1. Field of the Invention
The present invention relates to a communication device that is connected to a communication log device that manages communication logs of information transferred over a network, and a key managing device that generates a decryption key used to decrypt encrypted data.
2. Description of the Related Art
Conventionally, there is a system that appropriately operates and manages a server device, a client device, and the like, in which each device collects communication logs. A system manager that operates and manages each device is indispensable for this method. When each device is not appropriately operated and managed, the devices cannot collect the communication logs because of computer virus infection, device failure, and the like. Reliability of the communication logs is lost, particularly in fields requiring exact communication logs.
Therefore, there is a technology in which a network-side takes over storage and management of communication logs. The communication logs indicate information on electronic files transferred over a network and information regarding the network. For example, each communication device deployed in the network collects the communication logs and notifies a log collecting device of the communication logs. The log collecting device performs overall management of the communication logs. However, in this method, each communication device collects the communication logs and gives notification of the communication logs. Therefore, the communication logs can be easily manipulated on each communication device-side. When cryptographic communication is performed over the network, the log collecting device cannot read information in an electronic file of which notification is given because the information is encrypted. As a result, the log collecting device cannot manage communication logs of cryptographic communication.
A following information communication relay device is a system in which encryption is performed between each communication device (refer to Japanese Patent Application Laid-open No. 2001-237824 [pages 10 and 11, and FIG. 1]). The information communication relay device acquires encryption keys from a plurality of connected terminals and holds the acquired encryption keys. The information communication relay device performs encryption and decryption using the held encryption keys. Specifically, when data is exchanged among the connected terminals by cryptographic communication, the information communication relay device decrypts data exchanged through cryptographic communication using an encryption key that is acquired from a transmitting source terminal and held in advance. The information communication relay device then encrypts the decrypted data using an encryption key that is acquired from a transmitting destination terminal and held in advance. The information communication relay device then transmits the encrypted data to the transmitting destination terminal.
Manipulation of logs can also be prevented through use of the technology in Japanese Patent Application Laid-open No. 2001-237824. Specifically, when decrypting the data, the information communication relay device extracts information on the exchanged data and network information related to the network over which the cryptographic communication is performed. The information communication relay device manages the extracted pieces of information as a log. The information communication relay device re-encrypts the decrypted data and transmits the encrypted data to the transmitting destination terminal.
When the communication logs cryptographically communicated over the network are managed using the above-described technology, a secret key for cryptographic communication is distributed to each communication device. A piece of cryptographically communicated data is decrypted through use of the distributed secret key. A communication log of the decrypted data is collected and managed.
However, in the above conventional technology, the secret key is leaked from each communication device, and confidentiality of communication performed by cryptographic communication cannot be maintained. Therefore, the communication logs cannot be safely and accurately collected. Specifically, when the secret key is distributed to each communication device in the network, the secret key leaks from a communication device that is not appropriately operated and managed. Confidentiality of the communication performed by cryptographic communication cannot be maintained. As a result, the communication logs cannot be safely and accurately collected.