JP2000215165A - Method and device for information access control and record medium recording information access control program - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide the method and device for information access control which can easily change the access authority to be allowed to an accessing person in response to the change of situation of a transaction and also to provide a recording medium which records an information access control program. SOLUTION: An access ticket issuing means 1 issues the access tickets to every accessing person and these tickets prescribe the access authority to the target information for each of plural types and states. Receiving an access request from an accessing person, the means 1 reads the request and the access authority corresponding to the type and state of an inputted access ticket out of an access ticket authority information storing means 6 and decides to permit or not permit the access request based on the access authority. When a state transition request is received from the accessing person, the transition destination state is read out of a state transition information storing means 5 based on the type and state of the access ticket that is inputted together with the state transition request. Based on the transition destination state, the change of the access ticket is updated.

Description

DETAILED DESCRIPTION OF THE INVENTION

[0001]

BACKGROUND OF THE INVENTION The present invention relates to information access control method and apparatus for controlling access's access to access the target information to be protected resource, more particularly, unspecified number of users, such as the Internet recording an open information access control method users with in a distributed system is controlled to control access by the accessor is another user for the target information to be protected resource managed by itself and devices and information access control program to join on the recording medium.
In particular, the present invention is allowed to in response to a change in aspect of transactions against the same accessor for each purpose and role of the accessor like commerce on the Internet is changed according to the aspect of the transactions a recording medium storing information access control method and apparatus and information access control program controls access to the protected resource in a system having features such needs made different access privileges.

[0002]

In general, access control to protected resources (target information), the principal (access) who attempt to access, protected resources to be accessed, the access rights that are described by the set of access to the target information type It is performed based on the information. As a method for access control based on access right information, there are a method of access control based on access control list (ACL), and methods based on access rights (capability) is.

[0003] The former, for each individual target information list, arranged in pairs a type of access users and their access to which access is allowed for the target information (A
A method of controlling on the basis of the CL), searches the ACL for each access request is generated, determines whether to permit the access request. As a method of extension of this, there is a method of access control based on roles. In this method, when allowed by the same access privileges to a plurality of accessors, packs them accessor into units called roll, describing and managing access to each role.

On the other hand, the latter is a method of control using the data representing the access privileges to certain specific access to certain target information (Capability) capability which represents the access rights with the contents of the access request from the access business in the case that has been presented, to allow the access request. Such as by using an invalid list of capabilities, it is also possible to control the disable / enable of the outstanding capabilities. In the method according to this capability, each time the access request is generated, it is not necessary to search for ACL.

[0005]

As of [0007] anyone on the Internet can participate freely commerce, an unspecified number of access person is assumed, also the purpose and role of each access who is in accordance with the aspects of the transaction to change, even for the same access's in response to changes in the aspect of the transaction, in an environment with characteristics such needs made different access privileges to permit, in the conventional access control described above method, the following problems arise.

[0006] First, in the method of access control based on ACL or rolled, assign access privileges to access business, or role assignments and assignment of access rights to roles to access business are those fixed, It can not be changed in accordance with access rights to allow the same access person to change aspects of the transaction.

[0007] In addition, in the method of access control based on the capability, even for the same access person, every time the aspects of the transaction is changed, or issue, grant a capability in response to the new phase, also issued or granted of there is a need or to disable the capability.

[0008] Therefore, an increase in the issuance and granting processing costs capability issuance increase in the number of the access control side,
And the complexity of the control and management of the outstanding capabilities,
And at the access side, the processing cost of the problem increases for selectively using the capability management costs and appropriate capabilities of the increase in the number of capabilities that must be held may occur.

[0009] The present invention has been made in view of the above,
And has an object, a recording medium recording the information access control method and apparatus and information access control program can be easily changed in accordance with access rights allowed to the access user to change aspects of the transaction It is to.

[0010]

To achieve the above object, according to an aspect of the present invention is claimed in claim 1, an information access control method for controlling access of the access who access the target information is protected resources, You can take a plurality of states, an access ticket which defines access rights to the target information for each each of the plurality of state issued to each access user receives an access request from the access person, together with the request determines whether or not to permit the access request based on the access rights that are set corresponding to the state of the input access ticket, receiving a state transition request from the access person, it entered together with the request access determining a transition destination state based on the state of the ticket, to update the state of the access ticket in the determined target state It is the gist of.

[0011] In the present invention according to claim 1, an access ticket which defines access rights to the target information for each state issued to each access user, when receiving an access request, together with the request If determining whether or not to permit the access request based on the access rights that are defined for the state of the input access ticket, accepting a state transition request from the access's access input with the request determining a transition destination state based on the state of the ticket, to update the state of the access ticket in the target state, it can be easily changed in accordance with access rights allowed to the access user to change aspects of the transaction, it is possible to realize a flexible access control.

[0012] According to a second aspect of the invention, an information access control method for controlling access's access to access the target information to be protected resource, a plurality of types in accordance with the content of the access is provided together we are, in each type can take a plurality of states, an access ticket which defines access rights to the target information for each each of a plurality of states in each type issued to each access user, from accessor receiving an access request, based on the access rights that are set corresponding to the type and condition of the input access ticket is determined whether or not to permit the access request together with the request,
Receiving a state transition request from the access person, determines a target state based on the type and state of the access ticket entered with this request, the gist to update the state of the access ticket in the determined target state to.

[0013] In the present invention of claim 2, it issues an access ticket which defines access rights to the target information for each each of the plurality of states of a plurality of types to each access user, the access request when accepting, to determine whether or not to permit the access request based on the access rights that are defined for the type and condition of the access ticket and when receiving a state transition request, the type and state of the access ticket based on target state determined,
To update the state of the access ticket in the determined target state, the access rights to allow the access user can easily change in response to changes in the aspect of the transaction, it is possible to realize a flexible access control.

Furthermore, the present invention according to claim 3, claim 1
In the invention described, the process of updating the status of the access ticket, may be stored in the state transition information storage table a transition destination state where the state of the access ticket transitions corresponding to each state, wherein from accessor reads the transition destination state corresponding to the state of the input access ticket with a state transition request from the state transition information storage table, the gist to update the state of the access ticket in the transition destination state thus read out.

[0015] In the present invention described in claim 3, it may be stored a transition destination state for each state of the access ticket to the state transition information storage table, when entering a state transition request from the access person, the state transition information It reads the transition destination state corresponding the stored table to the state of the access ticket, and updates the state of the access ticket in the target state.

The invention of claim 4 is the invention of claim 2, wherein, the process of updating the status of the access ticket, each of a plurality of types of target state access ticket which each state of the access ticket transits corresponding to each of the plurality of states types of may be stored in the state transition information storage table, the transition destination state corresponding to the type and condition of the access ticket entered together with the state transition request from the access user state transition read from the information storage table, the gist to update the state of the access ticket in the transition destination state thus read out.

[0017] In the present invention according to claim 4, the transition destination state for each state of each type of access ticket may be stored in the state transition information storage table, when entering a state transition request from the access user access It reads the transition destination state corresponding to the type and condition of the ticket from the state transition information storage table, and updates the state of the access ticket in the target state.

[0018] According to a fifth aspect of the invention, claim 1
To the invention described in any one of 4, the process of updating the status of the access ticket, includes a state transition event to the state transition request from the access person, the state transition events are taken into account transition it is summarized as that determined above state.

[0019] In the present invention of claim 5, wherein is included a state transition event to the state transition request from the access person, it determines the transition destination state this state transition event be considered.

Furthermore, the invention described in claim 6, claim 1
Or the invention of the second aspect, and summarized in that access ticket input together with the request to verify valid or not.

[0021] In the present invention described in claim 6, the access ticket is input together with the request, such as a state transition request and the access request is verified whether valid or not.

The invention of claim 7 is the invention of claim 1, wherein, processing for determining whether or not to permit the access request, the access rights defined in correspondence with each state of the access ticket may be stored in the access ticket authority information storage table reads the access rights that are set corresponding to the state of the access ticket input together with the access request from the access ticket authority information storage table, the access rights readout It based the gist to determine whether or not to permit the access request.

[0023] In the present invention according to claim 7, it may be stored access rights for each state of the access ticket in the access ticket authority information storage table, when the access request corresponds to the state of the access ticket access read permissions from the access ticket authority information storage table, and determines whether to permit the access request based on the access rights.

Further, the invention according to claim 8, claim 2
Or the fourth invention described, the access request determines whether to permit the access ticket of the plurality of kinds of a plurality of states each corresponding to defined the access rights to access ticket authority information storage table It may be stored in the read access ticket input together with the access request type and access rights that are set corresponding to the state from the access ticket authority information storage table, the access based on the access rights readout and summarized in that determining whether to allow the request.

[0025] In the present invention according to claim 8, it may be stored access rights that correspond to each of a plurality of types of the plurality of states of access ticket to the access ticket authority information storage table, when the access request, the access read access privileges for the type and condition of the ticket from the access ticket authority information storage table, and determines whether to permit the access request based on the access rights.

Furthermore, the present invention according to claim 9 is an information access control apparatus that controls access's access to access the target information to be protected resource can take several states, the plurality of the access ticket issuing means state for each access ticket which defines access rights to the target information issued to the accessor, receives an access request from the access's access ticket entered with the request and determining the access rights determination means whether or not to permit the access request based on the access rights that are set corresponding to the state, receiving a state transition request from the access's access ticket inputted with this request a transition destination state is determined based on the state, the access ticket in the determined target state And summarized in that and a state updating means for updating the bets state.

[0027] In the present invention of claim 9, the access ticket which defines access rights to the target information for each state issued to each access user, when receiving an access request, together with the request If determining whether or not to permit the access request based on the access rights that are defined for the state of the input access ticket, accepting a state transition request from the access's access input with the request determining a transition destination state based on the state of the ticket, to update the state of the access ticket in the target state, it can be easily changed in accordance with access rights allowed to the access user to change aspects of the transaction, it is possible to realize a flexible access control.

The invention of claim 10 wherein is an information access control apparatus that controls access's access to access the target information to be protected resource, a plurality of types in accordance with the contents of the access are provided You can take a plurality of states in each type, and an access ticket issuing means for issuing an access ticket which defines access rights to the target information for each each of the plurality of states to each access user in each type, access receiving an access request from the user, and determines the access permission judging means whether or not to permit the access request based on the access authority in correspondence with the type and state of the input access ticket is specified with the request accepts a state transition request from the access person, it entered together with the request Accession Based on the type and condition of the scan ticket to determine the target state, and summarized in that and a state updating means for updating the state of the access ticket in the determined target state.

[0029] In the present invention according to claim 10, issues an access ticket which defines access rights to the target information for each each of the plurality of states of a plurality of types to each access user, the access request when accepting, to determine whether or not to permit the access request based on the access rights that are defined for the type and condition of the access ticket and when receiving a state transition request, the type and state of the access ticket based on target state determined, to update the state of the access ticket in the determined target state can be easily changed in accordance with access rights allowed to the access user to change aspects of the transaction, flexible it is possible to realize access control.

Further, the invention of claim 11, in the invention of claim 9, wherein the state updating means stores in response to each state transition destination state where the state of the access ticket transits and a state transition information storage means, reads out the target state corresponding to the state of the input access ticket together with the state transition request from the access person from the state transition information storage means, the access ticket in the transition destination state of readout state and summarized in that a means for updating the.

[0031] In the present invention according to claim 11, may be stored a transition destination state for each state of the access ticket to the state transition information storage means, when entering a state transition request from the access person, the state transition information It reads the transition destination state corresponding from the storage means to the state of the access ticket, and updates the state of the access ticket in the target state.

Furthermore, the present invention is claimed in claim 12, in the invention of claim 10, wherein the state updating means, a plurality of types of each type of transition destination state access ticket which each state of the access ticket transits and a state transition information storage means for storing in correspondence with each of a plurality of states, accessor from the state transition information storage means a transition destination state corresponding to the type and condition of the access ticket entered together with the state transition request read from, and summarized in that a means for updating the state of the access ticket in the transition destination state thus read out.

[0033] In the present invention according to claim 12, a transition destination state for each state of each type of access ticket may be stored in the state transition information storage means, when entering a state transition request from the access user access It reads the transition destination state corresponding to the type and condition of the ticket from the state transition information storage means, and updates the state of the access ticket in the target state.

The invention of claim 13, wherein the considered in the invention of any one of claims 9 to 12, wherein the state updating means may transition events contained in the state change request from the access's and summarized in that comprises means for determining the transition destination state is.

[0035] In the present invention of claim 13, wherein is included a state transition event to the state transition request from the access person, it determines the transition destination state this state transition event be considered.

Further, the present invention is claimed in claim 14, in the invention of claim 9 or 10, wherein the subject matter that has access ticket verifying means for access ticket input together with the request to verify valid or not to.

[0037] In the present invention according to claim 14, the access ticket is input together with the request, such as a state transition request and the access request is verified whether valid or not.

[0038] Further, the present invention is recited in claim 15, in the invention of claim 9, wherein said access authorization determining unit,
Storing access rights defined in correspondence with each state of the access ticket and access ticket authority information storage unit is, the access rights that are set corresponding to the state of the access ticket input together with the access request the read from the access ticket authority information storage means,
This based on the access rights read and summarized in that a means determining whether or not to permit the access request.

[0039] In the present invention according to claim 15, may be stored access rights for each state of the access ticket in the access ticket authorization information storing means, when the access request, the access corresponding to the state of the access ticket read permission from the access ticket authority information storage means,
It is determined whether to permit the access request based on the access rights.

The invention of claim 16 is stored in the invention of claim 10, wherein said access authorization determining unit, the access authority is defined corresponding to each of a plurality of types of the plurality of states of the access ticket to the access ticket authority information storage unit that, the read access ticket input together with the access request type and access rights that are set corresponding to the state from the access ticket authority information storage means, access rights readout and summarized in that a means determining whether or not to permit the access request based on.

[0041] In the present invention according to claim 16, may be stored access rights that correspond to each of a plurality of types of the plurality of states of access ticket to the access ticket authorization information storing means, when the access request, the access read access privileges for the type and condition of the ticket from the access ticket authority information storage unit, and determines whether to permit the access request based on the access rights.

Further, the invention of claim 17, a recording medium recording the information access control program for controlling the access's access to access the target information is protected resources, taking a plurality of states It can be, in this multi-state per each access ticket which defines access rights to the target information issued to each access user receives an access request from the access's access ticket entered with the request corresponds to the state based on the access rights that are defined to determine whether to permit the access request, receiving a state transition request from the access person, based on the state of the access ticket entered with the request determining a transition destination state, and updates the state of the access ticket in the determined target state information a And summarized in that to record the processes control program in a recording medium.

[0043] In the present invention according to claim 17, an access ticket which defines access rights to the target information for each state issued to each access user, when receiving an access request, together with the request If determining whether or not to permit the access request based on the access rights that are defined for the state of the input access ticket, accepting a state transition request from the access's access input with the request determining a transition destination state based on the state of the ticket, because it records information access control program to update the status of the access ticket in the transition destination state to a recording medium, by using the recording medium, the distribution of it is possible to increase.

[0044] Further, the present invention according to claim 18 is a recording medium recording the information access control program for controlling the access's access to access the target information to be protected resource, in accordance with the contents of the access a plurality of types are provided, each type can have a plurality of states, to issue an access ticket that defines the access rights to the target information for each each of the plurality of states to each access user in each class It receives an access request from the access user based on the access rights that are set corresponding to the type and condition of the input access ticket is determined whether or not to permit the access request together with the request, accessor receiving a state transition request from the type of the access ticket entered with this request Oyo A transition destination state is determined based on the state, and summarized in that recording information access control program to update the status of the access ticket in the determined target state on a recording medium.

[0045] In the present invention according to claim 18, issues an access ticket which defines access rights to the target information for each each of the plurality of states of a plurality of types to each access user, the access request when accepting, to determine whether or not to permit the access request based on the access rights that are defined for the type and condition of the access ticket and when receiving a state transition request, the type and state of the access ticket based on target state determined, since the recording information access control program to update the status of the access ticket in the determined target state on a recording medium by using the recording medium, to increase its flow properties can.

[0046] The present invention of claim 19, wherein, in the invention of claim 17, processing for updating the status of the access ticket, a transition destination state where each state of the access ticket transitions in correspondence with each state condition may be stored in the transition information storage table, reads a target state corresponding to the state of the input access ticket together with the state transition request from the access person from the state transition information storage table,
And summarized in that for recording the information access control program to update the status of the access ticket in the readout target state on a recording medium.

[0047] In the present invention according to claim 19, may be stored a transition destination state for each state of the access ticket to the state transition information storage table, when entering a state transition request from the access person, the state transition information reads the transition destination state corresponding the stored table to the state of the access ticket, since the recording information access control program to update the status of the access ticket in the transition destination state to a recording medium, by using the recording medium, the it is possible to improve the distribution of.

[0048] Further, the present invention is claimed in claim 20, in the invention of claim 18, processing for updating the status of the access ticket, the type of access target state access ticket each state transition of the ticket of corresponding to each of the plurality of states of a plurality of types may be stored in the state transition information storage table, the transition destination state corresponding to the type and condition of the access ticket entered together with the state transition request from the access person the read from the state transition information storage table, and summarized in that recording information access control program to update the status of the access ticket in the transition destination state thus read out on a recording medium.

[0049] In the present invention according to claim 20, a transition destination state for each state of each type of access ticket may be stored in the state transition information storage table, when entering a state transition request from the access user access It reads the transition destination state corresponding to the type and condition of the ticket from the state transition information storage table, since the recording information access control program to update the status of the access ticket in the transition destination state to a recording medium, the recording medium using, it is possible to enhance the flow properties.

[0050] Further, the present invention according to claim 21 is the invention according to any one of claims 17 to 20, processing for updating the status of the access ticket, the state transitions to the state transition request from the access's Events are included, and summarized in that recording information access control program which determines the transition destination state also considering the state transition event recording medium.

[0051] In the present invention according to claim 21, includes a state transition event to the state transition request from the access user, information access which determines the target state in this state transition event be considered due to the recording control program in a recording medium, by using the recording medium, it is possible to enhance the flow properties.

[0052] The present invention of claim 22 is the invention of claim 17 or 18, wherein the recording the information access control program access ticket input together with the request to verify valid or not on the recording medium the gist.

[0053] In the present invention according to claim 22, records the information access control program access ticket input together with the request, such as a state transition request and the access request is verified whether valid or not on the recording medium and for that, by using the recording medium, it is possible to enhance the flow properties.

[0054] Further, the present invention is recited in claim 23, the access in the invention of claim 17, determines whether to permit the access request, which is defined in correspondence with each state of the access ticket be stored permissions to access ticket authority information storage table reads the access rights that are set corresponding to the state of the access ticket input together with the access request from the access ticket authority information storage table, the read-out access and summarized in that the recording medium determining information access control program whether or not to permit the access request based on the authority.

[0055] In the present invention of claim 23, may be stored access rights for each state of the access ticket in the access ticket authority information storage table, when the access request, the access corresponding to the state of the access ticket read permissions from the access ticket authority information storage table, since the recording medium information access control program determines whether or not to permit an access request based on the access authorization, by using the recording medium , it is possible to enhance the flow properties.

[0056] Further, the present invention is recited in claim 24, in the invention of claim 18, it determines whether to permit the access request to each of the plurality of states of a plurality of types of access ticket be stored access rights defined correspondingly to the access ticket authority information storage table, the access request with the access ticket authority information access rights that are set corresponding to the type and condition of the access ticket input read from the storage table, and summarized in that the determining information access control program whether or not to permit the access request is recorded on the recording medium based on the access rights thus read out.

[0057] In the present invention according to claim 24, may be stored access rights that correspond to each of the plurality of states of a plurality of types of access ticket to the access ticket authority information storage table, when the access request, the access read access privileges for the type and condition of the ticket from the access ticket authority information storage table, the information access control program determines whether or not to permit an access request based on the access rights recorded on a recording medium because you are using the recording medium, it is possible to enhance the flow properties.

[0058]

BEST MODE FOR CARRYING OUT THE INVENTION Hereinafter, embodiments of the present invention are described with reference to the drawings. Figure 1 is a block diagram showing the structure of the information access control device for implementing the information access control method according to an embodiment of the present invention.

[0059] In the present embodiment, the in between the terminal of the terminal and the user B of the user A connected to the network, respectively, to the information of the user B owns stored in the terminal of the user B (target information), described for the case of access control by the access control system according to the present invention provided with the access by the user a to the terminal of the user B.

[0060] In this embodiment, World Wide user A, a means for transferring information on the user B Network
By using the Web (WWW) and e-mail, etc., to assume that perform the buying and selling of goods on the network, the seller user A, in accordance with the progress of the sales transactions, stored in the terminal of the purchaser user B It describes access control for accessing the like such as information the address and name of the user B who is.

[0061] information access control device shown in FIG. 1 will be described. In Figure 1, 1 is an access ticket issuing means for issuing an access ticket, 2 is determined access authorization determining unit whether to permit access request, the access ticket to verify whether the access ticket is valid 3 a verification means, 4 is a state transition means for executing the state transitions of the access ticket.
5 is a state transition information storage means for storing the state transition information 105 that describes how the states and transitions of an access ticket, 6 access ticket authority information 106 that describes the access rights for each state of the access ticket It is an access ticket authority information storage means for storing, 7
Is a valid access ticket information storage means for storing a valid access ticket information 107 which is information on valid access ticket 8 is a target information storage means for storing the target information 108.

[0062] In addition, 9 is an interactive terminal of the user B having an access control system, the 10 DES (Data Enc
ryption Standard) is a symmetric encryption scheme access ticket generating verification key storing means for storing the access ticket generation verification key k110 used for generation and verification of the access ticket a common key by such as 11 generates and access ticket an access ticket generation verification auxiliary data storage means for storing the access ticket generation verification auxiliary data d111 used supplementarily verification, 1
2 is a terminal of access who user A makes access to the target information 108, 13 is a communication network connecting such terminals 12 of the target information owner of the terminal 9 and accessor, 14 access control according to the present invention a program for the procedure is described in, 15 is a CPU having a function of performing processing based on the program 14.

[0063] Also, FIG. 2 shows the registered contents at the time that a valid access ticket information 107 stored in the valid access ticket information storage means 7 in FIG. 1, for each valid access ticket, the access ticket and access ticket ID that uniquely identifies the access ticket type, holds the state at that time.

[0064] Figure 3 shows the contents of the state transition information 105 stored in the state transition information storage means 5 in FIG. 1, for each type of access ticket, state 311 can take the initial state 312, the state transition rule 313, the final state 314 is described. Also, each state transition rule transition source state 321,
State transition event name 322, and a transition destination state 323.

[0065] Figure 4, the access ticket authority information 10 stored in the access ticket authorization information storing means 6 in FIG. 1
Shows the 6 content of, for each type of access ticket,
Access authority corresponding to each possible states is described. Each access is composed of an identifier and a set of access type for that of the target information.

[0066] Figure 5, in Figure 1 the target information storage means 8
It shows the contents of the target information 108 stored in, and a hierarchical item 501, the information (value) 502 corresponding to each item.

Next, the operation of the information access control device of the present embodiment configured as described above. In this description, the user B is previously accessed describing the state transition information 105 and the access ticket authority information 106 for each type of ticket, each state transition information storage unit 5 and the access ticket authority is the owner of the access ticket information and those stored in the information storage means 6.
The state transition information 105 and the access ticket authority information 106, respectively Figure 3, assumed to be defined as shown in FIG.

[0068] First, with reference to the flowchart shown in FIG. 6 for the issuance of the access ticket.

[0069] In this embodiment, the user B of the target information owner, prior to access by the user A of the accessor, to provide access ticket and the corresponding appropriate access should allow the user A, appropriate access ticket specify the type, order the generation of the access ticket to the access control system.

[0070] This is, for example, is carried out in such as when the user B has visited the website (e-shop) is a virtual shop on the WWW to open the user A.

In accordance with the present invention, the access control system is instructed to generate the access ticket using the access ticket issuing means 1, to generate an access ticket with the specified type in the new outputs.

[0072] In the access ticket issuing procedure shown in FIG. 6, first, in step S602, to get the type1 type of the specified access ticket, pays out a new and unique access ticket IDid1 in step S603.

[0073] Here, as a method for generating and dispensing of the access ticket ID in order to facilitate the search of the access ticket ID, and as only a small an area for storing the access ticket ID, the data size of the access ticket ID it is necessary to those small as possible. Therefore, in the present embodiment, as a method for generating and dispensing of the access ticket ID in step S603, it employs a method of paying out contiguous integer values ​​from 0 (zero).

[0074] Then, step S604, step S6
05, access ticket generation verification auxiliary data d111
If, acquires the access ticket generated verification key k110,
Step S606 in (access ticket IDid1, access ticket generation search auxiliary data d111) encrypted by comprising format data keys K110, which a new access ticket t1.

[0075] Then, in step S607, the from the state transition information 105, obtains the state transition information si1 corresponding to the access ticket type type1, step S608
In, to get the initial state s1 from si1.

[0076] Then, in step S609, the access ticket type type1, with the initial state s1, the access ticket IDid1, after registering to enable access ticket information 107, in step S610, the outputs of the same access ticket t1. The structure of the output access ticket shown in FIG. 13.

[0077] Here, a state state transition information 105 shown in FIG. 3, also, as the type of the generated access ticket, "purchase transaction 1" is specified, also, step S6
As a new access ticket ID in the 03, 00
When 04 is paid out, by the above procedure, based on the contents of the state transition information 105 shown in FIG. 3, "purchase transaction 1" was and its type, the access ticket t2 to the its state "browsing" is generated , the information is registered to enable access ticket information 107.

[0078] Here, t2 is, the access ticket ID0004 paid out, the access ticket generation verification auxiliary data d111 (access ticket ID0004, access ticket generation verification auxiliary data d111) access ticket generated verification key things that was in the form of it is those that were encrypted with k110.

[0079] The manner in which the access ticket t2 is registered in the valid access ticket information 107 shown in FIG. 12.

[0080] In this way, the access ticket t2 is issued, the user B, SSL (Secure Socket La
yer) on establishing a secure communication path between the user A and the like, and transmits the same access ticket.

[0081] Next, the access request processing, the access ticket verification processing, 8, 9 for the access rights determination process will be described with reference to the flowchart of FIG.

[0082] In this embodiment, user A is the access user, when accessing the user B information (target information), and the access request indicating the contents of the access, the access which has been previously obtained from the user B to the access control system and a ticket via a secure channel.

[0083] The access request processing procedure in the access control system will be described in detail with reference to FIG.

[0084] First of all, step S802, step S80
3, and acquires the received access request req1 and the access ticket t1 respectively. Then, step S80
4, it is determined whether the access ticket t1 is enabled using the access ticket verifying unit 3.

[0085] will be described in more detail with reference to FIG. 7 this access ticket verification procedure.

[0086] First, in step S702, to get the access ticket t1, to get the access ticket generated verification key k110 in step S703. Next, step S
In 704, it attempts to decrypt by k110 respect t1,
If it fails, it is determined to be invalid the same access ticket t1 (step S709).

[0087] If it can be decoded, and the resulting data and m1 (step S705), step S706
In gaining access ticket generation verification assist data d111, in step S707, m1 = (access ticket I
Did1, access ticket generation verification auxiliary data d11
1) made access ticket ID Check to make sure that is registered to enable access ticket information 107. If it is not registered, determines that the disable access ticket t1 (step S709). If it is registered, determines the access ticket IDid1 temporarily (until the access request processing procedure is completed) and stored as an access ticket ID of the access ticket t1, and enable access ticket t1 (step S 708).

[0088] If the access ticket t1 by the access ticket verification procedure is determined to be invalid, the access control system rejects the access request req1, terminates the process for this. If it is determined to be valid, judges whether or not to reject the access request req1 using the access permission judging unit 2 (Step S80
5).

[0089] To illustrate this procedure with reference to FIG. 9 in more detail.

[0090] First of all, step S902, step S90
3, respectively acquire an access request req1 and the access ticket t1, in step S904, the from the valid access ticket information 107, an access ticket type type1 corresponding to the access ticket t1, obtains the state s1 of the access ticket t1 at that time in step S905, the access ticket authority information corresponding from the access ticket authority information 106 of the type type1 ri1
Acquires, at step S906, the access ticket authority information ri1, to obtain access R1 corresponding to the state s1 of the access ticket t1, which, at that time, to determine the access rights corresponding to the access ticket t1.

[0091] Then, in step S907, the access authority R1 inspects whether to include access contents indicated by the access request req1. If not included, the access authority R1 is invalid for access request req1, and disallows the access request req1 (step S909). If included, it is determined that authorization (step S908).

[0092] If the access request req1 by the access authorization determining unit 2 is determined to be not permitted, the access control system rejects the same access request req1, terminates the process for this. If it is determined to be valid, at step S806, to process the contents of the access request req1, transmitted over a secure channel that responds to user A.

[0093] Here, in the present embodiment, the user A
But the access control system of the terminal 9 of the user B, and an access request req2 called "reference age", sent with the access ticket t2 which had been previously obtained.

[0094] Also, the registered contents of the valid access ticket information 107 at this time is as shown in FIG. 12, the contents of the access ticket authority information 106 to be as shown in FIG.

[0095] First of all, access control system, access request req2 (= "Age: see") and acquires the access ticket t2 (step S802, step S80
3), whether the access ticket t2 is enabled, it determines using the access ticket verification unit 103 (step S8
04).

[0096] In the access ticket verification means 3, by the above procedure (step S701~ step S708),
Access ticket t2, the access ticket ID000
4 is determined to be valid access ticket with.

[0097] Since the access ticket t2 is determined to be valid, then, using the access permission judging unit 2 determines whether to allow access request req2 (step S805).

[0098] In the access permission judging unit 2, as described above procedure, the access request req2 and the access ticket t2
Get the door (step S902, step S903),
From the registration contents of the effective access ticket information 107 shown in FIG. 12, the type of "purchase transaction 1" of t2, the state "browsing"
To get (step S904).

[0099] Next, from the access ticket authority information 106 shown in FIG. 4, to obtain the access ticket authority information corresponding to the type "purchase transaction 1" of the access ticket t2 (step S905), from now on, the state "browsing" corresponding access rights acquired (Fig. 4) 401, determines this as the access rights corresponding to the access ticket t2 (step S906).

[0100] Then, the same access privileges 401, the contents of the access request req2 "Age: reference" because it includes a,
Would be effective against the access request req2,
Verdict of authorization to the access request req2 (step S
907, step S908).

[0101] Since the access request req2 is determined to be permitted, the last to handle this content. That is, the user B
Age is read from the target information 108 is sent back through the secure channel to the user A (step S8
06).

[0102] Next, FIG. 10 state transition will be described with reference to a flowchart of FIG. 11.

[0103] In this embodiment, the access person of the user A,
Or, the user B of the target information owner, with a change in phase of both transaction, updates the state of the access ticket granted to user A, corresponding to change the access rights to the access ticket and status transmitted via a secure channel a state transition request specifying a transition event name to the access control system.

[0104] The state transition request processing procedure in the access control system will be described in detail with reference to FIG. 10.

[0105] access control system, first step S
1002, in step S1003, the state transition request sreq1 received, obtains the state transition event name e1 and access ticket t1 respectively. Then, in step S1004, the whether the access ticket t1 is enabled, using the access ticket verification unit 103 judges. This procedure is omitted because it is as already described.

[0106] If the access ticket t1 is determined to be invalid by the access ticket verification procedure, the access control system rejects the state transition request SREQ1, terminates the process for this. If it is determined to be valid,
You input the above event names e1 and access ticket t1 to the state transition implementation unit 4 to execute the state transition implementation procedure (step S1005).

[0107] will be described in more detail with reference to FIG. 11 of this procedure.

[0108] In the state transition implementation means 4, step S11
02, in step S1103, the state transition event name e
1 and an access ticket t1 respectively acquired, in step S1104, the effective access ticket information 107, corresponding to the access ticket t1 type type1
If, state s1 of the access ticket t1 at that point in time
It acquires, at step S115, the state transition information 105, obtains the state transition information si1 corresponding to the access ticket type type1.

[0109] Next, in step S1106, the state s1 and source state, the state transition rule to transition event an event name e1 is examined for the presence of the state transition information si1. If not present, and ends the state transition implementation procedures for the state transition request SREQ1. In this case, the change of state of the access ticket t1 is not performed at all.

[0110] if present the state transition rule, obtains it as the state transition rule rule1 (step S
1107).

[0111] Then, in step S1108, it updates the state of the access ticket t1 held enabled access ticket information 107, the target state s2 specified in the state transition rule rule1.

[0112] Further, in step S1109, the state s2 after the transition of the access ticket t1 is, the state transition information si1
To check whether is defined as the final state in the. If if it is defined as the final state, to remove all items relating to access ticket t1 from a valid access ticket information 107 to disable the access ticket (step S1110), and ends the state transition implementation procedures. e1 unless defined as final state, as it ends the state transition implementation procedures.

[0113] Here, in the present embodiment, the user B
But, do the application of purchase to the user A, in accordance with this, and the event name that the user A is, "buy",
The state transition request sreq2 consisting access ticket t2 which had been obtained in advance, and transmits to the access control system of the terminal 9 of the user B.

[0114] The contents of effective access ticket information 107 at this time is as shown in FIG. 12, the contents of the state transition information 105 is assumed to be as shown in FIG.

[0115] First of all, access control system, and the acquired event entitled "buy" and an access ticket t2 (step S1002, step S1003), whether or not the access ticket t2 is valid, it is determined using the access ticket verification means 3 (step S1004).

[0116] At access ticket verifying unit 3, the procedure (step S701~ step S708) mentioned previously, the access ticket t2, the access ticket ID0
It is determined that the valid access ticket with a 004.

[0117] Then, enter an access ticket t2 and the event name "buy" to the state transition implementation unit 4 to execute the state transition implementation procedure (step S1005).

[0118] In the state transition implementation unit 4, as described above procedure, an event name "purchase" acquires the access ticket t2 (step S1102, step S1103),
From the registration contents of the effective access ticket information 107 shown in FIG. 12, the type of "purchase transaction 1" of t2, the state "browsing"
To get (step S1104).

[0119] Next, the state transition information 105 shown in FIG. 3, reads the state transition information corresponding to the type of an access ticket t2 "purchase transaction 1" (step S1105),
Now, state "browsing" as a transition source state, state transition rules for the event "purchase" and the transition event (FIG. 3)
Get the 301 (step S1106, step S11
07), the state of the access ticket t2 held enabled access ticket information 107, the state transition rule 3
Transition destination state is specified in the 01 is updated to "in order" (step S1108).

[0120] In addition, "in order" state after transition of the access ticket t2 is inspected whether it is defined as the final state (step S1109). The state, because it is not defined as a final state, ends the state transition implementation procedures.

[0121] Access rights corresponding to the state "during the ordering" access ticket t2 at this point, the access ticket authority information 106 shown in FIG. 4, the access authority 4
02 next, when described for earlier access request processing procedure, it can be seen that is different from the access right (in FIG. 4) 401 corresponds to the access ticket t2.

[0122] Thus, from altering the state of the access ticket by a state transition request, the access to the same access ticket can be easily changed. That is, without having to re-issue and re-grant access ticket access privileges to allow for the same access person, can be easily changed.

[0123] As described above, in the present embodiment, by issuing an access authorization determining auxiliary data that associates different access rights for each of a plurality of states (access ticket) to grant access person, on trading aspects of maintained by changing the state of the access ticket based on the state transition events are sent in response to changes in response to changes in the aspect of the transaction, the access authority corresponding to the access ticket, i.e., the same access ticket to change the access rights allowed for access who.

[0124] Therefore, in the case of using the capability, for example it was necessary issued imparting multiple capabilities for each phase even for the same access's same transaction, according to the present invention, the access ticket issuance and grant of only once. Therefore, the cost of these issue-grant is greatly reduced.

[0125] Similarly, in the case of using a capability, it was necessary to control and manage the validity / invalidity of the plurality of capability given to each aspect, according to the present invention,
Since the control and management of the state of one of the access ticket,
Complexity of their control and management is reduced.

[0126] Similarly, in the case of using a capability, the access person holds a plurality of capabilities given to each aspect, also had to be used according to the aspect, according to the present invention , access user holds one of the access ticket, so may be used which,
Cost of their management and utilization is greatly reduced.

[0127] In the above embodiment, as the method of generating the access ticket for the data that combines fixed data in the access ticket ID (access ticket generation verification auxiliary data d111), access those subjected to encryption by a secret key While taking a method for using a ticket (method a), starting This is advantageous in the following points.

[0128] First, prospects as, in order to save search efficiency and storage area, the data size of the access ticket ID must sufficiently small, such a case, a method to directly access ticket access ticket ID (METHOD B1), or a method of an access ticket by adding fixed data to the access ticket ID (mETHOD B
In 2), awe increases another access ticket ID from one access ticket ID is analogy. That is, from a certain access ticket, another access ticket is inferred, awe rises be forged.

[0129] In contrast, in the method A, even data size of the access ticket ID is small, if Hodokose encrypted by adding an access ticket generation verification auxiliary data d111 of sufficient length, from one access ticket Other it becomes difficult to analogize the access ticket.

[0130] In the above embodiment, as an access ticket generation verification key K110, but using a common key according to a symmetric encryption scheme, the access ticket generated verification key k11
Instead of 0, providing a key pair of key by the asymmetric encryption scheme, such as RSA (pairs), at the time of the access ticket generation procedure is the encryption key of the key pair, at the time of the access ticket verification procedures, as the use of the other decryption keys, it is also possible to configure the access control system.

[0131] Further, in the above embodiment, the access ticket generation verification key k110 and the access ticket generation verification auxiliary data d111 and fixed data for each issue one access ticket or several access ticket, change each of these with a new one,
Access During ticket validation, it is also possible to take a method and a configuration used in obtaining access ticket generation verification key k110 and the access ticket generation verification auxiliary data d111 used when issuing the same access ticket.

[0132] According to this method, each of the access ticket,
Or, with some of the access ticket set, although it is necessary to generate and hold the associating information and a set of access ticket generation verification key k110 and the access ticket generation verification auxiliary data d111 used for its generation, the access ticket order to make counterfeiting more difficult, in some cases it is convenient.

[0133] Further, in the above embodiment, the state transition request from the user A is sent, the state transition request, the user A
(I.e., access user), or may be sent by any user B (the owner of Sunawa I target information).

[0134] Conversely, the state transition request, determines whether the user A, a thing which is transmitted from either the user B, and accordingly, to determine whether the state transition accessor and target information for by the sending of inappropriate state transition request by the access person it is possible to prevent any unauthorized changes of access rights, which is convenient.

[0135] This is because the state transition rule in the state transition information 105, provided an item of event based on conditions, "target information owner", or leave as described as "access user", the state transition carried out before changing the state of the target of the access ticket t1 in step S1108 of the state transition implementation procedure performed in unit 4, whether the state transition request sreq1 entered, the target information owner and access user, which is transmitted from any identifies the sender, it compares the event the original condition of the source and the state transition rule rule1, If ​​they do not match, reject the state transition request SREQ1, designed and configured to stop the process for this It can be realized by.

[0136] Further, to monitor the status of the transaction with the users A and B, automatically detects it when the change in phase occurs, the appropriate state transition request to the access ticket granted to user A with the software process to be sent to the access control system, it is more convenient.
This example, built into the software WWW browsing (browser) used for user D access e shop user A, to monitor the operation of the user B, and detects a change in phase of the transaction in response to the operation it can be used such as a browser supporting software that sends a state transition request.

[0137] In the description of the above embodiment,
Access to the safe communication path in the described that transmits through a secure channel information like the ticket, eavesdropping by a third party, falsification is a communication path protection measures have been taken against such, any existing encryption It is realized by technology. As the communication channel, for example, SSL widely used in World Wide Web is an information distribution system on the Internet
(Secure Socket Layer) and the like can be used.

[0138]

As described in the foregoing, according to the present invention,
The access ticket which defines access rights to the target information for each state issued to each access user, upon reception of the access request, whether to permit the access request based on the access rights to the state of the access ticket judgment, when accepting state transition request, a transition destination state is determined based on the state of the access ticket, so updates the state of the access ticket in the target state, transaction access privileges to allow the access person can be easily changed according to a change in aspect, it is possible to realize a flexible access control.

[0139] Further, according to the present invention, it issues an access ticket which defines access rights to the target information for each each of the plurality of states of a plurality of types to each access user,
When reception of the access request, determines whether to permit the access request based on the access rights to the type and state of the access ticket, and upon reception of a state transition request, a transition destination state based on the type and state of the access ticket determines, so to update the state of the access ticket in the target state, the access rights to allow the access user can easily change in response to changes in the aspect of the transaction, is possible to realize a flexible access control it can.

BRIEF DESCRIPTION OF THE DRAWINGS

1 is a block diagram showing a configuration of an information access control device for implementing the information access control method according to an embodiment of the present invention.

FIG. 2 is an explanatory diagram showing an example of registration content of the effective access ticket information used by the information access controller shown in FIG.

3 is an explanatory diagram showing the contents of the state transition information stored in the state transition information storage means used in the information access controller shown in FIG.

4 is an explanatory diagram showing the contents of the access ticket authority information stored in the access ticket authority information storage means used in the information access controller shown in FIG.

5 is an explanatory diagram showing the contents of the target information stored in the target information storage means used in the information access controller shown in FIG.

6 is a flowchart showing an access ticket issuing proceedings in the access ticket issuing means information access controller shown in FIG.

7 is a flowchart showing an access ticket verification procedure in the access ticket verifying means information access controller shown in FIG.

8 is a flowchart showing an access request processing procedure of information access control apparatus shown in FIG.

9 is a flowchart showing an access authority determination procedure in the access permission judging means information access controller shown in FIG.

10 is a flowchart illustrating a state transition request processing procedure of information access control apparatus shown in FIG.

11 is a flowchart illustrating a state transition implementation procedures in the state transition means for implementing information access controller shown in FIG.

12 is an explanatory diagram showing the registered contents of the valid access ticket information used by the information access controller shown in FIG.

13 is an explanatory view showing the structure of the generated access ticket by the access ticket issuing proceedings in information access controller shown in FIG.

DESCRIPTION OF SYMBOLS

1 access ticket issuing means 2 access authority determination unit 3 access ticket verifying means 4 state transition execution means 5 state transition information storage means 6 access ticket authority information storage unit 7 enable access ticket information storage unit 8 the target information storage means 9 target information owner of the terminal 10 access ticket generating verification key storing unit 11 access ticket generation verification auxiliary data storage means

Front page of the continued F-term (reference) 5B017 AA01 BA05 BA06 BA07 BB03 BB07 CA16 5B049 BB11 CC02 CC05 EE03 FF03 GG04 GG07 GG10 5B085 AA08 AE08 AE13 AE23 AE29 BE07 BG06 5J104 AA07 KA01 KA04 NA06 NA27 NA36 PA07 PA10 9A001 JJ18 JJ25 JZ67 LL03

Claims (24)

[The claims]
1. 1. A data access control method for controlling access's access to access the target information to be protected resource can take several states, to the target information for each each of the plurality of states the access ticket which defines access rights issued to each access user receives an access request from the access user based on the access rights that are set corresponding to the state of the access ticket entered with the request determines whether or not to permit the access request, receiving a state transition request from the access person, a transition destination state is determined based on the state of the access ticket entered with this request, at the determined target state information access control method and updates the state of the access ticket.
2. 2. An information access control method for controlling access of the access who access the target information to be protected resource, a plurality of kinds together provided in accordance with the contents of the access, a plurality of states in each type can take, the access ticket which defines access rights to the target information for each each of a plurality of states in each type issued to each access user receives an access request from the access user, input with the request has been based on the access rights that are set corresponding to the type and condition of the access ticket is determined whether or not to permit the access request, receiving a state transition request from the access person, it entered with this request a transition destination state is determined based on the type and state of the access ticket, the transition destination and this determination Information access control method and updates the state of the access ticket in the state.
3. 3. A process of updating the status of the access ticket may store the state transition information storage table a transition destination state where the state of the access ticket transitions corresponding to each state, wherein from accessor reads the transition destination state corresponding to the state of the input access ticket with a state transition request from the state transition information storage table, according to claim 1, wherein updating the state of the access ticket in the transition destination state thus read out information access control method.
4. Process wherein updating the status of the access ticket, the state transition information corresponding to each of the plurality of states of a plurality of types of each type of access target state access ticket each state transition of the ticket may be stored in the storage table, reads the transition destination state corresponding the access user the type and state of the access ticket entered together with the state transition request from the state transition information storage table, the access ticket in the transition destination state thus read out information access control method according to claim 2, characterized in that the state update.
5. 5. A process of updating the status of the access ticket includes a state transition event to the state transition request from the access person, to determine the target state this state transition event be considered information access control method according to any one of claims 1 to 4, characterized in that there.
6. 6. The information access control method according to claim 1 or 2, wherein the access ticket input together with the request to verify whether or not valid.
7. 7. a process for determining whether or not to permit the access request may store the access rights defined in correspondence with each state of the access ticket in the access ticket authority information storage table, the access request corresponds to the state of the access ticket inputted read access rights as defined by the access ticket authority information storage table, to determine whether or not to permit the access request based on access rights readout that with information access control method according to claim 1, wherein.
8. 8. a process for determining whether or not to permit the access request, stores the access permissions that are defined corresponding to each of a plurality of types of the plurality of states of access ticket to the access ticket authority information storage table ; then, reads out the access rights that are set corresponding to the type and condition of the access ticket input together with the access request from the access ticket authority information storage table, the access request based on access rights readout information access control method according to claim 2, wherein the determining whether to permit.
9. 9. The information access controller for controlling access's access to access the target information to be protected resource can take several states, to the target information for each each of the plurality of states an access ticket issuing means for issuing an access ticket which defines access rights to each access user receives an access request from the access person, are defined to correspond to the state of the access ticket entered with the request and determining the access rights determination means whether or not to permit the access request based on access rights, receiving a state transition request from the access person, a transition destination state based on the state of the access ticket entered with the request determined, to update the state of the access ticket in the determined transition destination state state update Information access control apparatus characterized by a means.
10. 10. An information access control apparatus for controlling access access who access the target information to be protected resource, a plurality of kinds together provided in accordance with the contents of the access, a plurality of states in each type You can take, accepting the access ticket issuing means for issuing an access ticket which defines access rights to the target information for each each of the plurality of states to each access user in each type, an access request from the access's , and access rights determination means for determining whether or not to permit the access request based on the access rights that are set corresponding to the type and condition of the access ticket entered with this request, the state transition from the access's It accepts the request, the type of access ticket that has been input with this request Hoyo A transition destination state is determined based on the fine state, information access control apparatus characterized by having a state updating means for updating the state of the access ticket in the determined target state.
11. Wherein said state update means inputs and the state transition information storage means for each state of the access ticket is a transition destination state of transition is stored in correspondence to each state, with the state transition request from the access's the transition destination state corresponding to the state of the access ticket from the state transition information storage means reading, according to claim 9, wherein further comprising a means for updating the state of the access ticket in the transition destination state thus read out information access control device.
12. 12. The method of claim 11, wherein the state updating means stores the state transition information each state of each type of access ticket is stored corresponding to each of a plurality of states of a plurality of kinds of transition destination state access ticket transition means reads the transition destination state corresponding the access user the type and state of the access ticket entered together with the state transition request from the state transition information storage means, and updates the state of the access ticket in the transition destination state thus read out information access control device according to claim 10, characterized in that it comprises a means.
13. Wherein said state update unit, to claim 9, characterized in that it comprises means for determining the transition destination state the state is also a state transition event included in the transition request in view of the accessor information access control apparatus according to any one of 12.
14. 14. The information access control apparatus according to claim 9 or 10, wherein it has an access ticket verifying means for access ticket input together with the request to verify whether or not valid.
15. 15. The access right determination means and the access ticket authority information storing unit that stores the access rights defined in correspondence with each state of the access ticket,
    Read access rights that are set corresponding to the state of the access ticket input together with the access request from the access ticket authorization information storing means, whether to permit the access request based on access rights readout information access control apparatus according to claim 9, wherein it has a means for determining.
16. 16. The access right determination means and the access ticket authority information storing unit that stores access authority is defined corresponding to each of a plurality of types of the plurality of states of the access ticket, together with the access request read access rights that are set corresponding to the type and condition of the access ticket received from the access ticket authority information storage unit, determines whether or not to permit the access request based on access rights readout information access control device according to claim 10, characterized in that it comprises a means.
17. 17. A recording medium recording the information access control program for controlling the access's access to access the target information to be protected resource can take several states, each of the plurality of states target access ticket which defines access rights to information issued to each access user receives an access request from the access person, it is defined to correspond to the state of the access ticket entered with the request for each determines whether or not to permit the access request based on access rights, receiving a state transition request from the access person, a transition destination state is determined based on the state of the access ticket entered with this request, this decision information access control flops and updates the state of the access ticket in the target state A recording medium recording the program.
18. 18. A recording medium recording the information access control program for controlling the access's access to access the target information to be protected resource, a plurality of kinds together provided in accordance with the contents of the access, the can take a plurality of states in kind, issues an access ticket which defines access rights to the target information for each each of the plurality of states to each access user in each class, receives an access request from the access's , based on the access rights that are set corresponding to the type and condition of the access ticket entered with this request to determine whether or not to permit the access request, receiving a state transition request from the access person, this a transition destination state based on the type and condition of the input access ticket with the request Determined, the recording medium recording the information access control program and updates the state of the access ticket in the determined target state.
19. 19. The processing of updating the status of the access ticket may store the state transition information storage table a transition destination state where the state of the access ticket transitions corresponding to each state, wherein from accessor It reads the transition destination state corresponding to the state of the input access ticket with a state transition request from the state transition information storage table, according to claim 17, wherein updating the state of the access ticket in the transition destination state thus read out recording medium for recording the information access control program.
20. 20. A process of updating the status of the access ticket, the state transition information corresponding to each of the plurality of states of a plurality of types of each type of access target state access ticket each state transition of the ticket may be stored in the storage table, reads the transition destination state corresponding the access user the type and state of the access ticket entered together with the state transition request from the state transition information storage table, the access ticket in the transition destination state thus read out recording medium recorded with claim 18, wherein the information access control program, characterized in that the state update.
21. 21. The processing of updating the status of the access ticket includes a state transition event to the state transition request from the access person, to determine the target state this state transition event be considered recording medium recording the information access control program according to any one of claims 17 to 20, characterized in that there.
22. 22. A recording medium recording the claim 17 or 18, wherein the information access control program, characterized in that access ticket input together with the request to verify whether or not valid.
23. 23. a process for determining whether or not to permit the access request may store the access rights defined in correspondence with each state of the access ticket in the access ticket authority information storage table, the access request corresponds to the state of the access ticket inputted read access rights as defined by the access ticket authority information storage table, to determine whether or not to permit the access request based on access rights readout that with recording medium recorded with claim 17, wherein the information access control program characterized.
24. 24. a process for determining whether or not to permit the access request, stores the access permissions that are defined corresponding to each of a plurality of types of the plurality of states of access ticket to the access ticket authority information storage table ; then, reads out the access rights that are set corresponding to the type and condition of the access ticket input together with the access request from the access ticket authority information storage table, the access request based on access rights readout rECORDING mEDIUM CONTAINING claim 18 wherein the information access control program and judging whether to permit.