JP4032323B2 - Electronic file device - Google Patents

Description

[0001]
BACKGROUND OF THE INVENTION
The present invention relates to access control for restricting access from other users in a file system or workspace system that holds data objects such as electronically accessible documents.
[0002]
[Prior art]
In a file system based on a conventional desktop metaphor, a user can handle a plurality of resources by arranging icons on a desktop or a folder. By doing so, the listability and operability of related resources are improved.
Here, when a resource is shared by a plurality of users, it is necessary to control access to the resource. In a conventional file system, individual files (icons) can be selected and access to corresponding resources can be individually set.
[0003]
For example, in an operating system such as Unix (trademark) or Windows (trademark), a right that each user can access can be set for each directory (folder) or file. In Unix, with respect to each directory or file, write permission, read permission, and execution permission can be set at three levels: owner, member of the same group, and others. In Windows, it is possible to set a read-only or full-access access right for all users regarding each disk or folder.
[0004]
However, there is a case where it is desired to control access by setting a part of a set of resources among those arranged on the desktop. For example, information collected from a patent or the like may be kept confidential until the patent is published.
All existing access control methods are file and folder-based access restrictions. As a result, the conventional technology takes a method of collecting target resource sets into folders and setting access rights for the folders. There is only. Therefore, the high listability and operability using icons are sacrificed. In the above example, the access right restriction has nothing to do with the members in the department. Therefore, being divided into folders significantly reduces the convenience of access for members within the department.
[0005]
Further, there are cases where access control as a single unit is required for one resource. For example, when the person or department to be subject to access restriction is different or the reason for access restriction is different, a plurality of types of access restrictions are required for one resource. In this case, in the above-described solution by the folder, the resources belonging to both must be held in a plurality of folders or shared by means such as a reference.
However, when it is held redundantly, management at the time of change is difficult. When sharing, it is difficult to change the access right as intended because it is not known by which other folder it is shared. For example, even if the access control is changed, if another access control is applied, the effect of the change does not appear as intended.
[0006]
Japanese Patent Laid-Open No. 7-36768 discloses an electronic file device as a technique for setting in advance to whom the shared file is to be disclosed and how long the disclosure period is. However, in this technique, the disclosure range and the period are set in units of hierarchical classification, and it is necessary to change the classification structure according to the disclosure method.
On the other hand, a graphical user interface for setting an information sharing range is used in a file sharing system such as Windows 95 / NT of the desktop metaphor system. For example, in Microsoft Network, for each disk or folder that is set to be shared, the icon is displayed with a share mark to indicate that some sharing setting has been made. However, the level of sharing is not known without referring to the properties of the folder.
[0007]
In addition, there is an attempt to expand the expressiveness of the desktop metaphor by increasing the expressiveness of the folder itself. The user interface system described in Japanese Examined Patent Publication No. 7-117890 displays information about the contents of an icon even when the icon is closed, and enables sufficient dialogue using the positional relationship between the set of icons and the window. A simple interface. However, the positional relationship between icons or windows is merely to make it easier for the user to understand the meaning visually. Even if the positional relationship is changed, the file access right is changed. Such control is not performed.
[0008]
Further, according to the information processing apparatus described in Japanese Patent Application Laid-Open No. 8-249357, a file placed in an area is embedded by embedding a script for controlling user access to the area information on the display screen. Can be visible only to a particular user. However, since the access right for each area must be set individually, a complicated operation is required, and its maintenance and management are difficult. Also, for example, when processing such as file a is disclosed to group A, file b is disclosed to group B, and certain file c is disclosed to groups A and B, there are logically two types of control. Although it was good, it was necessary to make all three areas according to each. This is not only complicated to create, but also makes it difficult to understand the meaning of access control, which makes it very difficult to maintain and manage.
[0009]
[Problems to be solved by the invention]
As described above, the conventional technique has a problem in that access right control cannot be easily performed on a group of resources without breaking the semantic group. In addition, if a plurality of access rights are controlled simultaneously for one resource, a complicated operation is required, and it is difficult to maintain this. Also, the access right cannot be set with a user-friendly interface such as the positional relationship between icons and windows.
[0010]
The present invention has been made in view of the above-described conventional circumstances, and in an electronic file device that handles a common file, it is easy to control access rights for a group of resources using a user-friendly interface such as a positional relationship between icons and windows. The purpose is to do.
Another object of the present invention is to enable each user to accurately grasp what access right control is performed.
[0011]
[Means for Solving the Problems]
First, the present invention provides a user-friendly access control interface for shared resources such as files and folders stored in shared folders and shared workspaces.
Further, in the present invention, a user (for example, an owner) who has an access right setting right on an icon representing a shared resource such as a document file puts an image (control area) like a curtain on another user. It is possible to control access to resources by a user (for example, a user with reference rights).
[0012]
In order to realize this, in the present invention, in an electronic file device in which a data object is held so as to be accessible based on a user operation, a workspace display means for displaying the data object held by the workspace, and a display Data object access means for displaying and editing data objects on the workspace in accordance with user operations, and the control area display means controls the access to the data objects as data. Display on the workspace over the object.
Thereby, access control can be performed in units of data objects by overlapping with the control area, and the user can easily recognize which data object is being access controlled.
[0013]
In the present invention, a data object storage means for storing an access right according to the user and storing the data object entity and the position of the data object on the workspace, and a control for storing the position and range of the control area are further provided. A data storage device that includes an area storage unit and a user storage unit that stores an identifier of a user who operates the workspace, and the display data object calculation unit is located in the control area of the workspace based on the access right of the user Is displayed on the workspace display means.
This prevents data objects in the control area from being displayed to users without access rights.
[0014]
In the present invention, the data object moving means for moving the display position of the data object displayed by the workspace display means in the workspace according to the user operation, and the data object to be moved are followed. And a control area editing means for editing the control area so that the data object controlled by the control area is included in the control area even after the movement, thereby enabling the user to move the data object. The automatic display mode is changed so as not to deviate from the control area.
[0015]
Further, in the present invention, when the conditions held by the control area change condition holding means for holding the conditions for changing the control area displayed by the control area display means and the conditions held by the control area change condition holding means are satisfied, Control area editing means for changing the control area displayed by the control area display means. For example, the control area disappears at a certain time, and the control area is restored at a certain time. The display can be automatically switched as follows.
[0016]
The present invention further comprises a public level setting means for setting a level for publicizing the control area held by the control area storage means according to the access right for the user information held by the user storage means. The data object calculation means determines whether or not to display the data object on the workspace display means according to the level set by the disclosure level setting means.
Furthermore, in the present invention, the display data object calculation means is a data object to be displayed to the user based on the access right for each control area possessed by the user requesting display for the plurality of overlapping control areas. To decide.
[0017]
  The present invention further includes monitoring means for monitoring user operations on the data object, and search means for searching for the status of the workspace stored in the data object storage means. The data object storage means includes monitoring means. The past state of the workspace is also accumulated as a history based on the user operation detected by the above, and the workspace display means can display the past workspace searched by the search means. Then, with respect to the state of the workspace searched by the search means from the history stored in the data object storage means, the search means searches the workspace accumulated after the workspace, and is included in the workspace. Control history surveying means for investigating what is subsequently under the control area among the data objects to be displayed, and the display data object calculating means is provided with the control area display means based on the result of the survey by the control history surveying means. Add a control area to the workspace and display it.
  As a result, for example, the control area set at the present time is reflected in the past workspace, and the situation where the data object whose access is currently controlled can be accessed by opening the past workspace is prevented.
  In the access control method according to the present invention, in the electronic file device in which the data object is held so that the workspace can be accessed based on a user operation, the data object held by the workspace is displayed, and the data object is accessed. The control area to be controlled is displayed on the workspace so as to overlap the data object, and the displayed data object on the workspace is accessed such as display / editing according to a user operation.
[0018]
DETAILED DESCRIPTION OF THE INVENTION
  Electronic file device according to the present inventionAnd access control method in electronic file deviceWill be specifically described based on examples.
  FIG. 1 shows the configuration of an electronic file device according to the first embodiment of the present invention.
  Here, the electronic file device shown in the following embodiment is composed of a server 2 and a client 3 connected via a network 1, and both the server 2 and the client 3 are obtained by a computer such as a workstation or a personal computer. It is configured. In this embodiment, an embodiment using a client / server is used. However, the present invention is not limited to such an embodiment. For example, an electronic file device is configured in one computer without using a network. May be.
[0019]
The server 2 manages information commonly used by a plurality of clients (that is, a plurality of users), and includes a resource information storage unit 21, a control area information storage unit 22, a user information storage unit 23, and a display resource set calculation unit. 24 and an access right verification unit 25.
[0020]
The resource information storage unit 21 is a readable / writable memory, and stores a reference, a file, and a work space that holds a set of references.
Here, in this embodiment, the three terms “file”, “reference”, and “resource” are distinguished and used as follows.
That is, the file refers to the electronic file itself that stores the substance of the document or program. The reference refers to a file name or an icon for letting the user know the existence of the file or for the user to perform operations such as moving or executing the file. A resource is a generic name representing the substance of information viewed from a user including a file and a reference, and is synonymous with a data object described in the claims.
[0021]
FIG. 2 shows an example of a reference data structure stored in the resource information storage unit 21.
From the viewpoint of the user, the reference is a file icon on a desktop metaphor displayed on the screen, for example, and represents the file itself. The reference and the file do not have to have a one-to-one correspondence, and even if the reference is copied, the file is not always copied in conjunction.
The reference has an identifier id, a reference name, a pointer to a file, coordinates indicating a position displayed on the workspace, and coordinates on the workspace indicating the display size. That is, each file icon presented to the user is managed by such a data structure.
[0022]
FIG. 3 shows an example of the data structure of the file stored in the resource information storage unit 21.
A file has an identifier id, a file name, the owner (owner) of the file, a user (or user group) with write permission, a user (or user group) with reference permission, and binary data that is the substance of the file. have. That is, the access rights such as owner, writing, and reference are managed for each file by such a data structure.
[0023]
FIG. 4 shows an example of the data structure of the workspace stored in the resource information storage unit 21.
Workspace is displayed on identifier, id, workspace name, owner (owner) who can edit workspace, co-worker allowed to view entire workspace, observer restricted to control under control area, workspace A set of references and control area information. That is, each file has access rights such as editing and reference managed by such a data structure.
[0024]
The control area information storage unit 22 is a readable / writable memory, and stores information related to a control area for performing access control for a user.
FIG. 5 shows an example of the data structure of the control area stored in the control area information storage unit 22.
The control area is an identifier id, a control area name, a coworker representing a user (or a user group) who can refer to a resource in the control area, coordinates indicating a position displayed on the workspace, and a workspace indicating a display size. Has the coordinates. That is, the control area presented to the user is managed by such a data structure.
[0025]
Here, in this embodiment, the workspace can be edited by the owner of the workspace, so the owner of the control area is always the owner of the workspace. Therefore, there is no owner in the control area data. The owner of the workspace can of course refer to and edit resources in the control area.
In addition, the coworker inherits the coworker information of the workspace by default, but the owner can remove any member from the information. Thereby, the target member to be controlled can be customized.
[0026]
Users who are co-workers in the control domain must be a subset of the co-workers in the workspace. Therefore, this is ensured by any of the following methods (1) and (2).
(1) The coworker for the control area is selected from the coworker attribute of the workspace.
(2) If the owner uses a user group to set up a coworker in the workspace or control area, the system automatically verifies that the users that make up the coworker in the control area are a subset of that in the workspace If it is wrong, a warning is displayed.
[0027]
The user information storage unit 23 is a readable / writable memory, and stores information related to users and user groups.
FIG. 6 shows an example of a user data structure stored in the user information storage unit 23. The user data has an identifier id, a user name, and a password. FIG. 7 shows an example of the data structure of the user group stored in the user information storage unit 23. The user group data has an identifier id, a group name, and identifiers of members constituting the group. It should be noted that the group id may be further nested and placed in another group member, which can be easily realized by the conventional technique.
In other words, information related to users and user groups is managed by such a data structure.
[0028]
The display resource set calculation unit 24 selects only the references that the user has the right to refer to among the references accumulated in the resource information storage unit 21 for the user who has requested display of the resources.
Here, the access right to the reference on the workspace is set as follows.
That is, as shown in the concept in FIG. 8, the owner can refer to, move, copy, and delete all the references 41 on the workspace 40. The coworker can refer to all the references 41 on the work space 40, but cannot move, copy, or delete the reference 41. The observer can refer to references other than those hidden in the control area 42 among the references 41 on the workspace 40.
[0029]
When the user tries to open a resource, the access right verification unit 25 verifies the user's access to the file based on the write right and the reference right in the file information (FIG. 3). This function is the same as the conventional access control in a file system such as J-Star (trademark).
[0030]
The client 3 has a screen for displaying information to the user and an operation unit for receiving input from the user, and in particular, in order to execute the processing according to the present invention, the resource set display unit 31 and the control region display unit 32. , A resource movement instruction unit 33, a control area editing instruction unit 34, and a resource access unit 35.
[0031]
The resource set display unit 31 displays workspace information on a screen and provides a user interface for a user to access resources. The resource can be displayed like, for example, a conventional desktop document icon. The control area display unit 32 displays control area information on a screen and provides a user interface for a user to access resources. Note that the control area can be displayed by a square or rounded closed curve or an image.
[0032]
FIG. 9 shows a display example of the work space 40 for the owner and coworkers. In this work space 40, the control area 42 is displayed with a closed curve surrounding several resources 41.
FIG. 10 shows a display example of the above-described workspace 40 for the observer. In the workspace 40, the control area 42 is displayed in an opaque manner, and the resource 41 is covered by the control area 42. ing. The observer is set so that the resource 41 hidden in the control area 42 cannot be referred to. In this display example, the non-referenceable resource is covered with the control area 42 so that it cannot be seen by the observer. .
[0033]
The resource movement instruction unit 33 receives an instruction from a user who edits the display of the resource displayed on the workspace, and moves or resizes the specified resource only when the user is the owner of the workspace.
Specifically, the owner can move or change the size of the resource on the workspace using a pointing device or the like.
[0034]
The control area editing instruction unit 34 receives an instruction from a user who edits the control area displayed on the workspace, and generates a control area at a specified position only when the user is the owner of the workspace. Also, move or resize the specified control area.
Specifically, the owner can move the position of the control area on the workspace with a pointing device or change the size of the control area.
[0035]
The resource access unit 35 receives an instruction from a user who accesses the content of the resource displayed on the workspace, and displays the content of the specified resource on the screen only when the user has an access right. .
Specifically, the user double-clicks the reference icon representing the resource with a pointing device or the like, or drags and drops the reference icon onto the reference icon representing the application, and thereby the resource is changed by the application. Can be opened. At that time, the access right verification unit 25 on the server 2 side needs to verify the access right and allow it.
[0036]
Next, processing operations for selecting a resource to be presented when presenting a workspace to the observer in the first embodiment having the above-described configuration will be described with reference to a flowchart shown in FIG.
First, when an instruction from a user who is an observer is received, the position and size of the reference icon on the workspace are specified from the position coordinates and size of the reference included in the workspace (step S1). Next, the position and size of the control area on the work space are specified from the position coordinates and size of the control area set in the work space (step S2).
[0037]
Then, the intersection of the reference icon and the control area on the workspace is detected (step S3). If both intersect, the flag (isHidden) is set to “true” (step S4), and both intersect. If not, the flag (isHidden) is set to “false” (step S5).
When the set flag is “true”, the reference is not displayed, and only when the flag is “false”, the reference is displayed on the workspace (steps S6 and S7). That is, when even a part of the reference icon is in the control area, the reference is not displayed on the workspace.
Note that the above processing is sequentially repeated for each reference and each control area included in the workspace.
[0038]
Here, in this example, when even a part of the rectangle surrounding the reference icon and the rectangle surrounding the control area intersect, it is determined that the reference icon is included in the control area. It may be determined that it is included in the control region only when it is included in the control region.
In the above embodiment, the resource and the control area are managed separately, and the resource to be displayed is calculated at any time when the workspace is displayed. However, the control information for controlling the resource is the workspace. The resource may be displayed in association with the control information when the workspace is displayed.
[0039]
Next, an electronic file device according to a second embodiment of the present invention will be described.
In the second embodiment, a rule and an algorithm are set in which the control area is automatically changed with time. Here, an example in which the attribute of the control area changes after a preset time has been described will be described. There are two types of changes: a pattern in which the access right is changed over time, and a pattern in which the control area changes over time.
The configuration of the second embodiment includes, in addition to the configuration of the first embodiment, a control region change rule setting unit for the user to set a control region change rule, and a control region attribute change unit for changing the control region. ing.
[0040]
The control area change rule setting unit provides a rule window for creating, deleting, and changing rules as shown in FIG.
This rule window is a window that pops up by selecting one control area in the workspace display window shown in FIG. 9 or 10 and then instructing the rule window display related to the control area from a menu or the like. is there.
In this rule window, the user can create a new rule by pressing the New button. Further, by selecting a rule that has already been set from the menu and pressing the Delete button, the rule can be deleted. The check box to the right of the rule name is a toggle button that selects whether to activate or deactivate the rule.
[0041]
Then, after selecting the New button or one of the rule names from the menu and pressing the Edit button, a rule setting window for setting each rule as shown in FIG. 13 is displayed.
In the rule setting window, enter the rule name area for entering the name of the rule to be set, the date and time area for entering the date and time when the control method is changed, the action area for entering the action type for changing the control method, and the parameters for that action A text area for the change, an OK button for confirming the change, and a Cancel button for releasing the change and closing the window.
[0042]
There are four types of rule actions: In the control release, a wild card is set in the attribute of the coworker in the control area so that any user who has a reference right to the workspace can refer to the area under the control area. The coworker change changes the coworker to the designated user. The display coordinate change changes the display coordinates to a specified value. Further, the display size change changes the display size to a specified value.
The workspace owner can set such an action for each control area. For example, when changing coworkers, enter the coworker's user name or user group name after the change in the text area, and In changing the display coordinates or the display size, the changed coordinates or size is input in the (X, Y) coordinate format. If a plurality of rules are to be set in one control area, a plurality of rules are created in the rule window.
[0043]
Next, in the second embodiment having the above-described configuration, the processing operation when presenting a workspace to the user will be described with reference to the flowchart shown in FIG. That is, when presenting a workspace to the user, a process for checking whether automatic change related to the control area is set and, if set, changing the attribute of the control area will be described.
First, when the display of the workspace is instructed by the user (step S10), the control rule for each control area on the workspace is checked (step S11). For example, the current time is checked to determine whether or not the control area needs to be changed (step S11), and if necessary, the control area attribute is changed (step S12).
[0044]
Then, a control rule that may change in the future is held in the memory (step S13), and the above processing is sequentially repeated for each control area on the workspace for displaying and each set rule.
Thereafter, the workspace is displayed in the same manner as shown in FIG. 11 (step S14). Even when the workspace is displayed in this manner, when the time for changing the control rule held in the memory comes, At that point, a warning is displayed to the user, and after saving all data, the workspace is reloaded.
[0045]
Next, an electronic file device according to a third embodiment of the present invention will be described.
In the third embodiment, the control area changes according to the user's operation. Here, the control area moves so as not to output one resource from the control area, and the control area does not output a plurality of resources. Shows an example of a pattern that expands and contracts.
As in the second embodiment, the configuration of the third embodiment includes, in addition to the first embodiment, a control region change rule setting unit for the user to set a control region change rule, and a control region attribute change unit. Prepare.
[0046]
The control area change rule setting unit provides a control area property window for setting control area attributes as shown in FIG. 15, and the control area property window includes a control area name, a list of coworkers, and enclosing resources. It has a type, a list of enclosed resources, and the like.
The resource enclosing type can be selected from two types according to enlargement / reduction of the control area and one according to movement of the control area. When the former is selected, as shown in FIG. 16, when the user moves the resource set in the enclosed resource list and tries to move the resource “prior art” 41 out of the control area 42, The control area 42 is automatically expanded so that resources do not go out of the control area 42.
[0047]
In the control area property window, the respective lists of co-workers and enclosed resources scroll to display all the options, and the user checks and selects only the items to be selected.
In the list of co-workers, what is selected as the co-worker of the attribute of the workspace in which this control area is displayed is displayed. In the case of a user group name, double-clicking the group name displays a list of users who are members of the group name, thereby enabling more detailed setting of coworkers.
The list of enclosed resources lists the resources in the control area. However, this list is not displayed except for the workspace owner or the co-worker in the control area (that is, the workspace observer). Also, the property can only be edited by the workspace owner.
[0048]
Contrary to the above, when a resource located along the outer frame of the control area (that is, located at the end) is moved inward of the boundary line, it is minimized within the range that can enclose all the enclosed resources. The control area is reduced so as to become the control area.
On the other hand, when the enclosing type is set to move, if the resource is moved outside the control area, the control area moves following the resource. If another resource goes out due to the movement of the control area, a warning “Are you sure you want to leave the control area?” Is displayed and the user selects “OK”. The movement of the control area may be stopped to allow the moved resource to go out of the control area.
[0049]
Next, in the third embodiment having the above-described configuration, a processing operation when the control area is enlarged will be described with reference to a flowchart shown in FIG. That is, when a resource is about to be moved out of the control area by drag and drop, etc., it is checked whether the resource is set to be enclosed by the control area. Processing for enlarging the control area will be described.
First, when a resource displayed in the control area on the workspace is moved by drag and drop or the like by the user (step S20), it is checked whether the resource is enclosed in the control area (step S20). S21) If the enclosure is set, it is further checked whether the destination of the resource is outside the control area (step S22).
[0050]
If the enclosure is not set, or if the enclosure remains within the control area even after movement, the resource is drawn at the position after the movement (step S25).
On the other hand, if the resource set to be enclosed moves outside the control area, the size and position of the original control area and the size and position of the resource after movement are calculated (step S23). The control area is enlarged and drawn so as to enclose the resource (step S24), and then the resource is drawn at the moved position (step S25).
[0051]
Next, an electronic file device according to a fourth embodiment of the present invention is described.
In the fourth embodiment, it is possible to set a public level at which a control area is disclosed, and when a plurality of control areas are overlapped, the public level is associated with this.
In addition to the first embodiment, the configuration of the fourth embodiment includes a disclosure level setting unit for setting a level at which each control area is disclosed to each user or user group.
The display resource set calculation unit 24 calculates and determines resource display according to the level set by the disclosure level setting unit. Furthermore, the access right of the resource under the area where a plurality of control areas overlap is determined based on the minimum right in the plurality of control areas possessed by the user to be accessed.
[0052]
The disclosure level is set by a control area property window as shown in FIG.
In the control area properties window, the coworkers of the workspace are displayed in a list, and when one is selected, the public level for that member is displayed in a pull-down menu labeled Public level. For example, in the example shown in the figure, the public level for the coworker (User-2) indicates that the resource can be opened.
[0053]
There are four levels of disclosure:
That is, whether or not it exists only knows whether or not there is even one resource in the control area. In addition, the existence of each resource can be known only by what kind of resource is in the control area. Also, “openable” indicates that resources in the control area can be opened and referenced. In addition, “editable” can be edited after opening a resource in the control area for reference.
In addition, in the case of a configuration that allows a workspace editing right to be given to a coworker, in addition to these, a property editing right, a control area processing / deleting right, and the like can also be given.
[0054]
FIG. 19 shows an example in which a plurality of control areas are overlapped. In this example, a control area 42 “only in a group” and a control area 42 “only a crossing task” are included in the workspace 40. I'm making two.
For example, assume that the following co-workers are set. That is, for the control area 42 “only in the group”, the coworkers set to the open level “openable” are User-2, User-3, User-4, User-5, and the open level “each resource The co-workers who set “existence of” are User-10, User-11, and User-12. For the control area 42 of “only crossing task”, co-workers who set the open level “openable” are User-2, User-10, User-11, User-12, and the open level “each resource The co-workers who set “existence of” are User-3, User-4, and User-5.
[0055]
In such a case, for example, the coworker (User-2) has the open level “openable” for both the control area 42 “only in the group” and the control area 42 “only the crossing task”. All the resources in these two control areas 42 can be opened.
On the other hand, the coworker (User-3) is set to the open level “openable” for the control area 42 “only in the group”, but the open level “openable” for the control area 42 “only the crossing task”. ”Is not set, the two resources 41“ Japanese Patent Application No. 6-12345 ”and“ Japanese Patent Application No. 8-252525 ”in the control area 42“ only in the group ”can be opened, but“ only the crossing task ” In addition to the two resources 41 “task schedule” and “minutes” in the control area 42, the resource 41 “research aim” included in both of the control areas 42 cannot be opened.
[0056]
In the above-described fourth embodiment, when a plurality of control areas are applied to one resource, the user follows the least privileged condition among these conditions. An attribute “when overlapping” is added to the property of the area, and two values “always priority” and “follow other” may be prepared as the values.
The priority is always set so that no matter what other control areas overlap, the right below the control area is not granted. That is, if priority is always selected in all control areas, the same state as in the fourth embodiment is obtained.
In addition, according to another, when a plurality of overlapped areas are overlapped, the access is permitted for the overlapped part with the right permitted by the other overlapped control area. For example, in the above example, if the control area 42 “only crossing tasks” has been set to “follow other things”, the resource 41 “research objective” has the control area 42 “only within the group”. Access is granted with the rights allowed. That is, the coworkers (User-3), (User-4), and (User-5) can open the resource 41 called “the aim of research”.
[0057]
Next, an electronic file device according to a fifth embodiment of the present invention is described.
In the fifth embodiment, consistency is based on the history of how access control has been set after displaying the status of the past workspace when configured to leave the history of the workspace. Assured good access control.
The configuration of the fifth embodiment includes, in addition to the configuration of the first embodiment, an operation monitoring unit that monitors the user performing operations such as addition and deletion of resources on the workspace, and adds or deletes resources. Based on the detection, the state is accumulated in the resource storage unit 21. The storage of this state may be performed every time addition or deletion is performed, or may be performed at regular intervals. This may be changed according to the user's strategy on how accurately the history should be kept.
[0058]
In addition to this, the fifth embodiment includes a search unit for searching for a past resource set stored in the resource storage unit 21. Further, regarding the state of the searched past resource set, the history of the resource set Is provided with a control history investigating unit that searches for resource sets accumulated after the resource set and checks whether there are any resources included in the resource set after that under the control region. In other words, even if access control has not been performed in the past, access control is to be performed over the past for those that have been subject to access control thereafter.
[0059]
FIG. 20 shows an example in which the access control for the past resource set needs to be expanded. In addition, the figure has shown the time change of the state of the work space 40, and the state of the work space 40 shown to (a) is preserve | saved before the state of the work space 40 shown to (b). .
That is, in the state of the workspace 40 shown in (a), access control by the control area 42 “only within the group” has not been performed yet. For this reason, even if the access control by the control area 42 “only in the group” is performed at the time of (b), the access control is performed if the workspace 40 in the past (a) state is searched. The resource 41 that should have been accessed will be accessed.
Therefore, in this embodiment, when resources for which access control is to be found (in this case, three resources included in “only in the group” in (b)), a similar access controllable area is added to them. And display. That is, in this example, even if (a) is searched, the same information as (b) is displayed.
[0060]
FIG. 21 shows another example in which the access control for the past resource set needs to be expanded. In addition, the state of the workspace 40 shown by (a) and (b) in the same figure is the same as that of FIG.
That is, in the state of the work space 40 shown in (a), the access control by the control area is not yet performed, and further compared with the state of (b), “JP-A-7-11111” and “Japanese Patent Application No. 6- The resources 41, “12345”, “task schedule”, and “minutes” are common, but some resources are added or deleted between the two states.
[0061]
When the workspace 40 in the state (b) is created and the workspace in the state (a) in the past is referred to, it is necessary to display that satisfies the following requirements in consideration of these.
That is, a control area “only crossing tasks” is assigned to resources 41 “task schedule” and “minutes”. Further, a control area “only in the group” is assigned to the resource 41 “Japanese Patent Application No. 6-12345”. Further, the control area is not applied to the resources 41 such as “test” and “draft”.
Display examples of the state (a) satisfying these requirements are shown in FIGS. 22 and 23, respectively. The display example shown in FIG. 22 has a configuration in which the control area 42 is individually set for each resource 41. The display example shown in FIG. 23 copies the control area 42 from the state (b) as it is. Only the resources that do not need to be controlled ("test" and "draft") are displayed in the control area 42 with holes.
[0062]
Next, a processing operation for adding a control area to the past workspace state in the fifth embodiment having the above-described configuration will be described with reference to a flowchart shown in FIG.
First, a past workspace state (that is, a set of control areas and resources) is searched (step S30), and it is checked whether the source is included in the control area in the current state (step S31). As a result, if the source in the past state is set in the current state and the control region is set, the control region of the minimum size is added to the past workspace state so as to include this past resource ( Step S32). As a result, as shown in FIG. 22, the access control corresponding to the current state is performed, and the past workspace state is displayed.
[0063]
【The invention's effect】
As described above, it is possible to easily perform access right control for a group of resources using a user-friendly interface such as a positional relationship between a reference and a control area for a shared resource. In addition, since each user is displayed what access right control is performed according to the access right, each user can easily and accurately grasp the setting state of the access right.
[Brief description of the drawings]
FIG. 1 is a configuration diagram of an electronic file device according to an embodiment of the present invention.
FIG. 2 is a diagram illustrating an example of a data structure of a reference.
FIG. 3 is a diagram illustrating an example of a data structure of a file.
FIG. 4 is a diagram illustrating an example of a data structure of a workspace.
FIG. 5 is a diagram illustrating an example of a data structure of a control area.
FIG. 6 is a diagram illustrating an example of a data structure of a user.
FIG. 7 is a diagram illustrating an example of a data structure of a user group.
FIG. 8 is a diagram illustrating access control for an observer.
FIG. 9 is a diagram illustrating a display example for an owner and a coworker.
FIG. 10 is a diagram illustrating a display example for an observer.
FIG. 11 is a flowchart showing a processing procedure of access control for an observer.
FIG. 12 is a diagram illustrating a display example of a rule window.
FIG. 13 is a diagram showing a display example of a rule setting window.
FIG. 14 is a flowchart illustrating a processing procedure for changing a setting rule.
FIG. 15 is a diagram showing a display example of a control area property window.
FIG. 16 is a diagram illustrating resource enclosure;
FIG. 17 is a flowchart showing a processing procedure for expanding a control area accompanying resource movement;
FIG. 18 is a diagram showing a display example of a window for setting a public level.
FIG. 19 is a diagram illustrating a case where a plurality of control areas overlap.
FIG. 20 is a diagram showing a change in the state of the workspace over time.
FIG. 21 is a diagram showing a change in the state of a workspace over time.
FIG. 22 is a diagram showing a display example when a control area is added.
FIG. 23 is a diagram showing a display example when a control area is added.
FIG. 24 is a flowchart showing a processing procedure for adding a control area;
[Explanation of symbols]
2 ... server, 3 ... client, 21 ... resource information storage unit,
22 ... Control information storage unit, 23 ... User information storage unit,
24 ... Display resource set calculation unit, 25 ... Access right verification unit,
31 ... Resource set display section, 32 ... Control area display section,
33 ... Resource movement instruction unit, 34 ... Control region editing instruction unit,
35 ... Resource access part, 40 ... Workspace,
41 ... resource, 42 ... control area,

Claims (1)

In an electronic file device in which data objects are held so that the workspace can be accessed based on user operations,
Workspace display means for displaying data objects held by the workspace;
A data object access means for accessing a data object on the displayed workspace according to a user operation, such as display / editing;
A control area display means for displaying a control area for restricting access to the data object on the workspace while maintaining the display of the data object;
A data object storage means for setting the access right according to the user and storing the data object entity and the position of the data object on the workspace;
User storage means for storing an identifier of a user operating the workspace;
Based on the user information held by the user storage means and the data object information held by the data object storage means, the access that verifies whether the access to the data object by the user operation is permitted and causes the data object access means to execute the access. Rights verification means;
Monitoring means for monitoring user operations on data objects;
Retrieval means for retrieving the status of the workspace accumulated in the data object storage means,
The data object storage means accumulates the past state of the workspace as a history based on the user operation detected by the monitoring means,
The workspace display means can display past workspaces searched by the search means, and
With respect to the past workspace state searched by the search means from the history stored in the data object storage means, the search means is made to search the workspace accumulated after the past workspace, and the past A control history investigation means for examining data objects included in the workspace that are under the control area after the past time point;
Display data object calculation means for causing the control area display means to display a control area added to the past workspace based on the result of the investigation by the control history investigation means,
An electronic file device comprising:

Images