JP2002366202A - Security system - Google Patents

Abstract

PROBLEM TO BE SOLVED: To enable an operator to perform functions of a plurality of processes whose operation rights are different with one operator ID. SOLUTION: This security system is provided with a storing means 20 storing a function/operation right definition file 21 that defines a plurality of functions, a plurality of rights and performance approval/rejection in each operation right of each function, and an operator list file 22 configured to make the operation rights defined by the definition file 21 settable in each operator ID, and an operation right deciding means 12 for reading all operation rights belonging to the operator ID of an operator by referring to the list file 22 when the operator tries to perform a selected function, subsequently retrieving functions performable with the read operation rights from the definition file 21 and deciding performance approval/rejection according to whether or not to include the selected function in the obtained functions.

Description

DETAILED DESCRIPTION OF THE INVENTION

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a security system for a monitoring device used in various plant facilities, and more particularly, to a security system for a monitoring device in which an operator performs an operation under a restriction according to the operation authority.

[0002]

2. Description of the Related Art Generally, a monitoring device of a plant facility (hereinafter, referred to as a plant) used for the production of petrochemical products and chemicals monitors the status of a process that changes every moment, and based on the monitoring result. It is configured to control plant equipment to keep the process state normal.
Therefore, if the operation of the monitoring device is incorrect, the plant may not be able to operate normally, or may be in a very dangerous state. In a monitoring device that monitors and controls the operation of a plant, the operation of the plant is performed in accordance with the operation of the operator, so the operation capability of the operator is important for achieving stable operation and safe operation of the plant. And an essential element. Therefore, in terms of security, in order to ensure the stability and safety of plant operation, there is a security system that limits the operations that can be performed by each operator to a range according to the role and skill of the operator. Required.

Conventionally, a security system for a monitoring apparatus has been known in which data that can be executed by an operator's operation are grouped by operation qualification and data in which the operation qualification is associated with an operator identification code (operator ID). Record it,
The safety of the plant is ensured by limiting the range in which the operator can operate from the operator ID input at the start of the operation of the monitoring device based on these data. An operator A who has the operation qualification to execute the function of shifting to the state monitoring screen and the function of changing the temperature set value, and the function of changing the temperature set value which has the operation qualification to execute the function of shifting to the state monitoring screen Will be described by way of example where there is an operator B who does not have the operation qualification to execute.

When the operator ID of the operator A is input, an operation for executing both the function of shifting to the state monitoring screen and the function of changing the temperature set value can be performed unconditionally. On the other hand, when the operator ID of the operator B has been input, the operation for executing the function for shifting to the status monitoring screen can be performed unconditionally. However, the operation for executing the function for changing the temperature set value is performed. Since the user is not qualified to perform the function of changing the temperature setting, the operation is prohibited by, for example, displaying an error message on a screen.

[0005] In such a security system, generally, an operation authority that permits execution of a specific function is defined for each group of the specific function.
An operator ID is set for the operator, and a predetermined operating authority is set for the operator ID. In the above example, first, the operation authority 1 that can execute the function of the operation of shifting to the state monitoring screen and the function of the operation of changing the temperature set value, and the function of executing the operation of shifting to the state monitoring screen can be executed. The operation authority 2 that cannot execute the change operation function is defined. Next, the operator A is given an operator ID = operator A, and an operator B
, An operator ID = operator B is set, and an operator ID is set to operator A, and an operator ID is set to operator B. I do.

In this case, when the operator B performs an operation, for example, when the system is started, the operator logs in by inputting the operator ID = operator B and a password. Authority 2 of person B
Judges that execution of the function for changing the temperature set value is not permitted, displays an error message on the screen, and prohibits the operation. As described above, the setting of the operation authority for the operator is performed by first grouping the functions that are permitted to be executed according to the operation level and skill of the operator and defining the operation authority for each group. This is done by deciding which operation authority is given to each operator, and setting the operation authority to each operator.

[0007]

However, a plant such as a petrochemical plant or a chemical plant has a plurality of steps, and each step may be independent of each other. In the security system for monitoring plant operation composed of a plurality of independent processes, the operating authority is defined for the functions grouped for each process, and the operating authority is set for the operator ID. As a result, when one operator manages a plurality of processes, a different operator ID is assigned to the operator for each process. On the other hand, if the operation rights in a plurality of processes can be further grouped and one operation right can be defined for the grouped operation rights, one operator ID
Is given.

However, since such a plant generally has a plurality of processes having a plurality of operation authority groups, if an attempt is made to set the operation authority over a plurality of processes by combining the operation authority groups for each process, The number of groups of the operation authority has become very large, and setting of such operation authority is practically impossible. Therefore, conventionally, an operator who manages a plurality of processes is assigned a plurality of operator IDs, and the operator has to change the operator ID for each process. For this reason, such an operator needs to remember the operator ID for each process, and also needs to input the operator ID every time the operation shifts to another process. There were inconveniences in operation, such as becoming.

According to the present invention, in a security system in which operation authority for executing a function is defined for each process, and execution or execution of each function in a plurality of processes is permitted or prohibited in accordance with the authority, an operator is required for each process. It is an object of the present invention to provide a security system that can execute the function of each process in accordance with a given operation authority without performing an unnecessary operation such as changing an operator ID.

[0010]

In order to solve the above-mentioned problems, in the security system of the present invention, a plurality of functions, a plurality of operation authorities, and whether or not the functions can be executed are defined for each of these operation authorities. A plurality of function / operation authority definition files and a plurality of operation authority previously assigned to the registered operator for each operator ID for identifying a registered operator among the operation authority defined in the function / operation authority definition file A storage unit storing an operator list file configured to be settable, and an operation authority determination unit, wherein the operation authority determination unit is configured to execute a function selected by the operator An operator ID assigned to the operator by accessing the storage means and referring to the operator list file
By searching the function / operation authority definition file for functions executable with the operation authority possessed by, and determining whether or not the selected function can be executed based on whether or not the selected function is included in the function obtained by the search. Attached. One configuration example of this security system is composed of a server device and a client device connected via a network, and storage means for storing a function / operation authority definition file and an operator list file are arranged in the server device. , An operation authority determination unit is arranged in the client device.

[0011]

Embodiments of the present invention will be described below in detail with reference to the drawings. FIG. 1 is a block diagram illustrating a configuration of a monitoring device including the security system according to the first embodiment. Referring to FIG. 1, a security system according to this embodiment includes a man-machine
An interface 5 (hereinafter referred to as MMI), control processing means 10 and storage means 20 are provided. In this security system, commands and data relating to an operation for executing a predetermined function are input to the control processing means 10 through the MMI 5, and the control processing means 10 transmits these instructions and data to the operator stored in the storage means 20. It is configured such that it is determined based on the operation authority data whether the operation is performed by an operator having a predetermined operation authority, and the function is executed according to the operation authority of the operator.

In FIG. 1, a monitoring device 1 provided with a security system according to this embodiment is connected via a network 8 to a controller 7 for controlling plant equipment 6. Further, this monitoring device 1 has an MMI
5, a keyboard 51, a mouse 52, a display device 53, and a touch screen 54.
In addition to displaying various information necessary for control and operation of the plant on the screen of No. 3 and displaying an alarm when an abnormality occurs in the plant, the operator can perform an appropriate operation for the abnormality through the MMI 5. It is configured to be able to do it.

Further, various control parameters and the like can be set and changed through the MMI 5 for plant control.
In this case, the MMI 5 of the monitoring device 1 also functions as the MMI 5 of the security system, and the security system provided in the monitoring device 1 authenticates the operator based on the operator ID and the password input by the operator, and thereafter newly authenticates the operator. Until a proper operator ID and password are input, it is determined whether or not the function of the monitoring device 1 can be executed according to the operation authority associated with the operator ID.

In this case, a keyboard 51 for inputting commands and data for operating the monitoring device 1 as the MMI 5,
A mouse 52 of a pointing device for inputting selected position information of a display image displayed on the display device 53 and a touch screen 54 attached to the display surface of the display device 53 for inputting position information of the display image can be used. Used alone or in combination.

The storage means 20 stores a function / operation authority definition file 21 and an operator list file 22. The function / operation authority definition file 21 is data representing a plurality of functions of the monitoring device 1 (hereinafter, referred to as function data).
And data representing a plurality of operation authorities for giving the operator the authority to execute these functions (hereinafter, referred to as operation authority data), and whether or not each function set for each of these operation authorities is executable. This is a data table composed of data (hereinafter, referred to as availability data).

FIG. 2 shows the configuration of the function / operation authority definition file according to this embodiment. In FIG. 2, the function data includes a function number and a function name. In this case, the function number is a number starting from 1 and corresponds to each function of the monitoring device 1 on a one-to-one basis. The function numbers need not be sequential numbers, and may start from a number that is well-divided for each function group within a predetermined range. The function name is text data representing the function content provided for each function number.

The operation authority data includes an operation authority number and an operation authority name. The operation authority number is a serial number starting from 1, and each operation authority of the security system and 1
It corresponds to one to one. The operation authority name is a name used for identifying the operation authority provided for each operation authority number. This operation authority name is required to be unique. The availability data consists of 1 or 0, 1 indicates execution, and 0 indicates non-execution. Here, each data of the function / operation authority definition file 21 is configured in a text format. The number of functions and the number of operation authorities are determined according to the type and scale of the plant.

The operator list file 22 includes two files stored in the function / operation authority definition file for each registered operator.
It is a data table in which the above operation rights are associated. FIG. 3 shows the configuration of the operator list file according to this embodiment.
Shown in In FIG. 3, the operator ID is a unique ID (identification code) set for each operator, and the operator information indicates information about the operator, such as the name and department of the operator corresponding to the operator ID. It is text data. The password is a password for performing authentication by inputting the password together with the operator ID when logging in to the security system. The operator No. is an arbitrary unique number corresponding to the combination of the operator ID and the password on a one-to-one basis, and can be used on the application software side as an alternative to the operator + password instruction.

The operation authority is operation authority data indicating the operation authority possessed by the operator, and the operation authority name recorded in the function / operation authority definition file 21 is set in association with each operator ID. . Here, a plurality of operation authority names can be set for each operator ID. Also,
Each data of the operator list file 22 is configured in a text format. Note that the operator ID = InitialUs
er is not a registered operator, but is set to give default operation authority when the monitoring device 1 is started. In this case, no password is set, and “0” is set for the operator No, and “initial operator” is set for the operator information and the operation authority.

The control processing means 10 includes a driving operation means 11,
The system includes an operation authority determining unit 12, a communication unit 13, a function / operation authority editing unit 14, and an operator registration / editing unit 15. Data input / output to / from the MMI 5, data read / write to the storage unit 20, and communication with the controller 7 It is configured to transmit and receive data via the network 8. The driving operation unit 11 specifies a function to be executed based on a command or data input to execute a predetermined function through the MMI 5, causes the operation authority determining unit 12 to determine whether or not to execute the function, and based on the determination result. And a function for notifying the execution or refusal of the function.

The operation authority judging means 12 includes the driving operation means 1
1 to access the operator list file 22 and the function / operation authority definition file 21 to determine whether the function to be determined can be executed with the current operator's operation authority,
It has a function of notifying the driving operation means 11 of the determination result.
The communication unit 13 transmits commands and data input from the driving operation unit 11 via the network 8 to the control controller 7.
And a function of receiving data transmitted by the controller 7 via the network 8, and
It has the function of outputting to

The function / operation authority editing means 14 accesses the function / operation authority definition file 21 and displays the data recorded in this file on the display device 53. It has a function of inputting data into this file or rewriting data based on data input through any of the touch screens 54. The operator registration / editing means 15 accesses the operator list file 22 and displays the data recorded in this file on the display device 53 and the function / operation authority definition file 21 and records the data in this file. A function for reading out the operation authority data stored in the operator list file 22 and updating the operation authority data in the operator list file 22, and registering, adding, and deleting the operator data in the operator list file 22 based on data input by the operator. With function.

Next, a specific hardware configuration of each means of the security system will be described with reference to FIG. FIG. 4 is a block diagram showing a hardware configuration of a monitoring device provided with the security system. This monitoring device is a computer 40, a central processing unit (CPU) 41, a main storage memory 42, an external storage device 4
3, input / output interface 44, communication interface 4
5 and a bus 46 for connecting them.

The external storage device 43 may be a readable / writable and non-volatile storage device, and may be a magnetic storage device such as a hard disk, a magneto-optical disk device, or a nonvolatile semiconductor memory such as a flash memory.
The input / output interface 44 is connected to a keyboard 51, a mouse 52, a display device 53, and an input / output device of a touch screen 54.
Connected to a network.

Here, the control processing means 10 includes a CPU 41
, A main memory 42, an input / output interface 44, and a communication interface 45, and the storage unit 20 includes an external storage device 43. In such a configuration, the driving operation unit 11, the operation authority determination unit 12, the function /
The operation authority editing unit 14 and the operator registration editing unit 15
A program for realizing the functions of these means stored in the external storage device 43 is written in the main storage memory 42,
This is realized by being executed by U41. In addition, the communication unit 13 stores a program for realizing the function of the unit stored in the external storage device 43 in the main storage memory 42.
Is executed by the CPU 41 and is realized by controlling the communication interface 45. The storage unit 20 is realized by the external storage device 13.

Next, the operation of the security system will be described with reference to FIG. FIG. 5 is a flowchart showing the operation of this security system. First, an operator inputs an operator ID and a password to enable operation of the monitoring device. At this time, the input operator ID is held by the driving operation means 11. In this state, when the operator operates the MMI 5 and selects a function to be executed, the driving operation means 11 specifies a function to be executed based on a command or data input through the MMI 5 and holds the function as an operation authority determination command. The user ID and the function number of the function to be executed are output to the operation authority determining means 12 (step S01).

The operation authority judging means 12 retrieves the operation authority name from the operator list file 22 using the operator ID as a key based on the operation authority judgment command (step S02). And retrieves the function number from the function / operation authority definition file 21 (step S
03). In this case, as the search result, a function number in which the availability data is set to 1 for the operation authority name used as the search key is obtained. Subsequently, it is checked whether the function number of the function to be executed exists in the function numbers obtained by the search (step S04).

If there is a function number of the function to be executed, an operation permission is output to the driving operation means 11 (step S05). When the operation permission is input, the driving operation means 11 executes the function of the permitted function number (step S0).
6). On the other hand, if the function number of the function to be executed does not exist, operation prohibition is output to the driving operation means 11 (step S07). When the operation prohibition is input, the driving operation unit 11 outputs display data indicating that the user does not have the operation authority of the selected function to the display device 53 and notifies the operator (step S0).
8), end the process.

Next, an example of a procedure for registering or editing the function / operation authority definition file 21 will be described with reference to FIG. FIG. 6 is a flowchart showing an example of a procedure for registering or editing the function / operation authority definition file 21. First,
When the function / operation authority editing unit 14 is activated, the function / operation authority editing unit 14
Is read and displayed on the display device 53 (step S11). In this case, the display device 53 displays a function number, a function name, an operation authority name, and 1 or 0 availability data indicating the presence or absence of the operation authority as shown in FIG.

When the information of the function / operation authority definition file 21 is displayed on the display device 53, the function number is input or changed (step S12). Here, the function number is input when adding a function, and the function number of a desired function may be newly input in the function number field. The function number is changed when changing to another function.
What is necessary is just to rewrite the function number of the function to be changed to the function number of the desired function. After step S12, the function name is input or changed (step S13). The input of the function name is performed when the function is added in step S12, and the change of the function name is performed when the function is changed in step S12.

After step S13, the operation authority name is input or changed (step S14). Here, the operation authority name is input when adding an operation authority.
What is necessary is just to newly input the desired operation authority name in the operation authority name column. The operation authority name must be a unique name that does not have the same name. Also, when the operation authority name is changed, the changed operation authority name needs to be a unique name.

After step S14, input or change of the presence or absence of operation authority is performed (step S15). Here, the input of the presence or absence of the operation authority is performed when the function is added in step S12, when the operation authority is added in step S14, and when the operation authority is added to the desired function. What is necessary is just to input 1 in the corresponding input field of the desired operation authority. In addition, when the presence or absence of the operation authority is changed, the desired operation authority availability entry field corresponding to the desired function may be rewritten to 1 or 0. Here, the value may be set to 1 when the operation authority is given, and set to 0 when the operation authority is deprived.

After step S15, the displayed information is stored in the function / operation authority definition file 21 (step S1).
6). In this case, the data displayed on the screen is written in the function / operation authority definition file 21 when the operator performs the registration operation. As a result, the function / operation authority definition file 21 is rewritten, and thereafter, the determination based on the new operation authority is performed. Here, it has been described that the input or change is performed in the order of the function number, the function name, the operation authority name, and the presence or absence of the operation authority. However, in the case of the change, it is needless to say that only the necessary portions need to be changed. Needless to say, rewriting of the function / operation authority definition file 21 is limited to a person having a predetermined qualification such as a system administrator.

Next, an example of a procedure for registering or editing the operator list file 22 will be described with reference to FIG. FIG.
9 is a flowchart showing an example of a procedure for registering or editing the operator list file 22. First, when the operator registration / editing unit 15 is started, the operator registration / editing unit 15 can input and display the operator ID, the operator information, the password, the operator No, and the operation authority on the screen of the display device 53. An input screen is displayed (step S21). Here, the operation authority is configured such that an operation authority name registered in the operator list file 22 and an operation authority name registered in the function / operation authority definition file 21 can be displayed and selected, respectively. The operation authority name registered in the operator list file 22 can be deleted by selection, and the operation authority name registered in the function / operation authority definition file 21 can be registered in the operator list file 22 by selection. is there.

After displaying the input screen, the operator registration / editing means 15 reads out all the operation authority names from the function / operation authority definition file 21 and displays them on the selectable operation authority display section on the screen of the display device 53. (Step S22).
When the operator inputs an operator ID from this state (step S23), the operator registration / editing unit 15 searches the operator list file 22 and checks whether the input operator ID is registered (step S23). Step S24). Operator ID
Has been registered, the setting data (operator ID, operator information, password,
Operator No. and operation authority name) to the operator list file 2
2 is displayed on the screen of the display device 53 (step S25). If the operator ID has not been registered, the process proceeds to step S26.

After step S25, input or change of operator information is performed (step S26). Here, the operator information is input when an operator is added, and new operator information such as the name of the operator to be added and the department to which the operator is added may be input. When changing operator information,
What is necessary is just to rewrite the displayed operator information. After step S26, input or change of the password is performed (step S27). Here, input of a password is performed when an operator is added, and a new desired password may be input. When the password is to be changed, the password may be rewritten with the password to be changed. After step S27, input or change of the operator No is performed (step S28). Here, the operator No is input when an operator is added, and an unregistered number following the registered number may be newly input. To change the operator number, the displayed operator number may be rewritten to another number. In this case, it is needless to say that the operator numbers are not duplicated.

After step S28, the operation authority name is input or changed (step S29). Here, the operation authority name is input when an operator is added and when an operation authority is added or changed. The input of the operation authority name is to select a desired operation authority name from the operation authority names registered in the function / operation authority definition file 21 displayed on the selectable operation authority display section on the screen of the display device 53. Performed by Thereby, the operator list file 2
In the area to display and select the operation authority name registered in 2,
The selected operation authority name is displayed. When deleting or changing the operation authority, the operator list file 22
The operation authority name to be deleted or changed is selected from the operation authority names displayed in the area for displaying / selecting the operation authority names registered in, and the deletion operation is performed.

After step S29, the input or changed information is stored in the operator list file 22 (step S3).
0). In this case, the data displayed on the screen by the operator performing the registration operation is changed to the operator list file 22.
Is written to. Thereby, the operator list file 22
Is rewritten, and thereafter, determination based on the new operation authority is performed. Here, it has been described that the input or change is performed in the order of the operator ID, the operator information, the password, the operator No, and the operation authority name. However, in the case of the change, it is needless to say that only necessary portions need to be changed. Needless to say, rewriting of the operator list file 22 is limited to persons having a predetermined qualification such as a system administrator.

According to this embodiment, an operator list file 22 in which two or more operation rights can be set for one operator, and data indicating whether each function can be executed are set for each operation right. A function / operation authority definition file 21 is searched, and the function / operation authority definition file 21 is searched based on all operation authorities of the operating operator obtained by searching the operator list file 22 when executing the function. Then, since it is determined whether or not the function can be executed, the operator can operate a process having a different operation authority without having a plurality of operator IDs corresponding to the operation authority. Therefore, since the operator does not need to input the operator ID for each process,
It is not necessary to remember the operator ID for each process, and the emergency response can be quickened.

In this embodiment, since the function / operation authority definition file 21 and the operator list file 22 are composed of text format information, the function / operation authority editing means 14 and the operator registration / editing means 15 Since you can use software such as a commercially available text editor,
Modification of the file information is facilitated, and the effect of simplifying the handling is also obtained. Also, commercially available spreadsheet software can be used in place of the text editor. In this case, a CSV format or a text format may be used for reading and saving the file.

Next, a second embodiment will be described. FIG. 8 is a block diagram illustrating a configuration of a monitoring device including the security system according to the second embodiment.
In the figure, the same parts as those in FIG. 1 are denoted by the same reference numerals. This embodiment is different from the first embodiment in that
The monitoring device 1 is connected to the network 9 to which the server device 2 is connected.
To the client device, and a function / operation authority definition file 21, an operator list file 22, a function / operation authority editing unit 14, and an operator registration / editing unit 15 constituting a security system are transmitted from the monitoring device 1 to the server device 2. It has been moved.

In this case, the monitoring device 1 and the server device 2 communicate with the communication means 16 for connecting to the network 9 respectively.
26, the operation authority determination means 12 of the monitoring device 1
Is configured to be able to access the function / operation authority definition file 21 and the operator list file 22 of the server device 2. As described in the first embodiment, each means of the security system can be realized by using the computer 40 as shown in FIG.

The operation of this security system is as follows. The operation authority judging means 12 makes the function / operation authority definition file 21 and the operator list file 2
The second embodiment is the same as the first embodiment except that the second access is performed, and thus the description is omitted. Although FIG. 8 shows a configuration in which one monitoring device 1 is provided, a plurality of monitoring devices 1 having the same configuration are arranged, each of which is a server device 2 and a controller 3.
May be connected. Also, the server device 2
Although the network 9 connected to the control device 3 is configured separately from the network 8 connected to the control controller 3, the monitoring device 1, the server device 2, and the control controller 3 may be connected by one network.

According to this embodiment, the function / operation authority definition file 21, the operator list file 22, the function / operation authority editing means 14 and the operator registration / editing means 15 are arranged in the server device 2, so that the first In addition to the effects obtained in the first embodiment, an effect is obtained that management of operation authority in a plant using a plurality of monitoring devices 1 is facilitated. In addition, since the management of the operation authority is performed by the server device 2, the operation status of the plant displayed on the screen of the monitoring device 1 does not become invisible when registering and changing the operation authority and the operator.

[0045]

As described above, in the security system according to the present invention, the operation authority for executing the function is defined for each process, and the security system is used for a monitoring device which executes each function in a plurality of processes according to the authority. Even in such a case, the function of each process can be executed according to the given operation authority without performing an unnecessary operation such as changing the operator ID for each process. Also, in the operator list file, a plurality of operation authorities can be set for the operator ID, so that even if there is a change in the operation authority permitted for one operator, it can be easily modified / changed. It is possible.

Further, storage means for storing a file in which operation authority, operator ID and the like are defined is provided in the server device, and operation authority determination means is provided in the client device.
Since these devices are connected via the network, an effect is obtained that the management of the operating authority in the plant using a plurality of monitoring devices becomes easy.

[Brief description of the drawings]

FIG. 1 is a block diagram illustrating a configuration of a monitoring device including a security system according to a first embodiment.

FIG. 2 is a diagram showing a configuration of a function / operation authority definition file of FIG. 1;

FIG. 3 is a diagram showing a configuration of an operator list file of FIG. 1;

FIG. 4 is a block diagram illustrating a hardware configuration of a monitoring device including the security system according to the first embodiment.

FIG. 5 is a flowchart showing an operation of the security system according to the first embodiment.

FIG. 6 is a flowchart illustrating an example of a procedure for registering or editing a function / operation authority definition file.

FIG. 7 is a flowchart illustrating an example of a procedure for registering or editing an operator list file.

FIG. 8 is a block diagram illustrating a configuration of a security system according to a second embodiment.

[Explanation of symbols]

DESCRIPTION OF SYMBOLS 1 ... Monitoring apparatus, 2 ... Server apparatus, 5 ... Man-machine interface (MMI), 6 ... Plant equipment, 7 ... Control controller, 8, 9 ... Network, 10 ... Control processing means, 11 ... Operation operation means, 12 … Operation authority determination means,
13, 16, 26 ... communication means, 14 ... function / operation authority editing means, 15 ... operator registration and editing means, 20 ... storage means,
Reference numeral 21: function / operation authority definition file, 22: operator list file, 40: computer, 41: central processing unit (CPU), 42: main storage memory, 43: external storage device, 44: input / output interface, 45 ... Communication interface, 46 bus, 51 keyboard, 52 mouse, 53 display device, 54 touch screen.

Continued on the front page F term (reference) 5B085 AE06 BG07 5H209 AA01 BB01 DD08 FF06 GG08 HH30

Claims (2)

[Claims] 1. A security system for determining whether or not to execute a function selected by an operator based on an operation authority of the operator, the security system comprising: a plurality of functions; a plurality of operation authorities; A registered function / operation authority definition file for which execution is defined and an operator ID for each operator ID that identifies a registered operator among the operation authorities defined in the function / operation authority definition file Storage means for storing an operator list file configured to be able to set a plurality of operation rights previously given to the user, and operation right determination means, wherein the operation right determination means is selected by the operator. When the user tries to execute a function, the user accesses the storage unit, refers to the operator list file, and has the operation authority of the operator ID assigned to the operator. A security system that searches for executable functions from the function / operation authority definition file and determines whether the selected function is executable based on whether the selected function is included in the function obtained by the search. . 2. The storage device, comprising a server device and a client device connected via a network, wherein the function / operation authority definition file and the operator list file are stored in the server device. 2. The security system according to claim 1, wherein said operation authority judging means is arranged in said client device.