JP2020190874A - Document management system - Google Patents

Abstract

To provide a document management system capable of linking a plurality of PCs by P2P (peer-to-peer), and unifiedly and inexpensively performing document management from document management in a small-scale organization to document management in a large-scale organization without using an expensive server.SOLUTION: A document management system comprises: in-PC-cluster document synchronization means for reflecting documents recorded in one PC on recording of other PCs in the same PC cluster; document digest value generation means for generating a digest value of the document; per-PC-cluster document management means including block chain generation means for forming a block by collecting generated digest values into a plurality of pieces, forming a block chain by linking the formed block to existing blocks, and recording documents in synchronization with the PC in the PC cluster; and case group management means for grouping cases into a plurality of groups each of which corresponds to each PC cluster group and recording documents on the case in the specified PC cluster.SELECTED DRAWING: Figure 4

Description

The present invention links a plurality of PCs by P2P (peer-to-peer), reduces the introduction cost of document management from a small organization to a large organization without using an expensive server, and causes a system failure. It is not necessary for the system engineer to be stationed in the institution to deal with it, and the operation cost is kept low. The document group is cloned in a remote place to back up in an emergency, and the reference from other organizations is limited to the remote place only. It is related to a document management system that realizes ensuring security by doing so and enabling mutual non-tampering certification between collaborating organizations.

Recently, document creation using a PC (personal computer) has become commonplace. There are various usage forms of a PC, such as a single use, a form of linking with a server via a LAN, and recently a cloud type of linking with a virtual server via the Internet. The server or virtual server authenticates the user, centrally manages the document data, and prevents fraud such as falsification.

Also, in recent years, a technology called blockchain has been attracting attention.
This is to record data such as documents and transaction records in a distributed manner on multiple PCs, etc., and collect multiple digest values of each data (hash values by hash functions are the mainstream at present) (block formation). , The hash value of the block data itself, the hash value of the previously formed block, etc. are used to calculate the connection chain between the blocks, and the connection of the blocks is extended.
By using this method, if the document data is falsified, added or deleted later, the hash value in the block and the hash value of the concatenated chain will change. In order to falsify and conceal fraud, it is necessary to change all the blockchains recorded on the distributed PCs almost at the same time, but it is practically difficult.
In addition, when a blockchain inconsistency occurs between PCs, the inconsistency in the records of all PCs can be resolved by unifying the blockchain with the longest length.
Furthermore, Bitcoin using blockchain technology has been used all over the world for more than 10 years, but it continues to operate without system outage without an administrator. Since the same copy of data is shared by many PCs, it is extremely resistant to failures.

Blockchain Wikipedia: https://ja.wikipedia.org/wiki/%E3%83%96%E3%83%AD%E3%83%83%E3%82%AF%E3%83%81%E3%82 % A7% E3% 83% BC% E3% 83% B3

When trying to manage documents with an institution with several tens of people or more, it is difficult with a single PC, and nowadays, it is a standard method to set up a server and build a PC network with LAN.
However, server installation and maintenance costs are not cheap. In particular, the cost of a system engineer who responds to a system failure is high, which is a bottleneck for introducing a document management system in a small organization.
On the other hand, due to the improvement in the performance of the PC, although the reliability is inferior, the difference in the processing speed and the recording capacity from the server is disappearing.
For this reason, the idea of having a server function in the PC network without setting up a central server has emerged. The biggest problem here is how to synchronize and maintain the consistency of the document data input separately to each PC.
In particular, how to eliminate malicious tampering (Byzantine general problem) is a problem related to the basis of the reliability of document data systems.

As mentioned above, every time a new document is created / updated / deleted, the records are synchronized with all PCs, the hash value of the document is obtained, and a blockchain is formed to use an expensive server. It has become possible to manage consistency and prevent tampering.
However, as the scale increases, the amount of document data to be managed increases, and as the number of PCs participating in the blockchain increases, the amount of communication for synchronization increases, so the execution speed decreases. For this reason, the document management system using a normal blockchain had to stay on a small scale.
There is a big security problem in sharing information between institutions. When attempting to share document information across multiple institutions, the sharing function tends to be a security hole, and a lot of cost and labor are required to build a robust system.
Furthermore, on a single server, falsification of document data is not difficult at all if the staff with administrator privileges intends to do so. It has become indispensable to prove non-tampering to a third party, but it has not been easy to construct the system.

The present invention has been made to solve such a conventional problem, and the purpose of the present invention is to link a plurality of PCs by P2P (peer-to-peer), not to mention document management in a small organization. Document management for large-scale organizations can be performed uniformly and inexpensively without using expensive servers, and documents can be cloned in remote locations for emergency backup and reference from other organizations only in remote locations. It is possible to easily ensure security by limiting it to, and to enable mutual non-tampering certification between cooperating institutions.

As a means for achieving the above object, in the document management system according to claim 1, (a) a group of PCs in which a plurality of small computers (hereinafter, PCs) for creating, recording, and viewing documents are connected via a communication line. A plurality of (hereinafter, PC clusters) are provided (hereinafter, PC cluster group), and (i) a document synchronization means in a PC cluster that reflects a document recorded on one PC in a record of another PC belonging to the same PC cluster. , (Ii) Document digest value generation means for generating the digest value of the document, (iii) Multiple generated digest values are put together to form a block, and the existing blocks are connected to form a block chain to form a PC cluster. Document management means for each PC cluster having a blockchain generation means for synchronously recording to the PCs in the computer, (b) The matter is divided into a plurality of groups corresponding to the PC cluster group, and the document related to the matter is designated. It is characterized by having both (a) and (b) of a case group management means for recording in a PC cluster.

In the document management system according to claim 2, in the document management system according to claim 1, when the matter moves to another group in the matter group management means, the document group of the matter is transferred to the PC of the other group. It is characterized by having a means for moving matters between groups to move to a cluster.

In the document management system according to claim 3, in the document management system according to any one of claims 1 and 2, the case group management means includes all case group management means for managing a group including all cases. It is a feature.

In the document management system according to claim 4, in the document management system according to any one of claims 1 to 3, the PC cluster specializes in creating and viewing documents, and is not involved in recording synchronized documents or generating a blockchain. It is characterized by including a terminal.

In the document management system according to claim 5, in the document management system according to any one of claims 1 to 4, the recorded contents of the matter group management means, the documents recorded synchronously with the PCs in the PC cluster group, or the above. It is characterized by providing a remote server recording means for transmitting and recording a document and a blockchain recorded synchronously with a PC in a PC cluster group to a remote server.

In the document management system according to claim 6, in the document management system according to claim 5, the remote server recording means includes a plurality of PC cluster group document recording means for recording documents of a plurality of PC cluster groups of different institutions. It is characterized by that.

In the document management system according to claim 7, in the document management system according to any one of claims 5 to 6, the remote server recording means also accepts and records a document recorded by an independent independent PC or a server client system. It is characterized by being equipped with an independent document recording means.

In the document management system according to claim 8, in the document management system according to any one of claims 5 to 7, a document recorded in the plurality of PC cluster document recording means and the independent document recording means in the remote server recording means. It is characterized by having a horizontal skewer blockchain creation means for generating a digest value of and creating a blockchain.

In the document management system according to claim 9, in the document management system according to any one of claims 5 to 8, the remote server recording means confirms the reference authority for the document reference request via the communication line. , A remote server document disclosure means for disclosing the document is provided.

In the document management system according to claim 10, in the document management system according to claim 9, the document is recorded in the horizontal skewer blockchain creating means or the blockchain created in each PC cluster in the remote server document disclosure means. It is characterized in that it is provided with a document non-tampering proof means for performing non-tampering proof of a document requested to be referred to by using a document digest value.

In the document management system according to claim 11, in the document management system according to any one of claims 9 to 10, a document that creates a time-series record of a document reference request via the communication line in the remote server document disclosure means. It is characterized by having a reference log creation means.

In the document management system according to claim 12, in the document management system according to claim 11, the document reference log creating means can generate a digest value of each reference log to form a blockchain and certify a non-tampering function. It is characterized by being provided with a means for certifying that the document reference log has not been tampered with.

Since the document management system according to claim 1 includes the document synchronization means in the PC cluster, the document recorded on one PC is reflected in the records of other PCs belonging to the same PC cluster.
Since the document digest value generation means is provided, the document digest value is generated.
Since a blockchain generation means is provided, a plurality of generated digest values are put together to form a block, a blockchain is formed by connecting with an existing block, and the digest values are recorded in synchronization with the PCs in the PC cluster.
Since the matter group management means is provided, the matter is divided into a plurality of groups corresponding to the PC cluster group, and the document related to the matter is recorded in the designated PC cluster.

Since the document management system according to claim 2 includes a means for moving a matter between groups, when the matter moves to another group, the document group of the matter is moved to the PC cluster of the other group.

Since the document management system according to claim 3 is provided with all case group management means, a group including all cases is managed.

The document management system according to claim 4 includes a terminal that specializes in creating and viewing documents in a PC cluster and is not involved in recording synchronized documents or generating a blockchain.

Since the document management system according to claim 5 is provided with a remote server recording means, the recorded contents of the case group management means, a document recorded synchronously with a PC in the PC cluster group, or a PC in the PC cluster group. Documents and blockchains recorded in synchronization with are also transmitted to and recorded on a remote server.

Since the document management system according to claim 6 includes a plurality of PC cluster group document recording means, documents of a plurality of PC cluster groups of different institutions are recorded.

Since the document management system according to claim 7 includes an independent document recording means, it also accepts and records a document recorded by an independent PC or a server-client system.

Since the document management system according to claim 8 includes a horizontal skewer blockchain creating means, a digest value of a document recorded in a plurality of PC cluster document recording means and the independent document recording means is generated to create a blockchain.

Since the document management system according to claim 9 includes a remote server document disclosure means, the document is disclosed after confirming the reference authority in response to a document reference request via a communication line.

Since the document management system according to claim 10 includes a document non-tampering proof means, a reference request is made using the horizontal skewer blockchain creating means or the digest value of the document recorded in the blockchain created by each PC cluster. Prove that the document has not been tampered with.

Since the document management system according to claim 11 includes a document reference log creating means, a time series record of a document reference request via a communication line is created.

Since the document management system according to claim 12 includes a document reference log non-falsification proof means, a digest value of each reference log is generated to form a block chain, and non-falsification function proof is possible.

It is a figure which shows the PC network (PC cluster) in a single institution of this invention. It is a figure which shows the structure in each PC in FIG. It is a diagram of an in-house PC network including a PC terminal that is not involved in document recording or blockchain creation and is exclusively dedicated to reference and document creation. It is explanatory drawing of the matter group management means. It is explanatory drawing of all matter group management means. It is a figure which sends the document group recorded by various organizations to the cloud and records them synchronously. It is a conceptual diagram that creates a hash value and forms a blockchain by sticking a horizontal skewer into the record of each organization in the cloud. It is a diagram showing that all reference requests from outside the own organization are handled by the cloud, and even if they are tampered with, the records on the PC network in the own organization are not affected.

FIG. 1 is a diagram showing a PC network within a single organization of the present invention.
The PCs are connected by a network, and the document data individually created by each PC is recorded in synchronization with the document recording device of another PC via the network (document synchronization means in the PC cluster). At the same time, a hash value is created for each document (document hash value generating means), a block in which a plurality of hash values are put together is created in a chain shape, and recorded synchronously with all PCs (block chain generating means). The network may be wired / wireless LAN, WAN, or the like.

FIG. 2 is a diagram showing an internal configuration of each PC of FIG.
Documents created on each PC are transmitted and recorded not only on the PC but also on other PCs on the network.
Here, the document may be an individual independent file, but when it is recorded as one record of a database management system such as a relational database (RDB) as shown in this figure so that it can be searched later. Is most of the time. As a database, any kind of database is included in the contents of the present invention, but in the description of the present invention, RDB will be used. In addition, although this application takes the medical field as an example, it is not particularly limited.

Auxiliary files such as document categories and master files for staff are naturally used, but this part does not involve specific and individual contents, and there are few changes, so it is subject to tampering prevention using blockchain etc. It doesn't make much sense.
A hash value is generated as a document digest value for each record (document hash value generation means). As the target range of hash value generation, the entire record including the text data of the document body from the document ID # of the first term is desirable, but a partial item group including the document body may also be used. If the document itself is large, it may be divided into a plurality of documents, each of which has a hash value and may be recorded on the blockchain.
Currently, it is the mainstream to use a hash value using a hash function as a digest value of a document, but if another digest value is used in the future, a method of using the digest value creation method is also in the present invention. include.

After a plurality of hash values are generated, a block of the plurality of hash values is formed at a well-separated place, and a hash value of the entire block is generated by the plurality of hash values included in the block.
When the next block is formed, the hash value of the next block is formed together with the hash value of the previous block.
In this way, if even a part of a document record is falsified, the hash value of the document record, the hash value of the block, and the hash value of the next block will be inconsistent one after another. Therefore, if you really try to falsify, everything after the document. The hash value of the block must be rewritten across the blocks of.
Since such rewriting work is actually difficult, the non-tampering of the document group is proved (blockchain generation means).

There are various methods for creating a blockchain, and there are many methods other than the above, but any of them is included in the present invention. In a public chain where the participating PCs are unspecified, block creation authority is given to the first person who finds a numerical solution that satisfies the conditions to ensure consistency (Proof-of-Work).
In the present invention, as shown in FIG. 1, since the number of participating PCs is limited (private chain) and there is no economic benefit like Bitcoin even if it is tampered with, the authority to create blocks is assigned by a majority vote method (Proof). -of-Stake) seems to be realistic because the amount of computational resources used is overwhelmingly small.
The same document data is synchronized and recorded on the PCs in the PC cluster.
Therefore, even if one PC fails, the operation can be continued on the other PCs in the cluster.
Failure tolerance is high because there is no single server that can cause a system failure if it fails.
However, it takes time to synchronize a blank PC, so if you join an extra PC in the PC cluster and synchronize the data at all times, even if one PC breaks down, you will have to wait. It can be replaced immediately with a synchronized PC.
By adopting such a configuration, the need for a system engineer who has specialized knowledge to deal with a system failure to be resident in the institution is unnecessary / reduced, and the operating cost can be reduced.

FIG. 3 illustrates that the PC cluster includes terminals that specialize in document creation and viewing and are not involved in recording synchronized documents or generating blockchains.
Due to the portability in the field, many terminals with limited CPU and recording capacity are also used.
If such a weak terminal is responsible for recording synchronization and blockchain generation, the overall efficiency will rather decrease.
For this reason, on terminals such as PADs and smartphones, PC networks that only refer to synchronized records and create / edit documents, and record created documents and generate blockchains have sufficient performance. The corresponding configuration would be useful.

FIG. 4 is an explanatory diagram of the matter group management means.
In this figure, a case group is formed for each ward and outpatient department of a hospital, and the ID of the patient to which the case group belongs is managed for each case group.
The medical records (case documents) of patients belonging to the case group are recorded in the PC cluster set up in each ward or outpatient department.
Every time a document is created, updated, or deleted, the document is synchronously copied to the PCs belonging to the PC cluster, the hash value is calculated, and a blockchain is formed for each PC cluster.
In this structure, the creation and updating of documents related to the case (in this case, the patient chart) at a certain point in time is limited to a specific place such as the ward where the patient is hospitalized or the outpatient department when the patient is discharged, and in other places. It utilizes locality that does not occur.
If a patient is admitted to a ward, writing, updating, or deleting documents about that ward can only occur within the case group that corresponds to that ward. Synchronous copying of documents and creation of blockchain are limited to the PC cluster corresponding to the matter group.
Each PC constituting the PC cluster only needs to have a recording capacity for recording patient charts belonging to the case group and a processing speed for creating a blockchain.

In case document management using a blockchain, a recording capacity for sharing a document among all PCs and a large amount of mutual communication between PCs for sharing are required. For this reason, taking a hospital as an example, in a single PC cluster, the scale of about 100 beds is usually considered to be the practical limit.
As shown in FIG. 4, the hospital is divided into a plurality of project groups such as wards and outpatients, and a PC cluster limited to each project group is assigned to block even a large hospital by the PC cluster group. It becomes possible to manage matter documents using a chain.

In addition to medical care, if documents related to a project occur only in a limited range, use the locality to allocate the project to a relatively small PC cluster, and use a group of PC clusters consisting of multiple PC clusters. All the cases should be covered.
For convenience of explanation, the PC clusters are shown separately in FIG. 4, but it goes without saying that they are linked to the network of the entire hospital.
At the time of admission and discharge (mutual movement of medical records between wards and outpatients) and transfer (movement between wards), the case document is copied to the PC cluster to which the case is moved. Further, after the matter is moved, the matter document is deleted from the PC cluster before the move (means for moving the matter between groups), so that the increase in the amount of the matter documents in the PC cluster can be suppressed. If it is not deleted, inconveniences will occur, such as an increase in the required recording capacity and a mixture of old matter documents that are not synchronized. The deletion may be performed at the same time as the matter is moved, or may be deleted collectively later.

FIG. 5 is an explanatory diagram of all project group management means.
In the PC cluster group shown in FIG. 4, all case documents belong to one of the PC clusters, but a separate PC cluster covering all case documents is provided (all case group management means). Since the maximum recording capacity is required, a large-capacity server-like PC is desirable for the PC cluster.
This PC cluster receives the results of creating, updating, and deleting documents generated in other PC clusters, and synchronizes the relevant matter documents in all matter group management means.
At the same time, create a blockchain within all project group management means.
As a result, even if a certain PC cluster is damaged, it can be recovered because all the project group management means back it up.
In addition, since a blockchain independent of the blockchain of each PC cluster is formed, the difficulty of tampering increases. Further, in the remote server recording means described later, if the case document in the all case group management means is used, the operation becomes easy.

FIG. 6 shows a configuration in which the PC cluster group document data of the present invention is backed up on the cloud (remote server recording means). Furthermore, the configuration in which the document data of the PC cluster group deployed in each institution is backed up on the cloud is also shown (multiple PC cluster group document recording means). In addition, a configuration in which document data is backed up on the cloud is also shown in various forms of document management systems such as a single PC or a server / client not included in the present invention (independent document group recording means).
Keeping a backup on the cloud in case of a disaster is useful for the preservation of business data, which is essential for business continuity.

FIG. 7 shows not only the synchronous recording of the plurality of PC cluster document group recording means of the present invention on the cloud, but also the synchronous recording of a single PC or a normal server / client system not included in the present invention. This is an explanation of a horizontal skewer blockchain creation means for creating a blockchain by cross-sectionally generating a hash value of a document.
Every time new document data is synchronously recorded on the cloud, a document hash value is generated, and a blockchain is generated based on them.
In this way, the recording of the plurality of PC cluster document group recording means of the present invention is tampered with because the blockchain is generated twice including not only the original blockchain of each institution but also other institutions. Difficulty is further strengthened.
In addition, it is possible to prove non-tampering by blockchain even for the records of an institution consisting of a PC alone or a normal server / client system not included in the present invention.

FIG. 8 shows a remote server that discloses the document after confirming the reference authority when a document reference request is made to the document data recorded in the remote server recording means via a communication line. Explains document disclosure means.
If necessary, it is also useful to prove that the disclosed document has not been tampered with by using a blockchain (document non-tampering proof means).
In the past, each independent institution responded to reference requests from outside the institution, but the risk of cyber attacks is increasing, and it is becoming difficult for a small institution to provide sufficient defense. In particular, falsification of business data due to intrusion from the outside can be fatal.
In the present invention, each institution sends data to the cloud in only one direction, and the response to references from outside the institution is limited to the cloud. After confirming the reference authority, the document is synchronized on the cloud. Disclose the data. In addition, although all the disclosures may be made by the method of the present invention, the conventional disclosures for each organization may be made for some organizations.
In this way, it becomes easy for multiple organizations to jointly take protective measures against server attacks. In addition, since the data of the original institution is transmitted in one direction on the cloud, even if it is intruded, only the synchronized data on the cloud will be damaged, and there is no risk of damaging the original data of the institution. .. Data on the cloud can be easily restored by resending the original data of the institution.

If the remote server document disclosure means is provided with a document reference log creation means for creating a time-series record of a document reference request via the communication line, an attack record can be recorded even in the unlikely event of a cyber attack. Since it remains, it becomes easier to take measures.
Further, if the document reference log creating means is provided with a document reference log non-tampering proof means that generates a hash value of each reference log to form a blockchain and enables proof of non-tampering function, a cyber attack can be performed. Since it becomes difficult to erase the traces of the attack, it becomes easier to take countermeasures.

Although the examples have been described above, the specific configuration of the present invention is not limited to the above examples, and the present invention includes design changes and the like within a range that does not deviate from the gist of the invention.

As a means for achieving the above object, in the document management system according to claim 1, (a) a group of PCs in which a plurality of small computers (hereinafter, PCs) for creating, recording, and viewing documents are connected via a communication line. A plurality of (hereinafter, PC clusters) are provided (hereinafter, PC cluster group), and (i) a document synchronization means in a PC cluster that reflects a document recorded on one PC in a record of another PC belonging to the same PC cluster. , (Ii) Document digest value generation means for generating the digest value of the document, (iii) Multiple generated digest values are put together to form a block, and the existing blocks are connected to form a block chain to form a PC cluster. Document management means for each PC cluster that has a blockchain generation means that records synchronously with the PCs in the site, (b) Allocate the matter to each PC cluster belonging to the PC cluster group, and distribute the documents related to the matter to each PC cluster . It is characterized by having both (a) and (b) of the case group management means for recording.

In the document management system according to claim 7, in the document management system according to claim 6 , the remote server recording means further accepts and records an independent independent PC or a document recorded by a server client system. It is characterized by having means.

In the document management system according to claim 8, in the document management system according to claim 7 , the digest value of the document recorded in the plurality of PC cluster group document recording means and the independent document recording means in the remote server recording means. It is characterized by having a horizontal skewer blockchain creation means for generating a blockchain.

Since the document management system according to claim 8 includes a horizontal skewer blockchain creating means, a digest value of a document recorded in a plurality of PC cluster group document recording means and the independent document recording means is generated to create a blockchain. ..

Claims (12)

(A) A plurality of PC groups (hereinafter, PC clusters) in which a plurality of small electronic computers (hereinafter, PCs) for creating, recording, and viewing documents are connected via a communication line are provided (hereinafter, PC cluster group).
(I) A document synchronization means in a PC cluster that reflects a document recorded on one PC in a record of another PC belonging to the same PC cluster.
(Ii) Document digest value generation means for generating the digest value of the document,
(Iii) For each PC cluster having a blockchain generation means that forms a block by collecting a plurality of generated digest values, connects them with existing blocks to form a blockchain, and records them synchronously with the PCs in the PC cluster. Document management means,
(B) A matter group management means for dividing a matter into a plurality of groups corresponding to the PC cluster group and recording a document related to the matter in the designated PC cluster.
A document management system characterized in that both (a) and (b) are provided.
Claim 1 is characterized in that the matter group management means includes an inter-group matter moving means for moving a document group of the matter to a PC cluster of the other group when the matter is moved to another group. The document management system described.
The document management system according to any one of claims 1 and 2, wherein the case group management means includes all case group management means for managing a group including all cases.
The document management system according to any one of claims 1 to 3, wherein the PC cluster includes a terminal that specializes in creating and viewing a document and is not involved in recording a synchronized document or generating a blockchain.
The recorded contents of the matter group management means, the documents recorded synchronously with the PCs in the PC cluster group, or the documents and the blockchain recorded synchronously with the PCs in the PC cluster group are transferred to the remote server. The document management system according to any one of claims 1 to 4, further comprising a remote server recording means for transmitting and recording.
The document management system according to claim 5, wherein the remote server recording means includes a plurality of PC cluster group document recording means for recording documents of a plurality of PC cluster groups of different institutions.
The document management according to any one of claims 5 to 6, wherein the remote server recording means further includes an independent independent PC or an independent document recording means that accepts and records recorded documents of a server client system. system.
The remote server recording means includes a horizontal skewer blockchain creating means for generating a digest value of a document recorded in the plurality of PC cluster document recording means and the independent document recording means and creating a blockchain. The document management system according to any one of claims 5 to 7.
Claims 5 to 5, wherein the remote server recording means is provided with a remote server document disclosure means for disclosing the document after confirming the reference authority for a document reference request via a communication line. 8 The document management system described in any of them.
A document that certifies that the document requested for reference has not been tampered with by using the horizontal skewer blockchain creation means or the digest value of the document recorded in the blockchain created by each PC cluster in the remote server document disclosure means. The document management system according to claim 9, further comprising a non-tampering proof means.
The document management system according to any one of claims 9 to 10, wherein the remote server document disclosure means includes a document reference log creation means for creating a time-series record of a document reference request via the communication line. ..
11. The document reference log creating means is provided with a document reference log non-falsification proof means that generates a digest value of each reference log to form a block chain and enables proof of non-tampering function. The document management system described.