TWI805438B - Management system and management method for access authorization of electronic document - Google Patents

Management system and management method for access authorization of electronic document Download PDF

Info

Publication number
TWI805438B
TWI805438B TW111125816A TW111125816A TWI805438B TW I805438 B TWI805438 B TW I805438B TW 111125816 A TW111125816 A TW 111125816A TW 111125816 A TW111125816 A TW 111125816A TW I805438 B TWI805438 B TW I805438B
Authority
TW
Taiwan
Prior art keywords
terminal device
cloud server
file
hash value
index
Prior art date
Application number
TW111125816A
Other languages
Chinese (zh)
Other versions
TW202403566A (en
Inventor
郭芷辰
孫漢傑
張家棟
薛仲佑
劉秋宗
Original Assignee
中華電信股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中華電信股份有限公司 filed Critical 中華電信股份有限公司
Priority to TW111125816A priority Critical patent/TWI805438B/en
Application granted granted Critical
Publication of TWI805438B publication Critical patent/TWI805438B/en
Publication of TW202403566A publication Critical patent/TW202403566A/en

Links

Images

Abstract

A management system and a management method for access authorization of an electronic document are provided. The method includes: storing, by a cloud server, a hash value of a first redacted document, a ciphertext of confidential information, an authorization level corresponding to the confidential information, and an index corresponding to the confidential information, the first redacted document includes a redacted area corresponding to the index; storing, by a first terminal device, the first redacted document, and receiving, from the cloud server, the hash value, the ciphertext, the authorization level, and the index; recovering, by the first terminal device, the redacted area of the first redacted document according to the index, the authorization level, and the ciphertext so as to generate a second redacted document in response to the hash value matching the first redacted document; and transmitting, by the first terminal device, the second redacted document to the cloud server.

Description

電子文件的存取權限的管理系統和管理方法Management system and method for access rights of electronic files

本發明是有關於一種電子文件的存取權限的管理系統和管理方法。The invention relates to a management system and a management method of access rights of electronic files.

隨著網路技術的普及,文章的作者可以通過雲端設備以將文章快速地分享給多位讀者。然而,傳統的雲端分享方式並無法讓作者能有效地管理各個讀者的存取權限。舉例來說,針對需付費才能取得文件所有內容的存取權限,作者可能需要製作兩種版本的文件:包括部分內容的試閱版文件和包含所有內容的正式版文件。當存取權限需要被進一步細分時,作者可能還需要製作超過兩種版本的文件。這種方式對作者來說是非常不便的。With the popularization of network technology, the author of the article can quickly share the article with multiple readers through the cloud device. However, the traditional cloud sharing method does not allow the author to effectively manage the access rights of each reader. For example, for paid access to all content in a document, an author may need to create two versions of a document: a trial version that includes some content and a production version that includes all content. When access rights need to be further subdivided, the author may also need to make more than two versions of the document. This way is very inconvenient for the author.

本發明提供一種電子文件的存取權限的管理系統和管理方法,可讓使用者以簡便的方式管理電子文件的存取權限。The invention provides a management system and method for access rights of electronic files, which allow users to manage the access rights of electronic files in a convenient manner.

本發明的一種電子文件的存取權限的管理系統,包含雲端伺服器以及第一終端裝置。雲端伺服器儲存第一刪減文件的雜湊值、機密資料的密文、對應於機密資料的權限等級以及對應於機密資料的索引,其中第一刪減文件包含對應於索引的刪減區域。第一終端裝置儲存第一刪減文件,並且通訊連接至雲端伺服器,其中第一終端裝置自雲端伺服器接收雜湊值、密文、權限等級以及索引,其中第一終端裝置響應於雜湊值與第一刪減文件匹配而根據索引、權限等級和密文還原第一刪減文件的刪減區域,從而產生第二刪減文件,其中第一終端裝置傳送第二刪減文件至雲端伺服器。A management system for access rights of electronic files of the present invention includes a cloud server and a first terminal device. The cloud server stores the hash value of the first deleted file, the ciphertext of the confidential data, the authority level corresponding to the confidential data, and the index corresponding to the confidential data, wherein the first deleted file includes the deleted area corresponding to the index. The first terminal device stores the first deleted file, and communicates with the cloud server, wherein the first terminal device receives the hash value, ciphertext, authority level and index from the cloud server, wherein the first terminal device responds to the hash value and The first deleted file is matched to restore the deleted area of the first deleted file according to the index, authority level and ciphertext, thereby generating a second deleted file, wherein the first terminal device transmits the second deleted file to the cloud server.

在本發明的一實施例中,上述的管理系統更包含第二終端裝置。第二終端裝置通訊連接至雲端伺服器,其中第二終端裝置傳送授權請求至雲端伺服器以自雲端伺服器取得第二刪減文件。In an embodiment of the present invention, the above-mentioned management system further includes a second terminal device. The second terminal device is communicatively connected to the cloud server, wherein the second terminal device sends an authorization request to the cloud server to obtain the second deleted file from the cloud server.

在本發明的一實施例中,上述的第一終端裝置接收對原始文件上的機密資料的標示操作以根據原始文件產生雜湊值、密文、權限等級以及索引,其中第一終端裝置傳送雜湊值、密文、權限等級以及索引至雲端伺服器以供雲端伺服器儲存。In an embodiment of the present invention, the above-mentioned first terminal device receives the operation of marking the confidential information on the original file to generate a hash value, ciphertext, authority level and index according to the original file, wherein the first terminal device transmits the hash value , ciphertext, permission level and index to the cloud server for storage on the cloud server.

在本發明的一實施例中,上述的第一終端裝置根據公鑰加密機密資料以產生密文。In an embodiment of the present invention, the above-mentioned first terminal device encrypts the confidential data according to the public key to generate a ciphertext.

在本發明的一實施例中,上述的第一終端裝置接收用戶定義權限,並且根據用戶定義權限以及權限等級判斷是否還原刪減區域。In an embodiment of the present invention, the above-mentioned first terminal device receives the user-defined authority, and judges whether to restore the deleted area according to the user-defined authority and the authority level.

在本發明的一實施例中,上述的第一終端裝置自雲端伺服器接收授權請求,並且響應於接收授權請求而傳送雜湊值至雲端伺服器,其中雲端伺服器響應於接收雜湊值而回傳雜湊值、密文、權限等級以及索引至第一終端裝置。In an embodiment of the present invention, the above-mentioned first terminal device receives an authorization request from the cloud server, and sends a hash value to the cloud server in response to receiving the authorization request, wherein the cloud server returns a hash value in response to receiving the hash value hash value, ciphertext, permission level and index to the first terminal device.

在本發明的一實施例中,上述的第一終端裝置自雲端伺服器接收用戶識別碼,根據第一終端裝置的硬體特徵值產生硬體雜湊值,並且傳送用戶識別碼和硬體雜湊值至雲端伺服器以進行註冊。In an embodiment of the present invention, the above-mentioned first terminal device receives the user identification code from the cloud server, generates a hardware hash value according to the hardware characteristic value of the first terminal device, and transmits the user identification code and the hardware hash value to a cloud server for registration.

在本發明的一實施例中,上述的雲端伺服器響應於自第一終端裝置接收到用戶識別碼和硬體雜湊值而准許第一終端裝置與雲端伺服器進行通訊。In an embodiment of the present invention, the above-mentioned cloud server allows the first terminal device to communicate with the cloud server in response to receiving the user identification code and the hardware hash value from the first terminal device.

在本發明的一實施例中,上述的第一終端裝置傳送第二刪減文件的存取期限至雲端伺服器,其中雲端伺服器響應於在存取期限內接收到存取指令而傳送第二刪減文件至第二終端裝置。In an embodiment of the present invention, the above-mentioned first terminal device transmits the access period of the second deleted file to the cloud server, wherein the cloud server transmits the second Delete files to the second terminal device.

本發明的一種電子文件的存取權限的管理方法,包含:由雲端伺服器儲存第一刪減文件的雜湊值、機密資料的密文、對應於機密資料的權限等級以及對應於機密資料的索引,其中第一刪減文件包含對應於索引的刪減區域;由第一終端裝置儲存第一刪減文件,並且自雲端伺服器接收雜湊值、密文、權限等級以及索引;由第一終端裝置響應於雜湊值與第一刪減文件匹配而根據索引、權限等級和密文還原第一刪減文件的刪減區域,從而產生第二刪減文件;以及由第一終端裝置傳送第二刪減文件至雲端伺服器。A method for managing the access rights of electronic files of the present invention, comprising: storing the hash value of the first deleted file, the ciphertext of the confidential data, the permission level corresponding to the confidential data, and the index corresponding to the confidential data by the cloud server , wherein the first deleted file includes a deleted area corresponding to the index; the first terminal device stores the first deleted file, and receives the hash value, ciphertext, authority level and index from the cloud server; the first terminal device restoring the truncated area of the first truncated file according to the index, authority level, and ciphertext in response to the hash value matching the first truncated file, thereby generating a second truncated file; and transmitting the second truncated file by the first terminal device file to the cloud server.

基於上述,本發明的雲端伺服器可提供功能網頁模組給電子文件之作者或讀者的終端裝置。電子文件的作者可操作終端裝置以在電子文件上標示屬於機密的資料及其對應的權限等級,從而產生部分內容遭到刪減的電子文件。不具高級權限等級的讀者僅能閱讀遭到刪減的電子文件。若讀者欲取得較高級的權限等級,則讀者可操作終端裝置對作者傳送請求。作者可自行定義該讀者的權限等級,從而為電子文件還原部分或所有遭到刪減的內容。作者可通過雲端伺服器以在存取期限內將經過還原的電子文件分享給讀者。據此,本發明的管理系統可使電子文件之存取權限的管理變得更加方便和簡易。Based on the above, the cloud server of the present invention can provide functional webpage modules to the terminal devices of authors or readers of electronic documents. The author of the electronic file can operate the terminal device to mark the confidential information and the corresponding authority level on the electronic file, so as to generate the electronic file with part of the content deleted. Readers without an advanced permission level can only read redacted electronic files. If the reader wants to obtain a higher level of authority, the reader can operate the terminal device to send a request to the author. Authors can define the reader's permission level to restore some or all of the deleted content for the electronic file. Authors can share the restored electronic files with readers through the cloud server within the access period. Accordingly, the management system of the present invention can make the management of access rights of electronic files more convenient and simple.

為了使本發明之內容可以被更容易明瞭,以下特舉實施例作為本發明確實能夠據以實施的範例。另外,凡可能之處,在圖式及實施方式中使用相同標號的元件/構件/步驟,係代表相同或類似部件。In order to make the content of the present invention more comprehensible, the following specific embodiments are taken as examples in which the present invention can actually be implemented. In addition, wherever possible, elements/components/steps using the same reference numerals in the drawings and embodiments represent the same or similar parts.

圖1根據本發明的一實施例繪示一種電子文件的存取權限的管理系統10的示意圖。管理系統10可包含對應於電子文件之作者的終端裝置100、對應於電子文件之讀者的終端裝置200以及雲端伺服器500。雲端伺服器500可通訊連接至終端裝置100或終端裝置200。FIG. 1 shows a schematic diagram of a management system 10 for access rights of electronic files according to an embodiment of the present invention. The management system 10 may include a terminal device 100 corresponding to the author of the electronic document, a terminal device 200 corresponding to the reader of the electronic document, and a cloud server 500 . The cloud server 500 can be communicatively connected to the terminal device 100 or the terminal device 200 .

終端裝置100可包含處理器110、儲存媒體120以及收發器130。處理器110例如是中央處理單元(central processing unit,CPU),或是其他可程式化之一般用途或特殊用途的微控制單元(micro control unit,MCU)、微處理器(microprocessor)、數位信號處理器(digital signal processor,DSP)、可程式化控制器、特殊應用積體電路(application specific integrated circuit,ASIC)、圖形處理器(graphics processing unit,GPU)、影像訊號處理器(image signal processor,ISP)、影像處理單元(image processing unit,IPU)、算數邏輯單元(arithmetic logic unit,ALU)、複雜可程式邏輯裝置(complex programmable logic device,CPLD)、現場可程式化邏輯閘陣列(field programmable gate array,FPGA)或其他類似元件或上述元件的組合。處理器110可耦接至儲存媒體120以及收發器130,並且存取和執行儲存於儲存媒體120中的多個模組和各種應用程式。The terminal device 100 may include a processor 110 , a storage medium 120 and a transceiver 130 . The processor 110 is, for example, a central processing unit (central processing unit, CPU), or other programmable general purpose or special purpose micro control unit (micro control unit, MCU), microprocessor (microprocessor), digital signal processing Digital Signal Processor (DSP), Programmable Controller, Application Specific Integrated Circuit (ASIC), Graphics Processing Unit (GPU), Image Signal Processor (ISP) ), image processing unit (image processing unit, IPU), arithmetic logic unit (arithmetic logic unit, ALU), complex programmable logic device (complex programmable logic device, CPLD), field programmable logic gate array (field programmable gate array , FPGA) or other similar components or combinations of the above components. The processor 110 can be coupled to the storage medium 120 and the transceiver 130 , and access and execute multiple modules and various application programs stored in the storage medium 120 .

儲存媒體120例如是任何型態的固定式或可移動式的隨機存取記憶體(random access memory,RAM)、唯讀記憶體(read-only memory,ROM)、快閃記憶體(flash memory)、硬碟(hard disk drive,HDD)、固態硬碟(solid state drive,SSD)或類似元件或上述元件的組合,而用於儲存可由處理器110執行的多個模組或各種應用程式。在本實施例中,儲存媒體120可儲存包含功能網頁模組121等多個模組,其功能將於後續說明。The storage medium 120 is, for example, any type of fixed or removable random access memory (random access memory, RAM), read-only memory (read-only memory, ROM), flash memory (flash memory) , hard disk drive (hard disk drive, HDD), solid state drive (solid state drive, SSD) or similar components or a combination of the above components, and are used to store multiple modules or various application programs executable by the processor 110 . In this embodiment, the storage medium 120 can store a plurality of modules including a functional webpage module 121, and its functions will be described later.

收發器130以無線或有線的方式傳送及接收訊號。收發器130還可以執行例如低噪聲放大、阻抗匹配、混頻、向上或向下頻率轉換、濾波、放大以及類似的操作。終端裝置100可通過收發器130通訊連接至雲端伺服器500或終端裝置200。The transceiver 130 transmits and receives signals in a wireless or wired manner. The transceiver 130 may also perform operations such as low noise amplification, impedance matching, frequency mixing, up or down frequency conversion, filtering, amplification, and the like. The terminal device 100 can communicate with the cloud server 500 or the terminal device 200 through the transceiver 130 .

終端裝置200可包含處理器210、儲存媒體220以及收發器230。處理器210例如是與處理器110具有相同結構或功能的處理器。處理器210可耦接至儲存媒體220以及收發器230,並且存取和執行儲存於儲存媒體220中的多個模組和各種應用程式。儲存媒體220例如是與儲存媒體120具有相同結構或功能的儲存媒體,而用於儲存可由處理器210執行的多個模組或各種應用程式。在本實施例中,儲存媒體220可儲存包含功能網頁模組221等多個模組,其功能將於後續說明。收發器230例如是與收發器130具有相同結構或功能的收發器。終端裝置200可通過收發器230通訊連接至雲端伺服器500或終端裝置100。The terminal device 200 may include a processor 210 , a storage medium 220 and a transceiver 230 . The processor 210 is, for example, a processor having the same structure or function as the processor 110 . The processor 210 can be coupled to the storage medium 220 and the transceiver 230 , and access and execute multiple modules and various application programs stored in the storage medium 220 . The storage medium 220 is, for example, a storage medium having the same structure or function as the storage medium 120 , and is used for storing a plurality of modules or various application programs executable by the processor 210 . In this embodiment, the storage medium 220 can store a plurality of modules including a functional webpage module 221, and its functions will be described later. The transceiver 230 is, for example, a transceiver having the same structure or function as the transceiver 130 . The terminal device 200 can communicate with the cloud server 500 or the terminal device 100 through the transceiver 230 .

雲端伺服器500可包含處理器510、儲存媒體520以及收發器530。處理器510例如是與處理器110具有相同結構或功能的處理器。處理器510可耦接至儲存媒體520以及收發器530,並且存取和執行儲存於儲存媒體520中的多個模組和各種應用程式。儲存媒體520例如是與儲存媒體120具有相同結構或功能的儲存媒體,而用於儲存可由處理器510執行的多個模組或各種應用程式。收發器530例如是與收發器130具有相同結構或功能的收發器。雲端伺服器500可通過收發器530通訊連接至終端裝置100或終端裝置200。The cloud server 500 may include a processor 510 , a storage medium 520 and a transceiver 530 . The processor 510 is, for example, a processor having the same structure or function as the processor 110 . The processor 510 can be coupled to the storage medium 520 and the transceiver 530 , and access and execute multiple modules and various application programs stored in the storage medium 520 . The storage medium 520 is, for example, a storage medium having the same structure or function as the storage medium 120 , and is used for storing a plurality of modules or various application programs executable by the processor 510 . The transceiver 530 is, for example, a transceiver having the same structure or function as the transceiver 130 . The cloud server 500 can be communicatively connected to the terminal device 100 or the terminal device 200 through the transceiver 530 .

圖2根據本發明的一實施例繪示根據電子文件產生刪減文件的信令圖。為了使用由雲端伺服器500所提供的服務,終端裝置100可先執行步驟S201和步驟S202以完成註冊。在步驟S201中,終端裝置100可從雲端伺服器500下載功能網頁模組121以及終端裝置100專屬的用戶者識別碼(user identifier,UID)。FIG. 2 shows a signaling diagram for generating a deleted file from an electronic file according to an embodiment of the present invention. In order to use the services provided by the cloud server 500 , the terminal device 100 may first perform steps S201 and S202 to complete the registration. In step S201 , the terminal device 100 may download the functional webpage module 121 and a user identifier (UID) specific to the terminal device 100 from the cloud server 500 .

在步驟S202中,功能網頁模組121可傳送硬體雜湊值以及UID至雲端伺服器500以進行註冊。具體來說,功能網頁模組121透過安全資料傳輸層(secure sockets layer,SSL)連線傳送硬體雜湊值以及UID至雲端伺服器500。在取得對應於終端裝置100的硬體雜湊值以及UID後,雲端伺服器500判斷終端裝置100完成註冊,並准許終端裝置100與雲端伺服器500進行通訊或使用由雲端伺服器500提供的服務。此外,雲端伺服器500透過相同的SSL連線傳送回覆訊息給終端裝置100,藉以提示終端裝置100的使用者註冊已經成功完成。若有未完成註冊的終端裝置嘗試存取雲端伺服器500,雲端伺服器500可通過收發器530輸出告警訊息給雲端伺服器500的使用者或未完成註冊之終端裝置的使用者。In step S202 , the function webpage module 121 can send the hardware hash value and the UID to the cloud server 500 for registration. Specifically, the functional webpage module 121 transmits the hardware hash value and the UID to the cloud server 500 through a secure sockets layer (SSL) connection. After obtaining the hardware hash value and UID corresponding to the terminal device 100 , the cloud server 500 determines that the terminal device 100 is registered, and allows the terminal device 100 to communicate with the cloud server 500 or use services provided by the cloud server 500 . In addition, the cloud server 500 sends a reply message to the terminal device 100 through the same SSL connection, so as to remind the terminal device 100 that the user registration has been successfully completed. If there is an unregistered terminal device trying to access the cloud server 500, the cloud server 500 can output an alarm message to the user of the cloud server 500 or the user of the unregistered terminal device through the transceiver 530.

在一實施例中,雲端伺服器500可將硬體雜湊值、UID以及終端裝置100之間的映射關係記錄在儲存媒體520中,以用來辨識完成註冊的終端裝置100。In one embodiment, the cloud server 500 may record the mapping relationship between the hardware hash value, the UID, and the terminal device 100 in the storage medium 520 for identifying the registered terminal device 100 .

在一實施例中,功能網頁模組121根據終端裝置100的硬體特徵值產生硬體雜湊值。舉例來說,若終端裝置100的操作系統為iOS系統,則功能網頁模組121使用DeviceCheck應用程式介面(application programming interface,API)產生一個用來識別終端裝置100的權杖(token)或識別碼以作為硬體特徵值,例如IDFV(identifier for vendor)。若終端裝置100的操作系統為Android系統,則功能網頁模組121採用Android ID(SSAID)作為硬體特徵值。舉另一例來說,功能網頁模組121讀取基本輸入輸出系統(basic input/output system,BIOS)中的通用唯一識別碼(universally unique identifier,UUID)以作為硬體特徵值。舉再一例來說,硬體特徵值包含中央處理單元識別碼(CPU ID)、BIOS序列號或machineGUID。In one embodiment, the functional webpage module 121 generates a hardware hash value according to the hardware characteristic value of the terminal device 100 . For example, if the operating system of the terminal device 100 is the iOS system, the functional web module 121 uses the DeviceCheck application programming interface (application programming interface, API) to generate a token or identification code for identifying the terminal device 100 as the hardware characteristic value, such as IDFV (identifier for vendor). If the operating system of the terminal device 100 is the Android system, the functional webpage module 121 uses the Android ID (SSAID) as the hardware characteristic value. For another example, the functional webpage module 121 reads a universally unique identifier (UUID) in a basic input/output system (BIOS) as a hardware characteristic value. For another example, the hardware characteristic value includes a central processing unit identification code (CPU ID), a BIOS serial number or a machineGUID.

在一實施例中,功能網頁模組121以UID對硬體特徵值進行「加鹽」以產生硬體雜湊值。具體來說,功能網頁模組121在硬體特徵值的雜湊內容的任意固定位置插入UID以進行「加鹽」並產生硬體雜湊值。In one embodiment, the functional webpage module 121 uses the UID to "salt" the hardware characteristic value to generate the hardware hash value. Specifically, the function webpage module 121 inserts the UID at any fixed position of the hash content of the hardware characteristic value to perform "salting" and generate the hardware hash value.

在步驟S203中,功能網頁模組121傳送硬體雜湊值和UID至雲端伺服器500以進行登入。雲端伺服器500根據硬體雜湊值和UID判斷終端裝置100是否為完成註冊的終端裝置。若雲端伺服器500判斷終端裝置100已經完成註冊,則雲端伺服器500可為終端裝置100提供服務。In step S203 , the function webpage module 121 sends the hardware hash value and the UID to the cloud server 500 for login. The cloud server 500 judges whether the terminal device 100 is a registered terminal device according to the hardware hash value and the UID. If the cloud server 500 determines that the registration of the terminal device 100 has been completed, the cloud server 500 can provide services for the terminal device 100 .

在步驟S204中,功能網頁模組121取得原始文件。功能網頁模組121通過收發器130接收完整的原始文件,或接收由使用者透過輸入裝置(例如:鍵盤)產生的輸入指令以製作原始文件。終端裝置100通過Javascript的文件物件模型(document object model,DOM)來製作原始文件。In step S204, the functional webpage module 121 obtains the original file. The functional webpage module 121 receives a complete original file through the transceiver 130, or receives an input command generated by a user through an input device (such as a keyboard) to create an original file. The terminal device 100 creates an original document through a document object model (document object model, DOM) of Javascript.

在步驟S205中,功能網頁模組121通過收發器130接收對原始文件上的機密資料的標示操作,藉以產生刪減文件及其雜湊值、機密資料的密文、作者為機密資料設定的權限等級以及機密資料的索引。功能網頁模組121可儲存預定義的權限等級集合S = {1, 2, …, N}以作為設定權限等級的參考,其中N為正整數。In step S205, the functional webpage module 121 receives the operation of marking the confidential information on the original document through the transceiver 130, so as to generate the deleted document and its hash value, the ciphertext of the confidential information, and the authority level set by the author for the confidential information and an index of classified material. The functional webpage module 121 can store a predefined permission level set S = {1, 2, ..., N} as a reference for setting permission levels, where N is a positive integer.

圖3根據本發明的一實施例繪示對原始文件300進行標示的示意圖。具體來說,作者操作終端裝置100以對原始文件300中的部分資料執行標示操作,並從權限等級集合S選出一權限等級來為被標示的內容設定。如圖3所示,作者標示字串310和320,並將字串310和320的權限等級設為「1」。作者還標示圖像330,並將圖像330的權限等級設為「2」。字串310、字串320和圖像330即為作者所定義的機密資料。權限等級越高者可讀取的機密資料越多。以圖3為例,權限等級為「1」的讀者僅可讀取原始文件300中未被標示的部分,並可讀取字串310和字串320的內容,但不可讀取圖像330的內容。相對來說,權限等級為「2」的讀者可讀取原始文件300中包含字串310、字串320和圖像330的所有內容。FIG. 3 shows a schematic diagram of marking an original file 300 according to an embodiment of the present invention. Specifically, the author operates the terminal device 100 to mark part of the data in the original file 300 , and selects a permission level from the permission level set S to set for the marked content. As shown in FIG. 3, the author marks the strings 310 and 320, and sets the permission level of the strings 310 and 320 to "1". The author also marks the image 330 and sets the permission level of the image 330 to "2". The character string 310, the character string 320 and the image 330 are the confidential information defined by the author. The higher the authority level, the more confidential information can be read. Taking Figure 3 as an example, a reader with an authority level of "1" can only read the unmarked part of the original file 300, and can read the contents of the string 310 and the string 320, but cannot read the contents of the image 330. content. Relatively speaking, a reader whose authority level is “2” can read all the content in the original file 300 including the character string 310 , the character string 320 and the image 330 .

在完成對原始文件300的標示後,終端裝置100可將被標示的資料擷取出來以作為機密資料,並自原始文件300刪除機密資料以產生刪減文件。終端裝置100對刪減文件進行雜湊運算以產生刪減文件的雜湊值。另一方面,終端裝置100基於非對稱加密演算法以密碼學偽亂數生成器的技術產生包含公鑰和私鑰的金鑰對。終端裝置100將私鑰儲存在儲存媒體120中,並利用公鑰對機密資料進行Base編碼加密以產生密文,其中機密資料可包含但不限於UTF-8編碼文字或圖像。此外,終端裝置100為各個機密資料分配索引,其中刪減文件包含對應於索引的刪減區域。終端裝置100可將刪減文件及其雜湊值儲存在儲存媒體120中。After marking the original file 300, the terminal device 100 can extract the marked data as confidential data, and delete the confidential data from the original file 300 to generate a deleted file. The terminal device 100 performs a hash operation on the deleted file to generate a hash value of the deleted file. On the other hand, the terminal device 100 generates a key pair including a public key and a private key based on an asymmetric encryption algorithm using a cryptographic pseudo-random number generator technique. The terminal device 100 stores the private key in the storage medium 120, and uses the public key to perform Base encoding encryption on confidential data to generate ciphertext, wherein the confidential data may include but not limited to UTF-8 encoded text or images. In addition, the terminal device 100 assigns an index to each confidential material, wherein the deleted file includes a deleted area corresponding to the index. The terminal device 100 can store the deleted file and its hash value in the storage medium 120 .

圖4根據本發明的一實施例繪示刪減文件400的示意圖。參照圖3和圖4,終端裝置100將字串310、字串320和圖像330自原始文件300中擷取出來以作為機密資料。終端裝置100以遮蔽物取代字串310以產生刪減區域410,以遮蔽物取代字串320以產生刪減區域420,並以遮蔽物取代圖像330以產生刪減區域430。用來遮蔽字串的遮蔽物可以是黑色方塊,且用來遮蔽圖像的遮蔽物可以是與該圖像的大小相同的黑色圖塊。終端裝置100可對刪減文件400進行雜湊運算以取得刪減文件400的雜湊值。FIG. 4 is a schematic diagram of a deleted file 400 according to an embodiment of the present invention. Referring to FIG. 3 and FIG. 4 , the terminal device 100 extracts the character string 310 , the character string 320 and the image 330 from the original file 300 as confidential information. The terminal device 100 replaces the word string 310 with the mask to generate the deleted area 410 , replaces the word string 320 with the mask to generate the deleted area 420 , and replaces the image 330 with the mask to generate the deleted area 430 . The mask used to mask the word string may be a black square, and the mask used to mask the image may be a black block of the same size as the image. The terminal device 100 can perform a hash operation on the deleted file 400 to obtain a hash value of the deleted file 400 .

另一方面,終端裝置100利用非對稱加密演算法的公鑰對自原始文件300擷取出的機密資料進行加密以產生密文。終端裝置100可為各個機密資料(或各個刪減區域)分配索引。舉例來說,由於字串310為作者第一個標示的機密資料,故終端裝置100將字串310(或刪減區域410)的索引設為「1」。由於字串320為作者第二個標示的機密資料,故終端裝置100將字串320(或刪減區域420)的索引設為「2」。由於圖像330為作者第三個標示的機密資料,故終端裝置100將圖像330(或刪減區域430)的索引設為「3」。在完成機密資料的加密、權限等級設定和索引分配而產生刪減文件400後,功能網頁模組121透過Open API將刪減文件400自HTML格式轉換為符合ISO標準的PDF格式。On the other hand, the terminal device 100 uses the public key of the asymmetric encryption algorithm to encrypt the confidential data extracted from the original file 300 to generate ciphertext. The terminal device 100 can assign an index to each confidential data (or each deleted area). For example, since the character string 310 is the first confidential information marked by the author, the terminal device 100 sets the index of the character string 310 (or the deleted area 410 ) to “1”. Since the character string 320 is the second confidential information marked by the author, the terminal device 100 sets the index of the character string 320 (or the deleted area 420 ) to “2”. Since the image 330 is the third confidential information marked by the author, the terminal device 100 sets the index of the image 330 (or the deleted area 430 ) as “3”. After completing the encryption of the confidential data, setting the authority level and assigning the index to generate the deleted file 400, the functional webpage module 121 converts the deleted file 400 from the HTML format to the PDF format conforming to the ISO standard through the Open API.

在步驟S206中,功能網頁模組121將刪減文件400的雜湊值、機密資料的密文、機密資料的權限等級以及機密資料的索引等資訊傳送至雲端伺服器500儲存。刪減文件400、刪減文件400的雜湊值以及私鑰可被功能網頁模組121儲存在儲存媒體120中以保留在終端裝置100本地。在一實施例中,功能網頁模組121僅將刪減文件400和私鑰儲存在儲存媒體120中。當功能網頁模組121欲取得刪減文件400的雜湊值時,功能網頁模組121讀取儲存媒體120中的刪減文件400以對刪減文件400進行雜湊運算,從而產生刪減文件400的雜湊值。當自儲存媒體120讀取刪減文件400時,功能網頁模組121需檢查本地端路徑以避免路徑暴露(path manipulation)風險,防範攻擊者利用路徑存取受保護的系統資源(例如:刪減文件400)。In step S206 , the functional webpage module 121 transmits information such as the hash value of the deleted file 400 , the ciphertext of the confidential data, the permission level of the confidential data, and the index of the confidential data to the cloud server 500 for storage. The deleted file 400 , the hash value of the deleted file 400 and the private key can be stored in the storage medium 120 by the functional webpage module 121 to be kept locally in the terminal device 100 . In one embodiment, the functional webpage module 121 only stores the deleted file 400 and the private key in the storage medium 120 . When the functional webpage module 121 wants to obtain the hash value of the deleted file 400, the functional webpage module 121 reads the deleted file 400 in the storage medium 120 to perform a hash operation on the deleted file 400, thereby generating the hash value of the deleted file 400 hash value. When reading the deleted file 400 from the storage medium 120, the functional webpage module 121 needs to check the local path to avoid the risk of path manipulation and prevent attackers from using the path to access protected system resources (for example: delete file 400).

圖5根據本發明的一實施例繪示取得對應於權限等級的刪減文件400的信令圖。在本實施例中,假設終端裝置200已經根據與步驟S201和S202相似的方式完成對雲端伺服器500的註冊,並自雲端伺服器500取得功能網頁模組221。若讀者欲讀取刪減文件400中的刪減區域的機密資料,讀者可操作終端裝置200傳送用以要求讀取機密資料之授權的授權請求。具體來說,在步驟S501中,功能網頁模組221通過收發器230傳送授權請求至雲端伺服器500,以由雲端伺服器500將授權請求轉發至終端裝置100。FIG. 5 shows a signaling diagram for obtaining a pruned file 400 corresponding to a permission level according to an embodiment of the present invention. In this embodiment, it is assumed that the terminal device 200 has registered with the cloud server 500 in a manner similar to steps S201 and S202 , and has obtained the functional webpage module 221 from the cloud server 500 . If the reader wants to read the confidential information in the deleted area in the deleted file 400, the reader can operate the terminal device 200 to send an authorization request for authorization to read the confidential information. Specifically, in step S501 , the functional webpage module 221 sends an authorization request to the cloud server 500 through the transceiver 230 , so that the cloud server 500 forwards the authorization request to the terminal device 100 .

在步驟S502中,功能網頁模組121透過SSL連線傳送硬體雜湊值、刪減文件400的雜湊值以及UID至雲端伺服器500以進行登入。雲端伺服器500根據UID查詢儲存媒體520中的映射關係,藉以判斷來自終端裝置100的硬體雜湊值和刪減文件400的雜湊值是否合法。In step S502 , the functional webpage module 121 transmits the hardware hash value, the hash value of the deleted file 400 and the UID to the cloud server 500 through the SSL connection for login. The cloud server 500 queries the mapping relationship in the storage medium 520 according to the UID, so as to determine whether the hardware hash value from the terminal device 100 and the hash value of the deleted file 400 are legal.

若雲端伺服器500判斷來自終端裝置100的資料是合法的,在步驟S503中,雲端伺服器500將對應於終端裝置100的UID以及刪減文件400的雜湊值兩者之密文、權限等級和索引傳送至終端裝置100。雲端伺服器500還可進一步將刪減文件400的雜湊值回傳給終端裝置100。終端裝置100的功能網頁模組121根據刪減文件400的雜湊值判斷這些來自雲端伺服器500的資料是否與刪減文件400相對應。若來自雲端伺服器500的雜湊值與儲存媒體120中的刪減文件400的雜湊值匹配,則功能網頁模組121判斷來自雲端伺服器500的密文、權限等級和索引與刪減文件400相對應。If the cloud server 500 determines that the data from the terminal device 100 is legal, in step S503, the cloud server 500 sends the ciphertext corresponding to the UID of the terminal device 100 and the hash value of the deleted file 400, the authority level and The index is transmitted to the terminal device 100 . The cloud server 500 can further send back the hash value of the deleted file 400 to the terminal device 100 . The functional webpage module 121 of the terminal device 100 judges whether the data from the cloud server 500 corresponds to the deleted file 400 according to the hash value of the deleted file 400 . If the hash value from the cloud server 500 matches the hash value of the deleted file 400 in the storage medium 120, then the functional webpage module 121 judges that the ciphertext, authority level and index from the cloud server 500 are consistent with the deleted file 400 correspond.

在步驟S504中,功能網頁模組121根據與刪減文件400相對應的密文、權限等級和索引來還原刪減文件400中的特定刪減區域,以產生經還原的刪減文件。具體來說,功能網頁模組121通過收發器130接收用戶定義權限,其中用戶定義權限是由作者為持有終端裝置200的讀者所設定的閱讀權限。功能網頁模組121根據用戶定義權限以及刪減區域的權限等級判斷是否還原該刪減區域。舉例來說,若作者為持有終端裝置200的讀者所設定的閱讀權限為「1」(即:用戶定義權限設為「1」),功能網頁模組121可將權限等級小於或等於「1」的刪減區域還原。如圖4所示,功能網頁模組121將刪減區域410還原成字串310,並將刪減區域420還原成字串320。由於刪減區域430的權限等級高於用戶定義權限,故功能網頁模組121將不還原刪減區域430。也就是說,持有終端裝置200的讀者將無法閱讀圖像330的相關內容。In step S504 , the functional webpage module 121 restores a specific deleted area in the deleted file 400 according to the ciphertext, authority level and index corresponding to the deleted file 400 to generate a restored deleted file. Specifically, the function webpage module 121 receives the user-defined authority through the transceiver 130 , wherein the user-defined authority is the reading authority set by the author for the reader holding the terminal device 200 . The functional webpage module 121 determines whether to restore the deleted area according to the user-defined authority and the authority level of the deleted area. For example, if the author sets the reading permission for readers holding the terminal device 200 as "1" (that is, the user-defined permission is set to "1"), the functional webpage module 121 can set the permission level to be less than or equal to "1" "The deleted area is restored. As shown in FIG. 4 , the functional webpage module 121 restores the deleted area 410 to a word string 310 , and restores the deleted area 420 to a word string 320 . Since the authority level of the deleted area 430 is higher than the user-defined authority, the function webpage module 121 will not restore the deleted area 430 . That is to say, the reader holding the terminal device 200 will not be able to read the relevant content of the image 330 .

為了還原特定刪減區域,功能網頁模組121對與該特定刪減區域的索引相對應的密文進行解密以取得機密資料,並將機密資料填入該特定刪減區域以完成還原。功能網頁模組121可利用儲存媒體120中的私鑰對密文進行解密以取得Base編碼字串,再對Base編碼字串解碼以取得機密資料,其中機密資料例如包UTF-8編碼文字或圖像。舉例來說,由於刪減區域410對應於索引「1」,故功能網頁模組121可利用私鑰對與索引「1」相對應的密文進行解密以取得字串310。功能網頁模組121將字串310填入刪減區域410以完成刪減區域410的還原。In order to restore the specific deleted area, the functional webpage module 121 decrypts the ciphertext corresponding to the index of the specific deleted area to obtain the confidential information, and fills the confidential information into the specific deleted area to complete the restoration. The functional webpage module 121 can use the private key in the storage medium 120 to decrypt the ciphertext to obtain the Base coded string, and then decode the Base coded string to obtain confidential information, wherein the confidential information includes, for example, UTF-8 encoded text or images. picture. For example, since the pruned area 410 corresponds to the index “1”, the functional webpage module 121 can use the private key to decrypt the ciphertext corresponding to the index “1” to obtain the string 310 . The function webpage module 121 fills the character string 310 into the deleted area 410 to complete the restoration of the deleted area 410 .

在步驟S505中,功能網頁模組121通過收發器130以SSL連線傳送經還原的刪減文件至雲端伺服器500。在一實施例中,功能網頁模組121進一步傳送與經還原的刪減文件相對應的存取期限至雲端伺服器500。In step S505 , the functional webpage module 121 transmits the restored deleted file to the cloud server 500 through the transceiver 130 through the SSL connection. In one embodiment, the functional webpage module 121 further transmits the access period corresponding to the restored deleted file to the cloud server 500 .

若雲端伺服器500在存取期限內接收到來自終端裝置200的存取指令,在步驟S506中,雲端伺服器500以SSL連線傳送經還原的刪減文件給終端裝置200。持有終端裝置200的讀者可讀取經還原的刪減文件中的字串310和字串320,但無法讀取與刪減區域430相關聯的圖像330。If the cloud server 500 receives an access command from the terminal device 200 within the access period, in step S506 , the cloud server 500 sends the restored deleted file to the terminal device 200 through the SSL connection. The reader holding the terminal device 200 can read the word string 310 and the word string 320 in the restored deleted file, but cannot read the image 330 associated with the deleted area 430 .

圖6根據本發明的一實施例繪示一種電子文件的存取權限的管理方法的流程圖,其中所述管理方法可由如圖1所示的管理系統10實施。在步驟S601中,由雲端伺服器儲存第一刪減文件的雜湊值、機密資料的密文、對應於機密資料的權限等級以及對應於機密資料的索引,其中第一刪減文件包含對應於索引的刪減區域。在步驟S602中,由第一終端裝置儲存第一刪減文件,並且自雲端伺服器接收雜湊值、密文、權限等級以及索引。在步驟S603中,由第一終端裝置響應於雜湊值與第一刪減文件匹配而根據索引、權限等級和密文還原第一刪減文件的刪減區域,從而產生第二刪減文件。在步驟S604中,由第一終端裝置傳送第二刪減文件至雲端伺服器。FIG. 6 shows a flow chart of a method for managing access rights of electronic files according to an embodiment of the present invention, wherein the management method can be implemented by the management system 10 shown in FIG. 1 . In step S601, the cloud server stores the hash value of the first deleted file, the ciphertext of the confidential data, the authority level corresponding to the confidential data, and the index corresponding to the confidential data, wherein the first deleted file contains the index corresponding to the index the deleted area. In step S602, the first terminal device stores the first deleted file, and receives hash value, ciphertext, permission level and index from the cloud server. In step S603, the first terminal device restores the pruned area of the first pruned file according to the index, authority level and ciphertext in response to the hash value matching the first pruned file, thereby generating a second pruned file. In step S604, the first terminal device transmits the second deleted file to the cloud server.

綜上所述,為改善現有電子文件存取機制中無法有效管理讀者權限,本發明揭露一種電子文件的存取權限的管理方法,其中管理方法涵蓋電子文件產出流程與存取文件機密資料的方式。本發明的管理系統藉由位於網路端的雲端伺服器識別使用者(例如:電子文件的作者或讀者)所使用的終端裝置為雲端伺服器所認可。電子文件產出過程透過非對稱加密演算法生成一對金鑰,將數個限制存取的機密資料編碼後利用公鑰加密。密文記錄於雲端伺服器,私鑰則儲存於作者的終端裝置中。作者藉由設定權限等級將電子文件上被限制存取的部分以遮蔽物取代,產生出僅部份內容公開的刪減文件。刪減文件兼具傳播性及複製性。待拿到此刪減文件的讀者有存取機密資料需求時,雲端伺服器通知電子文件之作者。作者可決定此讀者的權限等級,並以私鑰解密密文以取得與權限等級相對應的機密資料。符合讀者之權限等級的資料可被分享於雲端,並加上存取期限,藉以達到電子文件之安全存取管理。To sum up, in order to improve the inability to effectively manage reader authority in the existing electronic document access mechanism, the present invention discloses a management method of electronic document access authority, wherein the management method covers the electronic document output process and access to document confidential information. Way. The management system of the present invention uses the cloud server at the network side to identify the terminal device used by the user (for example, the author or reader of the electronic document) as being recognized by the cloud server. The electronic document production process generates a pair of keys through an asymmetric encryption algorithm, encodes several confidential data with restricted access, and encrypts them with the public key. The ciphertext is recorded in the cloud server, and the private key is stored in the author's terminal device. By setting the permission level, the author replaces the part of the electronic document that is restricted from access with a mask, and produces a deleted document that only partially discloses the content. Deleted files are both disseminated and replicated. When the reader who gets the deleted file needs to access the confidential information, the cloud server will notify the author of the electronic file. The author can determine the authority level of the reader, and decrypt the ciphertext with the private key to obtain the confidential information corresponding to the authority level. Data that meets the reader's authority level can be shared in the cloud with an access period added to achieve secure access management of electronic documents.

本發明具有以下的特點和功效:針對存取設備,本發明在要求存取機密資料時先進行硬體設備驗證,避免機密資料被不合法或預期之外的第三方閱覽;針對資料安全,本發明以與原始內容相同大小的遮蔽物取代機密資料,並設置各資料權限等級,避免製作多份不同內容之電子文件;針對管理方式,本發明動態管理要求存取機密資料之硬體裝置的權限等級,確保請求調閱機密資訊的設備及存取時長為文件作者所同意。The present invention has the following features and effects: for access equipment, the present invention first performs hardware device verification when accessing confidential data is required, so as to prevent confidential data from being read by an illegal or unexpected third party; for data security, the present invention The invention replaces the confidential data with a cover of the same size as the original content, and sets the permission level of each data to avoid making multiple electronic files with different content; for the management method, the present invention dynamically manages the permission of the hardware device that requires access to the confidential data Level, to ensure that the equipment and access time for requesting access to confidential information are agreed by the author of the document.

10:管理系統 100、200:終端裝置 110、210、510:處理器 120、220、520:儲存媒體 121、221:功能網頁模組 130、230、530:收發器 300:原始文件 310、320:字串 330:圖像 400:刪減文件 410、420、430:刪減區域 500:雲端伺服器 S201、S202、S203、S204、S205、S206、S501、S502、S503、S504、S505、S506、S601、S602、S603、S604:步驟10: Management system 100, 200: terminal device 110, 210, 510: Processor 120, 220, 520: storage media 121, 221: Functional webpage module 130, 230, 530: Transceiver 300: Original file 310, 320: String 330: Image 400: delete file 410, 420, 430: deleted area 500: cloud server S201, S202, S203, S204, S205, S206, S501, S502, S503, S504, S505, S506, S601, S602, S603, S604: steps

圖1根據本發明的一實施例繪示一種電子文件的存取權限的管理系統的示意圖。 圖2根據本發明的一實施例繪示根據電子文件產生刪減文件的信令圖。 圖3根據本發明的一實施例繪示對原始文件進行標示的示意圖。 圖4根據本發明的一實施例繪示刪減文件的示意圖。 圖5根據本發明的一實施例繪示取得對應於權限等級的刪減文件的信令圖。 圖6根據本發明的一實施例繪示一種電子文件的存取權限的管理方法的流程圖。 FIG. 1 shows a schematic diagram of a management system for access rights of electronic files according to an embodiment of the present invention. FIG. 2 shows a signaling diagram for generating a deleted file from an electronic file according to an embodiment of the present invention. FIG. 3 shows a schematic diagram of marking an original file according to an embodiment of the present invention. FIG. 4 shows a schematic diagram of deleting a file according to an embodiment of the present invention. FIG. 5 shows a signaling diagram for obtaining a pruned file corresponding to a permission level according to an embodiment of the present invention. FIG. 6 is a flow chart of a method for managing access rights of electronic files according to an embodiment of the present invention.

S601、S602、S603、S604:步驟 S601, S602, S603, S604: steps

Claims (10)

一種電子文件的存取權限的管理系統,包括: 雲端伺服器,儲存第一刪減文件的雜湊值、機密資料的密文、對應於所述機密資料的權限等級以及對應於所述機密資料的索引,其中所述第一刪減文件包括對應於所述索引的刪減區域;以及 第一終端裝置,儲存所述第一刪減文件,並且通訊連接至所述雲端伺服器,其中 所述第一終端裝置自所述雲端伺服器接收所述雜湊值、所述密文、所述權限等級以及所述索引,其中 所述第一終端裝置響應於所述雜湊值與所述第一刪減文件匹配而根據所述索引、所述權限等級和所述密文還原所述第一刪減文件的所述刪減區域,從而產生第二刪減文件,其中 所述第一終端裝置傳送所述第二刪減文件至所述雲端伺服器。 A management system for access rights of electronic files, including: The cloud server stores the hash value of the first deleted file, the ciphertext of the confidential data, the authority level corresponding to the confidential data, and the index corresponding to the confidential data, wherein the first deleted file includes the the truncated region of the index; and The first terminal device stores the first deleted file and communicates with the cloud server, wherein The first terminal device receives the hash value, the ciphertext, the permission level and the index from the cloud server, wherein restoring, by the first terminal device, the pruned area of the first pruned file according to the index, the authority level, and the ciphertext in response to the hash value matching the first pruned file , resulting in a second pruned file in which The first terminal device transmits the second deleted file to the cloud server. 如請求項1所述的管理系統,更包括: 第二終端裝置,通訊連接至所述雲端伺服器,其中所述第二終端裝置傳送授權請求至所述雲端伺服器以自所述雲端伺服器取得所述第二刪減文件。 The management system as described in claim 1, further comprising: A second terminal device is communicatively connected to the cloud server, wherein the second terminal device sends an authorization request to the cloud server to obtain the second deleted file from the cloud server. 如請求項1所述的管理系統,其中 所述第一終端裝置接收對原始文件上的所述機密資料的標示操作以根據所述原始文件產生所述雜湊值、所述密文、所述權限等級以及所述索引,其中 所述第一終端裝置傳送所述雜湊值、所述密文、所述權限等級以及所述索引至所述雲端伺服器以供所述雲端伺服器儲存。 The management system as claimed in item 1, wherein The first terminal device receives an operation of marking the confidential information on the original file to generate the hash value, the ciphertext, the authority level, and the index according to the original file, wherein The first terminal device transmits the hash value, the ciphertext, the permission level and the index to the cloud server for storage by the cloud server. 如請求項3所述的管理系統,其中所述第一終端裝置根據公鑰加密所述機密資料以產生所述密文。The management system according to claim 3, wherein the first terminal device encrypts the confidential data according to a public key to generate the ciphertext. 如請求項1所述的管理系統,其中所述第一終端裝置接收用戶定義權限,並且根據所述用戶定義權限以及所述權限等級判斷是否還原所述刪減區域。The management system according to claim 1, wherein the first terminal device receives user-defined permissions, and judges whether to restore the deleted area according to the user-defined permissions and the permission level. 如請求項2所述的管理系統,其中所述第一終端裝置自所述雲端伺服器接收所述授權請求,並且響應於接收所述授權請求而傳送所述雜湊值至所述雲端伺服器,其中所述雲端伺服器響應於接收所述雜湊值而回傳所述雜湊值、所述密文、所述權限等級以及所述索引至所述第一終端裝置。The management system according to claim 2, wherein the first terminal device receives the authorization request from the cloud server, and transmits the hash value to the cloud server in response to receiving the authorization request, Wherein the cloud server returns the hash value, the ciphertext, the permission level and the index to the first terminal device in response to receiving the hash value. 如請求項1所述的管理系統,其中所述第一終端裝置自所述雲端伺服器接收用戶識別碼,根據所述第一終端裝置的硬體特徵值產生硬體雜湊值,並且傳送所述用戶識別碼和所述硬體雜湊值至所述雲端伺服器以進行註冊。The management system according to claim 1, wherein the first terminal device receives the user identification code from the cloud server, generates a hardware hash value according to the hardware characteristic value of the first terminal device, and transmits the The user identification code and the hardware hash value are registered to the cloud server. 如請求項7所述的管理系統,其中所述雲端伺服器響應於自所述第一終端裝置接收到所述用戶識別碼和所述硬體雜湊值而准許所述第一終端裝置與所述雲端伺服器進行通訊。The management system according to claim 7, wherein the cloud server permits the first terminal device to communicate with the The cloud server communicates. 如請求項2所述的管理系統,其中所述第一終端裝置傳送所述第二刪減文件的存取期限至所述雲端伺服器,其中所述雲端伺服器響應於在所述存取期限內接收到存取指令而傳送所述第二刪減文件至所述第二終端裝置。The management system according to claim 2, wherein the first terminal device transmits the access period of the second deleted file to the cloud server, wherein the cloud server responds to the receiving the access command and transmitting the second deleted file to the second terminal device. 一種電子文件的存取權限的管理方法,包括: 由雲端伺服器儲存第一刪減文件的雜湊值、機密資料的密文、對應於所述機密資料的權限等級以及對應於所述機密資料的索引,其中所述第一刪減文件包括對應於所述索引的刪減區域; 由第一終端裝置儲存所述第一刪減文件,並且自所述雲端伺服器接收所述雜湊值、所述密文、所述權限等級以及所述索引; 由所述第一終端裝置響應於所述雜湊值與所述第一刪減文件匹配而根據所述索引、所述權限等級和所述密文還原所述第一刪減文件的所述刪減區域,從而產生第二刪減文件;以及 由所述第一終端裝置傳送所述第二刪減文件至所述雲端伺服器。 A method for managing access rights of electronic files, comprising: The cloud server stores the hash value of the first deleted file, the ciphertext of the confidential data, the authority level corresponding to the confidential data, and the index corresponding to the confidential data, wherein the first deleted file includes the corresponding a truncated region of said index; storing the first deleted file by the first terminal device, and receiving the hash value, the ciphertext, the permission level and the index from the cloud server; Restoring, by the first terminal device, the pruning of the first pruned file based on the index, the authority level, and the ciphertext in response to the hash value matching the first pruned file region, thereby generating a second pruned file; and The first terminal device transmits the second deleted file to the cloud server.
TW111125816A 2022-07-08 2022-07-08 Management system and management method for access authorization of electronic document TWI805438B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
TW111125816A TWI805438B (en) 2022-07-08 2022-07-08 Management system and management method for access authorization of electronic document

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
TW111125816A TWI805438B (en) 2022-07-08 2022-07-08 Management system and management method for access authorization of electronic document

Publications (2)

Publication Number Publication Date
TWI805438B true TWI805438B (en) 2023-06-11
TW202403566A TW202403566A (en) 2024-01-16

Family

ID=87803027

Family Applications (1)

Application Number Title Priority Date Filing Date
TW111125816A TWI805438B (en) 2022-07-08 2022-07-08 Management system and management method for access authorization of electronic document

Country Status (1)

Country Link
TW (1) TWI805438B (en)

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TW200518544A (en) * 2003-10-10 2005-06-01 Univ Chang Gung Partition and recovery of a verifiable digital secret
TW200535746A (en) * 2005-07-22 2005-11-01 Univ Chang Gung A method for protecting information integrity
US7874013B2 (en) * 2006-04-10 2011-01-18 Sawteeth, Inc. Secure and granular index for information retrieval
TW201140369A (en) * 2009-12-22 2011-11-16 Tani Electronics Corp Information management system, information management method and apparatus, and encryption method and program
US20180102902A1 (en) * 2016-10-11 2018-04-12 BicDroid Inc. Methods, systems and computer program products for data protection by policing processes accessing encrypted data
CN108734026A (en) * 2018-05-25 2018-11-02 云易天成(北京)安全科技开发有限公司 Data leakage prevention method, system, terminal and medium

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TW200518544A (en) * 2003-10-10 2005-06-01 Univ Chang Gung Partition and recovery of a verifiable digital secret
TW200535746A (en) * 2005-07-22 2005-11-01 Univ Chang Gung A method for protecting information integrity
US7874013B2 (en) * 2006-04-10 2011-01-18 Sawteeth, Inc. Secure and granular index for information retrieval
TW201140369A (en) * 2009-12-22 2011-11-16 Tani Electronics Corp Information management system, information management method and apparatus, and encryption method and program
US20180102902A1 (en) * 2016-10-11 2018-04-12 BicDroid Inc. Methods, systems and computer program products for data protection by policing processes accessing encrypted data
CN108734026A (en) * 2018-05-25 2018-11-02 云易天成(北京)安全科技开发有限公司 Data leakage prevention method, system, terminal and medium

Also Published As

Publication number Publication date
TW202403566A (en) 2024-01-16

Similar Documents

Publication Publication Date Title
US9710659B2 (en) Methods and systems for enforcing, by a kernel driver, a usage restriction associated with encrypted data
RU2347266C2 (en) Method and device for reception and removal of information concerning objects of digital rights
JP4999751B2 (en) Data sharing techniques
TWI446208B (en) Information management system, information management method and apparatus, and encryption method and program
US20230259642A1 (en) System and method for securing electronic document execution and authentication
US8666065B2 (en) Real-time data encryption
US10803185B2 (en) Optically readable format of encrypted data
CN111079171A (en) Block chain-based medical data privacy protection method and storage medium
CN104036163B (en) Rights management in Distributed Scans system
TW201123807A (en) Verifiable trust for data through wrapper composition
Harran et al. A method for verifying integrity & authenticating digital media
TWI502397B (en) Document authority management system, terminal device, document authority management method, and computer-readable recording medium
CN113348455A (en) Apparatus and method for providing authentication, non-repudiation, managed access, and twin discrimination of data using data control signatures
JP2022520368A (en) Secure access to stored data files using tokens encoded as optical codes
KR20220039779A (en) Enhanced security encryption and decryption system
CN104036162B (en) A kind of scanning means
JP2004072290A (en) Method, program and device for managing certificate management environment
JP2004072151A (en) Terminal with file encryption function
TWI805438B (en) Management system and management method for access authorization of electronic document
JP2004213265A (en) Electronic document management device, document producer device, document viewer device, and electronic document management method and system
JP2023184382A (en) Encryption type multi-media information management method
CN106411888B (en) Signature document encryption device and method
KR20160059001A (en) Electronic Document Management System for Trade Secret based on Document Controll Module and Method thereof
Vatsaraj et al. Decentralized Document Holder Using Blockchain
JP2005328238A (en) Content providing system and method thereof