KR102381539B1 - Method for managing privileges on resources contained in a structured document and apparatus using the same - Google Patents

Abstract

Disclosed are a method for managing a user's authorities on resources included in a structured document to maintain integrity and recyclability of each part of a document and an apparatus using the same. More specifically, the method comprises: a step of generating an owner tag corresponding to a top-level element document when generate a structured document and the top-level element document included in the structured document according to a request; a step of generating a new resource according to a request; a step of generating a policy tag or permission tag corresponding to a first predetermined resource according to the request; a step of returning a predetermined user's authority for a first predetermined action on a second predetermined resource according to a request; and a step of executing or not executing the user's second predetermined action according to the user's authority for a second predetermined action on a third predetermined resource acquired according to a request.

Description

A method for managing authority on resources included in a structured document and an apparatus using the same

Disclosed in the present disclosure are a method for managing users' rights with respect to resources, which are items included in a structured document, and a computing device using the same. Specifically, according to the present disclosure, a structured document and a top-level element document included in the structured document are generated according to a request, an owner tag corresponding to the top-level element document is generated, and the new resource is created according to a request; Generates a policy tag or the permission tag corresponding to a first specific resource according to a request, returns the permission of a specific user with respect to a first specific action on a second specific resource according to the request, and a third obtained according to the request Provided are a method capable of executing or not executing the second specific action of the user according to the user's right regarding the second specific action for a specific resource, and a computing device using the same.

BACKGROUND ART With the development of hardware and software technologies for documents, technologies for dealing with the correction, distribution and tracking of various documents have been developed. For example, US Patent No. 9,323,850 discloses a method and system for estimating the viral score of a content item of a publisher.

The permission setting function, which is a function that allows others to set whether or not others can view, duplicate, and use each document created by a user, is generalized with respect to the file system of an operating system (OS) running on a computing device On the other hand, there is a limit in that it is not possible to set the right for reading, reproduction and use with respect to some of the documents according to such technologies.

Various actions (actions) handled through one document need to be controlled at least in a way desired by the author. It is necessary to propose a method of managing the rights that enables the setting of the document so that the document can be used according to the intention.

US 9,323,850 B

Accordingly, an object of the present disclosure is to overcome the limitations of the prior art as follows.

Specifically, the present invention deals with a structured document, which is a document structured by dividing a single document into several parts by reducing the load generated for reading or writing the entire document as the size of a single document increases, but a resource corresponding to a part of the document The purpose of this is to provide a flexible and efficient way of managing rights.

In addition, the present invention is an action that is not typically handled in the file system of the operating system, and enables the setting of permissions for actions such as sharing (ie, redistribution) and contributing to document against read/write access, use, etc. of multiple users. It aims to maintain the integrity and recyclability of each part of the

The characteristic configuration of the present invention for achieving the object of the present invention as described above and for realizing the characteristic effects of the present invention to be described later is as follows.

According to one aspect of the present disclosure, there is provided a method for managing rights with respect to resources included in a structured document using tags, wherein the structured document has at least a depth of 0 It includes one top-level element document, and optionally further includes at least one element document having a depth of one or more, and each element document included in the structured document includes at least one record as content, , the resources include the structured document, and all the element documents included in the structured document, and all the records, wherein each of the resources includes a revision number as a number of times it has been modified, wherein each of the resources has a depth of at least one When the at least one element document is included in the structured document, the structured document indicates that all element documents having a depth n of 1 or more in the structured document are subordinate to one element document having a depth of n-1. Each dependency relationship further includes indicating, wherein the user of the individual resource belonging to the resources includes a general user, at least one owner of the individual resource, and at least one specific user for the individual resource, Each of the tags includes an owner tag for authorizing actions on the individual resource for the at least one owner of the individual resource, an owner tag for authorizing or prohibiting actions on the individual resource for the general user a policy tag, and a permission tag for authorizing or forbidding actions on the individual resource for the at least one specific user, the method comprising: a request from a user to generate the structured document in response to the document creation request, the computing device performs a process of generating the structured document and the top-level element document included in the structured document, and a process of generating the owner tag corresponding to the top-level element document; in response to a resource creation request, which is a request from a user, for creating a new resource in the structured document, the computing device creates the new resource; In response to a request for adding a right, which is a request from a user, for adding a right for a first specific resource in the structured document, the computing device generates the policy tag or the permission tag corresponding to the first specific resource ; In response to a permission check request that is a request for confirming a specific user's permission regarding a first specific action on a second specific resource in the structured document, the computing device is configured to: returning the specific user's rights to an action; and in response to an action execution request, which is a request from a user, to execute a second specific action on the third specific resource in the structured document, the computing device is configured to: acquiring the user's authority regarding the second specific action with respect to the third specific resource through a permission check request regarding the action, and executing or not executing the second specific action according to the acquired authority .

Advantageously, (i) said structured document and said resources and (ii) said tags are held and managed in a repository as different units of information.

In an embodiment, the actions related to the individual resource include a request for contribution to the individual resource and reflection of the contribution, wherein the request for contribution includes: content modified by the computing device from the individual resource; and By creating a new resource comprising a correction frequency increased by one than that of the individual resource, and providing a first user interface accessible by a contribution reflector, a user authorized to reflect the contribution to the individual resource, , an action that determines whether to replace the individual resource by the new resource through the first user interface, and the reflection of the contribution is, by the computing device, according to whether the individual resource is replaced by the new resource , the action of causing the new resource to replace the individual resource or to maintain the individual resource in the structured document.

In another embodiment, the actions related to the individual resource include reading the individual resource, the second specific action is duplication of the structured document, and the duplication of the structured document is performed by the computing device, A document duplication step of creating a new structured document by duplicating duplication target resources that are structured documents or resources to which the user is granted read permission among all resources included in the structured document, and the computing device includes the duplication target resources This is an action including a tag inheritance step of duplicating all tags corresponding to and applying to the new structured document.

Preferably, the actions on the individual resource include reading of the individual resource and sharing of the individual resource, wherein the sharing of the individual resource includes: the computing device, a user designated as a target for sharing A second user interface accessible by a receiver is provided, and if it is true whether the receiver accepts the individual resource determined through the second user interface, the structured document or all of the structured documents included in the structured document A new structured document is created by duplicating replication target resources that are resources to which the recipient is granted read permission among the resources, and the recipient is included in at least one owner of the top-level element document of the new structured document. This action creates or modifies the owner tag of the top-level element document.

Advantageously, returning said specific user's right to said first specific action on said second specific resource comprises: said second specific resource and said first specific one of an ancestor resource of said second specific resource searching for a specific tag, which is a tag of a resource closest to the second specific resource, as a tag applied to the specific user with respect to an action; and determining and returning the authority of the specific user with respect to the first specific action on the second specific resource according to the specific tag obtained according to the search.

More advantageously, in the step of searching for the specific tag, the searching includes: a first condition that the specific tag is an owner tag, and the specific user belongs to the at least one owner corresponding to the specific tag, the specific tag is a second condition in which a policy tag is a policy tag, and the permission is granted or prohibited with respect to the first specific action by the specific tag, the specific tag is a permission tag, and the specific user's A third condition to which permission is granted or prohibited, or a fourth condition in which there is no tag of the nearest resource that satisfies the first condition, the second condition, and the third condition as the termination condition, For the fourth condition, the third condition is applied first, the second condition is applied first to the third condition, and the first condition is applied first to the second condition.

According to another aspect of the present invention, there is also provided a computer program comprising instructions embodied for performing the methods according to the present invention. For example, such a computer program may be stored in a machine-readable non-transitory recording medium.

According to another aspect of the present invention, there is provided a computing device for managing rights regarding resources included in a structured document as tags, wherein the structured document has a depth of 0 At least one element document of the highest level, and optionally further comprising at least one element document having a depth of one or more, each of the element documents included in the structured document includes at least one record as content and the resources include the structured document, and all the element documents included in the structured document, and all the records, wherein each of the resources includes a revision number as a number of revisions, wherein the one or more depths are included. When the at least one element document having the at least one element document is included in the structured document, the structured document is subordinate to one element document having a depth of n-1 in which all element documents having one or more depth n in the structured document each have a depth of n-1. Further comprising each dependency relationship indicating Each of the tags includes: an owner tag for authorizing actions on the individual resource for the at least one owner of the individual resource, authorizing or prohibiting actions on the individual resource for the general user a policy tag for: (i) a user for generating the structured document, and a request to create a structured document that is a request from, (ii) a request to create a resource, which is a request from a user, to create a new resource in the structured document, (iii) a request to create a first specific resource in the structured document , request to add permission, which is a request from the user , (iv) a permission check request, which is a request for confirming a specific user's permission with respect to a first specific action on a second specific resource in the structured document, and (v) a second specific resource in the structured document a communication unit for obtaining an action execution request, which is a request from a user, for executing a specific action; and a process of performing, in response to the structured document creation request, a subprocess for generating the structured document and the top-level element document included in the structured document, and a sub-process for generating the owner tag corresponding to the top-level element document; a process of creating the new resource in response to the resource creation request; a process of generating the policy tag or the permission tag corresponding to the first specific resource in response to the permission addition request; in response to the permission check request , a process for returning the authority of the specific user with respect to the first specific action on the second specific resource, and in response to the action execution request, regarding the second specific action of the user on the third specific resource A processor that acquires the user's right with respect to the second specific action on the third specific resource through a permission check request, and performs a process that executes or does not execute the second specific action according to the acquired right include

According to the present invention, it is easy to create, read, modify, delete, share, contribute, etc., manage the contents of each part belonging to a document, in particular, set permissions, and, in particular, against the read/write access and use of multiple users. There is an advantage in that the integrity and recyclability of each part of the document can be effectively maintained.

The accompanying drawings for use in the description of the embodiments of the present invention are only a part of the embodiments of the present invention, and a person of ordinary skill in the art to which the present invention belongs (hereinafter referred to as "a person skilled in the art") is separate Other drawings may be obtained on the basis of these drawings without effort reaching the invention of
1 is a conceptual diagram schematically illustrating an exemplary configuration of a computing device performing a method for managing rights on resources included in a structured document (hereinafter referred to as a “structured document rights management method”) according to the present disclosure. .
2 is a block diagram exemplarily illustrating a structured document dealt with in the present disclosure.
3 is a block diagram exemplarily showing tags corresponding to each of the resources including a structured document, an element document included in the structured document, and a record included in the structured document, which are dealt with in the present disclosure.
4 is an exemplary block diagram illustrating hardware or software components of a computing device that performs a structured document rights management method according to the present disclosure.
5 is a flowchart illustrating an embodiment of a method for managing structured document rights according to the present disclosure.
6 is a sequence diagram illustrating a process of generating a structured document and generating an owner tag corresponding to the structured document according to the structured document rights management method of the present disclosure.
7 is a sequence diagram illustrating a process of generating a policy tag or a permission tag corresponding to a specific resource according to the structured document management method of the present disclosure.
8 is a flowchart illustrating a process of searching for a tag according to the structured document management method of the present disclosure.
9 is a block diagram illustrating an example of a tag search result according to the structured document management method of the present disclosure.
10 is a sequence diagram illustrating a process of obtaining a user's authority according to the structured document management method of the present disclosure and executing or not executing the second specific action according to the obtained authority.

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS The following detailed description of the present invention refers to the accompanying drawings, which show by way of illustration a specific embodiment in which the present invention may be practiced, in order to clarify the objects, technical solutions and advantages of the present invention. These embodiments are described in sufficient detail to enable those skilled in the art to practice the present invention. In the description with reference to the accompanying drawings, the same components are assigned the same reference numerals regardless of the reference numerals, and the overlapping description thereof will be omitted. Like reference numerals in the drawings refer to the same or similar functions throughout the various aspects.

Although terms such as “first” or “second” may be used to describe various elements, these terms should be interpreted only for the purpose of distinguishing one element from another, and no order is implied. because it doesn't For example, a first component may be termed a second component, and similarly, a second component may also be termed a first component.

When a component is referred to as being “connected to” another component, it may be directly connected or connected to the other component, but it should be understood that another component may exist in between.

The singular expression includes the plural expression unless the context clearly dictates otherwise. In the present disclosure, terms such as “comprise” or “have” are intended to designate that the described feature, number, step, operation, component, part, or combination thereof exists, and includes one or more other features or numbers, It should be understood that the possibility of the presence or addition of steps, operations, components, parts or combinations thereof is not precluded in advance.

In the present disclosure, a "structured document" is a concept that refers to a document bundle including one or more individual element documents connected to each other in a one-to-one or one-to-many (1:many) dependency relationship (or an equivalent inclusion relationship, etc.). Structured documents, element documents, and records, which are the contents of element documents, can each be encompassed as a higher-level concept called 'resource', and the dependency relationship or inclusion relationship between element documents can be generalized as a dependency relationship between resources.

However, such a dependency or containment relationship between resources is conceptually equivalent to a subordinate relationship. For convenience, in this disclosure, when a resource A depends on another resource B, resource A may be referred to as a "parent resource" of resource B, and resource B may be referred to as a "child resource" of resource A. . By extending this, the parent resource, the parent resource of the parent resource, the parent resource of the parent resource of the parent resource, etc. are referred to as "ancestral resources", and the child resource, the child resource of the child resource, the child resource of the child resource of the child resource, etc. It may be referred to as a “progeny resource”.

In the present disclosure, "authority" or "right information" refers to a value that sets whether a user can or cannot take an action with respect to which resource. A Boolean value, It may have the form of an enumeration value, an integer value, or the like. In this disclosure, the expression "authorization is granted" may mean that the authority has a true value, and the expression "authorization is prohibited" may mean that the authority has a false value. there is.

On the other hand, the permission information in the form of an integer value not only can express the permission of a certain user for various actions on a certain resource as a single value by bit expression, but also the bit operation of the computing device is more efficient than branching by logical operation. Since it is very fast, the usefulness of expressing privileges as integers is well known to those skilled in the art.

Unless defined otherwise, all terms used herein, including technical or scientific terms, have the same meaning as commonly understood by one of ordinary skill in the art. Terms such as those defined in a commonly used dictionary should be interpreted as having a meaning consistent with the meaning in the context of the related art, and unless explicitly defined in the present disclosure, it should be interpreted in an ideal or excessively formal meaning doesn't happen

Moreover, the present invention encompasses all possible combinations of the embodiments indicated in the present disclosure. It should be understood that various embodiments of the present invention are different but need not be mutually exclusive. For example, specific shapes, structures, and characteristics described herein may be implemented in other embodiments without departing from the spirit and scope of the present invention in relation to one embodiment. In addition, it should be understood that the position or arrangement of individual components in each disclosed embodiment may be changed without departing from the spirit and scope of the present invention. Accordingly, the detailed description given below is not intended to be taken in a limiting sense.

In this disclosure, unless otherwise indicated or clearly contradicted by context, items referred to in the singular encompass the plural unless the context requires otherwise. In addition, in describing the present invention, if it is determined that a detailed description of a related known configuration or function may obscure the gist of the present invention, the detailed description thereof will be omitted.

Hereinafter, in order to enable those skilled in the art to easily practice the present invention, preferred embodiments of the present invention will be described in detail with reference to the accompanying drawings.

1 is a conceptual diagram schematically illustrating an exemplary configuration of a computing device that performs a structured document rights management method according to the present disclosure.

Referring to FIG. 1 , a computing device 100 according to an embodiment of the present disclosure includes a communication unit 110 and a processor 120 , and communicates with an external computing device (not shown) through the communication unit 110 . Can communicate directly or indirectly.

Specifically, the computing device 100 may include typical computer hardware (eg, a computer, a processor, a memory, storage, an input device and an output device, a device that may include other components of a conventional computing device; a router; , electronic communication devices such as switches, etc.; electronic information storage systems such as network-attached storage (NAS) and storage area networks (SANs)) and computer software (ie, enabling the computing device to operate in a specific way). to achieve the desired system performance by using a combination of instructions that make it function as The storage may include a storage device such as a hard disk and a Universal Serial Bus (USB) memory, as well as a storage device based on a network connection such as a cloud server.

The communication unit 110 of such a computing device may transmit/receive a request and a response between an interworking other computing device, for example, a dedicated storage, for example, a database server, etc. As an example, such a request and a response are the same TCP ( Transmission Control Protocol) may be performed by a session, but is not limited thereto, and may be transmitted and received as, for example, User Datagram Protocol (UDP) datagrams.

Specifically, the communication unit 110 may be implemented in the form of a communication module including a communication interface. For example, the communication interface is WLAN (Wireless LAN), WiFi (Wireless Fidelity) Direct, DLNA (Digital Living Network Alliance), WiBro (Wireless Broadband), WiMax (World interoperability for Microwave access), HSDPA (High Speed Downlink Packet Access), etc. Including wireless Internet interface of wireless internet interface and short-distance communication interface such as Bluetooth™, RFID (Radio Frequency IDentification), Infrared Data Association (IrDA), UWB (Ultra-WideBand), ZigBee, NFC (Near Field Communication) can do. In addition, the communication interface may represent all interfaces through which the processor can communicate with the outside (eg, multiple buses such as a data bus, wired/wireless interfaces).

For example, the communication unit 110 may transmit/receive data to and from other computing devices through the appropriate communication interface as described above. In addition, in a broad sense, the communication unit 110 may include or interwork with a keyboard, a mouse, other external input devices, printing devices, displays, and other external output devices for receiving commands or instructions. In order to enable interaction with a user by displaying and providing a user interface suitable for a user of a computing device, for example, a user terminal or a server such as a portable terminal or a personal computer (PC), the computing device 100 is It is known that a display unit can be built in or can be linked with an external display device through the communication unit 110 . For example, such a display unit or display device may be a touch screen capable of a touch input.

In addition, the processor 120 of the computing device may include one or more micro processing units (MPUs), central processing units (CPUs), graphics processing units (GPUs) having internal memory and/or external memory such as cache memory. , a microprocessor, such as a neural processing unit (NPU) or tensor processing unit (TPU), a controller such as a microcontroller, an embedded microcontroller, a microcomputer, an arithmetic logic unit (ALU), a digital signal processor, such as , a programmable digital signal processor or other programmable device. In addition, the operating system may further include a software configuration of an application for performing a specific purpose.

Now, a structured document rights management method according to the present disclosure will be described in detail below with reference to FIGS. 2 to 9 .

2 is a block diagram exemplarily illustrating a structured document dealt with in the present disclosure.

Referring to FIG. 2 , the structured document 200 includes at least one uppermost element document 210 having a depth of zero. Here, the depth of the element document has a value of an integer greater than or equal to 0, that is, a non-negative integer.

When the structured document 200 does not include any element documents having a depth of one or more, the structured document may be referred to as a trivial structured document, and at least one element document having a depth of one or more (eg, 220 to 270) may be referred to as a non-trivial structured document.

In the example of FIG. 2 , element documents 220 and 230 of depth 1 are subordinate to element document 210 of depth 0, and element documents 240 and 250 of depth 2 are element document 220 of depth 1. ), and the element documents 260 and 270 of depth 3 depend on the element document 240 of depth 2.

The structured document 200 may optionally further include an element document having a depth of one or more, and each of all element documents having a depth n of one or more in the structured document 200 has a depth of n-1. It should depend on one element document. The dependent relationship between individual element documents in the structured document is included in the structured document 200 as data called 'dependent relationship'.

Referring to the example of FIG. 2 , each of all element documents included in the structured document 200 includes at least one record 212 to 276 as contents of the element document. The record may include text, figures, or pictures, but is not limited thereto and may include data in various formats. Each of the records corresponding to the content of an element document includes values indicating whether to use (or display) and/or activate (or highlight) each of the child resources of the element document whether to use or not, for example, It may include Boolean values, and display order values, eg, integer values, which are values indicating an order of displaying the child resources when displaying the child resources.

As described above, the 'resource' includes the structured document 200, all element documents 210 to 270 included in the structured document, as well as records 212 to 276 of the element document 210 to 270. . Each resource includes information of a revision count, which is the number of times the resource has been modified.

3 is a block diagram exemplarily showing tags corresponding to each of the resources including a structured document, an element document included in the structured document, and a record included in the structured document, which are dealt with in the present disclosure.

Before describing the tags illustrated in FIG. 3 , the user, who is the subject to which authority on a certain resource is granted or prohibited, will be described. A user of an individual resource is a general user (everybody), at least one of the individual resources. an owner of , and at least one specific user for the individual resource.

If so, the type of tag includes an owner tag 320 for authorizing actions on the individual resource 310a for at least the owner 322 of the individual resource 310a, and an individual resource 310b for the general user. ) policy tag 340 for authorizing or prohibiting actions on is included Since the general user refers to a specific user, there is a one-to-one correspondence between the individual resource 310b and the policy tag 340, and there is a one-to-one correspondence or a one-to-many correspondence between the individual resource 310a and the owner tag 320. There is a relationship. If the individual resource 310a has only one owner, a one-to-one correspondence between the individual resource and the owner tag will be established. Correspondence) may be established or a one-to-one correspondence relationship (when multiple owners correspond to one owner tag) may be established.

Similarly, a one-to-one correspondence or a one-to-many correspondence may be established between the individual resource 310c and the permission tag 360 , and a person skilled in the art will be able to select one of them as a design proposal, if necessary.

It goes without saying that the owner tag 320 is not intended to prohibit the authority of any action for any owner 322 .

4 is an exemplary block diagram illustrating hardware or software components of a computing device performing a structured document rights management method according to the present disclosure, and FIG. 5 is an embodiment of a structured document rights management method according to the present disclosure is a flowchart showing

4 and 5 , the structured document rights management method of the present disclosure is implemented by a computing device, for example, the server 100 in response to a structured document generation request, which is a request from a user, for generating a structured document. The structured document generation module 410 that is to be implemented generates the structured document 200 and the top element document 210 included in the structured document 200, and is implemented by the server 100 or linked to the server 100 A process (S100a; not shown) for holding in a predetermined storage 420, and an owner tag corresponding to the uppermost element document 210, generating an owner tag designating the user as an owner and holding it in the predetermined storage 420 and performing a process (S100b; not shown) to (S100).

Of course, the structured document creation request, resource creation request, permission addition request, permission check request, action execution request, etc. described in this disclosure may be obtained from another computing device used by the user, for example, the client 100 ′. .

That is, among the components illustrated in FIG. 4 , the storage 420 may be implemented in the server 100 , which is the same computing device as other modules, but may be implemented in a storage server (not shown) as a separate computing device. .

6 is a sequence diagram illustrating a process of generating a structured document and generating an owner tag corresponding to the structured document according to the structured document rights management method of the present disclosure.

As illustrated in FIGS. 4 and 6 , the structured document 200 and its resources and the tags may be held and managed in the same repository 420 , but in different repositories as different units of information, such as structured documents. and resources may be held and managed in document repository 422 and tags in tag repository 424 . Such an information unit may be, for example, a table of an SQL-based database, but is not limited thereto.

The generation of the uppermost element document 210 in the process S100a may be performed by the resource generating module 430 called by the structured document generating module 410 . The generation of the top-level element document 210 in the process S100a means that the user who requested the generation of the structured document 200 becomes the owner of the generated structured document 200, so that the resource creation module 430 is described later. Since there is no need to request the permission check of the same user, the permission check, which will be described later, may be omitted.

The generation of the owner tag in the process S100b may be performed by the tag generating module 440 called by the structured document generating module 410 . As in the process S100a, the generation of the owner tag in the process S100b means that the user who requested the creation of the structured document becomes the owner of the generated structured document 200, so that the tag generation module 440 is described later. There is no need to request confirmation of the user's authority as described above.

The owner tag is data indicating that the owner designated thereby has all rights to the structured document 200, and as mentioned above, the number of owners corresponding to the owner tag is not limited to singular, but may be plural.

On the other hand, the owner tag corresponding to the structured document is defined as the owner tag corresponding to the uppermost element document. This is to ensure consistency in data handling when searching for rights by a tag, which will be described later.

Continuing to refer to FIGS. 4 and 5 , in the structured document rights management method of the present disclosure, the resource generating module 410 implemented by the server 100 is configured to generate a new resource in the structured document 200 . , and generating the new resource in response to a resource creation request, which is a request from a user (S200). The new resource may be a new element document included in the structured document 200 , but is not limited thereto, and for example, may be a new record included in any element document of the structured document 200 .

In addition, in the structured document authority management method of the present disclosure, the tag generation module 440 implemented by the server 100 adds authority to the first specific resource in the structured document 200, from a user The method further includes generating ( S300 ) a policy tag or a permission tag corresponding to the first specific resource in response to the request for adding permission, which is the same as the policy tag and permission tag described above.

7 is a sequence diagram illustrating a process of generating a policy tag or a permission tag corresponding to a specific resource according to the structured document management method of the present disclosure.

Specifically with reference to FIG. 7 , the tag generation module 440 allows the user to select the first specific resource (S340), and the type of tag (policy tag, permission) for the first specific resource. tag, etc.) and its contents (the subject and the subject's authority) are selected by the user (S360), and a policy tag or permission tag corresponding to the first specific resource is generated and held in a predetermined storage 420 (S380) can be done. The step (S320) of providing and showing the entire structured document, for example, through the client 100', before the selection (S340) of the first specific resource so that the user can select the first specific resource may be further included.

On the other hand, when the above-described new resource is created (S200), a policy tag for a general user or a permission tag for a specific user preset by the owner of the structured document corresponds to the resource as a default value. Since they may be generated together, the resource generation module 410 may call the tag generation module 440 for this purpose.

Next, in the structured document authority management method of the present disclosure, the authority checking module 450 implemented by the server 100 , a specific user related to a first specific action on a second specific resource in the structured document 200 . As a response to the permission check request, which is a request for confirming the permission of , it further includes returning the permission of the specific user with respect to the first specific action on the second specific resource (S400; returning or returning). Furthermore, in the structured document rights management method of the present disclosure, the action execution module 460 implemented by the server 100 executes a second specific action on a third specific resource in the structured document 200 . , in response to an action execution request that is a request from a user, the user regarding the second specific action on the third specific resource through a permission confirmation request regarding the second specific action on the third specific resource of the user Acquiring the authority of (S400), and further comprising executing or not executing the second specific action according to the obtained authority (S500).

actions

Prior to the detailed description of the search (S400) and execution of the specific action (S500) of a user's authority with respect to a specific action on a specific resource, in this disclosure, an action on an individual resource, which is the subject of authority check First of all, such actions may include uses and access to the resource. The uses may include modifying (editing), viewing, and deleting the resource, and each of these uses may be granted or prohibited. In addition, since the access refers to the resource being displayed as a search result, the right of such access may also be granted or prohibited.

For example, the actions may include deletion of a top-level element document, which may be the same action as deletion of a corresponding structured document.

On the other hand, actions may include deletion of a resource other than the top-level element document. In order to ensure that any other individual resource in the structured document is not fragmented due to deletion of an individual resource, the child resources included in the individual resource to be deleted and the dependencies on the child resources are also recursive. Of course, it should be deleted as recursive.

Action - Request for Contribution and Reflect Contribution

In addition, the actions may include 'contribution request' and 'contribution reflection' for the individual resource. Here, 'contribution' refers to the act of a user requesting the contribution (ie, a contributor) modifying the resources of a structured document that has been created. corresponds to an action to deliver to the author of do.

More specifically, the request for contribution includes the content modified by the action execution module 460 implemented by the server 100 from the individual resource, and the correction frequency increased by 1 from the correction frequency of the individual resource. By providing a predetermined first user interface accessible by a contribution reflector who is a user authorized to reflect the contribution to the individual resource through the server 100 or the client 100', It is an action to determine whether to replace the individual resource with the new resource through the first user interface. A user interface providing module (not shown) implemented by the server 100 may be used to provide the first user interface. In this case, the action execution module 460 calls and uses such a user interface providing module. can

In addition, in the reflection of the contribution, the action execution module 460 implemented by the server 100 according to whether the individual resource is replaced by the new resource, the new resource in the structured document is the individual resource It is an action to replace or maintain the individual resource. According to the selection of the contribution reflector, if the new resource replaces the individual resource, the new resource has a correction frequency increased by 1 compared to the individual resource. The action execution module 460 may be configured in such a way that it leaves a history of , that is, a contribution record.

Action - Share

On the other hand, the actions may also include sharing of the individual resources. Here, a user who requests execution of an action of sharing is called a sender, and a user designated as the target of sharing is called a receiver. there is. In the sharing of the individual resources, the action execution module 460 implemented by the server 100 provides a predetermined second user interface accessible by the receiver, but through the second user interface If the determined acceptance of the individual resource is true, the structured document 200 (original structured document) is copied to generate a new structured document 200' (not shown), and corresponding to the new structured document Create or modify the owner tag of the shared resources in the new structured document so that the recipient is included in at least one owner of the shared resources that are the resources to which the recipient's read right is granted among the individual resources and descendants of the individual resources it is an action

That is, the new structured document is not the same as the original structured document because the duplication is performed to include only the resources to which the recipient's read permission has been granted among the original structured documents. it may not be In such a sharing, the sender and the receiver may be identical to each other, and sharing to oneself may be referred to as a collection.

As described above with respect to the provision of the first user interface, the user interface providing module may also be used to provide the second user interface.

Action - Duplicate structured document

Additionally, the actions may include duplication of the structured document, wherein the duplication of the structured document includes the structured document 200 itself and the action execution module 460 implemented by the server 100 . A document duplication step of creating a new structured document by duplicating the resources included in the structured document 200, that is, the duplication target resources, which are resources to which the user is granted read permission among all the resources of the structured document 200, and The action execution module 460 may be an action including a tag inheritance step of duplicating all the tags corresponding to the replication target resources and applying them to the new structured document. That is, duplication of the structured document has substantially the same action as sharing of the structured document, in which the sender and the recipient are identical to each other, except that the second user interface is not provided for the sender to ask whether the recipient accepts or not. there is.

In relation to the structured document rights management method of the present disclosure, other actions related to a structured document itself or resources belonging thereto can be easily derived by a person skilled in the art, and a more detailed description thereof will be omitted.

Exploring a user's permissions for an action on a resource

Now, for a detailed description of reference numeral S400, reference is made to FIG. 8 exemplarily showing a process of searching for a tag according to the structured document management method of the present disclosure.

Referring to FIG. 8 , returning the specific user's right to the first specific action for the second specific resource (returning S400) includes the second specific resource R, and the second specific resource. Applied to the specific user U with respect to the first specific action A among the ancestor resources of (expressed as a set, _{ R _p | R _p is the ancestor resource of R}), that is, among R It may include a step (S420) of searching for a tag to be used, where the specific search target is closest to the second specific resource among the tags applied to the specific user, that is, to the closest resource (R'). It is to find the corresponding specific tag (T).

The search for the second specific resource and the ancestor resource of the second specific resource to obtain the specific tag (T) of the nearest resource is, from the second specific resource (R), the ancestor resource ({R _p }) and is an upward search for finding the tag t of a resource r that satisfies a specific condition, that is, an end condition, among R∪{R _p }, for example, Breadth-First Search (BFS). ), but is not limited thereto. A tag t of a resource r that satisfies the termination condition is a specific tag T that is the result of the search.

The termination condition to be satisfied is: (i) a first condition that a tag (t) corresponds to an owner tag and a specific user (U) belongs to the at least one owner corresponding to a tag (t), (ii) a tag a second condition in which (t) is a policy tag, and the authorization or prohibition with respect to a first specific action (A) by tag (t) is a second condition, (iii) tag (t) is a permission tag, and in tag (t) It is a condition that satisfies one of the third conditions in which the authority of the specific user U is granted or prohibited by the first specific action A.

The fourth condition in which there is no tag (t) satisfying the first, second, and third conditions is also an end condition, but if the fourth condition is satisfied, the specific tag (T) that is the result of the search ) does not exist, the right of the specific user U regarding the first specific action A on the second specific resource R may be considered to be prohibited.

There may be an order to be determined first between the first condition and the fourth condition. For example, the third condition may be applied first to the fourth condition, and the second condition may be applied to the third condition. The condition may be applied first, and the first condition may be applied preferentially to the second condition.

9 is a block diagram illustrating an example of a tag search result according to the structured document management method of the present disclosure. Referring to FIG. 9 , a schematic dependency relationship of the resources 910 to 919 belonging to the structured document 900 is shown. The uppermost element document of the structured document 900 is the resource 910 , and each resource is A symbol displayed in the indicated node indicates the type of tag set for the specific user U with respect to the first specific action while corresponding to the resource. Among those codes, "O" stands for owner tag, "A" stands for permission tag, and "P" stands for policy tag. Unsigned resources 914, 916, 918, 919 indicated in the node mean that there is no tag set to correspond to each of those resources with respect to the first specific action and specific user U.

According to the method of the permission search described above, for example, the nearest resource that satisfies the termination condition of the resource 914 to which the tag set to the specific user U is not associated with respect to the first specific action is the resource 911 ), and the termination condition is the third condition, the resource 911, the first specific action, and the tag applied to the specific user U are also applied to the resource 914 and the resource 918 .

In addition, in the example of FIG. 9 , among the ancestor resources of the resource 919 to which the tag does not correspond, the resource satisfying the termination condition includes a resource 910 that satisfies the first condition and a resource 915 that satisfies the second condition. Among them, since the resource 915 is the closest to the resource 919 , the tag of the resource 915 is applied to the resource 919 . On the other hand, among the ancestor resources of the resource 912 , there is only the resource 910 that satisfies the first condition among the resources that satisfy the termination condition, so the tag of the resource 910 is applied to the resource 912 .

In short, since resources to which the same tag is applied in FIG. 9 are painted in the same pattern, a person skilled in the art will understand the method of right search described with reference to FIG. 8 .

Returning the authority of the specific user (S400) is performed after step S420 of the specific user with respect to the first specific action on the second specific resource with reference to the specific tag obtained according to the search. It may further include a step (S480) of determining the authority and returning it.

Now, for a detailed description of reference numeral S500, FIG. 10 showing a process of obtaining a user's authority according to the structured document management method of the present disclosure and executing or not executing the second specific action according to the obtained authority see

An embodiment will be described with reference to FIG. 10 , the second specific action by the user from the client 100 ′, and the action including the third specific resource selected ( S530 ) as a target of the second specific action When the execution request is obtained (S540), the action execution module 460 is configured to, through the user's request for permission confirmation regarding the second specific action with respect to the third specific resource (S550), the third specific resource The user's authority regarding the second specific action may be returned (S480) and obtained, and the result may be returned (S580) after executing or not executing the second specific action according to the obtained authority (S580) there is.

A step (S520) of providing and showing the entire structured document, for example, through the client 100', before the selection (S530) may be further included so that the user can select the third specific resource and the second specific action. .

On the other hand, as the user's authority is obtained at reference numeral S500 and the second specific action is executed or not executed according to the obtained authority, the above-described creation of a new resource (S200) also requests and obtains authority check Of course, only when the user has authority after (S400), it is possible to enable the user to perform this (S200). Since the generation of the structured document and the generation of resources can be viewed as a type of action, respectively, the structured document generation module 410 and the resource generation module 430 that perform each can also be integrated into the action execution module 460 . , the example shown in FIG. 4 is a separate structured document creation module 410 and It may be interpreted that what is indicated by the resource creation module 430 is nothing more than that.

It will be understood by those of ordinary skill in the art that, in light of the above description, there is no inevitable precedence relationship between the respective steps ( S100 to S500 ) of the structured document rights management method of the present disclosure. Of course, to create a new resource in any structured document (S200), create a tag for a specific resource (S300), request and obtain a user's authority for a resource (S400), or perform other actions on the resource (S500) In order to do so, the structured document itself must first be created (S100) and exist, so it can be seen that step S100 is logically preceded compared to steps S200 to S500, but this is only so in relation to any one structured document. , with respect to different structured documents, after performing an action of modifying resources belonging to one structured document (S500), new generation of another structured document (S100) can be made immediately in any of the methods of the present invention Since a step cannot necessarily precede or follow, the use of the term 'step' is intentionally avoided in this disclosure, and it will be said that a time series logical precedence relationship exists only when absolutely necessary. Therefore, a person skilled in the art will understand that all the above-described steps may be interchanged with each other regardless of the magnitude of the expressed numbers, unless there is a justification to do otherwise.

According to the present invention, handling by multiple users of a structured document composed of several parts can be efficiently and systematically performed while providing sufficient variability or flexibility in its structure. And by enabling the setting of permission for contribution, etc., there is an advantageous effect of maintaining the integrity and recyclability of each part of the document against read/write access and use of multiple users.

Of course, the method disclosed in the present disclosure may be performed not only once, but may also be performed repeatedly, intermittently, or continuously according to a user's request or need.

Above, based on the description of various embodiments of the present disclosure, those of ordinary skill in the art will recognize that the method and/or processes of the present invention, and the steps thereof, are hardware, software, or hardware and software suitable for a specific application. It can be clearly understood that they can be realized in any combination.

In addition, those skilled in the art after reading the present disclosure are familiar with various user interfaces that may be provided through a computing device, for example, a workstation, a personal computer, a portable terminal, and the like. With respect to the individual steps S100 to S500, a person skilled in the art needs in the method of the present disclosure, in particular the content of individual resources that enable various manipulations of the user, in particular the structured document described in the present disclosure, eg, text It will be possible to easily imagine various user interfaces required to perform actions such as receiving data in various formats, such as , photos, date, time, etc. from the user and outputting the data to provide to the user.

The hardware devices may include general purpose computers and/or dedicated computing devices or specific computing devices or special features or components of specific computing devices. The processes may be realized by a processor as described above coupled with a memory such as ROM/RAM or the like for storing program instructions and configured to execute instructions stored in the memory. Additionally, or alternatively, the processes may be implemented using an application specific integrated circuit (ASIC), a programmable gate array, such as a field programmable gate array (FPGA), a programmable logic unit (PLU) or programmable array logic. (Programmable Array Logic; PAL) or any other device capable of executing and responding to instructions, any other device or combination of devices that can be configured to process electronic signals. The processing device may run an operating system and one or more software applications running on the operating system. A processing device may also access, store, manipulate, process, and generate data in response to execution of the software. For convenience of understanding, although one processing device is sometimes described as being used, one of ordinary skill in the art will recognize that the processing device includes a plurality of processing elements and/or a plurality of types of processing elements. It can be seen that can include For example, the processing device may include a plurality of processors or one processor and one controller. Other processing configurations are also possible, such as parallel processors. The hardware device may also include a communication unit as described above capable of sending and receiving a signal to and from an external device.

Software may include a computer program, code, instructions, or a combination of one or more of these, and either independently or collectively configure the processing device to operate as desired. ) to the processing unit. The software and/or data may be any kind of machine, component, physical device, virtual equipment, computer storage medium or apparatus, to be interpreted by or provide instructions or data to the processing device. , or may be permanently or temporarily embody in a transmitted signal wave. The software may be distributed over networked computer systems and stored or executed in a distributed manner. Software and data may be stored in one or more machine-readable recording media.

Moreover, the objects of the technical solution of the present invention or parts contributing to the prior arts may be implemented in the form of program instructions that can be executed through various computer components and recorded in a machine-readable medium. The machine-readable medium may include program instructions, data files, data structures, and the like, alone or in combination. The program instructions recorded on the machine-readable recording medium may be specially designed and configured for the embodiment, or may be known and used by those skilled in the art of computer software. Examples of the machine-readable recording medium include magnetic media such as hard disks, floppy disks and magnetic tapes, optical media such as CD-ROMs, DVDs, and Blu-rays, and floppy disks. ), and hardware devices specially configured to store and execute program instructions, such as ROM, RAM, flash memory, and the like. Examples of program instructions include storing and compiling for execution on a machine capable of executing any of the devices described above, as well as a processor, processor architecture, or heterogeneous combination of different hardware and software combinations, or any other program instructions. or it can be built using a structured programming language such as C, an object-oriented programming language such as C++, or a high-level or low-level programming language (assembler, hardware description languages and database programming languages and techniques) that can be interpreted This includes not only machine code and byte code, but also high-level language code that can be executed by a computer using an interpreter or the like.

Accordingly, in one aspect according to the present invention, when the above-described method and combinations thereof are performed by one or more computing devices, the methods and combinations of methods may be implemented as executable code for performing respective steps. In another aspect, the method may be implemented as systems performing the steps, the methods may be distributed in various ways across devices or all functions may be integrated into one dedicated, standalone device or other hardware. In another aspect, the means for performing the steps associated with the processes described above may include any of the hardware and/or software described above. All such sequential combinations and combinations are intended to fall within the scope of this disclosure.

In the above, the present invention has been described with specific matters such as specific components and limited embodiments and drawings, but specific structural or functional descriptions of the embodiments are provided for the purpose of illustration and to help a more general understanding of the present invention. However, the present invention is not limited to the disclosed embodiments, and those skilled in the art to which the present invention pertains may devise various modifications and variations from these descriptions.

Therefore, the technical spirit of the present invention should not be limited to the above-described embodiments, and the claims appended to the present disclosure, including changes or substitutes included in the technical spirit, as well as the claims equivalent to these claims Or it will be said that all equivalent modifications fall within the scope of the spirit of the present invention. For example, the described techniques are performed in an order different from the described method, and/or the described components of the system, structure, apparatus, circuit, etc. are combined or combined in a different form than the described method, or other components Or substituted or substituted by equivalents may achieve an appropriate result.

Such equivalent or equivalent modifications will include, for example, logically equivalent methods capable of producing the same results as practiced by the methods according to the present invention, the spirit and spirit of the present invention. The scope should not be limited by the above-described examples, and should be understood in the broadest sense permitted by law.

Claims (15)

A method for managing rights with respect to resources included in a structured document as tags, the method comprising:
The structured document includes at least one uppermost element document having a depth of 0, and optionally further includes at least one element document having a depth of 1 or more, Each element document contains at least one record as its content;
wherein the resources include the structured document, and all of the element documents included in the structured document, and all of the records, each of the resources comprising a revision number as a number of times it has been modified;
When the at least one element document having a depth of one or more is included in the structured document, the structured document is one in which all element documents having a depth of one or more in the structured document each have a depth of n-1. It further includes each dependency relationship indicating that it is dependent on the element document of
A user of an individual resource belonging to the resources includes a general user, at least one owner of the individual resource, and at least one specific user for the individual resource,
Each of the tags includes: an owner tag for authorizing actions on the individual resource for the at least one owner of the individual resource, authorizing or prohibiting actions on the individual resource for the general user one of a policy tag for, and a permission tag for authorizing or prohibiting actions on the individual resource for the at least one specific user;
The method is
A process of generating, by a computing device, the structured document and the top-level element document included in the structured document, in response to a structured document generation request, which is a request from a user, for generating the structured document, and corresponding to the top-level element document performing a process for generating the owner tag;
in response to a resource creation request, which is a request from a user, for creating a new resource in the structured document, the computing device creates the new resource;
In response to a request for adding a right, which is a request from a user, for adding a right for a first specific resource in the structured document, the computing device generates the policy tag or the permission tag corresponding to the first specific resource ;
In response to a permission check request that is a request for confirming a specific user's permission regarding a first specific action on a second specific resource in the structured document, the computing device is configured to: returning the specific user's permission to an action; and
In response to an action execution request, which is a request from a user, for executing a second specific action on the third specific resource in the structured document, the computing device is configured to: Acquires the user's authority with respect to the second specific action on the third specific resource through a permission check request on
Including, structured document rights management method. According to claim 1,
(i) the structured document and the resources and (ii) the tags are held and managed in a repository as different units of information. According to claim 1,
the actions on the individual resource include requesting a contribution to the individual resource and reflecting the contribution;
The above request for contribution is:
The computing device is a user who is permitted to create a new resource including content modified from the individual resource, and a correction frequency increased by one than the correction frequency of the individual resource, and to reflect the contribution to the individual resource By providing a first user interface accessible by a contribution reflector, the action of determining whether to replace the individual resource by the new resource through the first user interface,
A reflection of this contribution is
The method of claim 1, wherein the computing device causes the new resource to replace the individual resource or maintain the individual resource in the structured document according to whether the individual resource is replaced by the new resource. According to claim 1,
The actions on the individual resource include reading the individual resource,
The second specific action is duplication of the structured document,
Reproduction of the structured document,
A document duplication step in which the computing device creates a new structured document by duplicating, by the computing device, resources to be copied, which are resources to which the user is granted read permission, among all resources included in the structured document or the structured document; and
A tag inheritance step in which the computing device duplicates all tags corresponding to the copy target resources and applies them to the new structured document
A method for managing structured document rights, which is an action comprising: 5. The method of claim 4,
The actions on the individual resource include reading the individual resource and sharing the individual resource,
The sharing of the individual resources is
If the computing device provides a second user interface accessible by a receiver, who is a user designated as the target of sharing, whether the receiver accepts the individual resource determined through the second user interface is true , to create a new structured document by duplicating replication target resources that are resources to which the recipient is granted read permission among all the resources included in the structured document or the structured document, and at least one of the top element documents of the new structured document and creating or modifying an owner tag of the top-level element document of the new structured document so that the owner includes the recipient. According to claim 1,
Returning (returning) the right of the specific user with respect to the first specific action on the second specific resource,
Search for a specific tag, which is a tag of a resource closest to the second specific resource, as a tag applied to the specific user with respect to the first specific action from among the second specific resource and the ancestor resources of the second specific resource to do; and
determining and returning the authority of the specific user with respect to the first specific action on the second specific resource according to the specific tag obtained according to the search;
Including, structured document rights management method. 7. The method of claim 6,
In the step of searching for the specific tag, the search comprises:
a first condition that the specific tag is an owner tag, and the specific user belongs to the at least one owner corresponding to the specific tag;
a second condition in which the specific tag is a policy tag, and permission for the first specific action is granted or prohibited by the specific tag;
a third condition that the specific tag is a permission tag, and that the specific user is authorized or prohibited with respect to the first specific action by the specific tag; or
A fourth condition in which there is no tag of the nearest resource that satisfies the first condition, the second condition, and the third condition
is an end condition, wherein the third condition is applied first to the fourth condition, the second condition is applied first to the third condition, and the first condition is applied first to the second condition , structured document rights management methods. A computer program, stored in a machine-readable recording medium, comprising instructions implemented to cause a computing device to perform the method of any one of claims 1 to 7. A computing device for managing rights with respect to resources included in a structured document as tags, the computing device comprising:
The structured document includes at least one uppermost element document having a depth of 0, and optionally further includes at least one element document having a depth of 1 or more, Each element document contains at least one record as its content;
wherein the resources include the structured document, and all of the element documents included in the structured document, and all of the records, each of the resources comprising a revision number as a number of times it has been modified;
When the at least one element document having a depth of one or more is included in the structured document, the structured document is one in which all element documents having a depth of one or more in the structured document each have a depth of n-1. It further includes each dependency relationship indicating that it is dependent on the element document of
A user of an individual resource belonging to the resources includes a general user, at least one owner of the individual resource, and at least one specific user for the individual resource,
Each of the tags includes: an owner tag for authorizing actions on the individual resource for the at least one owner of the individual resource, authorizing or prohibiting actions on the individual resource for the general user one of a policy tag for, and a permission tag for authorizing or prohibiting actions on the individual resource for the at least one specific user;
The computing device,
(i) a request to create a structured document that is a request from a user to create the structured document, (ii) a request to create a resource that is a request from a user to create a new resource in the structured document, (iii) the structured document a request to add a permission, which is a request from a user, to add a permission to my first specific resource, (iv) a request to confirm the permission of the specific user with respect to a first specific action on a second specific resource in the structured document a communication unit for obtaining an authorization confirmation request, and (v) an action execution request, which is a request from a user, for executing a second specific action on a third specific resource in the structured document; and
a process of performing, in response to the structured document creation request, a subprocess for generating the structured document and the top-level element document included in the structured document, and a sub-process for generating the owner tag corresponding to the top-level element document; In response to a resource creation request, the process of creating the new resource, in response to the permission addition request, a process of generating the policy tag or the permission tag corresponding to the first specific resource, in response to the permission check request, a process for returning the right of the specific user with respect to the first specific action on the second specific resource, and, in response to the action execution request, the right of the user about the second specific action on the third specific resource A processor that acquires the user's authority with respect to the second specific action on the third specific resource through a confirmation request, and performs a process of executing or not executing the second specific action according to the acquired authority
Including, structured document rights management device. 10. The method of claim 9,
(i) the structured document and the resources and (ii) the tags are held and managed in a repository as different units of information. 10. The method of claim 9,
the actions on the individual resource include requesting a contribution to the individual resource and reflecting the contribution;
The above request for contribution is:
The processor creates a new resource including the modified content from the individual resource, and a correction frequency increased by one than the correction frequency of the individual resource, and a user who is permitted to reflect the contribution to the individual resource. an action that causes the contributing reflector to determine whether to replace the individual resource by the new resource via the first user interface by providing a first user interface accessible by the reflector,
A reflection of this contribution is
The apparatus for managing structured document rights, wherein the processor causes the new resource to replace the individual resource or maintain the individual resource in the structured document according to whether the individual resource is replaced by the new resource. 10. The method of claim 9,
The actions on the individual resource include reading the individual resource,
The second specific action is duplication of the structured document,
Reproduction of the structured document,
A document duplication sub-process in which the processor duplicates the structured document or resources to which the user is granted the read right among all the resources included in the structured document to create a new structured document, and
A tag inheritance sub-process in which the processor duplicates all tags corresponding to the replication target resources and applies them to the new structured document
An action for performing sub-processes comprising a, structured document rights management device. 13. The method of claim 12,
The actions on the individual resource include reading the individual resource and sharing the individual resource,
The sharing of the individual resources is
If the processor provides a second user interface accessible by a receiver who is a user designated as the target of sharing, and whether the receiver accepts the individual resource determined through the second user interface is true, A new structured document is created by duplicating replication target resources, which are resources to which read permission is granted to the recipient, among all the resources included in the structured document or the structured document, and at least one owner of the uppermost element document of the new structured document and creating or modifying an owner tag of the top-level element document of the new structured document so that the recipient is included in the structured document rights management apparatus. 10. The method of claim 9,
The process of returning the authority of the specific user with respect to the first specific action on the second specific resource includes:
Search for a specific tag, which is a tag of a resource closest to the second specific resource, as a tag applied to the specific user with respect to the first specific action from among the second specific resource and the ancestor resources of the second specific resource subprocess; and
A sub-process for determining and returning the authority of the specific user with respect to the first specific action on the second specific resource according to the specific tag obtained according to the search
Including, structured document rights management device. 15. The method of claim 14,
In the process of searching for the specific tag,
The search is
a first condition that the specific tag is an owner tag, and the specific user belongs to the at least one owner corresponding to the specific tag;
a second condition in which the specific tag is a policy tag, and permission for the first specific action is granted or prohibited by the specific tag;
a third condition that the specific tag is a permission tag, and that the specific user is authorized or prohibited with respect to the first specific action by the specific tag; or
A fourth condition in which there is no tag of the nearest resource that satisfies the first condition, the second condition, and the third condition
is an end condition, wherein the third condition is applied first to the fourth condition, the second condition is applied first to the third condition, and the first condition is applied first to the second condition , structured document rights management unit.

Images