JP2002328907A - Method and system for authority transfer - Google Patents

Abstract

PROBLEM TO BE SOLVED: To solve the problem that as to a user's right in a multi-user operating system and an operating system permitting a log-in from a remote unit connected through a network, there occurs a case where work piles up because an operation or approval process which can only be performed by a person with a right to do so cannot be implemented due to that person's absence as experienced in cases where a manager of a system and a leader of a group to which the user belongs are absent, and a person with an approving authority is absent in a workflow, slowing down a flow of the work. SOLUTION: Each of an identifier to identify a user to use the system is provided with a score, which is an index representing the user's authority. A mechanism of transferring the authority among users is realized by transferring the score. By this, even when a particular user is absent, a proxy right for the user can be exercised by approval of a plurality of users.

Description

DETAILED DESCRIPTION OF THE INVENTION

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a method and a system for transferring the use right of a system used by a plurality of users. More particularly, the present invention relates to a multi-user operating system, a workflow, or an operating system that permits remote login through a network. The present invention relates to a method and a system for transferring usage rights in a system including a plurality of users.

[0002]

2. Description of the Related Art Conventionally, in a multi-user operating system or an operating system that allows remote login connected via a network, each user has a user right, and each user can perform various operations within a range permitted by his or her own user right. What can perform the operation | work and process of is known. In such a system, when a system administrator is absent or a group leader of a group to which a user belongs is absent, work and processing may be delayed. Similarly, in the workflow, the flow may be stagnated during the workflow because there is no person having the approval authority. That is, due to the absence of the authorized person, there is a case where the operation of the workflow is interrupted because only the authorized right person cannot execute the work or the approval process.

In order to cope with the above problem, a method disclosed in Japanese Patent Laid-Open No. 7-36995 has been proposed for a workflow. In this method, the system checks the presence status of the authority, and when the authority is absent, provides a path (route) to flow the flow to the agent or the higher authority so that the flow can flow smoothly. Is what you do. This is also one form for protecting the security and promptly operating the workflow.

[0004]

SUMMARY OF THE INVENTION The above-mentioned Japanese Patent Application Laid-Open No. 7-36 is disclosed.
According to the method described in Japanese Patent No. 995, when an authorized person is absent, an attempt is made to provide a path for flowing a flow to a delegate of the authorized person or a higher authority, but such a path may not be actually found. . In practice, if the operation is hampered by the absence of such an authority, the approval may be exercised by an agent, or if a certain number of authorized authority We create and exercise operational rules that can be exercised by proxy. Until now, there has been no way to incorporate and manage such proxy enforcement into the system.

An object of the present invention is to provide a system capable of performing various processes such as approval based on a user authority of a user, even if an authorized person is absent or a proxy of the authorized person is absent. The goal is to ensure that operations are not disrupted.

[0006]

In order to achieve the above-mentioned object, the present invention provides a system in which a plurality of users can execute various kinds of processing within their respective processing authorities.
A method of transferring a right to a second user by a user, the method comprising: storing a score representing the right of each user; and transferring the right to the second user when the first user transfers the right to the second user. Performing a predetermined calculation using the score of the first user and the score of the second user, and setting the calculation result as a score representing the authority of the second user; And a step of permitting each user to perform various processes within the range of the authority.

Further, according to the present invention, in the above configuration, a score required for performing the process is determined for each of the various processes, and a score possessed by a user is required for performing the process. When the score is satisfied, the user is permitted to perform the processing.

The present invention also relates to a method of transferring authority in a workflow system in which a plurality of users work while circulating an electronic document, wherein a score representing the authority of each user is stored, and a computerized document to be circulated is provided. Setting a score necessary for turning the digitized document to the next, and circulating the digitized document to a specific user having a score equal to or higher than a predetermined score, and Routing the digitized document to the next user if the score required to pass the digitized document next is satisfied based on the score values of the plurality of users by circulating the digitized document when absent And characterized in that:

Further, the present invention relates to a system in which a plurality of users can execute various kinds of processing within the range of their respective processing rights, wherein the first user transfers the right to a second user. Means for storing a score representing authority for each user;

When the first user transfers authority to the second user, a predetermined calculation is performed using the score of the first user and the score of the second user, and the calculation result is stored in the second user. And a means for allowing each user to perform various processes within a range of authority according to the score possessed by each user.

Further, the present invention is a right transfer system applied to a workflow system in which a plurality of users work while circulating an electronic document, wherein a means for storing a score representing the right of each user, Means for setting a score necessary for turning the digitized document to the next in the digitized document; Means for, when absent, circulating to a plurality of users and, if the score necessary to turn the digitized document to the next based on the score values of the plurality of users is satisfied, turning the digitized document to the next And characterized in that:

[0012]

Embodiments of the present invention will be described below with reference to the drawings.

First, with reference to FIGS. 1, 2 and 3, the basic principle of score transfer in the present embodiment will be described.

FIG. 1 is a basic conceptual diagram of score transfer.
The vertical axis represents the score value, and the horizontal axis represents each user. The bar graph of each user represents the score value that the user has in the initial state. The score is an index indicating the authority of the user. α and β are examples of scores required for processing an electronic document in the authority transfer system of the present embodiment. User A, user B, user C, user D, and user E are users who can use the authority transfer system.

In the present embodiment, whether or not a user can process an electronic document is determined according to the score of each user. For example, when processing a document having a score β, since the user A has the score 50, the user A can process the document without transferring the score from another user. Similarly, when processing the document having the score α, the user A or the user C can process the document without transferring the score from another user because the user A or the user C has the score of 20 or more. However, user B, user D, and user E cannot process the score α because the possession score is 20 or less. Similarly, users B to E cannot process score β. Conventionally, if the user A wants to process β in the absence, or if the users A and C want to process α in the absence, processing cannot be performed in the system until these authorized users are present.

Therefore, in the present embodiment, even when an authorized user is absent, the process is prevented from being delayed by transferring the score. For example, when the user C, the user D, and the user E transfer their own scores to the user B, the user B has a score necessary for processing β, and β can be processed. .

FIG. 2 is a conceptual diagram of a score transfer addition process in a system in which the next process or a process to another department cannot be requested unless an authorized person such as a workflow approves. In order for the user Z to obtain permission to perform the process or to request another department to perform a work process, the user Z needs to obtain the approval of the user A. Conventionally, when user A is not present, user Z cannot perform processing or request processing to another department until user A is present.

In the present embodiment, even when user A is absent, user B can transfer the score owned by users B, C, D, and E to user Z, so that user Z can process it himself or give it to another department. Work processing can be requested. That is, usually, the user Z having a score of 0 has a score of 50.
Needs to be approved by the user A having the score 50 as shown in the route 1. In the present embodiment, when the user A is absent, the process is not interrupted by having the scores of the users B, C, D, and E respectively transferred as shown in a route 2. .

FIG. 3 shows the same principle as that of FIG. 2 by subtracting scores. In FIG. 2, the processing authority is given when the score is added and becomes equal to or more than the processing target score. In FIG. 3, the score of each user is subtracted from the processing target score. When it becomes, processing authority is given. That is, the user Z
By transferring the negative scores of the users B, C, D, and E, even if the user A is absent.
As shown in the route 2, the authority is transferred and the processing of the score 50 is enabled.

FIG. 4 shows the same principle as in FIGS. 2 and 3 by multiplying the score. In FIG. 2 or FIG. 3, the transfer of authority is expressed by adding or subtracting scores. In FIG. 4, the transfer of authority is expressed by multiplication using the score as a multiplier. In FIG. 4, user Z
Has a multiplier of 1, and the score of the user A has a multiplier of 100. When the process of the score 100 is performed, if the user Z requests the user A as shown in the route 1, the process does not stop. When user A is absent, user Z becomes user B,
By receiving the transfer of authority from C, D, and E and multiplying by the multiplier of the score of each user, the value exceeds 100, so that the processing of score 100 becomes possible.

Here, the method of transferring the authority by calculating the score using addition, subtraction, and multiplication has been described. However, the present invention is not limited to this, and the transfer of the authority can be expressed using various expressions. For example, the score after the transfer may be Sa, the score to be transferred may be Ss, and the score before the transfer may be Sb, and the transfer of authority may be represented by the following expression: Sa = Sb · Ss + 2 (Ss).

Next, a specific embodiment of a method for transferring authority in a multi-user computer system will be described.

FIG. 5 is a block diagram showing the configuration of a multi-user computer system to which the authority transfer method of the present embodiment is applied. This multi-user computer system includes a host computer 501 and a plurality of user terminals 502 connected to the host computer 501. The user can log in to the host computer 501 from the user terminal 502 and perform various processes according to his / her authority. The authority of each user is represented by the above-mentioned score. Also, a user can transfer his / her authority to another user. The transfer of the authority is performed by giving the possession score to another user.

To perform these processes, the host computer 501 includes a login service processing unit 511, a score service processing unit 512, a shell service processing unit 513,
Score transfer program 514, score change program 5
15, a score table file 516, and a timer 517. The login service processing unit 511 performs a process of receiving a login request from each user terminal 502 and the like. The score service processing unit 512 performs processing such as transfer of a score for transfer of authority between users and management thereof. The shell service processing unit 513 provides a function of a command interpreter to each user terminal 502. The score transfer program 514 performs a process of transferring scores between users. Score change program 5
Reference numeral 15 performs a process of changing the value of the score representing the authority given to the user. The score table file 516 is
The user information of each user, the status of the transfer of the score, and the like are stored. The timer 517 is used when an interrupt is generated at predetermined time intervals.

FIG. 6 shows an example of information stored in the score table file 516. For each user identified by the user ID, a password, a group ID, a login flag, an initial score, a current score, a transfer time, a transfer valid time, a transfer time, a transfer permitted time, a transfer source user 1, Transfer source user 2 and transfer source user 3
The information of is stored. The user ID, password, group ID, and initial score are information set when a user is registered in the present system. The initial score is initially set to a value according to the authority of the user. The login flag is set to 0 when the user is logged in to the system.
N: Takes a value of OFF when not logged in. The current score is a field that describes the value of the current score of the user.

The transfer time, the transfer effective time, the transfer time, the transfer permission time, the transfer source user 1, the transfer source user 2, and the transfer source user 3 store various information related to the transfer of authority. Is the field to do. The transfer time is the time at which the authority has been transferred to the user. The transfer effective time indicates the expiration date of the transferred authority,
The transfer of authority that becomes effective from the transfer time becomes invalid when the transfer reaches the effective time. The transfer time is the time at which the user has transferred the authority. The time at which the transfer is permitted indicates the expiration date of the transferred right, and the transfer of the right valid from the transfer time becomes invalid when the time at which the transfer is permitted is reached. The transfer source user 1, the transfer source user 2, and the transfer source user 3 indicate the transfer source user who has transferred the authority to the user.

FIG. 7 shows processing performed by a boot program executed when the host computer 501 is started. In step 701, various service programs are started. In step 702, a score service program (corresponding to the score service processing unit 512 in FIG. 5) is started. In step 703, a login service program (corresponding to the login service processing unit 511 in FIG. 5)
Start In step 704, a shell service program (corresponding to the shell service processing unit 513 in FIG. 5)
Start After that, various processes as a host computer are performed.

In particular, when the host computer 501 is booted, the score service program is started before the login service program is started. This is because a score service function (such as a function of notifying the score of the logged-in user) is used in the login processing.

FIG. 8 is a flowchart showing what kind of messages the login service processing unit 511, score service processing unit 512, and shell service processing unit 513 shown in FIG.

When activated in step 702 of FIG. 7, the score service processing unit 512 reads the score table file 516 shown in FIG. 6 by the file I / O 801 and knows the score given to each user at the time of activation. When any user logs in at the login service processing unit 511, the score service processing unit 512
Upon receiving the logout message 803, the user ID shown in FIG.
And the user who logged in from the password.
Further, score service processing section 512 transmits score notification message 804 to login service processing section 511. The score notification message 804 contains the value of the current score of the logged-in user.
The right of the current score at that time is given to the login user. At that time, the score table file 516 of FIG.
Of the user is turned on. Also, when there is a logout by any user in the login service processing unit 511, the score service processing unit 512 also receives the login / logout message 803 at that time, and identifies the logged-out user from the user ID and password in FIG. Grasp and at that point, set the login flag to O
Set to FF.

If the login is successful, the login service processing unit 511 sends a shell start message 805 to the shell service processing unit 513. Thereby, the shell service for the user is started. In this shell service, the user can perform various processes within the range of authority according to the current score given to the user.

During log-in, a user transfers a score transfer program start message 80 from the shell service.
6 is issued, the score transfer program 514 is activated. FIG. 10 shows a screen example when the score transfer program 514 is a text shell. FIG. 11 shows a screen example when the score transfer program 514 is a visual shell. With these screens, the user can transfer his / her own score to another user. In the transfer, the user of the transfer destination, the value of the score to be transferred, the transfer time, and the time at which the transfer is permitted are specified. The transfer time is the current time at which the transfer was instructed on the screen described above,
From this time, the transfer of the authority becomes effective. The time at which the transfer is permitted is the end time of the period during which the transfer of the authority is valid.

When a score transfer is instructed on the screens of FIGS. 10 and 11, the score transfer program 514 transmits a score transfer message 807 to the score service processing unit 512 in response to the instruction. Score transfer message 80
7 includes the information specified on the screen, and the score service processing unit 512 updates the score table file 516 in FIG. 6 according to the instruction. For example, suppose that the user C issues an instruction to transfer his / her score to the user B at 9:55 until 13:00, and for the user C in the score table file 516, the current score is changed from 20 to 0, and the transfer time is changed. At 9:55 and the time at which the transfer was permitted is set at 13:00. For the user B, the user C is registered in any of the transfer source user fields, the current score value 20 of the user C is added to the current score, and the transfer time is set to 9:55. , The time when the transfer is valid is set to 13:00. As a result, the transfer of the score is completed, and the score service processing unit 512 sends the values of the current scores of the users B and C to the score notification message 80.
7, the login service processing unit 511 corresponding to each user is notified, and the authority of each user is restricted or extended to the one corresponding to the current score value.

The message 802 is an interrupt message from the timer 517, and notifies the current date and time to the score service processing unit 512. The score service processing unit 512 receives the interrupt message 802 at regular time intervals to acquire the current time, and the current time reaches the “transfer valid time” in the held score table file 516 in FIG. Is determined. If the current time has arrived at the “time when the transfer is valid”, it means that the validity period of any transfer has expired, so register the “transfer effective time” in the field of the transfer source user. For the user whose "transfer permission time" is the same as that of the assigned user. Since the transfer of the user has been completed, the score value is returned to the original user, and the transfer source user,
The transfer time and the transfer effective time are updated. As a result, since the process of restoring the score is completed, the score service processing unit 512 sends the value of the current score by the score notification message 807 to the login service processing unit 5 corresponding to the user associated with the completed transfer.
11 is notified and the authority of each user is restricted or extended to the one corresponding to the current score value.

An administrator user who has the authority to manage the entire score service during login is used by the shell service processing unit 51.
In some cases, the score change program 515 may be activated from among the three programs. A message for starting the score changing program 515 at this time is a score changing program starting message 808. The score change program 515 notifies the score service processing unit 512 of rewriting the information related to the score including the initial score in the score table file 516 according to the instruction of the manager by the score change message 809. Score change message 8
The score service processing unit 512 that has received 09 updates the score table file 516 according to the content of the score change message 809. The update result is notified to the login service processing unit 511 of the user whose score has been changed by the score notification message 804, and the user has the authority according to the changed score.

FIG. 9 shows an example of score transfer based on the mechanism of FIG. User C proceeds to step 90
1 and own score 20 from 10:00 to 11:00
To User B. Similarly, in step 902, the user D sets his own score 10 to 10: 30-1.
Transferred to user B at 2:00. When activated, the score service processing unit 512 reads the score table file 516 in step 911. When the score transfer message 807 from the user C is detected in step 912, the score table file 516 is updated accordingly in step 913, and the current score is notified to the currently logged-in users C and B in step 914 by the score notification message 804. Notify. Thus, the user C and the user B can continue various processes with the authority of the score value after the transfer.

Next, in Step 915, when the score transfer message 807 from the user D is detected, Step 91 is executed.
The score table file 516 is updated accordingly in step 6, and the current score is notified to the currently logged-in users D and B in step 917 by the score notification message 804. Thus, the user D and the user B can continue various processes with the authority of the score value after the transfer.

Next, when the current time by the timer 517 has reached the end of the transfer (the time at which the transfer was permitted) in step 918, the score table file 51
6 is updated (the score transfer is undone), and step 92 is performed.
Score notification message 804 to user logged in with 0
Informs the current score. Thereby, each user can continue various processes with the authority of the score value after the transfer. Steps 918 to 920 are described in one flow, but the end of the transfer varies, so that the processing after step 918 is performed every time the end of the transfer is reached.

Referring to FIGS. 12 to 14, an embodiment in which the authority transfer method of the present invention is applied to a workflow will be described.

FIG. 12 shows the flow of the workflow.
This indicates that the score has been added to the electronic document. The electronic document is not limited to a word processor document, but may be data, a spreadsheet, or DB (database) information. This shows that a score is added to the electronic document every time the user passes through the user set in the route.

In order to realize this, the route management of the workflow is performed as shown in FIG. That is, in FIG. 13, when the user Z and the user A are both in the logon state, the route 1
Is selected, and the route setting condition is set such that the route 2 is selected when the user Z and all of the users B, C, D, and E are all logged on.

FIG. 14 is a table that holds the log-in status of each user and the score value to be added to the electronic document. The table in FIG. 14 may be shared with the table in FIG. Since the login state of each user can be known from the table of FIG.
In the route setting, if the user A is logged in, the route 1 can always be selected. Thereby, the user A
Although the user is present, it is possible to avoid ignoring it and sending the electronic document to the user B.

When the electronic document is circulated along the selected route, every time the user passes through each user, the score of the user is calculated from the score shown in FIG. 14 as additional information in the electronic document (here, as shown in FIG. 12). Add). When a predetermined score (score 50 or more in the example of FIG. 12) necessary to pass the electronic document to the next process is reached, the process is sent to the next process. The pass flag in the table of FIG. 13 is a flag that is set to 0 when the user does not pass and 1 when the user passes. This prevents the score from being added more than once by passing the same user more than once.

In the embodiment described with reference to FIGS. 5 to 11, an example has been described in which, when the score owned by the user is transferred to another user, the user becomes score 0.
This is not necessary in the embodiment. That is, each user adds his / her own score to the electronic document, but does not have to set his / her score value to 0 at this time. Thus, when another electronic document comes around, the same processing can be performed.

In the above-described embodiment of the multi-user computer system and the embodiment of the workflow system, there is a case where it is desired to set such that the right of a specific user cannot be exercised even if the score is transferred. For example, we want to prevent processes that only the president's approval or the highest system administrator can perform even if the scores of other users are collected. In such a case, the score of such a privileged user may be set to a value that cannot be exceeded no matter how another user transfers the score.

Also, in the case where it is difficult to allow another user to transfer the score and to exercise the authority of the specific user even though the specific user is present. There is. At that time, as described in the above embodiment, referring to the login flag of the score table shown in FIG. 6 or FIG. 14, if a specific user is present and logged in to the system, What is necessary is just to realize the system so that the user's authority cannot be exercised.

Further, there is a case where the relation in which the scores can be transferred is restricted only within the group. In this case, the system may be realized by referring to the group IDs in the score tables shown in FIG. 6 and FIG. 14 so that the scores cannot be transferred between the groups.

Further, as these other embodiments,
For example, when a user to be used is set in a machine tool or an automobile and a use right can be set to each user, the present invention can be applied to such a device.

[0049]

As described above, according to the present invention,
By assigning a score to each identifier for identifying a user who uses the system, rights can be transferred between users. Further, by transferring the rights, even if a specific user is absent, a function of exercising the proxy right of the specific user with the approval of a plurality of users can be realized.

[Brief description of the drawings]

Fig. 1 Basic conceptual diagram of score transfer

FIG. 2 is a basic conceptual diagram of score transfer in the flow processing.

FIG. 3 is a diagram showing a calculation example (1) of a score.

FIG. 4 is a diagram showing a calculation example (2) of a score.

FIG. 5 is a system configuration diagram of the system according to the embodiment;

FIG. 6 is a diagram showing a score table in the multi-user computer system.

FIG. 7 is a diagram showing an order in which a score service is started in a multi-user computer system.

FIG. 8 is a message flow chart for implementing a score service in a multi-user computer system.

FIG. 9 is a diagram showing an example in which scores are transferred in a multi-user computer system.

FIG. 10 is a diagram showing a screen example (1) of a score transfer program.

FIG. 11 is a diagram showing a screen example (2) of a score transfer program.

FIG. 12 is a diagram showing an embodiment of score transfer in a workflow system.

FIG. 13 is a diagram showing a score management table in the workflow system.

FIG. 14 is a diagram showing a score table in the workflow system.

[Explanation of symbols]

801… I / O of score service and score table file
O message 802: Interruption message from timer 803: Login / logout notification message from login service 804: Notification message of current score to login user 805: Activation message of shell service from login service 806: Score transfer program from shell service Start message 807 ... score transfer message 808 ... score change program start message from the shell service 809 ... score change message 501 ... host computer 502 ... user terminal 511 ... login service processing section 513 ... shell service processing section 514 ... score transfer Program 515: score change program 512: score service processing unit 516: score table file 517: timer

Claims (5)

[Claims] 1. A right transfer method in which a first user transfers authority to a second user in a system in which a plurality of users can execute various processes within the scope of their respective processing rights. Storing a score representing the authority; and performing a predetermined operation using the score of the first user and the score of the second user when the first user transfers the authority to the second user. Setting the result of the calculation as a score representing the authority of the second user; and allowing each user to perform various processes within the range of authority according to the score possessed by each user. A method for transferring authority. 2. The authority transfer method according to claim 1, wherein a score required for performing the process is determined for each of the various processes, and a score held by a user performs the process. A method for permitting the user to perform the above-described processing when the required score is satisfied. 3. A method for transferring authority in a workflow system in which a plurality of users work while circulating an electronic document, the method comprising: storing a score representing authority for each user; A step of setting a score necessary for the next turn of the digitized document; and usually circulating to a specific user having a score equal to or higher than a predetermined score, for the next turn of the digitized document, Circulating the digitized document if the score required to circulate the digitized document next is satisfied based on the score values of the plurality of users by circulating the digitized document. A method of transferring authority, characterized in that: 4. A system in which a plurality of users can execute various processes within the range of their respective process authorities, wherein a first user transfers an authority to a second user. Means for storing a score representing the authority, and when the first user transfers the authority to the second user, a predetermined operation is performed using the score of the first user and the score of the second user. Means for calculating the result of the calculation as a score representing the authority of the second user, and means for permitting each user to perform various processes within the range of authority according to the score possessed by each user. An authority transfer system characterized by the following. 5. An authority transfer system applied to a workflow system in which a plurality of users work while circulating an electronic document while circulating the electronic document, comprising: means for storing a score representing authority for each user; Means for setting a score necessary to turn the electronic document next, and when the specific user is absent for the next electronic document to be circulated to a specific user who normally has a score higher than a predetermined score. Means for circulating the digitized document if the score required to circulate the digitized document next is satisfied based on the score values of the plurality of users by circulating the digitized document. Authority transfer system characterized by the following.