Network system enabling transmission control
First Claim
1. A network system connected to an in-house network and capable of controlling the transmission, comprising a transmission/receiving terminal having means for transmitting/receiving data and repeater means for relaying the data transmitted/received between said transmission/receiving terminal and said in-house network:
- wherein said data includes information proper and additional information associated with said information proper; and
said repeater means includes means for controlling the data transmission from said transmission/receiving terminal using said additional information, and means for removing said additional information from said data transmissible outside of said in-house network.
1 Assignment
0 Petitions
Accused Products
Abstract
A network system capable of preventing the leakage of a confidential file by an inadvertent act of a transmitting party and capable of meeting the requirement for an arbitrary file format is disclosed. A label indicating a security level (“confidential” or “unclassified”) is attached to the file in a client terminal, which transmits the labeled file outside. A transmission management program on a gateway server checks the label of the file, and in the case where the security level is “unclassified”, transmits the file to an external network. Also, a label management program manages the labeled file in the client terminal.
-
Citations
17 Claims
-
1. A network system connected to an in-house network and capable of controlling the transmission, comprising a transmission/receiving terminal having means for transmitting/receiving data and repeater means for relaying the data transmitted/received between said transmission/receiving terminal and said in-house network:
-
wherein said data includes information proper and additional information associated with said information proper; and
said repeater means includes means for controlling the data transmission from said transmission/receiving terminal using said additional information, and means for removing said additional information from said data transmissible outside of said in-house network. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 17)
-
-
13. A network system capable of controlling the transmission, comprising:
-
an information processing system including a first storage unit, a second storage unit for reading/ writing data from and into removable media, means for accessing said first and second storage units, and an additional information list containing the additional information to be added to each of said information proper; and
a key management unit for managing an encryption key;
wherein said access means includes means for recording the information proper from said first storage unit into said second storage unit; and
said recording means includes means for determining whether said data is to be encrypted or not, by referring to the additional information of said information proper recorded in said additional information list, means for generating an encryption key in the case where said data can be encrypted, means for encrypting said data using said encryption key, means for registering said encryption key in said key management unit, means for receiving an identifier of said registered encryption key from said key management unit, means for generating data by adding said additional information to said information proper, and means for recording said encrypted data and said identification number in said second storage unit using said encryption key.
-
-
14. A network system capable of controlling the transmission, comprising:
-
an information processing system including a first storage unit, a second storage unit for reading/ writing data from and into removable media, means for accessing said first and second storage units, and an additional information list containing the additional information to be added to each of said information proper; and
a key management unit for managing an encryption key;
wherein said access means includes means for recording the data from said second storage unit into said first storage unit;
said data includes an identifier and encrypted data;
said encrypted data includes an additional information section;
said recording means includes means for transmitting said identifier to said key management unit and receiving the encryption key for the corresponding one of said encrypted data, means for decrypting said encrypted data using said encryption key, and means for adding said additional information to said additional information list; and
said key management unit includes means for receiving said identifier from said recording means and transmitting the encryption key associated with said encrypted data to said recording means.
-
-
15. A network system capable of controlling the transmission, comprising:
-
an information processing system including a first storage unit, a second storage unit for reading/ writing data from and into removable media, and means for accessing said first and second storage units; and
a key management unit for managing an encryption key;
wherein said access means includes means for recording the data from said first storage unit into said second storage unit;
said data includes information proper and additional information associated with said information proper;
said recording means includes means for determining whether said data is to be encrypted or not, based on said additional information, means for generating an encryption key, means for encrypting said data using said encryption key, means for registering said encryption key in said key management unit, means for receiving the identifier of said registered encryption key from said key management unit, and means for recording said encrypted data and said identifier into said second storage unit; and
said key management unit includes means for receiving said encryption key from said recording means and transmitting said identifier associated with said encryption key to said recording means.
-
-
16. A network system capable of controlling the transmission, comprising:
-
an information processing system including a first storage unit, a second storage unit for reading/writing data from and into removable media, and means for accessing said first and second storage units; and
a key management unit for managing an encryption key;
wherein said access means includes means for recording the data from said second storage unit into said first storage unit;
said data include an identifier and encrypted data;
said recording means includes means for transmitting said identifier to said key management unit and receiving the encryption key for said encrypted data, and means for decrypting said encrypted data using said encryption key; and
said key management unit includes means for receiving said identifier from said recording means and transmitting said encryption key associated with said encrypted data to said recording means.
-
Specification