JP2000235569A - Method for managing electronic document and document management system - Google Patents

Abstract

PROBLEM TO BE SOLVED: To obtain a document management system capable of simplifying the management of an electronic document and executing request-dependent accesses to information included in the document. SOLUTION: Plural pieces of output information corresponding to plural reading rights can be selectively extracted from the same file original. Tag information defining the range of output information is inserted into an individual file original stored in a document DB 10 and the tag information is stored also in a right management DB 20 correspondingly to the reading right of the range. When a reading request is outputted, a DB management part 14 extracts the output information of the range specified by tag information corresponding to the reading right from the file original of the DB 10 and sends the extracted information to the reading request source.

Description

DETAILED DESCRIPTION OF THE INVENTION

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to an efficient management method of an electronic document to be browsed, and more particularly to a document management system in consideration of a disclosure level of information.

[0002]

2. Description of the Related Art A document management system for publishing an electronic document in response to a user request is known. In this type of document management system, electronic documents of various contents are stored in a database. Some of these electronic documents allow only specific users to be disclosed depending on their contents and characteristics. A plurality of electronic documents having different disclosure ranges may be mixed, such as ones that can be disclosed to unspecified users and ones that should be disclosed only for a limited period. It is practically difficult to apply fine-grained browsing restrictions for each item or content of such an electronic document.

For this reason, conventionally, a plurality of levels of browsing authority are set stepwise according to the rank of a user, and a plurality of documents having different levels of detail are determined from the same electronic document according to each level of browsing authority. Create a file and allow browsing (disclosure) on a file-by-file basis, keep it private for users who have browsing rights below a certain level, or use it for users with high browsing rights For files, it is possible to browse in more detail than files for low users. For specific document files,
It has also been set to allow browsing for a certain period.

[0004]

As described above, in the conventional document management system, a plurality of document files having different degrees of detail are newly created from the same electronic document in accordance with the level of viewing authority. As a result, not only is the work for constructing the database enormous, but also if a part of the document contents is changed, there is a possibility that the contents may be inconsistent with other document files, and the management form is complicated. There was a problem of becoming.

[0005] If the publication time is set for each document file, time management becomes complicated. Therefore, even when it is time to release the information or when it should be released, the information may not be actually released.

[0006] Further, there is a problem that the security of information cannot be sufficiently ensured when the general user having the lowest level of browsing authority can freely access the information.

SUMMARY OF THE INVENTION It is an object of the present invention to provide a method for managing an electronic document, which can simplify document management and enable fine-grained access to information in the document. Another object of the present invention is to provide a document management system suitable for implementing the management method.

[0008]

According to the present invention, there is provided a method for managing an electronic document, comprising: inserting tag information defining a range of information to be browsed into an original electronic document;
Authority information in the range is associated with this tag information,
At the time of a browsing request based on the authority information, the browsing target information in a range specified by tag information corresponding to the authority information is extracted from the electronic document. A plurality of the tag information can be inserted into the same electronic document. In this case, different levels of the authority information are associated with the respective tag information, and browse target information corresponding to the level of the authority information is selectively extracted from the electronic document. With such a management method, it is not necessary to separately generate a plurality of files corresponding to the authority information, and the management form is simplified.

In the electronic document management method according to the present invention, the browsing request conforming to the permissible time information may be associated with any of the plurality of tag information items. The validity of the authority information in the range is validated only for the above case. The authority information and the permissible time information are retained in a form that can be modified later while maintaining the same content of the electronic document into which the tag information is inserted, so that it is possible to flexibly cope with a change in the authority information. It is preferable to do so.

[0010] When it is strongly required to prevent browsing by anyone other than the browsing requester, key information corresponding to the level of the authority information is prepared, and the extracted browsing target information is stored in the key. The information is encrypted and sent to the viewing request source.

According to another aspect of the present invention, there is provided a document management system for managing an electronic document, comprising: tag information insertion means for inserting tag information defining the range of information to be viewed into the electronic document; Authority setting means for associating the tag information with the authority information in the range, and holding the associated authority information in a form that can be subsequently corrected while maintaining the same content of the electronic information into which the tag information has been inserted. Authority information holding means, and configured to extract, from the electronic document, browsing target information in a range specified by the tag information based on the authority information held by the authority information holding means. is there.

[0012] If necessary, there is provided timing setting means for associating the tag information with the permissible timing information at which permissible viewing of the range is permitted. Configure your document management system to enable it.

In a document management system according to another aspect of the present invention, there is provided an electronic document in which a plurality of pieces of tag information each defining a range of different browsing target information are inserted, and each tag information is associated with authority information in the range. Electronic document holding means for holding, and authority information holding means for holding the associated authority information in a form that can be subsequently modified while maintaining the same identity of the electronic information, at the time of information browsing request input, An authority information recognizing means for recognizing the authority information of the browsing request source, and searching for tag information corresponding to the recognized authority information from the authority information holding means, and browsing target information in a range specified by the searched tag information. Extracting means for selectively extracting from the electronic document holding means.

When any of the plurality of pieces of tag information is associated with permissible time information at which browsing of the range is permitted, the extracting means only transmits the browsing request corresponding to the permissible time information. It is configured to perform information extraction based on authority information.

[0015] If necessary, an encryption processing means for encrypting the extracted browsing target information with key information corresponding to the authority information is provided, and the encrypted browsing target information is transmitted to the browsing request source together with a decryption key. Configure to send.

[0016]

Embodiments of the present invention will be described below in detail with reference to the drawings. FIG. 1 is a diagram showing a configuration example of a document management system to which the present invention is applied. The document management system 1 is realized by a computer device (or system) having a communication mechanism for performing bidirectional communication with an external operation terminal (hereinafter, a client terminal), an input device, a display device, and a printing device. A document DB (DB is an abbreviation of a database, the same applies hereinafter) 10 for storing an original document file (hereinafter, referred to as “file original”) of an electronic document, and authentication information such as a user ID and a password, which will be described later. It has an authority management DB 20 for holding browsing authority information, permissible viewing time, etc. for each user, and an input / output interface 11. Further, the computer device executes a predetermined program read from a recording device or recording medium (not shown) by an operating system. Browsing authority setting unit 12, formed by executing in cooperation with (OS), time setting 13, DB management unit 14, the authentication processing unit 15, viewing authority recognition unit 16, and a function block of the encryption processing section 17.

The browsing right setting unit 12 sets the browsing right for each range of information in the original file. A plurality of levels of browsing authority are prepared in advance so that the level of browsing can be set according to the rank of the user. To set the browsing authority, specifically, tag information defining the range of information is inserted into the original file, and each tag information is associated with a corresponding level of browsing authority. The set browsing authority and the correspondence between the tag information and the browsing authority are stored in the authority management DB 20 in a form that can be changed at any time.

The original file to be inserted may be a document file already read from the document DB 10 or a digital document to be newly stored in the document DB 10. The tag information may be any information as long as it determines an information range in the original file, that is, a start position and an end position.

The time setting section 13 sets the start and end of a period during which browsing is permitted or a specific release date for each range of information on the original file. These settings are
Specifically, the tag information is associated with the beginning, end, and the like. Note that the start and end of the period do not always have to be set together. That is, only the beginning or only the end may be set. When only the beginning is set, only the subsequent browsing requests are enabled, and when only the ending is set, only the previous browsing requests are enabled. If a release date is set, only browsing requests on that date are valid. In the present embodiment, when it is not necessary to distinguish the start date, the end date, and the release date, these are collectively referred to as “permissible viewing time” for convenience. The correspondence between the permissible viewing time and the tag information is stored in the authority management DB 20 in a form that can be changed at any time.

The DB management unit 14 stores the document DB 1 based on the correspondence between the viewing authority and the tag information held in the authority management DB 20 and the permissible viewing time and the tag information.
The information in the corresponding range is extracted from 0, and the extracted information is edited and sent to the viewing request source as it is, or is sent to the viewing request source after being encrypted by the encryption processing unit 17. At the time of information extraction, the browsing permission time is prioritized over the browsing authority already associated with the range. For example, after the end point has elapsed, information extraction is not performed even if a viewing request is made by a user who has viewing authority for the range. That is, the browsing authority is valid only for browsing requests within the permissible browsing time.

The authentication processing unit 15 requests a user ID and a password in response to a browsing request from a user, and when there is a response, performs authentication using the authentication information in the authority management DB 20. The authority recognition unit 16 includes an authority management DB
20 to recognize the user's browsing authority.

The encryption processing unit 17 holds a set of an encryption key corresponding to the viewing authority and a corresponding decryption key for each level of the viewing authority. Is encrypted. After encryption, the DB management unit 1 adds the decryption key corresponding to the encryption key.
Pass to 4. If the viewing request source has a decryption key corresponding to its own viewing authority in advance, it is not necessary to manage the decryption key.

Next, an operation mode of the document management system 1 configured as described above will be described. It is assumed that the authentication information such as the user ID of the user is already stored in the authority management DB 20.

<Registration of Authority> First, the browsing authority and permissible viewing time of each user are registered in the electronic document. The procedure in this case is as shown in FIG. That is, a document is newly digitized, or a corresponding document file is read from the document DB 10 and is used as a file original (step S101). Next, the tag information is inserted into the original file at the start position and the end position of the range corresponding to the level of the viewing authority (step S102). The tag information may be only one (one set) or plural (a plurality of sets) for the same original file. In the case of a plurality (a plurality of sets), a plurality of levels of viewing authority are set for the same original file. If it is necessary to determine the disclosure period, that is, the permissible viewing time, in the original file or a part of the file, the period is input and associated with the corresponding tag information (step S103). It is also possible to separately set a plurality of start times or end times of the permissible viewing time in one original file.

Information on these rights is stored in the right management D
It is held in B20 as needed, and when it becomes necessary to change it afterwards, the contents are corrected as needed. When the insertion of the tag information and the association with the viewing authority and the like are completed, the original file is stored in the document DB 10 (step S104).

<Document Browsing> The procedure for browsing a document is as shown in FIG. When there is a document browsing request from the client terminal operated by the user to this system (step S201: Ye
s) The authentication processing unit 15 requests a user ID and a password (step S202), and when there is an input of a user ID or the like, the authentication processing unit 15 refers to the authentication information held in the authority management DB 20 to check the validity of the user. Perform sex determination (step S
203: Yes, S204). If the user is valid, the browsing right recognition unit 16 recognizes the browsing right of the user (step S205: Yes, S206), and passes the recognition result to the DB management unit 14.

The DB management unit 14 scans the original file and specifies the range of information associated with the viewing authority, that is, the range of information that can be viewed, based on the tag information (step S207). It is determined whether or not the range matches the permissible viewing time, and if so, information on the range is extracted and edited as needed. If necessary, the information extracted by the encryption processing unit 17 is encrypted and transmitted to the client terminal (step S208: Yes, S
209). If the received information is not encrypted, the client terminal immediately lays out the table of contents, heading, printing position, character size, etc., and outputs it to its own display device or printing device. If it is encrypted, it is decrypted with a decryption key, laid out, and output to a display device or printing device. As a result, the user can browse information in a range in which the user has the browse right.

As described above, in the document management system 1 according to the present embodiment, the management of electronic documents and the management of access rights of users, which are separate processes in the related art, are linked to each other, so that many different viewing rights can be obtained. Information can be disclosed to the user from the same electronic document. For this reason, it is not necessary to generate the number of files corresponding to the viewing authority as in the related art, and the work of document management is simplified.

Also, the management of the permissible time of browsing becomes easy,
The problem of omission of information disclosure due to excessive disclosure time does not occur. In addition, the user can set or change the browsing authority and the permissible viewing time at any time without affecting the electronic document, so that it is possible to flexibly cope with a change in circumstances. Further, since the information disclosure date can be set separately in one electronic document, the change history of the information can be left in the document file as it is.

[0030]

Next, embodiments of the present invention will be described specifically. (First Embodiment) The document management system 1 can be applied to, for example, management of in-house documents. Here, an example will be described in which an electronic version of a project plan document is used as an original file.

FIG. 4 shows an example of the original file. In the figure, a pair of <**> and </ **> is tag information,
The information enclosed by the pair of the top and bottom tag information <document></document> is the original file. Tag information <pemi
t: secret></ pemit: secret> is secret information (secret), tag information <permit: public></ permit: public
Information enclosed by> is publicly available information (public).

User ID held in the authority management DB 20;
The password and the browsing authority are set, for example, as shown in FIGS. 5A to 5C. The correspondence between the tag information and the browsing authority and the correspondence between the tag information and the permissible viewing time are shown in FIG.
(A) and (b) are set in advance. That is, only the managers XX and XX managers have the authority to read the secret information (secret).
9/03/31 ". The openable information (public) includes the manager (manager) and the person in charge A (t
antou) can be viewed at any time for any period. Regarding the information enclosed by tag information <title></titie> and the information enclosed by tag information <abstract></abstract>, even if it is a general employee who is not a manager and is not the person in charge A, But can be viewed (managers,
The person in charge A can, of course, browse).

When there is a change in employees or a change in an in-house post due to a personnel change or the like, and it is desired to change the contents of the browsing authority, it is sufficient to change the contents in FIGS. In other words, there is no need to make any changes to the contents of the original file. Therefore, when there is a variable element in the setting contents, it can be a convenient mechanism.

The operation of the document management system 1 when an inspection request is issued from an employee to the original file is as follows. First, the user is requested to input a user ID and a password. When a user ID or the like is input, the browsing authority of the employee is specified with reference to the authority management DB 20. Thereafter, the original file in the document DB 10 is scanned to search for tag information corresponding to the specified browsing authority. If the browsing permitted time is not set, or if the set browsing permitted time is met, The information within the range defined by the tag information set is extracted from the original file, and after the necessary editing is performed, the information is output for the employee.

FIG. 7 is a diagram showing information actually output from the original file of FIG. 4 in response to a browsing request from each employee. That is, FIG. 7A shows a browsing request from a manager, and FIG.
(B) In response to a browsing request from a person other than the manager or the person in charge A, information as shown in FIG. 7C is output. In this case, the encryption processing is not performed, but if strong security is required, the secret information is encrypted and output.

As described above, according to the present embodiment, information in a range corresponding to a plurality of browsing rights can be selectively extracted and output from one original file, and thus a plurality of information can be output for each browsing right. There is no need to create a document file, and management of in-house documents can be simplified. Also, fine access to the same in-house document becomes possible.

(Second Embodiment) The Document Management System 1
Can also be applied to a membership information service. For example, a mechanism can be realized in which only a summary of information is provided for a free member, and a summary and details of information are provided for a paid member. The original file in this case is, for example, as shown in FIG.
This is an electronic document within the range enclosed by <information></information>. Information surrounded by tag information <permit: pay></ permit: pay> is paid member-only information, and tag information <permi: pay>
Information enclosed by t: free></ permit: free> is public information that can be viewed by free members as well as paid members.

The user ID, password, and viewing authority (member type) are set, for example, as shown in FIGS.
The correspondence between the tag information and the browsing authority and the correspondence between the tag information and the permissible viewing time are set as shown in FIGS. In other words, the paid member limited information is a paid member (pa
Only y) can be viewed at any time after "1998/04/01". In addition, everyone in the open gazette is
"1" and after, so that you can browse at any time.

When there is a request for an information providing service from each member, that is, a request for browsing information, information according to the browsing authority of the member is output through the same processing as in the first embodiment. That is, information as shown in FIG. 11A is output for a browsing request from a paying member, and information as shown in FIG. 11B is output for a browsing request from a free member. In this way, the content of information to be provided is changed according to the member type.

[0040]

As is apparent from the above description, according to the present invention, document management can be simplified and detailed access to information in a document becomes possible.

[Brief description of the drawings]

FIG. 1 is a functional configuration diagram of a document management system according to an embodiment of the present invention.

FIG. 2 is an explanatory diagram of a procedure for registering a viewing authority and a permissible viewing time for each user in the document management system according to the embodiment;

FIG. 3 is an explanatory diagram of a procedure when browsing a document in the document management system of the embodiment.

FIG. 4 is an explanatory diagram showing an example of an electronic file of a project plan document.

FIG. 5 is a diagram illustrating an example of a user ID, a password, and a viewing authority held in an authority management DB when performing in-house document management. (A) is an example of the XX section manager, (b) is an XX section manager, and (c) is an example of the person in charge A.

FIG. 6 is a diagram showing an example of a correspondence relationship between tag information and viewing authority held in an authority management DB when performing in-house document management, and an example of a correspondence relationship between tag information and viewing permission time;
Is an example in the case of confidential information, and (b) is an example in the case of public information.

7 is a diagram showing information actually output in response to a browsing request from each employee from the original file of FIG. 4,
(A) is output information for a browsing request from a manager,
(B) is output information for a browse request from the person in charge A,
(C) is output information in response to a browsing request from a general employee.

FIG. 8 is an explanatory diagram showing an example of an original file for a membership information providing service.

FIG. 9 is a diagram illustrating an example of a user ID, a password, and a viewing authority held in an authority management DB when performing a membership information providing service, wherein (a) is a paid member and (b) is a free member. This is an example.

FIG. 10 is a diagram showing an example of a correspondence relationship between tag information and a viewing right held in a right management DB when performing a membership information providing service, and a correspondence relationship between tag information and a permissible viewing time; ) Is an example for all members, and (b) is an example for paid members.

11 is a diagram showing information actually output from the original file of FIG. 8 in response to a browsing request from a member,
(A) is an example of output information for a paid member, and (b) is an example of output information for a free member.

[Explanation of symbols]

 REFERENCE SIGNS LIST 1 document management system 10 document DB (database) 11 input / output interface 12 viewing authority setting unit 13 time setting unit 14 DB management unit 15 authentication processing unit 16 viewing authority recognition unit 17 encryption processing unit 20 authority management DB

Claims (10)

[Claims] An electronic document serving as an original inserts tag information that defines the range of information to be browsed, and associates the tag information with authority information in the range, so that when a browse request is made based on the authority information, A method for managing an electronic document, comprising extracting, from the electronic document, browsing target information in a range specified by tag information corresponding to the authority information. 2. A plurality of the tag information is inserted into the same electronic document, and each tag information is associated with a different level of the authority information, and the browsing target information corresponding to the level of the authority information is stored in the electronic document. The management method according to claim 1, wherein the method is selectively extracted from a document. 3. A method according to claim 1, wherein any one of the plurality of tag information is associated with permissible time information at which browsing of the range is permitted,
The management method according to claim 2, wherein the authority information in the range is validated only for a browsing request that matches the allowable time information. 4. The method according to claim 1, wherein the authority information and the permission time information are
4. The management method according to claim 3, wherein the electronic document in which the tag information is inserted is held in a form that can be modified later while maintaining the same content. 5. The key information according to the level of the authority information is prepared, and the extracted browse target information is encrypted with the key information and transmitted to a browse request source. 5. The management method according to any one of items 1 to 4. 6. A document management system for managing an electronic document, wherein: tag information insertion means for inserting tag information defining a range of viewing target information into the electronic document; and authority setting for associating the tag information with authority information of the range. Means, and authority information holding means for holding the associated authority information in a form which can be subsequently corrected while maintaining the sameness of the contents of the electronic information in which the tag information is inserted, and the authority information holding means A document management system configured to extract, from the electronic document, browsing target information specified in the tag information based on the authority information held in the electronic document. 7. A time setting means for associating the tag information with allowable time information at which browsing of the range is permitted, and validating the authority information of the range only for a browsing request conforming to the permissible time information. The document management system according to claim 6, wherein: 8. An electronic document holding means for holding an electronic document in which a plurality of tag information each defining a range of different browsing target information are inserted, and each tag information is associated with authority information of the range. Authority information holding means for holding the attached authority information in a form that can be subsequently modified while maintaining the sameness of the contents of the electronic information, and authority information for recognizing the authority information of the browse request source when inputting the information browse request Recognizing means, extracting the tag information corresponding to the recognized authority information from the authority information holding means, and selectively extracting, from the electronic document holding means, browsing target information in a range specified by the searched tag information; Means, and a document management system comprising: 9. When any one of the plurality of tag information is associated with permissible time information at which permissible viewing of the range is permitted, the extraction unit responds to a pertinent browsing request conforming to the permissible time information. 9. The document management system according to claim 8, wherein information extraction is performed only based on the authority information. 10. An encryption processing means for encrypting the extracted browsing target information with key information according to the authority information,
10. The document management system according to claim 8, wherein the encrypted browsing target information is transmitted to the browsing request source together with a decryption key.