EP-4742071-A1 - DATA RELAY SYSTEM

Abstract

An insurance company can set an appropriate cyber insurance premium. A data relay device relaying data to be communicated between internal terminals in a network and an external terminal also transmits the data to a data block transmission device. The data block transmission device generates data block as a collection of multiple pieces of data received from the data relay device and transmits the data block to a node in a blockchain network to store the data block into the block chain network. This allows the data communicated between the internal terminals in the network and the external terminal to be stored into the blockchain network. The cause or the responsibility for intrusion into the network is thus revealed by examining the data. The insurance company can set an appropriate insurance premium that is reasonably determined based on cyber risks estimated at the time of the contract.

Inventors

• MAKINO TAKEAKI

Assignees

• ID Holdings Corporation

Dates

Publication Date

20260513

Application Date

20240528

Claims (5)

1. A data relay system for relaying data to be communicated between a plurality of internal terminals and an external terminal, the plurality of internal terminals being processing terminals to communicate data with one another inside a network, the external terminal being a processing terminal outside the network, the data relay system comprising: a data relay device configured to relay the data between the plurality of internal terminals and the external terminal; and a data block transmission device connected to the data relay device and to at least one node of a plurality of nodes included in a blockchain network outside the network in which the plurality of internal terminals communicate data with one another, the data block transmission device being configured to receive the data relayed by the data relay device to generate data block being a collection of pieces of the data, and transmit the data block to the at least one node in the blockchain network.
2. The data relay system according to claim 1, wherein the data relay device relays data to be communicated between a first internal terminal and a second internal terminal of the plurality of internal terminals, and the data block transmission device generates the data block including the data to be communicated between the first internal terminal and the second internal terminal and transmits the data block to the at least one node.
3. The data relay system according to claim 1 or claim 2, wherein the data block transmission device includes a data accumulator unit configured to accumulate the data received from the data relay device, a data block generator unit configured to generate the data block using the data accumulated in the data accumulator unit, a data block transmitter unit configured to transmit the data block generated by the data block generator unit to the at least one node, and a storage unit storing predetermined accumulation suspension data being a piece of the data indicating that accumulation of the data performed by the data accumulator unit is to be suspended and predetermined accumulation resumption data being a piece of the data indicating that suspended accumulation of the data is to be resumed, the data accumulator unit suspends accumulation of the data and outputs accumulated data to the data block generator unit in response to receiving the accumulation suspension data from the data relay device, and the data accumulator unit resumes accumulation of the data in response to receiving the accumulation resumption data from the data relay device during suspension of accumulation of the data.
4. The data relay system according to claim 3, wherein a first processing terminal of the processing terminals establishes a connection with a second processing terminal of the processing terminals before starting communication with the second processing terminal, and the first processing terminal and the second processing terminal having established the connection communicate with each other, and in response to a new connection being established in parallel with the established connection, the data block transmission device accumulates the data for each connection, generates the data block for each connection, and transmits the data block to the at least one node for each connection.
5. The data relay system according to claim 1 or claim 2, wherein the data relay device includes a data transmitter unit configured to transmit the data to the data block transmission device when the data is relayed, and a storage unit storing predetermined suspension data being a piece of the data indicating that transmission of the data to the data block transmission device is to be suspended and predetermined resumption data being a piece of the data indicating that suspended transmission of the data is to be resumed, the data transmitter unit suspends transmission of the data to the data block transmission device in response to the data relayed being the suspension data, and the data transmitter unit resumes transmission of the data to the data block transmission device in response to the data relayed during suspension of transmission of the data being the resumption data.

Description

BACKGROUND OF INVENTION Field of the Invention The present invention relates to a technique for relaying data to be communicated between multiple processing terminals, including processing terminals that can communicate with one another inside a network and a processing terminal outside the network. Background Art Advancements in computer technology and information communication technology have allowed various servers and processing terminals to be connected with one another for communication and to collectively form a network system. The network system (simply referred to as the network) is further connected to external processing terminals or other networks for communication through the Internet. This allows collection and use of a large volume of various items of information, while raising risks (hereafter, cyber risks) of major losses from external intrusion into the network, including confidential information being extracted or important information being tampered or destroyed. Insurance companies offer cyber insurance against such cyber risks. Cyber insurance is a type of insurance under which a policyholder having a contract with an insurance company in advance and paying the insurance premium can be partly or fully compensated by the insurance company for losses from external intrusion into the network. The insurance premium to be paid to the insurance company is determined based on the magnitude of cyber risks (the possibility of losses or the extent of damage) or the level of compensation for the resultant losses. However, the magnitude of cyber risks greatly depends on the state of communication between the network and external devices. With difficulty in accurately estimating the magnitude, the insurance company tends to estimate greater cyber risks and set a larger the insurance premium. A technique has been developed for allowing an insurance company to monitor, before accepting a cyber insurance contract, the communication state of a network covered by the contract over a predetermined period and estimate the magnitude of cyber risks based on the monitoring results to set an appropriate insurance premium (Patent Literature 1). CITATION LIST PATENT LITERATURE Patent Literature 1: Japanese Patent No. 7276480 SUMMARY OF INVENTION TECHNICAL PROBLEM However, setting an appropriate insurance premium of cyber insurance with the known technique described above remains a challenge for the reasons below. After concluding a cyber insurance contract, the administrator of a network tends to reduce efforts in protection against cyber risks because the resultant losses are partly or fully compensated by the insurance company. Measures can be insufficient against intrusion or the spread of losses after an event of intrusion. Thus, cyber risks may increase after a cyber insurance contract is concluded. For losses resulting from an actual event of external intrusion, the insurance company investigates the policyholder of the cyber insurance (typically, the administrator of a network) for negligence before compensating for the losses. When negligence is found, the compensation is decreased. This may cause the policyholder of cyber insurance to provide minimum information to the insurance company or hide inconvenient information. The insurance company may be requested to compensate for the losses from the negligence of the policyholder of the cyber insurance. As described above, cyber insurance may face increased cyber risks after the cyber insurance contract is concluded or may be requested to compensate for losses from the negligence of the policyholder. The insurance company thus tends to estimate greater cyber risks and set a larger insurance premium. In response to the above issue with the known technique, one or more aspects of the present invention are directed to a technique for allowing an insurance company to set an appropriate insurance premium of cyber insurance. SOLUTION TO PROBLEM A data relay system according to one or more aspects of the present invention has the structure below. A data relay system relays data to be communicated between a plurality of internal terminals and an external terminal. The plurality of internal terminals are processing terminals to communicate data with one another inside a network. The external terminal is a processing terminal outside the network. The data relay system includes a data relay device that relays the data between the plurality of internal terminals. The data relay device may also relay the data between one of the internal terminals and the external terminal. The data relay system includes the data relay device and a data block transmission device connected to the data relay device and to at least one node of a plurality of nodes included in a blockchain network outside the network in which the plurality of internal terminals communicate data with one another. The data block transmission device receives the data relayed by the data relay device to generat