recording process shown in FIG. 5 in the background. That is, since the CPU 111 does not perform notification or the like on the display device 115 while executing the network usage status recording process, the user who uses the monitoring target terminal 11 does not notice that the network usage status recording process is being executed. The authentication information 11a, the setting file 11b, the key information 11c, and the history information file 11d stored in the storage device 113 are all attributes (so-called “hidden files”) that are not known to the user who uses the monitoring target terminal 11. Attribute) may be set.
In addition, by performing the access filter operation in the monitoring target terminal 11, inappropriate use of the Internet 10 using the monitoring target terminal 11 can be prevented. Since the operation of the access filter is performed according to the execution condition determined by the contents of the setting file 11b, the operation condition of the access filter can be changed at any time.

FIG. 6 is a flowchart showing a response process executed by the server 12.
In the response process shown in FIG. 6, when the CPU 121 receives an access from the monitoring target terminal 11 or the manager terminal 13 via the Internet 10 (step S31), the CPU 121 executes an authentication process for the accessed terminal (step S32). ).

This authentication process is executed as follows. When the monitoring target terminal 11 accesses the server 12, the CPU 121 requests the monitoring target terminal 11 to transmit information included in the authentication information 11 a stored in the storage device 113 of the monitoring target terminal 11. When information included in the authentication information 11 a is transmitted from the monitoring target terminal 11 in response to this request, the CPU 121 converts the information transmitted from the monitoring target terminal 11 into authentication information stored in the normal area 123 a of the storage device 123. Compared with 12a, when the information is included in the authentication information 12a, the accessed monitoring target terminal 11 is recognized as a terminal having proper authority.
When the manager terminal 13 accesses the server 12, the CPU 121 requests the manager terminal 13 to transmit information such as a password for authentication to the manager terminal 13. When information such as a password is transmitted from the administrator terminal 13 in response to this request, the server 12 compares the transmitted information with the authentication information 12a stored in the normal area 123a of the storage device 123, and When the information is included in the authentication information 12a, the accessed administrator terminal 13 is recognized as a terminal having proper authority.

  When the terminal accessed in step S31 is recognized as a terminal having a legitimate authority by the authentication process in step S32, the CPU 121 receives a request from the terminal and analyzes it (step S33).

When the request received in step S33 is a request for a file list (step S34; Yes), the CPU 121 is associated with the accessed terminal (that is, the terminal authenticated in step S32) and the terminal combined with the terminal. A list of the setting file 12b and / or history information file 12c is created and transmitted to the terminal (step S35), and the process returns to step S33.
For example, when a file list is requested from the administrator terminal 13, the CPU 121 receives the setting file 12 b uploaded from the administrator terminal 13 and the monitoring target terminal 11 combined with the administrator terminal 13. A file list of either or both of the uploaded history information files 12 c is created and transmitted to the manager terminal 13. For example, when a file list is requested from the monitoring target terminal 11, the CPU 121 uploads the history information file 12 c uploaded from the monitoring target terminal 11 and the administrator terminal 13 combined with the monitoring target terminal 11. A file list of either or both of the setting files 12b uploaded from is created and transmitted to the monitoring target terminal 11.

When the request received in step S33 is a download request for a specific file (step S36; Yes), the CPU 121 transmits the requested file to the accessed terminal (step S37). Return to S33.
For example, when a file download is requested from the administrator terminal 13, the CPU 121 monitors the setting file 12 b uploaded from the administrator terminal 13 and the monitoring target terminal 11 combined with the administrator terminal 13. The requested file is extracted from the history information file 12c uploaded from, and transmitted to the manager terminal 13. Further, for example, when a file download is requested from the monitoring target terminal 11, the CPU 121 displays the history information file 12 c uploaded from the monitoring target terminal 11 and the administrator terminal combined with the monitoring target terminal 11. The requested file is extracted from the setting file 12 b uploaded from 13 and transmitted to the monitoring target terminal 11.

  If the request received in step S33 is a file upload request (step S38; Yes), the CPU 121 stores the file transmitted from the accessed terminal in the normal area 123a in association with the terminal. (Step S39). Therefore, the uploaded file itself and the file list including the file are transmitted only to the terminal and the terminal combined with the terminal.

  When the request received in step S33 is a request indicating the end of the process (step S40; Yes), the CPU 121 ends the process.

  If the content of the request received in step S33 is neither a file list request, a download request, an upload request, or a process end request (step S40; No), the CPU 121 returns to step S33 and again Try to receive the request.

  The response process shown in FIG. 6 enables the monitoring target terminal 11 to download the setting file 12b uploaded from the administrator terminal 13 combined with itself, and the administrator terminal 13 The history information file 12c uploaded from the monitoring target terminal 11 combined with the monitoring target terminal 11 to be monitored can be downloaded. Further, since the setting file 12b and the history information file 12c cannot be uploaded and downloaded by terminals other than the corresponding monitoring target terminal 11 and the administrator terminal 13, there is no possibility of information leaking to unrelated users. Furthermore, since the CPU 121 transmits the history information file 12c to the manager terminal 13 without decrypting the history information file 12c, that is, in an encrypted state, a user other than the manager terminal 13 uses the history information file 12c. I can't know the contents. For this reason, the confidentiality of the history information file 12c is reliably protected.

  FIG. 7 is a flowchart showing a file backup process executed by the server 12. The file backup process shown in FIG. 7 is performed once a month according to a predetermined condition, or when the total size of the history information file 12c uploaded from a specific monitoring target terminal 11 exceeds a predetermined capacity. To be executed.

In the file backup process, the CPU 121 first reads the history information file 12c to be backed up from the normal area 123a and writes it to the external recording medium set in the recording medium writing device 125 (step S41).
Here, the history information file 12c to be backed up is the history information file 12c uploaded from the specific monitoring target terminal 11 and stored in the normal area 123a. It is arbitrary whether all the history information files 12c stored in the normal area 123a are to be written, or only the history information file 12c uploaded in a specific period is to be written. Further, history information files 12c uploaded from a plurality of monitoring target terminals 11 combined with a specific manager terminal 13 may be collectively set as a backup target.

  In step S41, if the total file size of the history information file 12c to be backed up exceeds the capacity of the external recording medium set in the recording medium writing device 125, a plurality of files to be backed up are stored. Of course, it is possible to divide and record on an external recording medium. In this case, the external recording medium may be automatically replaced in step S41.

  Thereafter, the CPU 121 copies the history information file 12c written to the external recording medium in step S41, that is, the history information file 12c to be backed up, and stores it as a processed file 12d in the backup area 123b (step S42). It deletes from the area | region 123a (step S43), and complete | finishes this process.

  The history information file 12c is recorded on the external recording medium by the file backup processing shown in FIG. Therefore, for example, if the recorded external recording medium is sent to the user of the manager terminal 13, the user can easily manage the past history information file 12c. 13 can efficiently use the capacity of the storage device 133. In addition, since only the minimum necessary history information file 12c is stored in the normal area 123a of the server 12, the capacity of the normal area 123a can be used efficiently. Furthermore, since the backup area 123b stores only the history information file 12c that has already been file-backed up, it is not necessary to prepare for frequent access. For this reason, it is sufficient to manage by an efficient and low-cost method separately from the normal area 123a, and the labor and cost required for operation management of the server 12 can be reduced.

  FIG. 8 is a flowchart showing a network usage status management process executed by the administrator terminal 13.

  In the network usage status management process shown in FIG. 8, the CPU 131 first requests the recording medium reading device 134 to set an external recording medium on which key information is recorded, and to input a password using the input device 135. The screen to be displayed is displayed by the display device 136 (step S51).

When an external recording medium is set in the recording medium reading device 134 and a password is input by operating the input device 135, the CPU 131 reads out key information from the external recording medium set in the recording medium reading device 134 and reads the regular key. It is verified whether it is information. Further, the CPU 131 transmits the password input by the input device 135 to the server 12 via the communication control device 137 and receives authentication by the server 12 (step S52).
In step S52, if the key information read from the external recording medium is regular key information and the authentication by the server 12 is successful, the CPU 131 determines that the authentication has been established, and the history information recorded on the external recording medium. It is determined whether to use the file (step S53). In this determination, for example, a message prompting the user to input an instruction as to whether or not to use the history information file recorded on the external recording medium is displayed on the display device 136, and the instruction input thereafter is determined. To do.

  Here, when the history information file recorded in the external recording medium is used (step S53; Yes), the CPU 131 reads out the encrypted history information file from the external recording medium set in the recording medium reader 134. Then, decryption is performed based on the key information read from the external recording medium in step S52 (step S54), and the process proceeds to step S60 described later.

  When the history information file recorded on the external recording medium is not used (step S53; No), the CPU 131 determines whether or not to download the history information file from the server (step S55).

When the history information file is downloaded from the server (step S55; Yes), the CPU 131 accesses the server 12 via the Internet 10 by the communication control device 137, downloads the file list of the history information file from the server 12, The image is displayed by the display device 136 (step S56).
Here, when a history information file to be downloaded is designated by operating the input device 135 based on the displayed file list, the CPU 131 downloads the designated history information file from the server 12 and temporarily stores it in the RAM 132. (Step S57), and the process proceeds to step S59.

  When the history information file is not downloaded from the server (step S55; No), the CPU 131 reads the history information file 13b stored in the storage device 133 by the previous processing and temporarily stores it in the RAM 132 (step S58). The process proceeds to step S59.

  In step S59, the CPU 131 decrypts the history information file stored in the RAM 132 based on the key information read from the external recording medium in step S52, and proceeds to step S60.

  In step S60, the CPU 131 analyzes the decrypted history information file and causes the display device 136 to display it on the display screen.

  Thereafter, the CPU 131 determines whether or not to update the setting file in order to change the execution condition or the like of the network usage status recording process in the monitoring target terminal 11 (step S61). Here, when updating the setting file, the CPU 131 creates the setting file 13a based on information input by operating the input device 135, stores the setting file 13a in the storage device 133, and further reads the key information read in step S52. Is encrypted based on (step S62). Then, the CPU 131 accesses the server 12, uploads the encrypted setting file 13a to the server 12 (step S63), and proceeds to step S64.

If the setting file is not updated (step S61; No), the process proceeds to step S64.
In step S <b> 64, the CPU 131 determines whether to delete the local file, that is, the history information file temporarily stored in the RAM 132 and the history information file 13 b stored in the storage device 133.

If it is determined in step S64 that the local file is to be deleted, the CPU 131 deletes the history information file temporarily stored in the RAM 132 and the history information file 13b stored in the storage device 133 (step S65), Exit.
If it is determined in step S64 that the local file is not deleted, the CPU 131 stores the history information file temporarily stored in the RAM 132 as the history information file 13b in the storage device 133, and stores the history information file from the RAM 132. Erase and finish this process.

  In step S65, only the decrypted history information file may be deleted from the RAM 132 and the encrypted history information file may not be deleted.

The network usage status management process shown in FIG. 8 allows a user who uses the manager terminal 13 to browse a history information file indicating the network usage status recorded in the monitored terminal 11. The history information file is encrypted so that it can be decrypted only by the key information recorded on the external recording medium. Furthermore, the network usage status management process can be executed only by a user who knows a legitimate password and has an external recording medium on which legitimate key information is recorded. Therefore, a legitimate user who uses the administrator terminal 13 can know the network usage status in the monitored terminal 11 while ensuring the confidentiality of information. Also, since the decrypted history information file is deleted when the network usage status management process is terminated, there is no fear of others using the history information file, and the confidentiality of the information is more reliably maintained. Can do.
Further, the setting file 13 a is created in the manager terminal 13 and transmitted to the server 12, so that the setting file 13 a is downloaded by the monitoring target terminal 11. In the monitoring target terminal 11, the network usage status recording process is executed according to the setting file 13 a created in the administrator terminal 13.
As a result, the type of information to be collected in the monitoring target terminal 11, the conditions for operating the access filter, and the like can be set and changed by operating the administrator terminal 13. Therefore, the user using the manager terminal 13 can arbitrarily and easily control the operation of the monitoring target terminal 11 even from a remote place without operating the monitoring target terminal 11.

  As described above, according to the network usage status monitoring system 1 according to the embodiment of the present invention, the network usage status in the monitoring target terminal 11 is reliably recorded, and the recorded contents can be recorded only by users who have a legitimate authority. However, it is possible to browse using the manager terminal 13. The information recorded in the monitoring target terminal 11 is encrypted and transmitted to the server 12, and the server 12 retains the encrypted state, and a user having a legitimate authority can manage the administrator terminal 13. This information can be received from the server 12 and decrypted only when using. For this reason, the confidentiality of the information indicating the network usage status in the monitoring target terminal 11 is reliably maintained, and there is no fear of leakage of personal information, and the user can use it with peace of mind.

  In the above embodiment, the administrator terminal 13 is configured to store the program for executing the network usage status management process in the storage device 133. However, the present invention is not limited to this. For example, by storing the program together with key information in an external recording medium, setting the external recording medium in an arbitrary computer, and reading and executing the program and key information, the arbitrary computer can be connected to an administrator terminal. 13 may be used. In this case, the user who uses the administrator terminal 13 only needs to have an external recording medium, and does not always need to use a specific computer. It is very convenient to manage the usage status. Further, when the network usage status management process is terminated in any computer on which the external recording medium is set, if all information stored in the computer is irreversibly erased, the confidentiality of the information can be improved. It can be kept even more reliably.

  In the above embodiment, the monitoring target terminal 11 determines whether or not there is a new setting file in the server 12 in the network usage status recording process (FIG. 5) (step S22). Is downloaded and stored in the storage device 113 as the setting file 11b (step S23), and the contents of the new setting file 11b are reflected (step S24). In these steps S22 to S24, 11 can also change the network usage status recording program itself. That is, the administrator terminal 13 uploads an update file for changing the network usage status recording program to the server 12 in the same manner as the setting file 13a, and the monitoring target terminal 11 stores the update file in the setting file 12b. In the same manner as described above, it may be downloaded from the server 12 and stored in the storage device 113, and this update program may be executed to add a function of the network usage status recording program in the monitored terminal 11, perform bug fixes, or the like. In this way, even when a service or software for transmitting / receiving information via the Internet 10 appears in a new form in the future, it is possible to manage the transmission / reception of information in the new form.

  In addition, any file format such as authentication information, setting file, history information file, algorithms used for encryption and decryption, and the like in the above embodiment can be used. Furthermore, in the monitoring target terminal 11, the server 12, and the manager terminal 13, when deleting or deleting a file, a method capable of irreversible deletion (for example, overwriting meaningless data in the same storage area a plurality of times) In this case, it becomes impossible to restore the information by so-called file restoration software or the like, so that the confidentiality of the information can be more reliably maintained. In addition, it is needless to say that the detailed configurations of the monitoring target terminal 11, the server 12, and the manager terminal 13 can be arbitrarily changed.

  As an example of use of the present invention, as described above, a parent manages a network usage situation of a child (including students, children, and students), or a manager manages an employee's network usage situation. An example is given, but this is merely an example. For example, a desired file can be encrypted and transmitted / received between a plurality of computers to be used for file exchange.

It is a figure which shows schematic structure of the network utilization condition monitoring system in embodiment of this invention. It is a block diagram which shows the functional structure of the monitoring object terminal shown in FIG. It is a block diagram which shows the functional structure of the server shown in FIG. It is a block diagram which shows the functional structure of the terminal for managers shown in FIG. It is a flowchart which shows the network utilization condition recording process performed by the monitoring object terminal shown in FIG. It is a flowchart which shows the response process performed by the server shown in FIG. It is a flowchart which shows the file backup process performed by the server shown in FIG. It is a flowchart which shows the network utilization condition management process performed with the terminal for managers shown in FIG.

Explanation of symbols

DESCRIPTION OF SYMBOLS 1 Network usage condition monitoring system 10 Internet 11 Monitored terminal 12 Server 13 Administrator terminal

Claims (14)

A communication means for transmitting / receiving information to / from an external device via a communication line;
History information generating means for generating history information indicating a history of transmission and reception of information by the communication means;
Encryption means for encrypting history information generated by the history information generating means;
History information transmission control means for causing history information encrypted by the encryption means to be transmitted by the communication means;
A communication history recording apparatus comprising:   The history information generation means transmits / receives based on the operation of one or more of a web browser program, an e-mail transmission / reception program, a messaging program, and a peer-to-peer data exchange system program executed in the communication history recording device. The communication history recording apparatus according to claim 1, wherein the history information is generated by acquiring information to be recorded. Execution condition setting means for causing the communication means to receive setting information via the communication line and determining an execution condition based on the received setting information;
The communication history recording apparatus according to claim 1, wherein the history information generating unit generates the history information in accordance with an execution condition set by the execution condition setting unit. Connection control determination means for determining processing to be performed for the connection according to the execution condition set by the execution condition setting means when connected to the external device via the communication means;
4. The communication history recording apparatus according to claim 3, further comprising connection control execution means for executing processing determined by the connection control determination means. Information reading means for reading information from a portable recording medium;
History information acquisition means for acquiring history information generated by the communication history recording device according to any one of claims 1 to 4,
Decoding means for decoding history information acquired by the history information acquisition means based on information read from the recording medium by the information reading means;
Display means for displaying history information decoded by the decoding means on a display screen;
Erasing means for erasing the decrypted history information after use of the history information decrypted by the decrypting means is completed;
A communication history management apparatus comprising: To a computer equipped with a communication means for transmitting and receiving information to and from an external device via a communication line,
History information generation processing for generating history information indicating a history of transmission and reception of information by the communication means;
An encryption process for encrypting the history information generated by the history information generation process;
History information encrypted by the encryption process, history information transmission process for transmitting via the communication line,
A program for executing a communication history recording process including:   The history information generating process is based on the operation of any one or more of a web browser program, an e-mail transmission / reception program, a messaging program, and a peer-to-peer data exchange system program executed on the computer. The program according to claim 6, which is a process of acquiring information transmitted / received by and generating the history information. The communication history recording process further includes an execution condition setting process in which setting information is received via the communication line by the communication unit, and an execution condition is determined based on the received setting information,
The program according to claim 6 or 7, wherein the history information generation process is a process of generating the history information in accordance with the execution condition set by the execution condition setting process. The communication history recording process is a connection control for determining a process to be performed for the connection according to the execution condition set by the execution condition setting process when connected to the external device via the communication unit. Judgment processing,
The program according to claim 8, further comprising a connection control execution process for executing the process determined by the connection control determination process. In a computer equipped with an information reading device that reads information from a portable recording medium,
History information acquisition processing for acquiring history information generated by the communication history recording device according to any one of claims 1 to 4,
A decoding process for decoding the history information acquired by the history information acquisition process based on information read from the recording medium by the information reading device;
Display processing for displaying history information decoded by the decoding processing;
An erasure process for erasing the decrypted history information after use of the history information decrypted by the decryption process is completed;
A program for executing communication history management processing including A communication history monitoring system in which a communication history recording device, a communication history management device, and a server are connected via a communication line,
The communication history recording device,
A communication means for transmitting / receiving information to / from an external device via the communication line;
History information generating means for generating history information indicating a history of transmission and reception of information by the communication means;
Encryption means for encrypting history information generated by the history information generating means;
History information transmission control means for causing the communication means to send history information encrypted by the encryption means to the server, and
The server
Receiving means for receiving history information transmitted from the communication history recording device;
Storage means for storing history information received by the receiving means in an encrypted state;
Transmission means for transmitting history information stored in the storage means to the communication history management device when transmission of history information is requested from the communication history management device;
The communication history management device includes:
History information acquisition means for requesting transmission of history information to the server and receiving history information transmitted from the server in response to the request;
Decoding means for decoding history information received by the history information acquisition means;
Display means for displaying the history information decoded by the decoding means on a display screen,
A communication history monitoring system. The server stores a correspondence relationship between one or more specific communication history recording devices and the specific communication history management device,
The transmission means transmits only the history information received from the communication history recording device corresponding to the communication history management device when transmission of history information is requested from the communication history management device;
The communication history management system according to claim 11. A communication history monitoring method in a communication history monitoring system in which a communication history recording device, a communication history management device, and a server are connected via a communication line,
By the communication history recording device,
Generating history information indicating a history of transmission and reception of information with an external device via the communication line, encrypting the history information, and transmitting the encrypted history information to the server;
By the server
When the history information transmitted from the communication history recording device is received, the received history information is stored in an encrypted state, and transmission of the history information is requested from the communication history management device , Transmitting the stored history information to the communication history management device,
By the communication history management device,
Requesting the server to transmit the history information, receiving the history information transmitted from the server in response to the request, decoding the received history information, and displaying the decoded history information Displaying above,
A communication history monitoring method characterized by the above. An information exchange method in a system in which a first terminal device, a second terminal device, and a server are connected via a communication line,
The first terminal device encrypts information to be exchanged and transmits it to the server,
The server stores the correspondence between the first terminal device and the second terminal device, receives the information to be exchanged transmitted from the first terminal device, When the transmission of information is requested from the second terminal device, it is transmitted from the first terminal device associated with the second terminal device out of all stored information. Only the information to be exchanged is sent to the second terminal device,
Requesting the server to transmit information from the second terminal device, receiving information transmitted from the server in response to the request, and decoding the received information;
An information exchange method characterized by

Images