JP2005184222A5 - - Google Patents

Description

Workflow system and client terminal thereof

  The present invention relates to a workflow system that circulates a document file obtained by digitizing documents such as an approval document and a report on a network.

  In recent years, organizations such as companies have proposed the introduction of a workflow system that digitizes documents such as approval documents and reports, and then circulates the document files via a network. According to this type of workflow system, the reader can automatically circulate the document file according to the settings by setting the circulation destination and circulation order of the document file in advance. In addition, by setting approval or disapproval for each circulated document file, it is possible to efficiently perform a task of approving a document such as a request for approval.

However, since this kind of workflow system is provided as a server program for realizing the circulation of document files on a so-called client-server closed network, it is described below. There were various problems.
1) It is necessary to provide a circulation management server.
2) Since the circulation management server is used as a relay point and each client terminal accesses the server to circulate the document file, the load on the server becomes great.
3) Since access to a server from an external network (for example, another LAN or the Internet) is usually restricted by a firewall or the like, a document file is circulated to a client terminal connected to the external network. It is difficult to do.
4) When a document file is circulated to a client terminal connected to an external network, the contents of the document file may be leaked unless measures for ensuring the security of confidentiality are taken.

  For this reason, first, in order to solve the problems described in 1) to 3), for example, the document file is circulated between the client terminals without going through the circulation management server. It is conceivable to construct a circulation network that eliminates the need for circulation management, reduces the load on the server, and is not restricted by a firewall or the like for client terminals connected to other LANs or the Internet.

  Furthermore, in order to solve the problem described in 4) above, between the client terminals without going through the above-described circulation management server, for example, as in the workflow system described in Japanese Patent Laid-Open No. 2002-183389. It is conceivable to construct a circulation network that circulates a document file and encrypt the document file when circulating it between the client terminals (see, for example, Patent Document 1).

  However, when encrypting a document file to be circulated in this way, if the public key used for encryption is the same between the client terminals and the secret key for decrypting the same is used, Since the reader who has circulated the document file can also maliciously decrypt the document file encrypted by the subsequent circulator, there is still concern about the security of confidentiality. Further, when the secret of the document file is leaked by such a reader, there remains a problem that it is difficult to specify the reader.

JP 2002-183389 A (paragraphs [0024], [0028], FIG. 3)

  The present invention has been made in view of the above problems, and its purpose is to encrypt a document file by an appropriate method in a workflow system that circulates a document file between a plurality of client terminals. Circulating this provides a workflow system and its client terminal that can do this without the risk of secret leakage even when the document file is circulated to a client terminal connected to an external network. There is.

Invention relating to claim 1 includes a plurality of client terminals connected to a network, a workflow system for circulating electronic documents files between the client terminal, the client terminal from the client terminal encryption and setting means for setting a circulation destination information specifying a circulation destination document file that outgoing, the public key of the document file corresponding to the other client terminals identified on the basis of the routing slip information Encrypting means, transmitting means for transmitting the encrypted document file and the circulation information file including the circulation destination information to another client terminal specified based on the circulation destination information, and another client terminal receiving means for receiving outgoing been the encrypted document file and the circulation information file from Storage means for storing the received encrypted document file and the circulation information file; and the stored secret key unique to the client terminal corresponding to the public key. And decryption history for adding decryption history information including identification information of the client terminal to the circulation information file when the encrypted document file is decrypted by the decryption means. includes an information adding means, and, after confirmation operation or approval operation for the decoded document file is performed, the decrypted document file is encrypted again by the encryption unit, the encrypted again other clients are identified based on the routing slip information document files and prior Machinery list information file by said transmission means has With originating the end, characterized by transmitting to the destination specified based on the notification destination information included the decoding history information to the circulation information file.

  The invention according to claim 2 is the workflow system according to claim 1, wherein the circulation information file includes the public key, and the encryption unit obtains the public key from the circulation information file. It is characterized by.

The invention according to claim 3 is the workflow system according to claim 1 or 2 , wherein the client terminal notifies the server monitoring the circulation state of the document file of the decryption history information. Information notifying means, inquiry means for making an inquiry about the decoding history storage information in which the decoding history information is stored to the server, and the decoding history storage information provided from the server in response to the inquiry are displayed. And a display means.

The invention according to claim 4 is the workflow system according to any one of claims 1 to 3 , wherein the circulation information file includes decryption history notification destination information regarding a notification destination of the decryption history information, The client terminal further includes decoding history information notifying means for notifying the decoding history information to another client terminal specified by the decoding history destination information, and display means for displaying the notified decoding history information. It is characterized by that.
It is characterized by that.

A fifth aspect of the present invention is the workflow system according to any one of the first to fourth aspects , wherein the client terminal notifies the decoding history information to a server that monitors the circulation state of the document file. Decoding history information notifying means, inquiry means for making an inquiry about the decoding history storage information in which the decoding history information is stored to the server, and the decoding history storage information provided from the server in response to the inquiry And a display means for displaying.

The invention according to claim 6 is the workflow system according to claim 5 , wherein the circulation information file includes an encryption program for encrypting the decrypted document file, and the encrypted document. An erasure program for erasing the file, and the erasure means encrypts the decrypted document file by executing the encryption program, and then executes the encryption program to execute the encryption The recorded document file is erased.

The invention according to claim 7 is a workflow system having a plurality of client terminals connected to a network and circulating an electronic document file between the client terminals, wherein the first client terminal is the client Setting means for setting circulation destination information for specifying the circulation destination of the document file transmitted from the terminal, the circulation information file including the circulation destination information, and the document file to the destination specified based on the circulation destination information Transmitting means for transmitting, wherein the second client terminal receives the circulation information file and the document file transmitted from the first client terminal, the received circulation information file, and Storage means for storing the document file, and confirmation operation for the document file After the approval operation is performed, confirmation history information adding means for adding the result information of the confirmation operation or the approval operation to the circulation information file, and the circulation information file and the document file as the circulation destination information. And transmitting means for transmitting the result information to a destination specified based on notification destination information included in the circulation information file .

The invention according to claim 8 is the workflow system according to any one of claims 1 to 7 , further comprising specifying means for reading out the circulation destination information from the circulation information file and identifying the other client terminal. It is characterized by that.

The invention according to claim 9 is a workflow system having a plurality of client terminals connected to a network and circulating an electronic document file between the client terminals, wherein the client terminal is another client terminal. Receiving means for receiving the circulation information file and document file including the notification destination information transmitted from the server, storage means for storing the received circulation information file and the document file, and a confirmation operation or an approval operation for the document file Is performed, a confirmation history information adding means for adding the result information of the confirmation operation or the approval operation to the circulation information file, and sending the result information to a destination specified based on the notification destination information Transmitting means for performing the above-described processing.

The invention according to claim 10 is the workflow system according to any one of claims 1 to 9, wherein the workflow system includes a server, and the transmission unit is configured to output the result information based on the notification information. Is transmitted to the server.

An invention according to an eleventh aspect is the workflow system according to any one of the first to ninth aspects, wherein the transmission unit sends the result information to the client terminal that has transmitted the document file based on the notification information. It is characterized by sending.

A twelfth aspect of the invention is the workflow system according to any one of the first to eleventh aspects, wherein the circulation information file has circulation order information for specifying a circulation order.

The invention according to claim 13 is a client terminal connected to a network, and circulates an electronic document file between the client terminals. Setting means for setting information, encryption means for encrypting the document file with a public key corresponding to another client terminal identified based on the circulation destination information, the encrypted document file, And a transmission means for transmitting a circulation information file including the circulation destination information to another client terminal specified based on the circulation destination information, the encrypted document file transmitted from the other client terminal, and the circulation Receiving means for receiving an information file; the received encrypted document file; and the circulation A storage means for storing an information file, a decryption means for decrypting the stored encrypted document file with a secret key unique to the client terminal corresponding to the public key, and the decryption means Decryption history information adding means for adding decryption history information including identification information of the client terminal to the circulation information file when the encrypted document file is decrypted, and the decrypted document file After the confirmation operation or the approval operation is performed, the decrypted document file is encrypted again by the encryption means, and the re-encrypted document file and the circulation information file are transmitted by the transmission means. The information is transmitted to another client terminal specified based on the destination information, and the decryption history information is transmitted to the circulation information file. Characterized by transmitting to the destination specified based on the notification destination information included in the Le.

  The invention according to claim 14 is the client terminal according to claim 13, wherein the circulation information file includes the public key, and the encryption unit acquires the public key from the circulation information file. It is characterized by.

  The invention according to claim 15 is the client terminal according to claim 13 or 14, wherein the client terminal notifies the server monitoring the circulation state of the document file of the decoding history information. Information notifying means, inquiry means for making an inquiry about the decoding history storage information in which the decoding history information is stored to the server, and the decoding history storage information provided from the server in response to the inquiry are displayed. And a display means.

  The invention according to claim 16 is the client terminal according to any one of claims 13 to 15, wherein the circulation information file includes decryption history notification destination information regarding a notification destination of the decryption history information, The client terminal further includes decoding history information notifying means for notifying the decoding history information to another client terminal specified by the decoding history destination information, and display means for displaying the notified decoding history information. It is characterized by that.

  The invention according to claim 17 is the client terminal according to any one of claims 13 to 16, wherein the client terminal receives the encrypted document file after being transferred by the transmitting means. The apparatus further comprises an erasing unit for erasing the decrypted document file stored in the storage unit of the client terminal.

  The invention according to claim 18 is the client terminal according to claim 17, wherein the circulation information file includes an encryption program for encrypting the decrypted document file, and the encrypted document. An erasure program for erasing the file, and the erasure means encrypts the decrypted document file by executing the encryption program, and then executes the encryption program to execute the encryption The recorded document file is erased.

  The invention according to claim 19 is a client terminal connected to a network, and circulates an electronic document file between the client terminals. In the client terminal, the circulation information file transmitted from another client terminal. And a receiving means for receiving the document file, a storage means for storing the received circulation information file and the document file, and a confirmation operation or an approval operation for the document file. On the other hand, confirmation history information adding means for adding result information of the confirmation operation or approval operation, and sending the circulation information file and the document file to a destination specified based on the circulation destination information, and the result information Based on the notification destination information contained in the circulation information file. Characterized in that it comprises transmitting means for transmitting to a destination, the.

  An invention according to claim 20 is a client terminal connected to the network according to any one of claims 13 to 19, wherein the circulation destination information is read from the circulation information file, and the other client terminals are It further has a specifying means for specifying.

  The invention according to claim 21 is a client terminal connected to a network, wherein the client terminal is connected to a network and circulates an electronic document file between the client terminals. Receiving means for receiving the circulation information file and document file including the notification destination information transmitted from the client terminal, storage means for storing the received circulation information file and the document file, and a confirmation operation for the document file Alternatively, after the approval operation is performed, confirmation history information adding means for adding the result information of the confirmation operation or the approval operation to the circulation information file, and the result information is specified based on the notification destination information. Transmission means for transmitting to a destination.

  An invention according to claim 22 is a client terminal connected to the network according to any one of claims 13 to 21, wherein the transmission means sends the result information to the network based on the notification information. It transmits to the server connected to.

  An invention according to claim 23 is the client terminal connected to the network according to any one of claims 13 to 21, wherein the transmission means sends the result information to the document based on the notification information. It transmits to the client terminal which transmitted the file, It is characterized by the above-mentioned.

  The invention according to claim 24 is the client terminal connected to the network according to any one of claims 13 to 23, wherein the circulation information file has circulation order information for specifying the circulation order. It is characterized by that.

According to the present invention described above , since the document file can be circulated between the client terminals without going through the circulation management server, the circulation management by the server is unnecessary, and the load on the server is reduced. It is possible to construct a circulation network that is not restricted by a firewall or the like for client terminals connected to other LANs, the Internet, etc., and the encryption means can transfer the document file to its circulation destination. The encryption key is encrypted with the public key corresponding to the client terminal, and the decryption means at the client terminal that is the circulation destination, the decryption means converts the encrypted document file into a secret key unique to the client terminal corresponding to the public key. So-called PKI (Public Key Instr.) the document file can be decrypted only at the client terminal that is the circulation destination, and the reader circulates the document file to the client terminal connected to the external network. Even so, this can be done without fear of secret leakage.

According to the present invention, the circulation information file includes the public key, and the encryption unit obtains the public key corresponding to the client terminal that is the circulation destination from the circulation information file. Even if the terminal does not have a public key corresponding to the client terminal as the circulation destination, the document file can be automatically encrypted.

Further, according to the present invention, the specifying unit reads the circulation destination information from the circulation information file and specifies the client terminal as the circulation destination. Therefore, the reader automatically selects the document file without specifying the circulation destination. Can be transmitted to the client terminal as the circulation destination.

According to the present invention, when the document file encrypted by the decryption means is decrypted, the decryption history information adding means adds the decryption history information including the identification information of the client terminal to the circulation information file. Therefore, even if the document file is decrypted in any client terminal and the secret is leaked, the circulator refers to the decryption history information added to the circulation information file. Thus, the circulator who has leaked the secret can be identified from the identification information of the client terminal included in the decryption history information.

Further, according to the present invention, when the server accumulates the decryption history information transmitted from each client terminal and receives an inquiry from each of the client terminals, the previous decryption history information is responded to the inquiry. Since the decryption history storage information is stored, even if the document file is decrypted in any client terminal and the secret is leaked, the circulator makes an inquiry to the server, By referring to the decryption history information, the circulator who leaked the secret can be specified from the identification information of the client terminal included in the decryption history information.

Further, according to the present invention, the circulation information file includes the decryption history notification destination information related to the notification destination of the decryption history information, and the decryption history notification information notifying means specifies the other client terminal specified by the decryption history notification destination information Since the decryption history information is notified, the reader of the client terminal that has received the notification of the decryption history information is in the event that the document file is decrypted at any of the client terminals and the secret is leaked. Even if it exists, the reader who leaked the secret can be specified from the identification information of the client terminal included in the decryption history information by referring to the decryption history information.

Further, according to the present invention, after the encrypted document file is transmitted to the circulation destination client terminal by the transmission unit, the deletion unit stores the decrypted document stored in the storage unit of the client terminal. Since the file is deleted, the reader can prevent the automatically decrypted document file from remaining on each client terminal without deleting the document file, and the confidentiality of the document file can be prevented. Sex can be secured.

According to the present invention, the circulation information file includes an encryption program for encrypting the document file and an erasure program for erasing the encrypted document file. Since the document file is encrypted and then deleted by executing this program, the reader should, in the unlikely event, the document file mentioned above remains in one of the client terminals, and this was taken by another reader Even in this case, the document file can be prevented from being decrypted, and the security of the confidentiality can be ensured.

  Hereinafter, a preferred embodiment of a workflow system and its client terminal according to the present invention will be described in detail with reference to the drawings.

  FIG. 1 is a block diagram showing a hardware configuration of a workflow system according to the present embodiment. The workflow system includes a network 3 such as a LAN to which a server 1 and a plurality of client terminals 2 are connected, a gateway 4 and the Internet 5. And the other network 3 (also connected to the server 1 and the plurality of client terminals 2), the server 1 and the client terminal 2 include an information processing unit 6 that processes electronic information, A display unit 7 for displaying electronic information, an input unit 8 for inputting electronic information, a storage unit 9 for storing files readable by the information processing unit 6, and a network connection for connecting the information processing unit 6 to the network 3 Part 10. The server 1 and the client terminal 2 have the same basic configuration, but the software configuration of each information processing unit 6 is different as will be described later.

  FIG. 2A is a block diagram showing the configuration of a circulation file, which is a document file circulated in the workflow system shown in FIG. 1, and the circulation file is an electronic document such as an approval document or a report. It consists of a document file containing a circulation document and a circulation information file containing various information related to circulation. In this circulation information file, circulation destination information for specifying a circulation destination and a circulation order are specified. Circulation order information, proxy circulation destination information for specifying the proxy of each circulation destination, communication completion notification and circulation impossible notification, and notification destination information for specifying a notification destination of a decoding history information notification described later Storage destination information for specifying the storage destination of the routed document file, original information for specifying the storage source of the original document file, and time limit information for specifying the circulation time limit. Approval necessity information for specifying whether or not each client terminal 2 requires an approval operation, confirmation history information for recording a document file confirmation result (approval result) in each client terminal 2, and The correction history information for recording the correction of the document file in each client terminal 2 and at least the identification information of each client terminal 2 are recorded so as to leave the history when the document file is decrypted in each client terminal 2. Decoding history information is included.

  FIG. 2B is a block diagram showing the configuration of the notification file transmitted in the workflow system shown in FIG. 1, and the circulation file is transmitted to the next circulation client terminal 2 as the type of the notification file. The other client terminal 2 (or server 1) to notify the other client terminal 2 (or server 1) that the transmission notification file and the client terminal 2 that has been the last circulation destination have saved the document file in a predetermined storage location. A circulation end notification file for notifying the terminal 2 (or the server 1), and notifying the other client terminal 2 (or the server 1) that the circulation client terminal 2 serving as the circulation destination is in a state where circulation is not possible. And the decryption history information, which is the history of the circulation client terminal 2 that decrypts the circulation file, for other client terminals. (Or the server 1) has a decryption history notification file for notification, and each notification file includes at least circulation document information for identifying a circulation document and notification source information for identifying a notification source. It is included.

  FIG. 3 is a block diagram showing a software configuration of the information processing unit 6 in the client terminal 2 of the workflow system shown in FIG. 1, and the software includes a circulation transmission setting processing unit 11, a circulation / notification reception processing unit 12, Circulation time limit processing unit 13, display / correction processing unit 14, confirmation / approval processing unit 15, circulation transmission processing unit 16, transmitted notification processing unit 17, document storage processing unit 18, circulation end notification processing unit 19, circulation deletion processing unit 20, a circulation disabled notification processing unit 21, a selective transmission processing unit 22, a circulation disabled notification processing unit 23, an inquiry processing unit 24, a decryption / history processing unit 29, an encryption processing unit 30, and a decryption history processing unit 31. Yes.

  Hereinafter, the processing contents of each processing unit will be sequentially described. In the following, “circulator” refers to a user who uses each client terminal 2.

  The circulation transmission setting processing unit 11 executes the processing in the client terminal 2 (hereinafter referred to as the transmission client terminal 2) that transmits the circulation file first, and the circulation transmission setting processing unit 11 displays the display unit. In the setting screen displayed in FIG. 7, in addition to specifying the circulation document, the circulator can arbitrarily specify the circulation destination information, circulation order information, notification destination information, storage destination information, original information, time limit information, approval necessity information, etc. When these setting operations are completed, the circulation transmission setting processing unit 11 is configured to generate a circulation file (a document file and a circulation information file) according to the setting contents. Then, the generated circulation file is sent to the client terminal 2 (hereinafter referred to as a client to which the document file is circulated) which is the first circulation destination specified by the circulation transmission processing unit 16 described later based on the circulation destination information and the circulation order information. The terminal 2 is called a circulation client terminal 2).

  The circulation / notification reception processing unit 12 is configured to receive the circulation file and the notification file and store them in the storage unit 9.

  Further, the decryption / history processing unit 29, when the circulation file received by the circulation / notification reception processing unit 12 is encrypted, is a secret corresponding to the outgoing client terminal 2 set in advance in the client terminal 2. Based on the key, the encrypted circulation file is decrypted and then stored in the storage unit 9. Also, decryption history information including the decrypted identification information of the circulation client terminal 2 in the circulation information file of the circulation file in order to leave in the history that the encrypted document file has been decrypted in the circulation client terminal 2. Is to be added. The decryption key described above is prepared in advance in the decryption / history processing unit 29.

  Also, the decryption history processing unit 31 performs decryption based on the notification destination information included in the circulation information file of the circulation file when the addition (update) of the decryption history information by the decryption / history processing unit 29 ends normally. The client terminal 2 (or server 1) that notifies the history information is specified, and a decryption history notification file including the decryption history information is transmitted to the notification destination.

  In addition, the circulation time limit processing unit 13 refers to the time limit information included in the circulation information file of the circulation file received by the circulation / notification reception processing unit 12, and when the time limit described in the time limit information has already passed. A message prompting the reader to confirm and approve the document file included in the circulation file is displayed on the display unit 7.

  The display / correction processing unit 14 displays the document file included in the circulation file received by the circulation / notification reception processing unit 12 on the display unit 7, and when the displayed document file is corrected by the reader. The correction content is added to the correction information of the circulation information file.

  In addition, the confirmation / approval processing unit 15 determines the necessity of approval based on the approval necessity information included in the circulation information file of the circulation file received by the circulation / notification reception processing unit 12, and when the approval is unnecessary. When a confirmation button is displayed on a part of the document file display screen, and approval is required, an approval button and a disapproval button are displayed, and an operation for designating any button is performed by the reader. Is configured to add the operation result to the confirmation history information of the circulation information file.

  Further, the circulation transmission processing unit 16 calls the circulation destination information and the circulation order information from the circulation information file of the circulation file received by the circulation / notification reception processing unit 12, and specifies the next circulation client terminal 2 based on the information. At the same time, a transmission button is displayed on the display unit 7, and the circulation file is transferred to the next circulation client terminal 2 in accordance with the operation of the transmission button by the reader.

  The encryption processing unit 30 also sets the next circulation client set in advance when the next circulation client terminal 2 to which the circulation transmission processing unit 16 transfers the document file is the client terminal 2 connected to the external network. The circulation file (document file) is encrypted based on the public key corresponding to the terminal 2 and then transferred. The public key described above may be prepared in advance in the encryption processing unit 30 in each client terminal 2, or may be included in the circulation information file in advance. In such a case, the encryption processing unit 30 acquires the public key corresponding to the next circulation client terminal 2 from the circulation information.

  In addition, when the transfer of the circulation file by the circulation transmission processing unit 16 ends normally, the transmission notification processing unit 17 notifies the client based on the notification destination information included in the circulation information file of the circulation file. The terminal 2 (or the server 1) is specified, and a transmitted notification file indicating that the circulation file has been transmitted to the next circulation client terminal 2 is transmitted to the notification destination.

  The document storage processing unit 18 is executed when the circulation client terminal 2 that has received the circulation file is the last circulation destination, and the document storage processing 18 is included in the circulation information file of the circulation file. The client terminal 2 (or server 1) that stores the circulation file is specified based on the storage destination information, and the circulation file is transmitted to the storage destination to be stored. When the original document file storage source is set in the original information included in the circulation information file of the file, the original document file is acquired from the storage source, and the original document file is transmitted to the storage destination. This is to be saved.

  The circulation end notification processing unit 19 is a client that notifies the fact based on the notification destination information included in the circulation information file of the circulation file when the saving of the circulation file by the document storage processing unit 18 is normally completed. The terminal 2 (or the server 1) is specified, and a circulation end notification file indicating that the circulation file is stored in the storage destination is transmitted to the notification destination.

  The circulation deletion processing unit 20 executes the processing in the client terminal 2 that has received the transmitted notification file or the circulation end notification file. The circulation deletion processing unit 20 is stored in the storage unit 9. The circulation file corresponding to the notification file is deleted in an unrecoverable form, specifically, the document file is encrypted and then deleted. Yes. Note that in such a process, the decrypted document file is still stored in the storage unit 9 even after the circulation file is transferred by the circulation transmission processing unit 16. This is executed for the purpose of deleting this. A program for executing such processing, that is, an encryption program for encrypting a decrypted document file and an erasure program for erasing the encrypted document file are a circulation file. The circulation deletion processing unit 20 reads out these programs stored together with the circulation file from the storage unit 9 and executes them. That is, the circulation deletion processing unit 20 encrypts the decrypted document file by executing the encryption program, and then deletes the encrypted document file by executing the deletion program.

  Further, when the circulation file transfer by the circulation transmission processing unit 16 does not end normally, the circulation impossible notification processing unit 21 notifies the fact based on the notification destination information included in the circulation information file of the circulation file. The client terminal 2 (or server 1) to be identified is specified, and a circulation disabled notification file indicating that the circulation file could not be transmitted to the next circulation client terminal 2 is transmitted to the notification destination. Yes.

  In addition, when the transfer of the circulation file by the circulation transmission processing unit 16 does not end normally, the selective transmission processing unit 22 selects the next circulation client based on the proxy circulation destination information included in the circulation information file of the circulation file. The proxy client terminal 2 of the terminal 2 is identified, the successive circulation client terminals 2 are identified based on the circulation destination information and the circulation order information, and the two identified client terminals 2 are displayed on the display unit 7 Then, the reader is requested to select any one, and the circulation file is transmitted to the client terminal 2 selected by the operation of the reader.

  Further, the circulation disabled notification processing unit 23 executes the processing in the client terminal 2 that has received the circulation disabled notification file. The circulation disabled notification processing unit 23 includes information included in the circulation disabled notification file. Based on this, the client terminal 2 that cannot be circulated is specified, and a message to the effect that the client terminal 2 cannot be circulated is displayed on the display unit 7.

  The inquiry processing unit 24 is effective when the server 1 is set as the notification destination of the notification file, and the processing is executed. The inquiry processing unit 24 performs the predetermined operation by the reader. Accordingly, the inquiry file is transmitted to the server 1, the answer file returned from the server 1 is received, and the answer file is displayed on the display unit 7.

  FIG. 4 is a block diagram showing a software configuration in the information processing unit 6 of the server 1. This software is received by the reception processing unit 25, the storage processing unit 26, the notification accumulation processing unit 27, the circulation state answer processing unit 28, and the like. Hereinafter, the processing contents of each processing unit will be sequentially described.

  The reception processing unit 25 is configured to receive a storage circulation file, a notification file, or an inquiry file. If the storage circulation file is encrypted, the storage circulation file set in advance is set. The saved circulation file encrypted based on the secret key corresponding to the client terminal 2 that transmitted the file is decrypted.

  The storage processing unit 26 executes the processing when the reception processing unit 25 receives the storage circulation file. The storage processing unit 26 stores the storage file received by the reception processing unit 25. It is configured to store (in the case of being encrypted, the decrypted data) in a predetermined area of the storage unit 9.

  The notification accumulation processing unit 27 executes the process when a notification file (including a transmitted notification, a circulation end notification, and a circulation impossible notification) is received. The received notification file is configured to be stored in a predetermined area of the storage unit 9.

  The circulation status answer processing unit 28 is executed when an inquiry file is received. The circulation status answer processing unit 28 refers to the notification file of the circulation document related to the inquiry and stores the notification file in the notification file. Based on which client terminal 2 the circulation document has been circulated, which client terminal 2 is currently confirming the circulation document, and further, decryption history accumulation information (decryption of the circulation file so far) The decryption history information of the circulation client terminal 2 is stored), and the identified circulation state information is provided (replyed) to the inquiring client terminal 2 as an answer file. .

  FIG. 5 is a ladder diagram for explaining the operation of the client terminal 2 in the workflow system shown in FIG. 1, and this ladder diagram shows the outgoing client terminal 2A and the outgoing client terminal 2A via the network 3 (LAN). The circulation client terminal 2B connected to the circulation client terminal 2B via the Internet 5, the circulation client terminal 2C connected to the circulation client terminal 2C via the network 3 (LAN). The case where circulation is performed with 2D is shown. In this embodiment, it is assumed that the client terminals 2A to 2D are set as notification destinations in the notification destination information included in the circulation information file of the circulation file. Hereinafter, the operation in each of the client terminals 2A to 2D will be sequentially described.

  First, in the outgoing client terminal 2A, the circulator creates or designates a document to be circulated, and circulates destination information, circulation order information, proxy circulation destination information, notification destination information, storage destination information, original information, time limit information, approval. Circulation information such as necessity information is set. Then, when the reader operates the transmission button displayed on the screen of the display unit 7, a circulation file including the document file and the circulation information file is transmitted to the circulation client terminal 2B. In addition, when this transmission ends normally, the transmission notification file is transmitted to the client terminals 2B, 2C, and 2D.

  In response, when the circulation client terminal 2B receives the circulation file, the circulation client terminal 2B stores the circulation file in the storage unit 9 and displays the document file on the display unit 7 to perform a confirmation operation or an approval operation on the reader. Ask. The operation result is added to the confirmation history information of the circulation information file. Then, when the reader operates the transmission button displayed on the screen of the display unit 7, the circulation file is transferred to the circulation client terminal 2C, and the circulation client terminal 2C as the transfer destination is connected to the external network. Therefore, the circulation file is encrypted by the encryption processing unit 30, and then transmitted to the circulation client terminal 2C. In addition, when the transmission is normally completed, the transmission completion notification file is transmitted to the client terminals 2A, 2C, and 2D.

  In response to this, in the circulation client terminal 2C, when the circulation file is received, it is stored in the storage unit 9 after being decrypted by the decryption / history processing unit 29, and also in the circulation information file of the circulation file. Decoding history information including identification information of the client terminal 2C is added. When the addition (update) of the decryption history information is normally completed, the decryption history notification file is transmitted to the client terminals 2A, 2B, and 2D. Then, the confirmation / approval processing unit 15 displays the document file on the display unit 7 and asks the reader for confirmation operation or approval operation. The operation result is added to the confirmation history information of the circulation information file. Thereafter, when the reader operates the transmission button displayed on the screen of the display unit 7, the circulation file is transferred to the circulation client terminal 2D. The circulation client terminal 2D as the transfer destination is connected to the external network. Therefore, the circulation file is encrypted by the encryption processing unit 30, and then transmitted to the circulation client terminal 2D. When this transmission is normally completed, the transmission notification file is transmitted to the client terminals 2A, 2B, and 2D.

  In response to this, in the circulation client terminal 2D, when the circulation file is received, it is stored in the storage unit 9 after being decrypted by the decryption / history processing unit 29, and also in the circulation information file of the circulation file. Decoding history information including identification information of the client terminal 2C is added. When the addition (update) of the decryption history information is normally completed, the decryption history notification file is transmitted to the client terminals 2A, 2B, and 2D. Then, the confirmation / approval processing unit 15 displays the document file on the display unit 7 and asks the reader for confirmation operation or approval operation. The operation result is added to the confirmation history information of the circulation information file. Thereafter, in the circulation client terminal 2D, which is the final circulation destination, after the confirmation operation by the circulator, a save button is displayed on the screen of the display unit 7, and the circulation file is transmitted to a predetermined save destination according to the operation. Saved. When the transmission is normally completed, the circulation end notification file is transmitted to the client terminals 2A, 2B, and 2C. The client terminals 2A, 2B, and 2C that have received the file are stored in the storage unit 9. The circulation file is automatically deleted by the circulation deletion processing unit 20. At this time, the circulation deletion processing unit 20 encrypts and deletes the circulation file according to the program included in the circulation information file of the circulation file. Also in the client terminal 2D, with the transmission of the circulation end notification file, the circulation file stored in the storage unit 9 is automatically encrypted by the circulation deletion processing unit 20 and then deleted.

  FIG. 6 is a block diagram showing the operation of the server 1 of the workflow system shown in FIG. 1, and this block diagram is a circulation of document files between the client terminals 2A to 2D, similar to the ladder diagram shown in FIG. This shows the operation when the server 1 is set as the notification destination in the notification destination information included in the circulation information file of the circulation file. That is, the server 1 receives notification files (including a transmission completion notification, a circulation end notification, a circulation impossible notification, and a decryption history notification) transmitted from the client terminals 2A to 2D, and stores the received notification file in the storage unit 9. Is stored in a predetermined area. Further, when the client terminals 2A to 2D transmit the inquiry file to the server 1, the client terminal 2A refers to the notification file of the circulation document related to the inquiry, and to which client terminal 2 the circulation document has been circulated based on the notification file. Alternatively, which client terminal 2 is currently confirming the circulation document, or the decryption history storage information (the history information of the circulation client terminal 2 that has decrypted the circulation file so far) is specified. Then, the specified circulation state information is provided (returned) as an answer file to the client terminal 2 as the inquiry source.

  As described above, in the workflow system and its client terminal 2 according to the present embodiment, the document file can be circulated between the client terminals 2 without going through the server 1 that manages the circulation state. 1 does not require management of the circulation state, reduces the load on the server 1, and restricts the client terminal 2 connected to another network 3 (LAN) or the Internet 5 by a firewall or the like. The encryption processing unit 30 encrypts the document file with a public key corresponding to the client terminal 2 that is the circulation destination, and the client terminal 2 that is the circulation destination The decryption / history processing unit 29 receives the encrypted document file. The so-called PKI (Public Key Instruction) method is used in which the client terminal 2 decrypts the message with the private key unique to the client terminal 2 corresponding to the public key. Even if the reader is unable to decrypt the document file and circulates the document file to the client terminal 2 connected to the external network (another network 3 (LAN) or the Internet 5), You can do this without fear.

  In the workflow system according to the present embodiment, the circulation information file includes a public key corresponding to each of the client terminals 2, and the encryption processing unit 30 sends the circulation information file to the next circulation destination client terminal 2. Since the corresponding public key is acquired, the reader can automatically encrypt the document file without preparing the public key corresponding to the client terminal 2 as the circulation destination in each client terminal 2. it can.

  Further, in the workflow system according to the present embodiment, the circulation transmission processing unit 16 reads the circulation destination information from the circulation information file and specifies the client terminal 2 as the circulation destination. Therefore, the reader designates the circulation destination. In any case, the document file can be automatically transmitted to the client terminal 2 as the circulation destination.

  Further, in the workflow system according to this embodiment, when the document file encrypted by the decryption / history processing unit 29 is decrypted, the decryption history processing unit 31 identifies the client terminal 2 in the circulation information file. Since decryption history information including information is added, even if the document file is decrypted in any of the client terminals 2 and the secret is leaked, the circulator can add the circulation information file to the circulation information file. By referring to the added decryption history information, the circulator who leaked the secret can be specified from the identification information of the client terminal 2 included in the decryption history information.

  Further, in the workflow system according to this embodiment, when the server 1 accumulates the decryption history information transmitted from each client terminal 2 and receives an inquiry from the inquiry processing unit 24 of each client terminal 2, the inquiry is made. Accordingly, the decryption history storage information that stores the past decryption history information is provided, so that in the unlikely event that the document file is decrypted in any one of the client terminals 2 and the secret is leaked, Also, the circulator makes an inquiry to the server 1 and refers to the decryption history information, thereby identifying the circulator who has leaked the secret from the identification information of the client terminal 2 included in the decryption history information.

  In the workflow system according to the present embodiment, the circulation information file includes the decryption history notification destination information related to the notification destination of the decryption history information, and the decryption history processing unit 31 determines the other information specified by the decryption history notification destination information. Since the client terminal 2 is notified of the decryption history information, the reader of the client terminal 2 that has received the notification of the decryption history information should decrypt the document file in any one of the client terminals 2 and keep the secret. Even if it is leaked, the reader who leaked the secret can be identified from the identification information of the client terminal 2 included in the decryption history information by referring to the decryption history information.

  In the workflow system according to the present embodiment, the circulation transmission processing unit 16 transmits the encrypted document file to the client terminal 2 that is the circulation destination, and then the circulation deletion processing unit 20 Since the decrypted document file stored in the storage unit 9 is deleted, the automatically decrypted document file remains in each client terminal 2 without the circulator deleting the document file. Can be prevented, and the security of its confidentiality can be ensured

  In the workflow system according to the present embodiment, the circulation information file includes an encryption program for encrypting the document file and an erasure program for erasing the encrypted document file. Since the processing unit 20 encrypts the document file by executing these programs and then deletes the document file, the circulator should be left in any one of the client terminals 2 by any chance. The document file can be prevented from being decrypted even if it is taken by the reader, and the security of the confidentiality can be ensured.

  The workflow system and its client terminal according to the present invention are not limited to the above-described embodiments, and various modifications can be made without departing from the scope of the invention.

  For example, in the workflow system and its client terminal 2 according to the present embodiment, the case where the document file is sequentially transferred from the transmission client terminal 2A to the circulation client terminal 2D has been described with reference to FIG. It may be transferred to a plurality of circulation client terminals from an arbitrary time point. In such a case, the reader sets a plurality of client terminals 2 to which document files are to be transferred from an arbitrary time by the circulation transmission setting processing unit 11, for example, when the document file is transmitted from the transmission client terminal 2 </ b> A. Or from the time when the document file is transferred from an arbitrary circulation client terminal (for example, the circulation client terminal 2B), a plurality of remaining client terminals (in the former, for example, circulation client terminals 2B to 2D, in the latter, for example, circulation) This can be transferred to the client terminals 2C-2D). That is, the workflow system and its client terminal according to the present invention can circulate document files in parallel at a plurality of client terminals.

It is a block diagram which shows the hardware constitutions in one Embodiment of the workflow system concerning this invention, and its client terminal. FIG. 2A is a block diagram illustrating a configuration of a circulation file that is circulated between client terminals illustrated in FIG. 1. (B) is a block diagram showing a configuration of a notification file notified between the server and the client terminal shown in FIG. It is a block diagram which shows the software structure of the client terminal shown in FIG. It is a block diagram which shows the software configuration of the server shown in FIG. FIG. 2 is a ladder diagram showing an operation between client terminals in the workflow system shown in FIG. 1. It is a block diagram which shows the effect | action of the server in the workflow system shown in FIG.

Explanation of symbols

1 server 2 client terminal 3 network (LAN)
4 Gateway 5 Internet 6 Information Processing Unit 7 Display Unit 8 Input Unit 9 Storage Unit 10 Network Connection Unit 11 Circulation Transmission Setting Processing Unit 12 Circulation / Notification Reception Processing Unit 13 Circulation Deadline Processing Unit 14 Display / Correction Processing Unit 15 Confirmation / Approval Processing Unit 16 Circulation transmission processing unit 17 Transmitted notification processing unit 18 Document storage processing unit 19 Circulation end notification processing unit 20 Circulation deletion processing unit 21 Circulation impossible notification processing unit 22 Selection transmission processing unit 23 Circulation impossible notification processing unit 24 Inquiry processing unit 25 Reception processing unit 26 Storage processing unit 27 Notification accumulation processing unit 28 Circulation state answer processing unit 29 Decryption / history processing unit 30 Encryption processing unit 31 Decryption history processing unit

Claims (24)

A plurality of client terminals connected to a network, comprising the electronic document file work flow system for circulation between the client terminal,
The client terminal is
And setting means for setting a circulation destination information specifying a circulation destination document files that outgoing from the client terminal,
Encryption means for encrypting the document file with a public key corresponding to another client terminal specified based on the circulation destination information;
Transmitting means for transmitting the encrypted document file and the circulation information file including the circulation destination information to another client terminal specified based on the circulation destination information;
Receiving means for receiving the encrypted document file and the circulation information file is outgoing from the other client terminal,
Storage means for storing the received encrypted document file and the circulation information file;
Decryption means for decrypting the stored encrypted document file with a secret key unique to the client terminal corresponding to the public key;
Decryption history information adding means for adding decryption history information including identification information of the client terminal to the circulation information file when the encrypted document file is decrypted by the decryption means ,
After confirmation operation or approval operation for the decoded document file is performed, the decrypted document file is encrypted again by the encryption unit, the document file the encrypted again and pre Machinery list The information file is transmitted to the other client terminal specified based on the circulation destination information by the transmission means , and the decryption history information is transmitted to the destination specified based on the notification destination information included in the circulation information file. A workflow system characterized by   The workflow system according to claim 1, wherein the circulation information file includes the public key, and the encryption unit acquires the public key from the circulation information file. The client terminal sends a decryption history information notification means for notifying the server that monitors the circulation state of the document file of the decryption history information, and inquires the decryption history storage information in which the decryption history information is stored to the server. The inquiry means for performing further, The display means which displays the said decoding log | history accumulation information provided from the said server according to the said inquiry further, The claim 1 or 2 characterized by the above-mentioned. Workflow system. The circulation information file includes decryption history notification destination information regarding a notification destination of the decryption history information, and the client terminal notifies the other client terminal specified by the decryption history destination information of the decryption history information. The workflow system according to any one of claims 1 to 3, further comprising: information notification means; and display means for displaying the notified decryption history information. The client terminal further includes an erasure unit that erases the decrypted document file stored in the storage unit of the client terminal after the encrypted document file is transferred by the transmission unit. The workflow system according to any one of claims 1 to 4 , wherein the workflow system is characterized. The circulation information file includes an encryption program for encrypting the decrypted document file and an erasure program for erasing the encrypted document file, and the erasure unit includes the encryption 6. The workflow system according to claim 5 , wherein after the decrypted document file is encrypted by executing a program, the encrypted document file is deleted by executing the erasing program. .   A workflow system having a plurality of client terminals connected to a network and circulating an electronic document file between the client terminals,
  The first client terminal
  Setting means for setting circulation destination information for specifying the circulation destination of the document file transmitted from the client terminal;
  A transmission means for transmitting the circulation information file including the circulation destination information and the document file to a destination specified based on the circulation destination information;
  With
  The second client terminal
  Receiving means for receiving the circulation information file and the document file transmitted from the first client terminal;
  Storage means for storing the received circulation information file and the document file;
  After a confirmation operation or an approval operation is performed on the document file,
  Confirmation history information adding means for adding result information of the confirmation operation or approval operation to the circulation information file;
  Sending the circulation information file and the document file to a destination specified based on the circulation destination information and sending the result information to a destination specified based on notification destination information included in the circulation information file Means,
  With
  A workflow system characterized by this. The workflow system according to any one of claims 1 to 7, further comprising a specifying unit that reads the circulation destination information from the circulation information file and specifies the other client terminal.   A workflow system having a plurality of client terminals connected to a network and circulating an electronic document file between the client terminals,
  The client terminal is
  Receiving means for receiving a circulation information file and a document file including notification destination information transmitted from another client terminal;
  Storage means for storing the received circulation information file and the document file;
  After a confirmation operation or an approval operation is performed on the document file,
  Confirmation history information adding means for adding result information of the confirmation operation or approval operation to the circulation information file;
  Transmission means for transmitting the result information to a destination specified based on the notification destination information;
  With
  A workflow system characterized by this.   The workflow system has a server,
  The transmission means transmits the result information to the server based on the notification information.
  The workflow system according to any one of claims 1 to 9, wherein:   The transmission means transmits the result information to the client terminal that has transmitted the document file based on the notification information.
  The workflow system according to any one of claims 1 to 9, wherein:   The circulation information file has circulation order information for specifying the circulation order.
  The workflow system according to any one of claims 1 to 11, wherein:   In a client terminal connected to a network and circulating an electronic document file between the client terminals,
  A setting means for setting circulation destination information for specifying a circulation destination of a document file to be transmitted;
  Encryption means for encrypting the document file with a public key corresponding to another client terminal specified based on the circulation destination information;
  Transmitting means for transmitting the encrypted document file and the circulation information file including the circulation destination information to another client terminal specified based on the circulation destination information;
  Receiving means for receiving the encrypted document file and the circulation information file transmitted from another client terminal;
  Storage means for storing the received encrypted document file and the circulation information file;
  Decryption means for decrypting the stored encrypted document file with a secret key unique to the client terminal corresponding to the public key;
  Decryption history information adding means for adding decryption history information including identification information of the client terminal to the circulation information file when the encrypted document file is decrypted by the decryption means,
  After a confirmation operation or an approval operation is performed on the decrypted document file, the decrypted document file is encrypted again by the encryption unit, and the encrypted document file and the circulation information file are re-encrypted. Is transmitted to the other client terminal specified based on the circulation destination information by the transmission means, and the decryption history information is transmitted to the destination specified based on the notification destination information included in the circulation information file.
  A client terminal characterized by that.   The client terminal according to claim 13, wherein the circulation information file includes the public key, and the encryption unit obtains the public key from the circulation information file.   The client terminal sends a decryption history information notifying unit for notifying the server monitoring the circulation state of the document file of the decryption history information, and inquiring the server of the decryption history storage information in which the decryption history information is stored. The inquiry means for performing further, The display means which displays the said decoding log | history accumulation | storage information provided from the said server according to the said inquiry further, The further characterized by the above-mentioned. Client terminal.   The circulation information file includes decryption history notification destination information regarding a notification destination of the decryption history information, and the client terminal notifies the other client terminal specified by the decryption history destination information of the decryption history information. The client terminal according to any one of claims 13 to 15, further comprising information notifying means and display means for displaying the notified decoding history information.   The client terminal further includes an erasure unit that erases the decrypted document file stored in the storage unit of the client terminal after the encrypted document file is transferred by the transmission unit. The client terminal according to any one of claims 13 to 16, characterized in that:   The circulation information file includes an encryption program for encrypting the decrypted document file and an erasure program for erasing the encrypted document file, and the erasure unit includes the encryption 18. The client terminal according to claim 17, wherein after the encrypted document file is encrypted by executing a program, the encrypted document file is deleted by executing the erasing program. .   In a client terminal connected to a network and circulating an electronic document file between the client terminals,
  Receiving means for receiving the circulation information file and the document file transmitted from another client terminal;
  Storage means for storing the received circulation information file and the document file;
  After a confirmation operation or an approval operation is performed on the document file,
  Confirmation history information adding means for adding result information of the confirmation operation or approval operation to the circulation information file;
  Sending the circulation information file and the document file to a destination specified based on the circulation destination information and sending the result information to a destination specified based on notification destination information included in the circulation information file Means,
  With
  A client terminal characterized by that.   The client terminal according to any one of claims 13 to 19, further comprising a specifying unit that reads the circulation destination information from the circulation information file and specifies the other client terminal.   In a client terminal connected to a network and circulating an electronic document file between the client terminals,
  Receiving means for receiving a circulation information file and a document file including notification destination information transmitted from another client terminal;
  Storage means for storing the received circulation information file and the document file;
  After a confirmation operation or an approval operation is performed on the document file,
  Confirmation history information adding means for adding result information of the confirmation operation or approval operation to the circulation information file;
  Transmission means for transmitting the result information to a destination specified based on the notification destination information;
  With
  A client terminal characterized by that.   The transmission means transmits the result information to a server connected to the network based on the notification information.
  The client terminal according to any one of claims 13 to 21, characterized in that:   The transmission means transmits the result information to the client terminal that has transmitted the document file based on the notification information.
  The client terminal according to any one of claims 13 to 21, characterized in that:   The circulation information file has circulation order information for specifying the circulation order.
  The client terminal according to any one of claims 13 to 23, wherein: