A security apparatus and a security method for controlling electric devices by
use of electronic mails. A modem receives an electronic mail sent from a sending
side and stores the received electronic mail into a RAM of a controller. A CPU
extracts certification information encrypted by a secret key of a user of the sending
side and decrypts the certification information by use of a public key. Based on
the decrypted information, the CPU determines whether the user of the sending side
is authentic or not. Only when the user is found authentic, the CPU extracts a
control command from the received electronic mail and stores the extracted control
command into a RAM. Then, the CPU transmits an electronic mail to the sending side
for confirming content of the control. If an electronic mail for approving the
confirmation is returned from the sending side, the CPU extracts second certification
information obtained by encrypting information different from that mentioned above,
determines again whether the sender of the electronic mail is authentic, and, if
the sender is found authentic, executes the control command received before.
