Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Protection at a particular protocol layer
Reexamination Certificate
1997-02-13
2001-05-22
Le, Dieu-Minh T. (Department: 2184)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Protection at a particular protocol layer
C707S793000
Reexamination Certificate
active
06237099
ABSTRACT:
BACKGROUND OF THE INVENTION
This invention relates to an electronic document management system, and in particular to an electronic document management system that can control an access right to electronic documents covering different authorization systems.
In recent years, the prevalence of local area networks has made it possible for the users in different environments connected by networks to access each other. Normally, for electronic files (electronic documents) created in systems on the networks, an access right is set to allow reference to or update of the electronic file contents. For example, in a UNIX operating system (UNIX is a registered trademark in USA and other countries licensed by X/Open Company Ltd), which contains a UNIX file system, the access right to allow reference to or update of the electronic documents managed by the UNIX file system can be assigned to owners, groups to which the owners belong, and superusers (managers).
The operating systems such as UNIX, Windows NT (trademark of Microsoft Corporation USA), and NetWare (registered trademark of Novell Inc. USA) are available and electronic documents prepared by application software programs operating under the operating systems are distributed and copied everywhere via networks. For example, when an electronic document is copied or moved from one UNIX client computer to another, the information on the access right set in the electronic document is also copied or moved with the electronic document contents. For example, if one electronic document entered in a UNIX client computer is copied to a NetWare file server, of course, the electronic document contents are copied intact, but the access right information such as the content reference right and update right set in the UNIX client computer is not copied to the NetWare file server operating in a different manner from the UNIX operating system and the access right of the person who copies the electronic document is set.
Thus, in the network environment, the content reference right, update right, etc., of an electronic document can be set for each operating system, but the access right to the electronic document is granted in the file system of the operating system under which the electronic document is prepared.
Known as prior arts are a system wherein whether or not access is allowed is specified for each document and document field for providing security of the electronic documents (Japanese Patent Unexamined Publication No. Hei 7-191975), a document management system wherein fine reference authorization to each registered document can be granted in response to user's attributes (Japanese Patent Unexamined Publication No. Hei 7-239807), and the like.
The access right to electronic documents handled by conventional application software products (content reference right, update right, etc.,) is controlled in the file system proper to the operating system that can execute user management; it is controlled by each operating system which identifies (manages) the user accessing the electronic document. This means that the access right attendant on the electronic document can be controlled only if the electronic document exists in the file system and the user accessing the electronic document is recognized by the operating system.
However, in an environment where computers in which different operating systems are installed exist on the network, if one electronic document in one file system is moved or copied to another file system in a different operating system, setting of the access right attendant on the source file system is not transferred to the move or copy destination file system, thus a security problem arises.
Since access right control is proper to each operating system, access right control to one electronic document could not be performed for an arbitrary user of an arbitrary operating system. For example, it would be impossible to perform content reference/update access right control to one electronic document for UNIX user A and access right control of only content reference for Windows NT user B.
SUMMARY OF THE INVENTION
It is therefore an object of the invention to provide an electronic document management system that can perform access right control to electronic documents or protect the electronic documents regardless of which file systems the electronic documents reside in, and moreover can assign an access right to one electronic document to any users of a plurality of operating systems that can execute user management.
An electronic document management system according to the invention is applied to an information processing system having at least one authorization system for checking the user for validity and authorizing the user if the user is valid and storage means for storing electronic documents. The electronic document management system comprises access right list assignment means for assigning an access right list setting an authorization system name, user name, and access type to an electronic document prepared by any application software product, compression and coding means for compressing or coding or compressing and coding an electronic document with an access right list as required, decompression and decoding means for decompressing or decoding or decompressing and decoding an electronic document stored on the storage means of one file system, access authorization means for inquiring of the authorization system specified by the user and gaining authorization of the user, access right recognition means for collating user information for authorization with a given access right list for recognizing the corresponding access type, display and edit means for performing electronic document processing in accordance with the recognized access type, and input means for accepting an access request to an electronic document stored in the storage means from the user. The input means is connected to the access right list assignment means and the access authorization means and is used by the user to set the authorization system name, user name, and access right in the access right list assignment means and specify the authorization system name, user name, and password in the access authorization means.
According to the electronic document management system of the configuration, when a prepared electronic document is stored in the storage means, the access right list assignment means assigns an access right list required for performing access right control to the prepared electronic document as one of document elements. The electronic document assigned the access right list is compressed and coded by the compression and coding means, then stored in the storage means. To access the electronic document stored in the storage means, first the electronic document is decompressed and decoded by the decompression and decoding means. Next, the access authorization means inquires of the authorization system who the user is, based on the user name and password specified by the user. If the user is authorized, the access right recognition means checks whether or not the access right list contains a pair corresponding to the authorization system name/user name pair. If the access right list contains the pair, the display and edit means opens the electronic document in accordance with the corresponding access type set in the access right list.
The access right list assignment means can set more than one user that can be managed by the operating system in the access right list to one electronic document. Thus, if an authorization system is added, it can also be added to the access right list. When an electronic document is stored, the contents of the electronic document can be compressed or coded. Thus, if the user is not authorized, he or she cannot reference the electronic document contents; security of the electronic document can be furthermore enhanced.
According to the invention, the access right to an electronic document allowed for any user of any operating system can be registered in the electronic document itself and when the user acces
Finnegan Henderson Farabow Garrett & Dunner L.L.P.
Fuji 'Xerox Co., Ltd.
Le Dieu-Minh T.
LandOfFree
Electronic document management system does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Electronic document management system, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Electronic document management system will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2436710