JP4362778B2 - Proxy server device - Google Patents

Description

  The present invention relates to a proxy server device that accepts access from outside a LAN (local area network) on behalf of a server device in the LAN.

  Some recent network multifunction peripherals include a WEB server, and a browser of a client device can display an electronic bulletin board in the network multifunction peripheral or a web page of device setting information. The web server of the network MFP is mainly designed to provide services to client devices on the in-house network (in-house LAN), and is not premised on the use outside the company. Of course, it is possible to make it public outside the company.

Many network multifunction peripherals currently used or on the market are premised on use in an in-house network, and have a weak security mechanism against attacks from the outside through the network. In order to protect the server device connected to the corporate network from external threats, a network configuration may be adopted in which a proxy server device is installed and incoming access from outside the corporate network is accepted through the proxy server device. (For example, refer to Patent Document 1).
JP 2003-186664 A

  However, even if the conventional proxy server device including the proxy server device according to Patent Document 1 is installed, the WEB server of the network multifunction device often provides a WEB page for in-house information. If all the WEB pages stored in the website are disclosed outside the company, confidential company information may be leaked outside.

  In addition, even if there is information to be disclosed to the outside in a part of the WEB page, if the WEB page contains information that cannot be disclosed to the outside such as in-house confidential information, the entire WEB page cannot be disclosed to the outside. There is a problem.

  When a sales employee or a business trip employee can access the WEB server of the network multifunction peripheral from a remote location by remote access or the like, it is convenient if a mobile terminal device such as a mobile phone can be used as a communication device for access. However, since the browser of the mobile terminal device is functionally inferior to the browser of the desktop PC, there is a problem that the WEB page of the network multifunction peripheral cannot be displayed on the display device of the mobile terminal device.

  The present invention has been made in view of the problems described above, and selects a WEB page that can be disclosed to the outside from among WEB pages stored in a WEB server connected to an in-house network. It is an object of the present invention to provide a proxy server device that can publish a WEB page including confidential information that can be disclosed and that can be disclosed to the outside while hiding the confidential information portion.

In order to achieve the above object, the proxy server device according to claim 1 acquires an object in the LAN and performs editing to delete link information or an icon image that is not disclosed in the object according to an operation instruction by the operator. There is an object editing means, a saving means for saving the edited object, a request for access to an object in the LAN from outside the LAN, and an edited version of the object that requires access is saved in the saving means. A stored object transmission means for transmitting the stored object to the access request source.
The proxy server device according to claim 2, wherein the object editing means further performs editing for selecting necessary portions of a plurality of object files and collecting them into one file in accordance with an operation instruction by an operator. It is characterized by.
Further, the proxy server device according to claim 3 is characterized in that the object editing means further performs editing to divide the object into a plurality of pieces so that the object can be viewed even on a small display device in accordance with an operation instruction by the operator .

A proxy server device according to claim 4 is the proxy server device according to any one of claims 1 to 3, registration means for registering position information of an object in the LAN that permits access, and a LAN from outside the LAN. Only when the location information of the object to be accessed is registered in the registration means, the server device that stores the object Receiving means for accepting the request, and accepting the request by the accepting means is transmitted by the saved object transmitting means when an edited version of the object requested to be accessed is saved in the saving means. On the other hand, if the edited version is not stored in the storage unit, the object Gets an object that is required to access the server device storing the-object, is to transmit to the access request source is characterized by.

The proxy server device according to claim 5 is the proxy server device according to any one of claims 1 to 4 , wherein the object to be transmitted to the access request source is a browser for a mobile phone or a PDA (Personal Digital Assistant). It further comprises file conversion means for converting to a file format that can be displayed by a browser for use .

According to the proxy server device according to claim 1 , claim 2, and claim 3 , even if an object includes a part of information that cannot be disclosed to the outside, only the information that cannot be disclosed is deleted and edited. Other parts can be disclosed, while the client device in the LAN can access information that cannot be disclosed to the outside as usual. Also, access requests from outside the LAN can be handled by sending the saved edited object, so that a quick response can be realized and the security of the server device in the LAN can be improved. .

According to the proxy server device of the fourth aspect , in addition to the above advantages, only the URLs of objects that can be disclosed outside the LAN among the objects stored in the server device in the LAN are registered. Thus, only the object can be disclosed, while the client device in the LAN can access all objects as usual.

According to the proxy server device of the fifth aspect , a mobile terminal or the like can be used when a sales employee or a business traveler remotely accesses an object in the company network from outside the company.

  The proxy server device according to the embodiment of the present invention will be described below. FIG. 1 shows a configuration example of a LAN 2 to which a proxy server device 1 according to an embodiment of the present invention is connected. In addition to the proxy server device 1, a router device 3, a network multifunction device 4, a WEB server device 5, a client PC 6, and the like are connected to the LAN 2. The proxy server device 1 is directly connected to the router 6 so that all data entering the LAN 2 from outside the LAN 2 (Internet) through the router 3 can be monitored.

  As shown in FIG. 2, the proxy server device 1 includes a control unit 7, a communication unit 8, a file format conversion unit 9, a cache memory 10, a display unit 11, an operation unit 12, an auxiliary storage device 13, and the like. The control unit 7 includes a CPU (Central Processing Unit), a ROM (Read Only Memory), a RAM (Random Access Memory), etc. (not shown), and in accordance with a command issued by the CPU based on a control program stored in the ROM. The operation of each part constituting the proxy server device 1 is controlled. The communication unit 8 includes a NIC (network interface card) and communicates with the server devices 4 and 5 and the router 3 connected in the LAN 2.

  The file format conversion unit 9 converts an HTML file acquired from the WEB server or the WEB server device 5 of the network MFP 4 in the LAN 2 into a format suitable for various browsers based on a table 15 described later. For example, an HTML file is converted into a HTML (Compact HTML) file so that it can be displayed on a mobile phone browser, or an HTML file in which an image icon display of the HTML file is omitted so that it can also be displayed on a PDA browser. . The conversion method of the file format conversion unit 9 is not limited to these, and the HTML file may be converted into a format other than these if necessary to correspond to the browser type of the client device outside the LAN 2.

  The cache memory 10 temporarily stores objects acquired by accessing the WEB server or the WEB server device 5 of the network MFP 4 in the LAN 2 in response to a request from outside the LAN 2. When there is a request for an object specifying a URL from a client device outside the LAN 2, and the URL matches the URL of the object stored in the cache memory 10, the access operation to the WEB servers 5 and 6 is omitted. The object stored in the cache memory 10 is transmitted to the request source. This enables a quick response to the request source. The object is passive entity data accessed from the outside, such as a file such as a WEB page or a directory stored in a device in the LAN.

  The display unit 11 is composed of, for example, an LCD (Liquid Crystal Display), and displays information held by the proxy server device 1, such as registration information and device setting information. In addition, the display unit 11 accesses the WEB servers 4 and 5 by executing an object editing program incorporated in the proxy server device 1, acquires a WEB page, displays the WEB page, and displays an operation on the operation unit 12 by an operator. Edit according to the instructions. In the present embodiment, the case where the acquired WEB editing is edited in accordance with an operation instruction by an operator will be described. However, the editing is not limited to this. For example, a predetermined editing procedure is stored in advance in the storage means. In addition, based on this, the control unit 7 may automatically edit the acquired WEB page. The operation unit 12 includes an input device such as a keyboard and a mouse. The auxiliary storage device 13 is composed of a hard disk device or the like. The auxiliary storage device 13 stores an editing object 13a that is an object edited by execution of editing software, an access information log file 13b, which will be described later, and the like. The object editing program 13c and a URL list file (not shown) to be described later are also stored in the auxiliary storage device 13.

  The network multifunction device 4 is a multifunction device having various functions such as a WEB server function and a facsimile communication function. The WEB page provided by the WEB server function includes device setting information of the network multifunction peripheral 4 and an electronic bulletin board. The WEB server device 5 is a WEB server dedicated device and stores various WEB contents.

  The client PC 6 has a browser mounted thereon, and can use a WEB service provided by the network multifunction device 4 or the WEB server device 5 through the browser. For example, a web page stored in the network multifunction device 4 and the web server device 5 can be accessed through a browser.

  The proxy server device 1 stores in the RAM position information of objects in the LAN 2 that permit access from outside the LAN 2. Further, location information (URL) for external disclosure is also stored in association with the location information of the object in the LAN 2 that permits access. Specifically, as shown in FIG. 3, a correspondence table T storing actual location information in the LAN 2 in association with a plurality of virtual URLs for external disclosure is stored in the RAM. The domain name included in the virtual URL is the actual domain name of the LAN 2, and other parts, for example, path names and the like are virtual information. The actual location information in the LAN 2 does not need to follow the URL description format, and is location information that allows the proxy server device to specify the destination of the server device and the path name of the object stored in the server device. I just need it. The virtual URL for external disclosure and the actual position information stored in the correspondence table T are registered by the operation of the operation unit 12 by the operator.

  When registering the actual location information of the object in the LAN 2 that permits access from outside the LAN 2 and the URL for external disclosure in the correspondence table T, the proxy server device 1 uses the actual information specified for registration by the operator. The object in the LAN in the position information is acquired. Then, the object editing program is started, the acquired object is displayed on the display unit 11 and can be edited in accordance with an operation instruction by the operator, and the edited object is stored in the auxiliary storage device 13. Hereinafter, such functions implemented by the proxy server device 1 will be described with reference to the flowchart of FIG.

  In the proxy server device 1, a predetermined operation for starting the registration processing of the actual location information and external disclosure URL of the object permitted to be accessed from outside the LAN 2 is performed, and the location information and the external disclosure URL are input and designated. Then, the proxy server device 1 accesses the server device (including its own device 1) having the specified actual position information, acquires the object (S101), and displays it on the display unit 11 through the browser (S102). ). Here, the operator can check the object displayed on the display unit 11 and confirm whether or not it contains internal confidential information that should not be disclosed to the outside. Further, when a hyperlink is set for the displayed object, the hyperlink can be selected and the linked object can be displayed on the display unit 11. As a result, it is possible to check not only the displayed object but also whether the link destination set for the object includes information that cannot be disclosed to the outside, such as in-house confidential information.

  Next, an object editing program is executed in the proxy server device 1, and various operation instructions for editing by an operator are accepted on a process generated by the execution of the program. When an operation instruction for editing is made by the operator (S103: YES), the displayed object is edited in accordance with the operation instruction (S104). The editing performed here is, for example, editing that deletes link information and icon images that are not desired to be disclosed to the outside, editing that selects a necessary portion of each of a plurality of object files, and aggregates them into a single file. For example, the browser object is divided into a plurality of edits so that the browser object can be viewed on a small display device such as a mobile phone.

  When the editing operation by the operator is finished and an operation for saving the edited object is performed (S105: YES), or when an operation instruction not to be edited is given by the operator in S103 (S103: NO), the format is converted. When the format conversion is performed, a format conversion instruction screen (not shown) that prompts the operator to specify the format to be converted is displayed on the display unit 11. Format conversion methods that can be specified here include, for example, conversion from an HTML file to a CHTML (Compact Hypertext Markup Language) file, conversion from an HTML file to a format in which the link setting of an image icon is canceled, and all links from the HTML file. This is a conversion to a format in which information is deleted. In S105, when the operation to save the object edited by the operator is not performed and the operation to cancel editing is performed (S105: NO), the process returns to S103.

  When the format conversion instruction screen is displayed and an operation instruction for format conversion is made (S107: YES), the edited object or the object that has not been edited is converted into the instructed format (S108).

  After the processing operation of S108 or when an operation instruction not to perform format conversion is made in S107 (S107: NO), the actual position information of the object designated in S101 and the URL for external disclosure are stored in the correspondence table T Are stored in the auxiliary storage device 13 in association with the position information registered in the correspondence table T and the URL for external disclosure (S109).

  Next, a URL list file that the proxy server apparatus 1 transmits in response to a request from outside the LAN 2 will be described. The proxy server device 1 stores an HTML file (hereinafter referred to as “URL list file”) in which a list of virtual URLs corresponding to objects in the LAN 2 to which access is permitted is stored in the auxiliary storage device 13. When there is an access request specifying the location information (URL) of the URL list file, the proxy server device 1 transmits the stored URL list file to the request source. The virtual URL described in the URL list file may be displayed by a browser, or the virtual URL may be a link destination of a hyperlink in which a character symbol or the like is set. It should be noted that the URL for external publication of the URL list file and the actual position information are also stored in the correspondence table T.

  An example in which the URL list file is displayed by a browser is shown in FIG. The display screen based on the URL list file shown in the figure does not directly display the virtual position information, but has a hyperlink to the virtual position information set in the explanatory text. For example, when the explanatory text “Network MFP 1” on the display screen W1 in FIG. 5 is clicked, the proxy server apparatus 1 is requested to access the object at the URL linked to “Network MFP 1”. . In response to the request, the proxy server device 1 transmits an object for displaying the display screen W2 of FIG. Hyperlinks are also set in the explanatory texts displayed based on the objects that display the display screen W2.

  The proxy server device 1 has a type of access request source browser or terminal device and a format suitable for the browser or terminal device (that is, a format suitable for the access request source client software), as illustrated in FIG. A format correspondence table 15 for storing the file formats in association with each other is stored in the RAM. When the proxy server device 1 receives a request for access to an object in the LAN 2 from outside the LAN 2, for example, based on information received together with the access request, the proxy server device 1 determines the type of browser or terminal device that is the access request source. Then, when transmitting an object to which access is requested to the access request source, the format conversion unit 9 refers to the format correspondence table 15 and refers to the file associated with the type of browser or terminal device that is the request source for access. When the format and the object format are different, the file format is converted to the file format registered in the format correspondence table 15.

  The format correspondence table 15 illustrated in FIG. 6 is information specifying a format in which the link setting to the image icon is canceled from the browser for the mobile phone, the Compact Hypertext Markup Language (CHTML), the browser for the PDA (Personal Digital Assistant), and the HTML file. “HTML / no image icon”, the types of browsers and terminal devices other than those described above, and HTML that is the file format of the object stored in the LAN 2 are stored in association with each other. The contents of the format correspondence table 15 can be registered by operating the operation unit 12 by the operator.

  Processing operations executed when the proxy server apparatus 1 receives a request for access to an object in the LAN 2 from outside the LAN 2 will be described below with reference to the flowchart of FIG.

  The control unit 7 of the proxy server apparatus 1 repeatedly monitors whether or not an HTTP request (for example, GET) has been received from outside the LAN 2 through the communication unit 8, and when receiving an HTTP request as an access request from outside the LAN 2 (S201). : YES), the received HTTP request is analyzed to detect the URL for which access is requested (S202). It is determined whether or not the detected URL corresponds to any of the external disclosure URLs registered in the correspondence table T. When the detected URL does not correspond to any registered external disclosure URL (S203: NO), An HTTP response that denies access is returned to the request source (S204).

  In S203, when the detected URL corresponds to any of the external disclosure URLs registered in the correspondence table T (S203: YES), the user authentication is requested to the request source. For example, user authentication is requested by transmitting an HTTP status code “401” to the request source. Subsequently, when the user ID and password input at the request source are received, authentication processing is performed by checking with the user ID and password information (not shown) registered in the proxy server device 1 in advance. If the authentication fails (S205: NO), an HTTP response that denies access is returned to the request source (S204).

  If the authentication is successful (S205: YES), the browser request type of the access request source and the terminal device model information are retrieved from information included in the HTTP request received in S201, for example, the User-Agent header. . When the type of browser implemented by the access request source and the model information of the terminal device can be acquired (S206: YES), it is determined whether or not the request source is the browser of the mobile phone terminal (S207). (S207: YES), the object conversion method is set to the format associated with the “mobile phone browser”, that is, CHTML based on the format correspondence table 15 (S208). Note that the determination of whether or not the mobile phone terminal is the mobile phone terminal in S207 is, for example, a list of browser and device types described in the User-Agent header (for example, when the access request source is a browser of the mobile phone terminal) , Browser type, browser version, subscriber ID, terminal serial number, etc.) are registered in advance in the auxiliary storage device 13 of the proxy server device 1 and the information actually detected from the User-Agent header is collated. Is done by doing. Further, as a method for determining whether or not the browser is the mobile phone terminal in S207, a correspondence table (not shown) of the user ID specified at the time of authentication and the type of browser or terminal device is stored in advance in the auxiliary server 1 of the proxy server device 1. It may be registered in the device 13 or the like, and it may be determined whether or not the mobile phone terminal is in S207 according to information indicating the type of browser or terminal device associated with the user ID acquired in S205.

  If it is determined in S207 that the browser is not a mobile phone terminal (S207: NO), it is determined whether the access request source is a PDA browser (S209), and it is determined that the browser is a PDA browser (S209: YES), based on the format correspondence table 15, the format corresponding to the conversion method of the object “PDA browser”, that is, the format “HTML / “No image icon” is set (S210). As described above, when determining whether or not the browser is a PDA browser in S209, the list of browser and device types described in the User-Agent header when the access request source is a PDA browser is also used. (For example, browser type, browser version, subscriber ID, terminal manufacturing number, etc.) are registered in advance in the auxiliary storage device 13 of the proxy server device 1 and the information actually detected from the User-Agent header. Is done by matching. As a method for determining whether or not the browser is a PDA in S209, a correspondence table (not shown) of the user ID specified at the time of authentication and the type of browser or terminal device is previously stored in the auxiliary storage device 13 of the proxy server device 1. It is possible to determine whether or not the browser is the PDA browser in S209 according to information indicating the type of browser or terminal device associated with the user ID acquired in S205.

  On the other hand, if a negative determination is made in S206 or S209, the object conversion method is set to the format associated with “others”, that is, the default format HTML based on the format correspondence table 15 (S211). ).

  Subsequent to the processing operation of S208, S210 or S211, an editing object associated with an external URL that is requested to be accessed from outside the LAN 2 is stored in the auxiliary storage device 13, which is stored in S208, S210 or S211. It is determined whether or not it matches the format set in (S212). If such an edit object is stored in the auxiliary storage device 13 (S212: YES), the object to be transmitted to the access request source and the URL to be transmitted to the cache memory 10 and the URL thereof are stored (S213). . In this case, the object before editing is not accessed.

  On the other hand, when a negative determination is made in S212, the server device (including its own device 1) for location information in the LAN 2 is accessed to obtain the requested object, which is transmitted to the access request source and cached. The object to be transmitted and its URL are stored in the memory 10 (S213). Note that the negative determination in S212 refers to the case where the edit object associated with the external URL for which access is requested from outside the LAN 2 is not stored in the auxiliary storage device 13, or such an edit object. Is stored, but the edit object does not match the format set in S208, S210 or S211. The object transmitted in S212 is converted into a format suitable for the client software that requested access according to the format set in S208, S210, and S211 and transmitted as necessary. That is, in S208, if the object conversion method is set to CHTML, the HTML file acquired from the WEB servers 4 and 5 or the HTML file of the URL list stored in the own apparatus 1 is converted into a CHTML file. Send to requester. In S210, if the object conversion method is set to “HTML / no image icon”, the HTML is acquired from the HTML file acquired from the WEB servers 4 and 5 or the HTML file of the URL list stored in the device 1 itself. The file is converted to the one whose link to the image icon is canceled, and this is transmitted to the request source. If HTML is set as the object conversion method in S211, the HTML file acquired from the WEB servers 4 and 5 or the HTML file server of the URL list stored in the own apparatus 1 is not used without performing the conversion process. Send it directly to the requester.

  If the object to be accessed is already stored in the cache memory 10 in S214, access to the server device in the LAN 2 is omitted, and the object stored in the cache memory 10 is the access request source. Sent.

  Subsequently, when the proxy server device 1 receives an HTTP request from outside the LAN 2 (S215: YES), the received HTTP request is analyzed to detect a URL for which access is requested (S216). The URL requested to be accessed here is, for example, one linked to the HTML file transmitted in S213 and S214.

  Next, it is determined whether or not the URL detected in S216 corresponds to any of the URLs for external disclosure registered in the correspondence table T. If the URL does not correspond to any URL for external disclosure (S217: NO), An HTTP response rejecting access is returned to the request source (S204). On the other hand, when the URL detected in S216 corresponds to any of the external publication URLs registered in the correspondence table T (S217: YES), the editing associated with the external publication URL requested to be accessed from outside the LAN 2 It is determined whether the object is stored in the auxiliary storage device 13 and it matches the format set in S208, S210 or S211 (S218). If such an edit object is stored in the auxiliary storage device 13 (S218: YES), the process returns to S213 to transmit the object to the access request source and the object to be transmitted to the cache memory 10 and the object The URL is stored (S213).

  On the other hand, when a negative determination is made in S218, the object to be requested is acquired by accessing the server device of the location information in the LAN 2, and this is transmitted to the request source of the access and also sent to the cache memory 10 The URL is stored (S219). As in the case of S214, the object transmitted in S212 is converted into a format suitable for the client software requesting access according to the format set in S208, S210, and S211 as necessary. Sent. After the transmission, the access information is recorded in the log file (S220), and the process returns to S215.

  In S219, if the object to be accessed is already stored in the cache memory 10, access to the server device in the LAN 2 is omitted, and the object stored in the cache memory 10 is the access request source. Sent.

  When there is no access request in S215, a logout operation is performed at the access request source in S201, and information to be logged out is received from the request source (S221: YES), a logout process is performed to release the session, and The settings in S208, S210, and S211 are canceled (S222).

  In the embodiment described above, the proxy server device 1 is provided with an encryption function to encrypt data transmitted / received to / from the access request source or between the access request source through the encrypted communication path. Communication may be performed. Thereby, communication safety can be further ensured.

  According to the proxy server device 1 described above, by registering only the URL of an object that can be disclosed outside the in-house network among objects stored in the servers 5 and 6 in the LAN 2, the object is registered. Can only be made public. Of course, the client PC 6 in the LAN 2 can access all objects as usual unless there is a restriction on the access right in the operation of the LAN 2. Even if an object contains some information that cannot be disclosed to the outside, the object editing program is executed when the URL for external disclosure is registered, and only the information that cannot be disclosed is deleted by the operator's operation. Other parts can be made public. Of course, the client PC 6 in the LAN 2 can also access information that cannot be disclosed to the outside as usual.

  Further, since the proxy server device 1 can detect the type of the terminal device that requests access from outside the LAN 2 and the type of the browser, and can provide an object converted into a format suitable for this, the access request source terminal A mobile terminal or the like can be used as the device. Thereby, a mobile terminal or the like can be used when a sales employee or a business traveler remotely accesses an object in the company network from outside the company.

  Further, if there are many servers in the LAN 2 that are open to the outside, the firewall setting in the router 3 becomes complicated. However, since the proxy server device 1 is disposed between the router 3 and the LAN 2, the firewall setting is performed. This only needs to be performed for the proxy server device 1, firewall setting is simplified, and troubles due to setting mistakes can be reduced.

  If the proxy server device 1 is installed in the LAN 2 to secure security against unauthorized attacks from outside the LAN 2, the proxy server device 1 is provided with a secure communication protocol or an authentication mechanism such as a password. You just have to have it. As a result, it is not necessary for each terminal device in the LAN 2 to have a security mechanism or an authentication mechanism, and the security monitoring or management burden is reduced.

  The present invention can be applied to, for example, a proxy server device that accepts access from outside the LAN on behalf of the server device in the LAN.

It is the figure which showed the structural example etc. of LAN with which the proxy server apparatus which concerns on embodiment of this invention is connected. It is the block diagram which showed the structural example etc. of the proxy server apparatus concerning embodiment of this invention. It is the figure which showed an example of the corresponding | compatible table which matches and memorize | stores URL for external publication, and the actual position information of the object in LAN. It is the flowchart which showed the processing operation performed when a proxy server apparatus registers the actual positional information on an object, and URL for external publication. It is the figure which showed the example which displayed the HTML file to which the link of URL for external publication was set with the browser. It is the figure which showed an example of the format corresponding | compatible table which matches and memorize | stores the kind of browser and terminal device of an access request source, and file format. It is the flowchart which showed the processing operation performed when a proxy server apparatus receives the request | requirement of access to the object in LAN from the outside of LAN.

Explanation of symbols

T Correspondence table 1 Proxy server device 2 LAN
4 Network multifunction devices (server devices)
5 WEB server device 7 control unit 9 file format conversion unit 13 auxiliary storage device 13a edit object 13b object edit program 15 format correspondence table

Claims (5)

An object editing unit that obtains an object in the LAN and deletes link information or an icon image that is not disclosed in the object according to an operation instruction by the operator, a storage unit that stores the edited object, an external LAN When there is a request for access to an object in the LAN from the network and the edited object is stored in the storage means, the stored object is transmitted to the access request source. And a stored object transmission unit. 2. The proxy server according to claim 1, wherein the object editing unit further selects and edits a necessary portion of each of the plurality of object files in a single file in accordance with an operation instruction by an operator. apparatus. The proxy server device according to claim 1, wherein the object editing unit further performs editing to divide the object into a plurality of pieces so that the object can be viewed even on a small display device in accordance with an operation instruction by an operator.   There is a registration means for registering the location information of the object in the LAN that permits access, and a request for access to the object in the LAN from outside the LAN, and the location information of the object that is requested to be accessed is registered in the registration means. And a receiving unit that accepts an access request on behalf of a server device that stores the object only when the object is stored, and the acceptance of the request by the receiving unit is performed for an object for which access is required. When the edited object is stored in the storage unit, transmission is performed by the stored object transmission unit. On the other hand, when the edited object is not stored in the storage unit, the server storing the object is stored. Access the device to obtain the requested object and send it to the access requester It is, proxy server device according to any one of claims 1 to 3, characterized in that. 2. The apparatus according to claim 1 , further comprising file conversion means for converting an object to be transmitted to the access request source into a file format that can be displayed by a mobile phone browser or a PDA (Personal Digital Assistant) browser. Item 5. The proxy server device according to any one of items 4 .

Images