JP2008084182A - Content management system, content management method and program - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide a content management system through a network. <P>SOLUTION: A server means 330 includes database means 350 and 352 for storing contents and user information, and performs transactions with a terminal means 300 through a transmitting plug-in 306 and a receiving plug-in of the terminal means 300 to execute content management processing. The server means 330 determines and selectively executes requested content management processing based on event information contained in a received message, and transmits display data including the processing result to the terminal means 300. A content desired to be non-disclosed is stored in a non-disclosure content management database defined by an encrypted name obtained by encrypting a management name stored in the database means 350. <P>COPYRIGHT: (C)2008,JPO&INPIT

Description

  The present invention relates to a content management system, and more specifically, content management for controlling content management processing for producing and providing content including text, still images, moving images, audio, and programs via an information communication network. The present invention relates to a system, a content management method, and a program for executing content management processing.

  In recent years, with the development of information and communication network technology and the development of high-speed and large-capacity network infrastructure, collaborative online work via the network has become possible. It became possible to provide widely.

  In the publishing industry, publishing operations are facilitated and streamlined by performing online work at each stage from content planning to writing, editing / proofreading, and printing, or over a plurality of stages. Further, a method for receiving a content provision request via a network and distributing the content as electronic data via the network, or a system for outputting the content to a printed matter or various media and providing it to a user has been proposed.

  Work efficiency and convenience can be improved by successfully using the information processing apparatus and the communication network. On the other hand, in recent years, information security issues such as unauthorized acquisition of electronic information distributed through networks, unauthorized access to electronic information held on servers and terminals, unauthorized copying and unauthorized leakage have become social problems, Careful consideration must be given to the handling of electronic information.

  Against this background, a server that stores copyrighted data such as content manages its access rights, maintains the convenience of authorized users, and has no access rights. It is required to be designed and operated so as to prohibit unauthorized access. Further, it is preferable that sufficient information security management is performed not only at the copyright protection of the content distributed to the user but also at the content production stage. Various techniques have been proposed so far from the viewpoint of content production and provision described above.

  For example, in Japanese Patent Application Laid-Open No. 2004-126999 (Patent Document 1), by accessing a server that manages and stores documents via a network, a plurality of workers can edit and proofread publications from an editing terminal. A publishing work support system is disclosed. In the system disclosed in Patent Document 1, an edited manuscript is downloaded from a document management storage server to an editing terminal during editing / proofreading. The downloaded edited manuscript is edited and proofed on the editing terminal based on the proof manuscript sent from the author, and stored again in the document management storage server.

  Japanese Patent Laid-Open No. 2006-31120 (Patent Document 2) discloses a system that performs publishing work from planning a publication to writing, editing, and printing via a network. In the system disclosed in Patent Document 2, a manuscript created by an author is transmitted and registered to a server via a network, and only a user who is authenticated by a user ID and a password is permitted to access the server.

On the other hand, a method of selling a publication online and providing the publication as an electronic publication and a printed publication is also disclosed. For example, JP 2006-113775 A (Patent Document 3) discloses a content management method and a sales method for providing content created by a plurality of authors as a book. In Japanese Patent Laid-Open No. 2006-106915 (Patent Document 4), the purchase requester is permitted to read the contents of the contents only for a limited time, and the plurality of contents selected by the purchaser are collectively edited and edited. A system that provides the user with the contents as a printed book or electronic book is disclosed.
JP 2004-126999 A JP 2006-31120 A JP 2006-113775 A JP 2006-106915 A

  However, the content management methods disclosed in the above-mentioned prior art documents disclose the content management method in each of the content production stage and the content publication stage. It was not intended to provide an online work environment that could be managed consistently while limiting In addition, regarding the copyright protection of the content in the content production stage, it did not disclose anything about sufficiently dealing with unauthorized acts such as unauthorized access and unauthorized copying. There is also a problem that data is left unprotected on the client terminal of the author or editor through the exchange between the author and the editor.

  In general, electronic data such as content can be managed using a database system and a database server. When managing electronic data using a database server, the right of access to the server is controlled by using it together with appropriate user authentication. Furthermore, user authentication protects the database at the field level by managing restrictions and grants of access rights to the database and views according to the user. However, with the conventional technology only for user authentication, there is a problem that even if a user ID or password is leaked, even a third party can access.

  The present invention has been made in view of the above-mentioned problems, and sets and manages the source of access rights to content so as to protect the copyright to the maximum extent consistently from content production to publication, and via a network. It is an object of the present invention to provide a content management system, a content management method, and a program that realize an online work environment.

  It is another object of the present invention to provide a content management system, a content management method, and a program for realizing a content storage location in which only a specific user has access rights.

  In the present invention, in order to achieve the above-mentioned object, at the time of content production, the work of content writing, editing and proofreading is performed by remotely accessing the database server and updating the contents of the content management database online. The data is not left unprotected on the client terminal side, and a higher copyright protection function is provided. Furthermore, access from the client terminal of the author or editor to the database server is performed via the network by mutual authentication and encrypted communication between the client terminal and the server.

  Further, according to the present invention, the content to be published is stored in the public content management database, and the user can access the public content management database and browse it online on the client terminal.

  The display of content in the client terminal is received by a predetermined client program on the client terminal by receiving display data dynamically generated based on the data in the content management database by the server program on the server, Presented by browser application. Furthermore, a graphical user interface (GUI) for requesting the server to process the content is presented by the browser application based on instructions included in the display data generated by the server program.

  On the other hand, the processing request for the content from the client terminal to the server is based on the event information generated by the client program added to the browser application based on the event information detected by the browser application running on the client terminal. The control command is transmitted to the server side, and the server program determines the processing to be executed based on the event information included in the control command sent on the server side, the processing is executed, and the content management Reflected in the database.

That is, according to the present invention, a content management system for managing and providing content via a network, wherein the content management system includes:
Server means connected to the network and including database means for storing the content;
A reception plug-in connected to the network and receiving display data generated by the server and the server means and including a display command of an area associated with the content management process, and displayed on the browser; and Terminal means including: a transmission plug-in that identifies an input event for the region, generates a request for server means, and transmits a message including the input event and the request to the server means;
The server means receives the message transmitted by the terminal means, identifies the input event detected by the browser and the area where the input has been performed from the message, and stores the input event and the area in the input event. The corresponding commanded content management process is selected and executed, the content stored in the database means is updated, the display data including a result response of the content management process is generated, and the generated display data is Transmitting to the terminal means;
A content management system is provided.

  The input event is an input operation on a keyboard provided in the terminal means, the message includes input key information for identifying an input key, and the server means performs the input key as the content management process. A character string can be identified from the information, and the character string input process can be executed on the content stored in the database means.

The database means includes a private content management database that stores the content for private purposes,
The server means further includes management name storage means for storing a management name including at least one of a database management name of the private content management database and a table management name of a table defined in the private content management database. ,
The private content management database is managed with an encrypted name obtained by the management name corresponding to the private content management database and a name encryption key for encrypting the management name,
The server means can execute the content management process by accessing the private content management database using the encrypted name.

The server means includes user data including a user identification value, first certification information associated with the user identification value, and a correspondence relationship between the user identification value and the management name of the private content management database. Including user data storage means for storing,
The terminal means includes authentication information storage means for storing second certification information and the name encryption key corresponding to the private content management database,
The server means compares the second certification information received from the terminal means with the first certification information included in the user data and corresponding to the user identification value received from the terminal means, and An authentication means for executing the process;
Approval means for approving the execution of the content management process according to the user identification value.

According to the present invention, the content management system further comprises second terminal means connected to the network,
The database means further includes an edited content management database for storing the content being edited,
The management name storage means stores the management name corresponding to the edited content management database,
The server means includes name encryption key issuing means for issuing a second name encryption key for encrypting the management name of the edited content management database;
The edited content management database is managed with a second encrypted name obtained by the corresponding management name and the second name encryption key,
The server means, as the content management process, uses the encrypted name corresponding to the private content management database and the encrypted name corresponding to the edited content management database in the private content management database. Copying the stored content to the edited content management database;
A content management system is provided that transmits the second name encryption key to the terminal means and the second terminal means.

The database means stores a public content management database storing the content to be published, the content, a user identification value corresponding to the author of the content, and a charging condition for browsing the content in association with each other. ,
The server means extracts content display content from the public content management database in response to a browsing instruction request transmitted from the terminal means, generates the display data including the content display content, and generates the display data To the terminal means,
It is possible to calculate a charging fee from the user identification value corresponding to the author of the content included in the display data and the charging condition, and execute a charging process.

Further, the database means further stores a plurality of the contents as a content set in association with the order or arrangement,
In response to a browsing instruction request transmitted from the terminal unit, the server unit extracts content display content corresponding to the content included in the content set from the public content management database, and displays the content display content. The display data including can be generated.

Further, according to the present invention, the server means including the database means for managing and providing the content via the network and connected to the network and storing the content, the browser connected to the network, and the content management processing A server that receives display data for generating display data including a presentation command for a region to be associated from the server means, displays the received plug-in on the browser, and an input event for the region of the browser; A content management method in a content management system, comprising: a terminal means including a transmission plug-in that generates a request for a means and transmits a message including the input event and the request to the server means; The content management method is
Receiving the message transmitted by the terminal means;
Identifying the input event detected by the browser and the area where the input has been performed from the message;
Selecting and executing a commanded content management process corresponding to the input event and the region, and updating the content stored in the database means;
There is also provided a content management method for causing the server means to execute the step of generating the display data including the updated content and transmitting the generated display data to the terminal means.

The input event is an input operation on a keyboard provided in the terminal means, and the message includes input key information for identifying an input key,
In the updating step, a character string can be identified from the input key information, and the character string input process can be executed on the content stored in the database means.

Further, the updating step further includes:
Determining whether it is a request to create a private content management database;
Creating a new private content management database as the content management process when it is determined that it is a request to create the private content management database,
The step of creating the new private content management database includes:
Generating a management name including at least one of a database management name of the private content management database and a table management name of a table defined in the private content management database, and storing the management name in the database means; ,
Generating a name encryption key for encrypting the management name of the private content management database;
Generating an encrypted name of the private content management database using the management name and the name encryption key;
Defining and creating the private content management database using the management name;
Transmitting the name encryption key to the terminal means.

The content management method further includes the step of receiving the message including a name encryption key transmitted from the terminal means;
Generating the encrypted name using the management name stored by the database means and the name encryption key included in the message;
The updating step includes:
Accessing the private content management database using the encrypted name and executing the content management processing may be included.

The server means stores user data including a user identification value and first certification information associated with the user identification value, and the content management method further includes:
The second proof information received from the terminal means is compared with the first proof information stored in the user data corresponding to the user identification value received from the terminal means, and an authentication process is executed. Steps,
An approval step of approving the execution of the content management process according to the user identification value.

Furthermore, according to the present invention, there is provided a computer executable program for causing a content management method for managing and providing content via a network to be executed by an information processing apparatus,
The program is
Database means for storing the content;
Functional means for receiving a message transmitted by a terminal means via a transmission plug-in;
From the message, the function means for specifying the input event detected by the browser of the terminal means and the area where the input was performed;
Functional means for selectively executing the commanded content management process corresponding to the input event and the region to update the content stored in the database means;
There is also provided a program for realizing, in the information processing apparatus, functional means for generating display data including the updated content and transmitting the generated display data to a reception plug-in of the terminal means.

The input event is an input operation on a keyboard provided in the terminal means, and the message includes input key information for identifying an input key,
The updating function means can identify a character string from the input key information, and execute the character string input process on the content stored in the database means.

The updating function means further includes:
Functional means for determining whether or not the request is for creating a private content management database;
A function unit that creates a new private content management database as the content management process when it is determined that the request is a creation request for the private content management database, and a function unit that creates the new private content management database Is
Functional means for generating a management name including at least one of a database management name of the private content management database and a table management name of a table defined in the private content management database, and storing the management name in the database means When,
Functional means for generating a name encryption key for encrypting the management name of the private content management database;
Functional means for generating an encrypted name of the private content management database using the management name and the name encryption key;
Functional means for defining and creating the private content management database using the management name;
Functional means for transmitting the name encryption key to the terminal means.

The function means for receiving comprises:
Receiving the message including the name encryption key transmitted from the terminal means;
The program is
Using the management name stored in the database means, and the function means for generating the encrypted name using the name encryption key included in the message,
The functional means for updating is
The encrypted name can be used to access the private content management database and execute the content management process.

The program further includes:
Functional means for storing user data that includes user identification values and user data including first certification information associated with the user identification values;
A function of performing authentication processing by comparing the second certification information received from the terminal means and the first certification information corresponding to the user identification value received from the terminal means, included in the user data Means,
Functional means for approving the execution of the content management process in accordance with the user identification value.

  The present invention will be described below with reference to embodiments shown in the drawings, but the present invention is not limited to the embodiments shown in the drawings.

<Section A: Implementation of Content Management System>
FIG. 1 is a schematic diagram of a content management system 100 in a specific embodiment of the present invention. The content management system 100 according to this embodiment includes a network 130, client terminals 112 to 116 connected to the network 130, and a Web application server 102. The Web application server 102 receives requests from the client terminals 112 to 116, performs front processing and authentication processing, and generates display data to be displayed on the client terminals 112 to 116. The content management system 100 also includes a database server 104. The web application server 102 issues a content request to the database server 104, and the database server 104 sends the content in response to the request to the web application. Provide to the server 102.

  Furthermore, the content management system 100 according to the present embodiment includes a firewall 108 and an internal network 132 connected to the network 130 via the firewall 108, and between the Web application server 102 and the database server 104. Mutual transactions are possible. The internal network 132 may include a management terminal 110 connected to the internal network 132. The internal network 132 further includes payment of rewards to content authors and editors and billing to users. In order to perform the processing, it may be connected to an external settlement system through a dedicated line connection or the like.

  In addition to the Internet, the network 130 can include a wide area network (WAN) and a local area network (LAN). The client terminals 112 to 116 are connected to the LAN, for example, and are connected to the Web application server 102 through the Internet. I have access. In the present invention, network 130 may include a wireless communication network. In addition, the internal network 132 may include a LAN, a WAN, a complex network including a LAN and a WAN, and a LAN and a WAN connected by a virtual private line network (VPN) via the Internet. In the embodiment shown in FIG. 1, the Web application server 102, the database server 104, and the management terminal 110 are connected via, for example, a LAN to form an internal segment 134.

  In the specific embodiment of the present invention, communication between the client terminals 112 to 116 and the Web application server 102 is performed by a communication protocol using an electronic certificate or a public key cryptosystem such as SSL or TLS. A server electronic certificate issued from a certification authority to a third party and a client electronic certificate issued by the third party authority or the Web application server 102 are used for connection by server authentication or mutual authentication.

  In the present invention, communication within the internal segment 134, such as communication between the Web application server 102 and the database server 104, is also shared key method, block encryption method, stream encryption method, RSA encryption method, discrete logarithm type. An encryption communication protocol using an encryption method, an elliptic curve encryption method, or the like can be used.

  The firewall 108 can control communication between networks, and can be placed at the boundary between the public network and the internal segment 134 including the database server 104 and the like for security purposes. The content management system 100 can also be configured without being included.

  In the embodiment shown in FIG. 1 of the present invention, the management terminal 110 is a terminal for an administrator of the content management system 100, and an administrator user performs system operation, management, and maintenance via the management terminal 110. be able to. The client terminal 112 is a terminal for the content author, and the content author user accesses the Web application server 102 using the client terminal 112 and the content of the database server 104 via the Web application server 102. You can create and update and write. In addition, the content author user can make a content editing request to the editor using the client terminal 112. The client terminal 114 is a terminal for an editor, and the editor user can edit and proofread content written by the content author via the Web application server 102 using the client terminal 114. it can. The editor user can also use the client terminal 114 to make a content copyright request to the content author.

  The client terminal 116 is a terminal for content users. The content user uses the client terminal 116 to access the Web application server 102 and transmit a content display request to the Web application server 102. Then, the content display data can be received and the content can be presented to the content user. In FIG. 1, for convenience, the management terminal 110 and the client terminals 112 to 116 are referred to by functions such as for a system administrator, for a content author, for an editor, and for a content user. Instead, a plurality of functions may be performed by a single client terminal, or a plurality of client terminals having one function may be used.

  The client electronic certificate held by the management terminal 110 and the client terminals 112 to 116 and used for client authentication may be stored in a storage area of a nonvolatile internal storage device (not shown) provided in the client terminal. It may be stored in an external storage device such as a flash memory or a smart card or an external medium.

  In a specific embodiment of the present invention, the Web application server 102 includes a storage device (not shown) such as a hard disk, which stores a user ID, login password, user's user ID that uniquely identifies the user. User data 120 including authentication information stored in a terminal to be used and access right source data in which an access right source associated with a user is registered is stored. The user data 120 is preferably constructed by database software such as DB2, ORACLE, InstantDatabase, PostGreSQL, MySql, but may be a text-based file. The Web application server 102 identifies users and terminals accessed from the management terminal 110 and the client terminals 112 to 116, and enables appropriate access control to the database server 104 and a content database 122 described later. In the present invention, the access right source is based on the role (role) of the user such as the content author, editor, user, service provider, etc., the registered user ID, and the management level of the content. Although it can set, it is not limited to these.

Furthermore, the storage device of the Web application server 102 includes content information including keywords, classification numbers, indexes, and the like for managing and searching content in the content database 122 stored in the database server 104 described later, and HTML. A page data 124 including a document, an XML document, a CGI file, a JSP file, a Java (registered trademark) Applet file, and a plug-in installation program for accessing contents managed by the system; Yes. Further, the user data 120 and the page data 124 may be distributed, multiplexed, held and managed in a plurality of storage devices or a plurality of servers, and may be managed by another server that specially manages a storage area such as a file server. It may be retained and managed. The Web application server 102 includes Web server software such as IIS and Apache, CGI (Common Gateway Interface), SSI (Server Side Include), Java (registered trademark) Servlet, JSP (Java (registered trademark)).
Execution environments such as Server Pages (APS), Active Server Pages (APS), and Hypertext Preprocessor (PHP) are installed, and data to be displayed on the terminal can be provided as necessary.

  The Web application server 102 holds a server electronic certificate issued by a third party certification authority or the like. The server electronic certificate is held in the storage area 126, and the storage area 126 may be in a secure external storage device such as a hardware security module (HSM), a hard disk, or another external storage device. Further, encrypted communication between the Web application server 102 and the management terminal 110 or the client terminals 112 to 116 may be implemented using a server program, and is performed using hardware such as an SSL accelerator, The load can also be reduced.

  The web application server 102 further generates a public / private key pair, creates an electronic certificate having an appropriate expiration date, and receives authentication information including the public / private key pair and the electronic certificate. It is issued and sent to the management terminal 110 and the client terminals 112-116.

  In the present embodiment, the database server 104 includes a storage device such as a hard disk, and is constructed by a database software such as DB2, ORACLE, InstantDatabase, PostGreSQL, or MySql that accumulates contents provided to users. A database 122 is provided to search for content in response to a request from the Web application server 102 and provide the content to the Web application server 102.

  The contents in the present invention include novels, screenplays, poetry collections, newspapers, magazines, comics, photo collections, art collections, illustrations, mathematics, physics, biology, medicine, economics, sociology, computer software, hardware, etc. And other technical books, other general books, textbooks and problem collections for specific purposes, various media information such as video works such as music, games, movies, etc. It is stored in the content database 122 together with management information such as a management level such as a disclosure stage. Note that the database that can be used in the present invention can process a query statement such as SQL having a three-tier schema structure of an internal schema, a concept schema, and an external schema, or a two-tier schema structure of a schema and a sub schema. Any database that can be used can be used. The content database 122 may be distributed and multiplexed and managed in a plurality of storage devices or a plurality of database servers.

  In FIG. 1, the Web application server 102 and the database server 104 are referred to as individual servers in units of functions such as a Web application function and a database function, but the number of servers constituting the system is particularly limited. There is no. For example, it may be a single server having a plurality of functions such as a Web application function and a database function, or these functions are separated into more detailed functional units and implemented as individual servers for each functional unit. Also good. The user data 120, the content database 122, and the page data 124 may be stored in a storage area in each server as shown in FIG. 1, or may be stored in a storage area in a separately provided file server. In the present invention, a system configuration having high failure durability and high-speed accessibility is achieved by allocating a plurality of servers to each functional unit using a load balancer or the like, and distributing and multiplexing the system. You can also.

  In the present invention, the management terminal 110 and the client terminals 112 to 116 are Core (registered trademark), Pentium (registered trademark), Celeron (registered trademark), PowerPC (registered trademark), Athlon (registered trademark), and Turion (registered trademark). , Sempron (registered trademark), Duron (registered trademark) and other microprocessor units (MPU), and suitable operating systems (OS) such as Windows (registered trademark) 2000, Windows (registered trademark) XP, MacOS ( For example, a personal computer operating under the trademark), a workstation, or a PDA operating on a suitable operating system, a mobile phone, or the like. However, it is preferable that the OS and application program to be used support browser software such as Mozilla (trademark), InternetExplorer (trademark), Netscape Communicator (trademark), and Opera (trademark).

  The Web application server 102 and the database server 104 are respectively Itanium (registered trademark), Xeon (registered trademark), Pentium (registered trademark), PowerPC (registered trademark), Athlon (registered trademark), and Opteron (registered trademark). ), Sparc (registered trademark), PA-RISC (abbreviated), etc. MPU, Windows (registered trademark) 2000, Windows (registered trademark) XP, Windows (registered trademark) 200X server, UNIX (registered trademark), LINUX ( It can consist of a personal computer or workstation, blade server or mainframe operating under a suitable OS such as registered trademark, AIX®, MacOS ™, Solaris®.

FIG. 2 is a diagram illustrating a schematic configuration of the database server 104 in a specific embodiment of the present invention. In a specific embodiment, the database server 104 is configured as a Windows (registered trademark) server, and includes a microprocessor unit (MPU) 200 and a BIOS (Basic Input).
Output memory) and a memory 204 such as a RAM that provides a working storage space that enables program processing by the MPU 200. The MPU 200 at the time of start-up includes the nonvolatile memory 202. The BIOS is read out to perform system diagnosis, and the input / output device 214 is managed.

The MPU 200 is connected to the storage control interface 206 via the internal bus 210, and the storage device 208 formed of a hard disk or the like executes data writing or reading in response to an input / output request from the MPU 200. . In the present invention, the file of the content database 122 can be stored in the storage device 208. As the storage control interface, an interface for managing input / output of the storage device according to standards such as IDE (Integrated Device Electronics), ATA (AT Attachment), Serial ATA, and UltraATA can be used. Further, the MPU 200 is connected to the PCI bus interface, USB (Universal) via the internal bus 210.
(Serial Bus), IEEE1284 or other serial or parallel interface, and can have an external storage device (not shown) formed from a flash memory, hard disk, HSM, or the like. Furthermore, in the present invention, the storage area can be distributed and multiplexed using a RAID controller (not shown) connected to the PCI bus interface.

  Further, the MPU 200 controls a serial or parallel interface 212 such as USB or IEEE1284 via the internal bus 210, communicates with an input / output device 214 such as a keyboard, a mouse, and a printer, and receives input from a user. It also provides output to the user via a printer or the like.

  The database server 104 further includes a VRAM 216 and a graphic chip 218, which can process a video signal in response to a command from the MPU 200 and display the video signal on the display device 220. Further, the MPU 200 communicates with a network interface card (NIC) 222 via the internal bus 210, and causes the database server 104 to communicate with the outside via the network 224.

  In the present invention, an information processing apparatus having the same configuration can be used for the management terminal 110, the client terminals 112 to 116, and the Web application server 102, and the Web application server 102 and the database server 104 are Even in the case of having an architecture such as UNIX (registered trademark), AIX (registered trademark), or Linux (registered trademark), as long as each OS provides a similar function, the present invention provides the architecture of the information processing apparatus. It is not limited to.

  FIG. 3 is a block diagram showing the functional module configuration of the content management system 100 in a specific embodiment of the present invention. In FIG. 3, this system includes a client processing unit 300, a server processing unit 330, and a network 320 connecting them. Each of the client processing unit 300 and the server processing unit 330 includes a plurality of functional modules and a plurality of data storage units. The server processing unit 330 executes processing for managing and providing content, and the client processing unit 300 requests processing such as content creation, editing, and browsing from the server processing unit 330, and executes processing result display processing. .

  The functions of the client processing unit 300 and the server processing unit 330 will be described later in detail. In the present invention, the content management system 100 is described and described as being composed of a client processing unit 300 and a server processing unit 330 for the sake of convenience. However, in the present invention, each functional module of the server processing unit 330 can be shared by a plurality of servers. When the server processing unit 330 is assigned to a plurality of servers, communication between the assigned modules is performed by an appropriate protocol via a communication interface such as a server.

As the above-described protocol, for example, SOAP (Simple Object Access Protocol), RPC (Remote Procedure Call), Java (registered trademark) RMI (Remote) via lower communication protocols such as HTTP, FTP, and SMTP are used.
Method Invocation), CORBA (Common Object Request Broker Architecture), EJB (Enterprise
Java (registered trademark) Beans), DCOM (Distributed Component Object Model), COM + (Component Object
Communication protocol conforming to the specifications of distributed object technology such as Model Plus), for example IIOB (Internet Inter Object Request)
Broker), but is not limited to these.

  Hereinafter, the functions of the functional modules and the data storage unit constituting the system will be described with reference to FIG. The client processing unit 300 has a function of transmitting a processing request message to the server processing unit 330 that performs content management and receiving a processing response message from the server processing unit 330. The server processing unit 330 receives the processing request message from the client processing unit 300, and checks the validity of the processing request message using the processing request message from the client processing unit 300 and the client attribute. In the present invention, for processing in which security and copyright protection are important, such as processing for content managed by the server processing unit 330, communication between the client processing unit 300 and the server processing unit 330 is performed over the network 320. Then, a connection based on mutual authentication is established by a communication protocol such as SSL or TLS, and processing request messages and processing response messages are transmitted and received by encrypted communication.

  When the validity of the processing request message is authenticated, the server processing unit 330 searches for management content that is the target of the processing request, and executes processing according to the processing request message. The execution result is created as a processing response message of the server processing unit 330 and transmitted to the client processing unit 300. Hereinafter, functional modules of the client processing unit 300 will be described in detail.

<Section B: Client Processing Unit>
FIG. 4 is a block diagram illustrating a functional module configuration of the client processing unit 300. In FIG. 4, a browser 310 issues a processing request message to the server processing unit 330, displays a response result from the server processing unit 330, and provides an interface between the system and the user. As such a browser, Internet Explorer (trademark), Mozilla (trademark), Netscape Navigator (trademark), etc. can be used.

  The browser 310 performs server processing via the network 320 using the C (client) encrypted communication processing unit 304 (hereinafter, the term “client” is simply referred to as “C” for convenience of explanation) and the C communication unit 302. The unit 330 communicates with an encrypted communication protocol such as HTTPS (HTTP over SSL / TLS). In addition, when performing data communication in which security and copyright protection are not particularly important, data communication using a non-encrypted communication protocol such as HTTP can be performed.

  The client processing unit 300 includes a C authentication information storage unit 314. The C authentication information storage unit 314 includes a client electronic certificate, a client private key, a content including a client public key necessary for establishing an authentication connection. The DB name encryption key used in the management process and other information for proving the identity of the client can be stored. In a mutual authentication request, at least a processing request that requires client authentication, the browser 310 accesses the C authentication information storage unit 314 via the authentication plug-in 312 and transmits the acquired client electronic certificate to the server processing unit 330. The authentication connection with the server processing unit 330 is established. Further, in a specific embodiment of the present invention, user authentication for a user who performs processing in which security and copyright protection are important is performed using a client electronic certificate stored in the C authentication information storage unit 314.

  Further, the C authentication information storage unit 314 stores an electronic certificate including a public key of a trusted certification authority for authenticating the server processing unit 330 serving as a connection partner. In the processing request that requires server-side authentication, the browser 310 inquires the C authentication information storage unit 314 via the authentication plug-in 312 and verifies the server electronic certificate transmitted from the server processing unit 330. Authenticate the server.

  The above-described client electronic certificate is issued from a third-party certification authority or issued from a server processing unit 330 described later, for example, X.X defined in RFC3280. An electronic certificate compliant with the 509 standard can be used. Further, as a client electronic certificate to be sent, an electronic certificate chain further attached with an electronic certificate of a client electronic certificate issuer may be used.

  In the present invention, a transmission plug-in 306 and a reception plug-in 308 are further installed as add-on programs of the browser 310 and managed using communication, data access control via the transmission plug-in 306 and the reception plug-in 308. The server-client transaction is executed while protecting the security and copyright of the content. When the type of processing request between the client and the server, for example, when displaying a normal homepage, processing without using a plug-in can be executed. However, the transaction via the transmission plug-in 306 and the reception plug-in 308 of the present invention is processing for content stored in the content management database, such as creation / editing / viewing / change of management level setting of managed content ( Hereinafter, it is referred to as content management processing.)

  In the present invention, the above-described content management processing request is made in response to the display data received from the server processing unit 330 with the display object presented to the browser 310 of the client processing unit 300 as an input interface. Issued to. The browser 310 detects an input event for an area of a display object on the browser (which may be the entire screen area), and the transmission plug-in 306 transmits a message including the input event to the server processing unit 330. The server processing unit 330 selects and executes content management processing based on the received message including the input event, and the client processing unit 300 receives display data including the content management processing response via the reception plug-in 308. To the browser 310.

  The input events mentioned above include event attributes such as click, double click, focus, mouse button press, mouse button release, keyboard press, keyboard release, selection, update, drag and drop, etc. In addition, input event information such as mouse pointer coordinates and key codes of input keys can be included. Further, the input event further includes event information such as an identification value for identifying the object that has detected the input operation and a state value of the object in order to determine the content management process requested by the server processing unit 330. be able to. The functions of the transmission plug-in 306 and the reception plug-in 308 will be described later in detail. The server function of the present invention will be further described below.

<Section C: Server Processing Unit>
FIG. 5 is a block diagram showing a more detailed functional module configuration of the server processing unit 330 in the specific embodiment of the present invention. The server processing unit 330 in the embodiment shown in FIG. 5 includes a content / data storage unit 352 that stores content managed by the content management system 100, and executes processing for managing and providing content.

  In the present invention, the server processing unit 330 receives a message from the client processing unit 300 via the transmission plug-in 306, and based on the received message, the input event detected in the browser 310 of the client processing unit 300 , The display object that was the target of the input operation (the area where the event was detected), the status value, and other various event information, determine the requested content management process, and if necessary, The content management database in the content / data storage unit 352 is accessed and content management processing is executed.

  Furthermore, in the present embodiment, content that is not intended to be published, such as content that is being written or content that is being edited, that is desired to be managed with high security, is a management level that is not disclosed to the content / data storage unit 352 and that is being edited. Are managed in the content management database in which is set. A content management database in which a management level that is not disclosed and being edited is set is defined and managed with a management name encrypted by a DB name encryption key. The management name before encryption corresponding to the content management database is stored in the server processing unit 330, and the corresponding DB name encryption key is stored in the client processing unit 300 of the user having the authority to access the content management database. Is done.

  In this embodiment, content is managed by a content management database, and access to the content management database is controlled by user authentication. Furthermore, the content management database in which content that is desired to be managed with high security is stored in the database name and / or table name, or the management name of one of them is DB name encryption held in the client processing unit 300 used by the user Since the database and the table are defined by the encrypted name obtained by encryption using the key, it is possible to realize a content storage location that can be identified only by a specific user.

  In the content display in the client processing unit 300, the display data dynamically generated for each display range in the server processing unit 330 based on the information in the content management database is received as a reception plug-in 308 on the client processing unit 300. Is received and presented to the browser 310 based on the display data. For this reason, it is possible to prevent the entire electronic data of the content from being held on the client side without protection. Hereinafter, the function of each functional module in the server processing unit 330 of the present invention will be described using a specific embodiment.

  The server processing unit 330 includes an S (server) authentication information storage unit 336 (hereinafter, the term “server” is simply referred to as “S” for convenience of explanation). The S authentication information storage unit 336 stores a server electronic certificate including a server public key and a server private key, which are necessary for establishing an authentication connection. In response to a request from the client processing unit 300, the S encrypted communication processing unit 334 uses the server electronic certificate stored in the S authentication information storage unit 336 and passes through the S communication unit 332, the client processing unit 300. Establish an authenticated connection with

  Further, the S authentication information storage unit 336 can store an electronic certificate including a public key of a trusted certification authority for authenticating the client processing unit 300 as a connection partner. In a mutual authentication request, that is, a processing request requiring at least client authentication, the server processing unit 330 transmits a client electronic certificate and electronic signature transmission request to the client processing unit 300, and receives the received client electronic certificate and electronic signature. The S authentication information storage unit 336 can be inquired and verified to authenticate the client. The server electronic certificate can have the same configuration as the client electronic certificate described above, but is preferably issued by a trusted third-party certification authority.

  The server processing unit 330 includes a front processing unit 338. The front processing unit 338 receives the processing request message transmitted from the client processing unit 300, executes appropriate front processing, and uses the processing result as a processing response message. It transmits to the client processing unit 300. Hereinafter, the role of each functional module in a specific embodiment of the present invention will be described in detail.

<Section C-1: Functional Module (Front Processing Unit)>
In a specific embodiment of the present invention, the front processing unit 338 receives an access request and a processing request for a resource specified by a URI (Uniform Resource Identifier) or an IP address / port number from the browser 310 of the client processing unit 300. In this case, access and processing are controlled based on account information and access control information set in association with resources included in the processing request message. If the requested resource is a file such as a Web page, a processing response message including the specified file is transmitted to the browser 310. If the access requested resource is a server-side program, a process based on the process request message is executed, and a process response message including the process result is transmitted to the browser 310.

  The account information included in the processing request message includes user ID, password, authentication information necessary for login authentication such as client digital certificate, and login of user profile, key store information, token, ticket, etc. This information is attached to the processing request message that the client processing unit 300 determines to be necessary for accessing the resource, including trust information that can prove the nature of the client used in the subsequent communication. The access control information is information that is associated with each resource and is held in the server processing unit 330 to authorize the user to access the resource.

  Hereinafter, in order to explain the authentication / approval process for access and processing requests by the front processing unit 338, the resources are classified into two for convenience. The first resource is a resource including a file in the page data storage unit 346 and a resource including a server-side program that accesses the data in the page data storage unit 346 and generates page data. -A page resource that provides data and add-on installation programs for browsers. The second resource is a content management resource that requires high security management, including a server-side program for accessing and processing the user data storage unit 350 or the content data storage unit 352.

  In the first resource, access to the resource can be performed by a communication protocol supported by a browser such as HTTP, HTTPS, FTP (File Transfer Protocol), FTPS (FTP over SSL / TLS).

  The page resource includes, for example, a web site, and in a specific embodiment, a front page as a content providing site, a user login page, a new user registration page, a list of content information for publication, a list for each genre Content information such as a public content list display, content title and summary, a content work search page, and a page for displaying search results can be included. These pages are created by the front processing unit 338 based on a content information database that stores a page information file in the page data storage unit 346, content index information in the content management database, and the like. The access right to the page resource in the present invention can be set based on the purpose of the page such as a public page, a member page, or a member individual page, but is not limited to this, and no access restriction is set. You can make everything public.

  Note that the page information file in the page data storage unit 346 can include page information described in a markup language such as HTML, DynamicHTML, and XML. If necessary, JPEG, JPEG2000, GIF, PNG, BMP, TIFF format format still images, Wave, MP3, WMA, MIDI format data formats, MPEG, QuickTime, AVI, Divx format video, animation GIF, Flash, etc. It may include add-on programs such as animation, Java (registered trademark) Script, Java (registered trademark) Applet, and other ActiveX controls. Furthermore, a plug-in installation program for incorporating each plug-in in the client processing unit 300 into the browser can be included.

  The page / data storage unit 346 further includes a content information database and a content information database / management module for managing the content information database. The content information database is managed in the content management database in the content / data storage unit 352. Information required for searching, such as keywords, classifications such as categories and genres, titles, author information, etc., and the management name of the content management database and It is stored in association with the record. With regard to the keyword, the keyword character string and the position information within the content of the keyword character string are further associated, and a link as an index and a cross-reference within the content and between the contents via the keyword can be provided. Keywords, classifications, and titles can be set by the input of the author or editor. In addition, keywords can be automatically extracted by using a keyword extraction algorithm based on standard statistical processing, and a standard search algorithm is used for keyword search in content and automatic document position extraction. Can be done. The contents of the content information database can be updated when the contents are set to be published or triggered by a change in the contents. However, the contents information database is not particularly limited and has a function of monitoring the updating of contents in the contents management database. It can be updated at any time as a configuration provided with a functional module separately.

  Further, the content information database also stores information related to the content, such as summary, headline, number of accesses, number of viewers, evaluation, etc., and the front processing unit 338 presents these information to the user and browses them. Can be encouraged. Further, the content information database stores information such as sales amount, and can manage the reward paid to the content author using the sales amount and the evaluation.

  The second resource is a content management resource that requires high security management. In the present invention, the user accesses the content management resource via the browser 310 to create, edit, view, etc. the content. Execute the process. The right of access to the content management resource can be set based on the management level of processing requests such as creation, editing, and browsing, but is not particularly limited thereto.

Note that communication between the client and the server in access to content management resources and processing requests is performed via the transmission plug-in 306 and the reception plug-in 308. The plug-in is Java (registered trademark) GSS-API ( Java (registered trademark) Generic Security Services Application Programming
Interface), socket API, RMI-API, and other APIs for performing communication conforming to the specifications of the distributed object technology can be implemented. At that time, if necessary, secure message exchange is performed using an encrypted communication protocol such as SSL or TLS.

  In a specific embodiment of the present invention, the access control to the page resource and the content management resource in the front processing unit 338 is a user ID associated with the user that is centrally managed in the user data storage unit 350. This is performed based on subject identification information such as a group ID or role, and access control information set in association with the subject identification information for each resource. The server processing unit 330 includes a storage unit (not shown) configured by a memory or the like, and authentication of a transmission source user is performed based on a user profile held in the storage unit of the server processing unit 330.

  Here, the user profile held by the storage unit is generated for each user who has logged in to the system, and is used for subject identification information for accessing various resources and requesting processing, and for authenticating the identity of the processing request message. It includes credit information and is used for user login determination. The login process will be described in detail later, but when the user logs in to the system, a user profile is generated, and subject identification information associated with the user is read from the user data storage unit 350 and stored in the user profile. Is done. Further, trust information for authenticating the sender, a DB name encryption key used for accessing a content management database, which will be described later, and the like are also stored in the user profile. The user profile is held in the storage unit until the user logs off from the system or until a certain time elapses and times out.

  For a user who has logged in, authentication is performed based on the received credit information and the user profile while the user profile is held in the storage unit on the server side. Authentication can be performed without accessing the storage unit 350. In the specific embodiment, further, execution of content management processing in the content management unit 344 described later is approved based on subject identification information in the user profile. The processing process for the processing request message in the front processing unit 338 will be described below.

  When the front processing unit 338 receives the processing request message, the front processing unit 338 determines whether or not the requested resource is protected. If the requested resource is not protected, the front processing unit 338 transmits a processing response message including a resource such as a specified file or a processing result by a specified server-side program to the browser 310 to perform a transaction. To complete.

  If the front processing unit 338 determines that the resource is protected, the user has been authenticated for login based on the account information included in the processing request message and the user profile stored in the storage unit. Determine whether or not. If the front processing unit 338 determines that the user has not been authenticated for login, the front processing unit 338 transmits a login authentication request as a processing response message to the browser 310 of the client processing unit 300.

  If the front processing unit 338 determines that the login authentication has been completed, the front processing unit 338 is based on the subject identification information included in the user profile corresponding to the transmission source user in the storage unit and the access control information associated with the resource. , Perform access approval processing. When the front processing unit 338 determines that the access is not approved, the front processing unit 338 transmits an access non-permission error response message to the browser 310 of the client processing unit 300.

  On the other hand, if the front processing unit 338 determines that the request is approved, the front processing unit 338 includes a processing including a specified file and a processing result by the specified server-side program in response to an access request to the page resource. A response message is sent to the browser 310 to complete the transaction. When access to the content management resource is approved, the front processing unit 338 first extracts the requested content management process and credit information from the process request message, and responds to the requested content management process. The management processing / approval request including the management processing identification value to be transmitted and the credit information proving the transmission source is issued to the authentication approval management unit 340. When the management processing is not approved after waiting for the management processing / approval response from the subsequent authentication approval management unit 340, the front processing unit 338 transmits a management processing non-permission error message to the browser 310 as a processing response message. . On the other hand, when the content management process is approved, the front processing unit 338 transmits the content management process request and the credit information to the content management unit 344. The front processing unit 338 waits for a subsequent content management processing response from the content management unit 344 and transmits a processing response message to the browser 310.

  In the present invention, the content management processing request is extracted by the front processing unit 338 based on event information transmitted to the server processing unit 330 when an event such as a key input or mouse operation on the browser is detected by the browser 310. Is done. A processing process for extracting a content management processing request from the received processing request message in the front processing unit 338 and a processing process for receiving a content management processing response from the content management unit 344 and generating a processing response message will be described later. Hereinafter, an outline of a processing process in the content management unit 344 for a content management processing request to the content management resource will be described.

<Section C-2: Functional Module (Content Management Unit)>
In a specific embodiment of the present invention, the content management unit 344 receives a content management processing request that requires high security protection from the front processing unit 338, issues an SQL statement to the content / data storage unit 352, and performs a content management database. It is a functional module that executes an operation on the content in the content.

  Upon receiving the content management processing request from the front processing unit 338, the content management unit 344 stores a user / data storage unit 350, a content / data storage unit 352, a page / data storage unit 346, a communication management unit 348, and a storage. The requested management process is executed in cooperation with the internal user profile, and a management process response is transmitted to the front processing unit 338. As the above-described content management processing, a list display request of user-managed content such as unpublished content being edited, edited content being edited, published content published by the user, new content creation request, content display request being created, content Publishing request, content editing request, public content browsing request, content writing request, and the like. Details of the content management processing in the content management unit 344 will be described later.

<Section C-3: Functional Module of Server Processing Unit (Authentication Approval Management Unit)>
In a specific embodiment of the present invention, when the authentication approval management unit 340 receives a content management processing / approval request from the front processing unit 338, the authentication approval management unit 340 and the user corresponding to the transmission source user Based on the subject identification information included in the profile and the credit information, refer to the content management processing policy that sets the title in association with the subject identification information of the content management processing, approve the management processing, and manage the processing Send an approval response to the front processing unit 338.

  Further, at the time of user login authentication, the authentication approval management unit 340 reads out the subject identification information from the user management database in the user data storage unit 350 via the content management unit 344, and generates and stores a user profile. Store in the department. Details of the user login authentication will be described later.

  As described above, in certain embodiments, resource access and processing requests are controlled by being centrally authenticated and authorized using a user profile maintained in the storage. The authentication process and the authorization process using the above-described user profile can be implemented using a security framework such as JAAS (Java (registered trademark) Authentication and Authorization Service), but in the present invention, Appropriate titles can be given to users according to resources and processes, and any framework can be implemented as long as it can appropriately restrict access and processing of users who do not have titles. it can.

  Further, authentication and approval may be performed by referring to the user management database in the user data storage unit 350 without using a user profile, and a user ID and a password are attached to the message for each processing request message. Authentication and authorization may be performed by referring to an access control list or an access control database associated with a resource or a process based on the user ID.

<Section C-4: Functional Module (Authentication Information Issuing Unit)>
The authentication information issuing unit 342 is a functional module for issuing a client electronic certificate to the client processing unit 300 when a new user registration request is transmitted from the client processing unit 300. When the authentication approval management unit 340 receives the new user registration processing request message, the authentication approval management unit 340 issues a certificate issuance request including the proved person information included in the message to the authentication information issuing unit 342. The authentication information issuing unit 342 generates a client public key / private key pair for use in login authentication of this system, creates the received prover information and the electronic signature of the client public key, and X. including certifier information, a client public key, and an electronic signature. A client electronic certificate compliant with the 509 specification is generated. The public / private key pair is generated by an algorithm of a public key cryptosystem such as RSA (Rivest Shamir Adleman) cryptosystem, elliptic curve cryptosystem, ElGamal cryptosystem, NTRU cryptosystem, knapsack cryptosystem, etc. be able to.

  Further, the authentication information issuing unit 342 newly generates a DB name encryption key for encrypting the database name or the table name in the private content management database that stores the private content, and generates the client electronic certificate and the DB. Key store information including the name encryption key is sent to the client processing unit 300. The client processing unit 300 that has received the key store information stores the key store information in the C authentication information storage unit 314 via the authentication plug-in 312. At this time, key store information is also stored in the user data storage unit 350 on the server side in association with the user. Details of the new user registration process will be described later. At the time of new user registration, the proved person information includes the identification information of the proved person as an E-mail address and the presence of an address by sending and receiving an e-mail at the time of issuance and the user's intention to register. It can be confirmed by confirmation or using any owner identification method. The electronic certificate used when creating the electronic signature of the client electronic certificate may match the server electronic certificate held by the S authentication information storage unit 336, or a certificate may be used separately.

<Section C-5: Functional Module (Communication Management Unit)>
The communication management unit 348 is used for communication between browsers having different IP addresses and port numbers, such as between the browser 310 used by the content author and the browser 310 used by the editor. This is used when the author makes an editing request to the editor and simultaneously performs an editing operation and a confirmation operation. Also, E-mail transmission processing for a copyright request or an edit request can be performed. Details of processing in the communication management unit 348 will be described later.

  Hereinafter, in section C-6 and section C-7, a content and user data management method for providing a storage area for content that is highly secured and can be identified only by a limited user according to the present invention will be described. A specific embodiment will be described.

<Section C-6: Functional Module (User Data Storage Unit)>
In a specific embodiment of the present invention, user login authentication, user data for performing resource access and processing authorization, and database management name for accessing content managed by the user in the system Are managed in the user data storage unit 350. The user data storage unit 350 includes a user management database composed of several related tables, and a user management database / management module for managing and operating the user management database. The user data storage unit 350 further includes a storage area for storing a key store that is created for each registered user and securely holds various security information.

  FIG. 6 is a diagram showing a table structure of a part of a table group and a user information / related table group A400 constituting a user management database managed in the user / data storage unit 350 in a specific embodiment of the present invention. is there. The user management database includes a user table 402. The user table 402 includes a field 402a for registering a user ID and a field 402b for registering a URI of a key store corresponding to the user ID. In addition, the user table 402 relates to user information such as a user's name, E-Mail address, and payment information. A field can further be included. In another embodiment, the field 402b can store the key store itself as binary data instead of the key store URI.

  The key store is a database that manages information such as a client electronic certificate including a client public key and other information such as a private key with high security by password protection and encryption. In this embodiment, it is stored in the C authentication information storage unit 314 of the client processing unit 300 used by the user for users who execute processing that requires high security management, such as content authors and editors. Login authentication using a client digital certificate is required. The key store corresponding to the user is entered including a client electronic certificate necessary for verification of the electronic certificate at the time of login authentication.

  Furthermore, a private name management database and a DB name encryption key for encrypting the table name can be entered in the key store. In the present invention, the database name and table name of the private content management database for storing the content for the private purpose are encrypted with the DB name encryption key, and a content management database that can be identified only by a specific user is provided. Provided. The key store information corresponding to the user stored in the user data storage unit 350 is also sent to the client side at the time of new user registration, and is used for login authentication.

  In addition, key store entries such as client electronic certificates and DB name encryption keys are stored in the key store in association with an alias identification name, and access to the key store and access to each entry is performed by user ID at the time of user registration. It is protected by the login password set together. The management of the alias for accessing the key store will be described later, but the DB name encryption key for accessing the content management database for non-disclosure purposes includes the client electronic certificate held on the client terminal side and the user side Since it is called from the key store on the basis of the login password held in, and the alias corresponding to the DB name encryption key held in the user management database, the content storage area is protected with high security.

  In a specific embodiment of the present invention, login authentication of a user who has the authority of processing requiring high security management is performed using a user ID, a login password, and a client electronic certificate. However, the present invention is not limited to this. However, in the present invention, template data in biometric authentication or the like can be used instead of the login password. That is, any authentication method can be used as long as authentication is performed based on a user ID for identifying a user and security information associated with the user ID issued by the server processing unit 330 of the present system.

  The user management database further includes a role map table 404 associated with the user table 402. The role map table 404 includes a field 404a and a field 404b, and associates a user ID with a role. In the field 404b, user roles such as AUTHOR, EDITOR, USER, and ADMINISTRATOR are registered, and a plurality of roles may be registered for the same user ID. In a specific embodiment, a role can be set based on a role such as a content author, an editor, a user, or an administrator, a service that the user sets for use, or a contractual relationship between the system and the user. However, the present invention is not particularly limited, and for example, a role may be set for each content management process to perform title management. It does not matter as a title management that does not roll. In the present embodiment, the front processing unit 338 approves access to resources based on roles, and the authentication approval management unit 340 approves execution of management processing based on roles. In addition, a title group for comprehensive title assignment can be set using a role.

  The user management database further includes a management content DB information table 406 and a management content table information table 408 related to the user table 402, and holds information for accessing the content management database and table managed by the user. To do. The managed content DB information table 406 includes a field 406a for registering a user ID, a field 406b for registering a database ID, and a field 406c for registering a corresponding alias. In the field 406b, the database ID corresponding to the content management database under the management of the user is registered, and in the field 406c, the alias of the key store for accessing the DB name encryption key corresponding to the database ID is registered. The

  The managed content table information table 408 includes a user ID field 408a, a database ID field 408b, and a table ID field 408c. In the field 408c, a table ID corresponding to a table in the content management database under the management of the user is registered in association with the upper database ID.

  FIG. 7 is a diagram showing a table structure of a part of a table group constituting the user management database managed in the user / data storage unit 350 and the user information / related table group B410 in the specific embodiment of the present invention. is there. The user management database further includes a content DB information table 412, a content table information table 414 associated with the content DB information table 412, and a content DB owner information table 416, and the above-described managed content DB information table The database ID registered in 406 and the management content table information table 408 and the table ID are mapped to the corresponding management names. The content DB information table 412 and the content table information table 414 in the present embodiment correspond to the management name storage unit of the present application.

  The content DB information table 412 can include a field 412a for registering a database ID, a field 412b for registering a database name, and a field 412c for registering a management level. In this embodiment, information for identifying a management level set in the content management database, such as PUBLIC (public), EDIT (during editing), and PRIVATE (private), is registered in the field 412c. The content table information table 414 includes a table ID field 414a, a database ID field 414b, and a field 414c for registering a table name.

  Further, the user management database can include a group table 418, which associates a group ID representing a coauthorship relationship between content authors and a collaborative relationship at the time of editing / proofreading with a user ID belonging to the group ID. It is used to manage collaborative work by users. The content DB owner information table 416 is associated with content management database owner information, and a user ID or group ID is registered in association with the database ID. In the present embodiment, a content management processing request for content managed in the content management database can be approved based on a user ID, a group ID associated with the user ID, and a role.

<Section C-7: Functional Module (Content / Data Storage Unit)>
In a specific embodiment of the present invention, content managed by the system is stored and managed in the content / data storage unit 352. The content data storage unit 352 includes a private content management database group that stores private content, an edited content management database group that is used during editing, and a public content management database that stores content to be published. The management database group includes a content management database and a management module for managing and operating the content management database group. Each content management database is assigned a database ID and is registered in the content DB information table 412 in association with its name.

  A non-public content management database in which content under writing is stored is defined and created when a user who is a content author completes new user registration, for example. In the content DB information table 412, for example, private such as PRIVATE The management level is registered. The edited content management database in which the content being edited is stored is a content management database that is temporarily created until the editing is completed when the content author requests the editor to edit the content. Yes, in the content DB information table 412, a management level being edited such as EDIT is registered. The content author copies the content desired to be edited into the edited content management database, and the editor accesses the copied content and performs editing / proofreading work.

  In the content data storage unit 352, the content management database in which the management level is set to be unpublished and edited is set to the database name corresponding to the content management database in the content DB information table 412 of the user management database. Using the encrypted name encrypted by the name encryption key, it is defined and created by the database definition language (DDL). The DB name encryption key corresponding to the private content management database assigned to the content author user is generated at the time of user registration, and is entered into the key store corresponding to the user ID along with the definition and creation of the database. The generation timing of the DB name encryption key is not limited to these methods. For example, a new DB name encryption key is generated after user registration, the entry of the key store is rewritten, and the user's private content management database is redefined with the encrypted name by the new DB name encryption key and the contents The DB name encryption key can be changed by duplicating or changing the database name, and security can be improved by periodically exchanging the key.

  In the embodiment of the present invention, since the encrypted name does not need to be decrypted, the encryption using the DB name encryption key is MD5 (Message Digest Algorithm 5), SHA-224, SHA-256, SHA. It can be performed using a hash function such as -384 and SHA-512. By using an irreversible hash function, it becomes impossible to analyze the database name and DB name encryption key before encryption from the encrypted name actually existing in the database, and the security can be improved. In the unlikely event that a collision occurs, an error at the time of database definition is detected, and the DB name encryption key issuance process is performed, thereby avoiding a collision problem.

However, the present invention is not limited to the above-described encryption method, and can be performed by a public key encryption method or a common key encryption method. As a common key encryption method, DES (Data Encryption Standard), Triple DES, AES (Advanced Encryption Standard), IDEA (International
Data Encryption Algorithm), FEAL (Fast Data Encipherment Algorithm), MISTY, etc. can be used.

  Furthermore, in the present invention, the content data itself stored in the content management database using a DB name encryption key or the like by a reversible encryption method such as the common key encryption method and the public key encryption method described above. The security can be further improved by encryption.

  In the present invention, since the entry in the key store of the DB name encryption key is protected by the user's login password, it is possible to provide a secure content storage area that can be uniquely identified by the owner user. On the other hand, the DB name encryption key corresponding to the content management database being edited is generated at the time of the edit request and is entered in both the content author and the key store of the editor who received the request. Thus, it is possible to provide a safe editing work area that can be accessed only by editors who have received the information. Similarly, in the case of co-authoring by a plurality of content authors, a new group ID to be shared among co-authors is generated, and a private content management database is newly defined for the group ID. Since the DB name encryption key is stored in a key store corresponding to the users constituting the group and is shared among the groups, it is possible to provide a secure collaborative work area accessible only by the group members.

  In the present embodiment, these DB name encryption keys are stored in an alias corresponding to the database in the key store indicated by the key store URI stored in the user table 402 in association with the user ID that owns the database. Entry related to. The alias for accessing the DB name encryption key is registered in the record of the field 406c corresponding to the user ID and the database ID of the database in the managed content DB information table 406. Therefore, the user can use the user table 402, the managed content DB information table 406, and the content DB information table 412 to correspond to the URI of the key store corresponding to his / her user ID and the managed content management database. Content management created and defined by the encrypted name that is managed by itself by obtaining the encrypted name of the database name in the table by calling the DB name encryption key in the key store Provides access to the database.

  Further, in a specific embodiment, the table name in the database can also be encrypted using the same DB name encryption key that encrypted the database name. In this case as well, the owner of the content management database obtains the encrypted name of the corresponding table name by using the content table information table 414 and the DB name encryption key obtained by encrypting the database. Access to the content management database table managed by. As described above, by defining the database name and / or table name managed by the user management database using the encrypted name obtained by encrypting either one, the security of the database is improved. Even if the three parties can access the content data storage unit 352 of this system and obtain the root right, the database and the table cannot be identified. Note that the tables whose names are encrypted may be all tables defined in the database, or only a part of the tables, for example, the parent table may be targeted.

  In addition, the server processing unit 330 reads information for accessing the above-described content management database managed by the user from the user data storage unit 350 at the time of login, and stores it as additional information of the user profile to the storage unit of the server processing unit 330. By storing, access to the content management database and tables managed by the logged-in user can be performed without inquiring the user data storage unit 350 one by one.

  In addition, the description related to the encryption of the database name described above can be executed using a database system that can start multiple databases for a database instance, such as MySQL, and is managed in units of databases. It corresponds to. On the other hand, a database system used in the content data storage unit 352 uses a database system in which one database corresponds to one database instance and a management unit is set by a schema, such as Oracle. When implemented, the security strength can be improved by encrypting the table name of the schema.

  In the present invention, the content is managed in the content management database by an appropriate regular expression by associating the content ID, the user ID or group ID of the user who has the copyright of the content, and the content content. By associating the content ID with the copyright holder, incentives described later can be distributed. In the present embodiment, a parent table is defined for each content ID in the present embodiment, and when creating new content, a new table is newly defined and an appropriate table group that is consolidated or composed with the parent table. The data structure to be created is not particularly limited.

  Furthermore, according to the present invention, it is possible to register a collection of contents made up of a plurality of contents in the content management database, in which case the contents collection ID, content ID, and content ID correspond to each other. The content data to be stored is stored in association with the layout relationship including the order and arrangement in the content set. In a specific embodiment, content in a document format can be assigned a content ID in units of blocks such as chapters, sections, or paragraphs, and a plurality of ordered sets of blocks are associated and registered as one book. Can be configured. Further, by including the layer structure in the layout relationship, for example, it is possible to provide a content set in which content including an answer example is superimposed on content including an answer column such as a question collection.

  Content in an image format can be assigned a content ID for each image, and can be configured as a single book, illustration book or photo book by associating and registering a set of laid out image units including order and arrangement. be able to. Content in audio format can be assigned a content ID for each audio data, and can be configured as one audio album by registering a set of audio data in order.

  Similarly, it is also possible to associate a video work or a multimedia content collection of these, a document, an image, audio data, and video data. Furthermore, these content sets may be further registered in the order and association as content series. Such content-related information is also stored in the content information database, and a series of related content data can be presented to a user who wishes to browse.

  As described above, the embodiment in which each content management database is stored in the content / data storage unit 352 on the same server has been described. In other embodiments, the content / data storage unit 352 is not disclosed. The content management database group, the edited content management database group, and the public content management database can be configured from different database servers 104. The private content management database group and the edited content management database group for the private purpose Security can be improved by disconnecting from the server.

  Each of the functional modules shown in FIGS. 3 to 5 is configured by the memory 204 and the MPU 200, and a function (not shown) for realizing the function in each functional module is loaded into the memory 204 and executed. Can be realized. Moreover, each data storage part shown to FIGS. 3-5 is realizable as data stored in the memory | storage device 208. FIG. However, all or some of the functional modules may be realized by dedicated hardware. Also, Java (registered trademark), C ++,. When described in an object-oriented programming language such as NET or Ruby, each function module is an object or a group of objects in which a plurality of object units cooperate, and each process is a method provided by the object, Message exchange can be implemented by method calls, remote method calls, or using sockets. The database management modules of the content data storage unit 352 and the user data storage unit 350 can be configured from database software such as Oracle, MySql, DB2, and PostgreSQL. In FIG. 1, the content data storage unit 352 of the specific embodiment shown in FIGS. 3 to 5 is implemented in the database server 104, and the other functional modules and data storage units are Web application Implemented in the server 102. Hereinafter, various processes in the present invention will be described in detail using specific embodiments.

<Section D: Processing Sequence in the System>
In a specific embodiment of the present invention, the processing for the content managed by the content management system 100 is performed by identifying a subject authenticated by login authentication, such as a user ID, a group ID, or a role associated with the user. Approval is made based on the information and the policy of the content management process that sets the title in association with the subject identification information for each process. Furthermore, in the present invention, communication between the client and the server in the process for the managed content is performed via the transmission plug-in 306 and the reception plug-in 308 that are added to the browser.

  The front processing unit 338 that has received an access request to the content management resource from the browser 310 transmits an activation request for the transmission plug-in 306 and reception plug-in 308 to the browser 310. Upon receiving the activation request, the browser 310 attempts to activate the plug-in program. When the activation of the plug-in is successful, the browser 310 subsequently transmits a transaction to the content management resource via the transmission plug-in 306 and the reception plug-in 308. Do it.

  On the other hand, when the plug-in program fails to start, the browser 310 transmits a plug-in installation program download request message to the front processing unit 338, and the front processing unit 338 reads the page data storage unit 346 from the page data storage unit 346. The installation program is read out and transmitted to the browser 310 as a response message. The browser 310 that has received the installation program attempts to install the plug-in program, and when the installation is completed normally, attempts to start the plug-in program. The method of providing the plug-in program installation program is not particularly limited, and it can be provided by a storage medium such as a CD in addition to downloading. The processing sequence of each process of content management processing will be described below assuming that the plug-in program has already been activated.

<Section D-1: User Login Authentication Processing Sequence>
FIG. 8 shows a sequence diagram of user login authentication processing in a specific embodiment of the present invention. A processing sequence in login authentication will be described with reference to FIG. First, when a user attempts to access an access-protected content management resource using the browser 310 (step S100), the browser 310 receives the C authentication information storage unit 314 (step S101) via the authentication plug-in 312 in step S101. A user profile acquisition request is transmitted to (not shown in FIG. 8). The user profile is stored in the storage unit of the server processing unit 330 and the C authentication information management unit 314 of the client processing unit 300 when the user login authentication is completed. It is possible to determine whether it has been completed. The authentication plug-in 312 returns the user profile to the browser 310 when the acquisition of the user profile from the C authentication information storage unit 314 is normally completed, and returns, for example, a null value as a return value when the acquisition fails. .

  If the user profile is acquired and the acquired user profile is valid, it is determined that the user has already logged in, and access to the access-protected content management resource is attempted (step S124). The effectiveness of the user profile can be verified by, for example, checking the expiration date set in the user profile. On the other hand, if acquisition of the user profile has failed or if the user profile has expired, the browser 310 activates a login authentication process in step S102, and in step S103, C authentication is performed via the authentication plug-in 312. An attempt is made to acquire key store information including a client electronic certificate and a DB name encryption key for use in connection client authentication and user authentication of this system from the information storage unit 314. At that time, when a plurality of client certificates are provided, a GUI requesting the user to select an electronic certificate can be presented. If the authentication plug-in 312 fails to obtain the client electronic certificate, the authentication plug-in 312 determines that the client terminal currently used by the user has not been registered in the system, and displays an error display and a new user registration page in step S125. Redirect to

  If the browser 310 succeeds in acquiring the key store information, in step S104, for example, the browser 310 redirects the user to login information and a login page by inputting a login ID and a login password. Request. Upon receiving the login information input from the user, the browser 310 issues a login information transmission request together with the login authentication information to the transmission plug-in 306 in step S105. In step S106, the transmission plug-in 306 that has received the login information transmission request performs a handshake of mutual authentication connection by using the front processing unit 338 of the server processing unit 330 and the client electronic certificate in the acquired key store information. And establish a secure communication path. After the mutual authentication connection is established, the transmission plug-in 306, in step S107, includes the user ID, the login password, and the key store information (including the client electronic certificate and, if necessary, the DB name encryption key). A login request message including login authentication information including the following is transmitted to the front processing unit 338. In step S108, the front processing unit 338 that has received the login request message transmits a login authentication request together with the login authentication information to the authentication approval management unit 340.

  In step S109, the authentication approval management unit 340 that has received the login authentication request queries the user data storage unit 350 for user data corresponding to the transmission source user ID included in the login authentication information, and logs in the user ID and login. A user data inquiry request including a password is transmitted to the content management unit 344. In step S110, the content management unit 344 that has received the user data inquiry request issues a user data acquisition request corresponding to the transmission source user ID to the user data storage unit 350 using, for example, an SQL statement, and in step S111. A user data acquisition response is received. In FIG. 8, the description of information exchange between the content management unit 344 and the user data storage unit 350 a plurality of times is omitted for convenience. In step S110 and step S111, the content management unit 344 obtains the login password from the key store specified by the URI obtained from the user management database in addition to obtaining the registration information of the user management database corresponding to the transmission source user ID. To obtain the client electronic certificate and, if necessary, the DB name encryption key, and to receive the user data including the client electronic certificate and the DB name encryption key as user data. .

  In step S112, the content management unit 344 that has received the user data acquisition response returns user data including the client electronic certificate to the authentication approval management unit 340 as a user data inquiry result response. Upon receiving the user data, the authentication approval management unit 340 receives the client electronic certificate included in the key store information transmitted together with the login authentication request from the browser 310 and the user data included in the user data inquiry result response in step S113. Login authentication is performed based on the data. If the transmitted client electronic certificate matches the client electronic certificate included in the user data, the authentication approval management unit 340 determines that the login of the transmission source user ID is appropriate, and in step S114 The user profile corresponding to the user ID is generated and stored in the storage unit of the server processing unit 330.

  In that case, the user ID, group ID, and role included in the user data inquiry result response are stored in the user profile as subject identification information, and the client electronic certificate and DB name encryption key are stored as trust information in the user profile. Is done. Furthermore, information related to the content management database managed by the user, that is, the database name, table name, management level, and owner information can be stored in the storage unit as user profile additional information. Note that the credit information includes credit information for client identity verification in communication between the client and the server after login, such as a ticket, token, and key store information. Subsequently, in step S115, the authentication approval management unit 340 issues a login authentication completion response transmission request together with the user profile to the front processing unit 338, and the front processing unit 338 receives the reception plug of the client processing unit 300 in step S116. A login authentication completion response message is transmitted to the in-308 together with the user profile.

  On the other hand, when there is no registration corresponding to the transmission source user ID in the user management database, when access to the key store is denied, or the client electronic certificate and inquiry result response user transmitted from the client processing unit 300 If the client electronic certificate included in the data does not match, the authentication approval management unit 340 determines that the login authentication has failed, and sends a login authentication failure response transmission request to the front processing unit 338 in step S121. In step S122, the front processing unit 338 transmits a login authentication failure response message to the reception plug-in 308 of the client processing unit 300.

  In step S117, the receiving plug-in 308 that has received the login authentication completion response message or the login authentication failure response message determines whether login authentication has been completed normally from the response message contents (including the user profile if authentication is successful). Judge whether or not. If it is determined that the login authentication has failed, the reception plug-in 308 reports the login authentication failure to the browser 310 in step S123, and the browser 310 notifies the user using the GUI. On the other hand, if it is determined that the login authentication has been normally completed, the reception plug-in 308 transmits a user profile storage request to the authentication plug-in 312 together with the user profile included in the response message in step S118. . Upon receiving the user profile storage request, the authentication plug-in 312 stores the user profile in the C authentication information storage unit 314. In step S119, the receiving plug-in 308 that has received the user profile storage completion response from the authentication plug-in 312 reports the login authentication completion to the browser 310 in step S120. Display the top page. Thereafter, authentication at the time of access to the access management-protected content management resource is performed using the trust information for client identification in the user profile.

  In the specific embodiment of the present invention, the login authentication is performed by the processing sequence described above and shown in FIG. 8, but the present invention is not limited to this. For example, inquiries to the user management database in the user data storage unit 350 are described through the content management unit 344. However, in other embodiments, the authentication approval management unit 340 is informed of database access. The authentication approval management unit 340 may directly process the inquiry to the user management database. The processing sequence in the new user registration processing will be described below using a specific embodiment.

<Section D-2: New User Registration Sequence>
In the login authentication process, when the authentication plug-in 312 fails to acquire the key store information and is redirected to the new user registration page, or when the user requests access to the URL of the new user registration page via the browser 310 The new user registration process is started. In particular embodiments of the present invention, new user registration is performed using a send plug-in 306 and a receive plug-in 308.

  In the new user registration page, a user ID to be registered, a login password, other registration service information, other member information, and the like are input, and a GUI for transmitting the user registration information to the server side is presented on the browser 310. In the present invention, the user role can be set based on registered service information such as content browsing, content writing, and content editing, but is not particularly limited. The browser 310 detects a member registration start request from the user via the GUI, and performs user registration to the authentication approval management unit 340 via the front processing unit 338 via a server authentication connection via the transmission plug-in 306. A new user registration request including information is transmitted. The authentication approval management unit 340 that has received the new user registration request issues a certificate issuance request to the authentication information issuance unit 342. The authentication information issuing unit 342 is further private to a user who is set with a client public / private key pair and a client electronic certificate for use in login authentication of the system, and an AUTHOR role, for example. A DB name encryption key of the content management database is generated, and key store information including these is returned to the authentication approval management unit 340.

  Upon receiving the key store information, the authentication approval management unit 340 transmits a user data registration processing request to the content management unit 344. For a user to whom the AUTHOR role is set, a new private database creation request including a DB name encryption key, a private content management database name, and a table name is generated by generating a private content management database name. Is transmitted to the content management unit 344. The content management unit 344 that has received the user data registration processing request creates a key store associated with the user ID included in the user registration information in the user data storage unit 350, and stores the user ID in the user management database. When the key store URI and AUTHOR role are set, the private content management database name and table name are registered in association with the DB name encryption key alias, and the login password is accessed to the key store. As keys, the client electronic certificate and DB name encryption key included in the generated key store information are stored in association with the alias. The content management unit 344 that has succeeded in generating the key store transmits a processing response including registered key store information having the same contents as the generated key store to the authentication approval management unit 340.

  The content management unit 344 that has received the new private database creation request creates a private content management database by issuing an SQL statement to the content data storage unit 352 in order to provide a private content management database. ·Define. In this case, the private content management database is defined using an encryption name generated from the DB name encryption key, the private content management database name, and the table name.

  The content management unit 344 that has received these processing responses transmits a processing response message including registered key store information to the reception plug-in 308 via the authentication approval management unit 340 and the front processing unit 338. The reception plug-in 308 that has received the processing response message stores the received registered key store information in the C authentication information processing unit via the authentication plug-in 312 and notifies the browser 310 of the processing response.

  According to the management method of the DB name encryption key in the above-described login authentication and new user registration, the DB name encryption key is stored in the key store information, the user data storage unit 350 of the server processing unit 330, and the client process The C authentication information storage unit 314 of the unit 300 shares key store information including the DB name encryption key. However, in another embodiment, the DB name encryption key is not stored in the key store in the user data storage unit 350, but is sent to the client processing unit 300 side and stored in the C authentication information storage unit 314. The DB name encryption key can be held only in the key store information.

When the DB name encryption key is stored only on the client processing unit 300 side, the key store information sent from the C authentication information storage unit 314 of the client processing unit 300 to the server processing unit 330 at the time of user login authentication request Login determination is performed by user authentication and client digital certificate authentication based on the client electronic certificate included in the server and the certificate in the key store in the user data storage unit 350 of the server processing unit 330. The DB name encryption key is registered in the record of the field 406c in the managed content DB information table 406 corresponding to the user ID of the user who has logged in and the database ID of each content management database managed by the user. Using the alias, it is acquired from the sent keystore information and stored in the user profile. As a result, at least while the user is not logged in, the server processing unit 330 stores the alias for reading the DB name encryption key from the key store, but the actual DB name encryption key exists. Therefore, the security strength of the content management system can be improved. Therefore, even if the root authority of the server is stolen by a malicious third party and the login password of the user is also leaked, the encrypted names of the database and table cannot be obtained. The processing sequence of each content management process after login authentication will be described below with a specific embodiment.

<Section D-3: Main Sequence of Each Process>
After the login authentication is completed, the browser 310 can download a GUI object such as a menu for content management from the server processing unit 330, and can display an initial screen such as a top page after the login authentication, for example. In a specific embodiment of the present invention, the content management processing request is a GUI such as an image object, a button, a pull-down menu, a form, a radio button, or a grid control that is provided or presented to the browser 310 from the server processing unit 330. An object is used as an input interface. When the user performs an input operation on the GUI presented on the browser 310 or the display area of the browser 310 using the keyboard and mouse of the terminal on which the client processing unit 300 is operating, the browser 310 displays Event information is detected using the event monitoring function, and the event information is transmitted to the server processing unit 330. The server processing unit 330 interprets the transmitted event information, extracts the requested content management process, and executes the content management process.

  In the present invention, as described above, a GUI for performing a content management process including a work of content is provided by the browser 310, and a content created by a local application by performing most of the actual processing on the server side. Unlike the case of uploading, only the minimum necessary content information is held on the client side, and information leakage from the client side due to a file exchange program or a virus can be suitably prevented.

  Furthermore, since most of the processing processes are performed on the server side, the client program provided to third parties including the user includes only a functional configuration mainly for functioning as an interface with the user, and content. A configuration that does not include a main function for accessing the management database is possible. Therefore, even if the client program is analyzed by a malicious third party, it is possible to minimize the risk of operations such as calling an unauthorized processing process exceeding the functions of the client program. .

  FIG. 9 is a diagram showing a basic processing sequence in main content management processing in a specific embodiment of the present invention. In step S200, the browser 310 detects event information performed by the user on the GUI to be presented, and a series of processes is started. In step S201, the browser 310 that has detected the event information identifies an identification value (hereinafter referred to as an operation target object identification value) for identifying a GUI object or display area that is an input operation target, and the detected event. Event information including the event type (hereinafter referred to as an event attribute) is transmitted to the transmission plug-in 306 together with the event information transmission request. The transmission plug-in 306 that has received the event information transmission request transmits a user profile acquisition request to the authentication plug-in 312, and the authentication plug-in 312 that has received the request reads the user profile from the C authentication information storage unit 314 and transmits the transmission plug-in. Return to IN 306.

  The transmission plug-in 306 that has succeeded in acquiring the user profile creates a primary processing request command including event information from the event information including the operation target object identification value and the event attribute received in step S203. In the case of a content management processing request for a specific content management database and content, the event information included in the event information transmission request in step S201 or the primary processing request command in step S203 is further the current processing target. Database identification information for identifying the current database, and content identification information associated with the content (hereinafter referred to as processing target specifying information together with the database identification information and the content identification information) can be included from the client side. Information for specifying the processing target can be transmitted. When the GUI object to be operated is a GUI object having a state value such as a scroll bar, list, pull-down menu, radio button, or switch, an event information transmission request in step S201 or a primary processing request command in step S203 The event information included in can further include a state value.

  Here, event information refers to the object identification value of the target on which the event operation was performed, event attributes such as clicks and mouse button presses, processing target specifying information, object state values, mouse pointer coordinates, and input keys It is referred to as information including the key code. In step S204, the transmission plug-in 306 sends the primary processing request command generated in step S203 and the primary processing request message including the credit information for client identification included in the user profile to the front processing unit 338 on the server side. Send to.

  On the other hand, the front processing unit 338 that has received the primary processing request message performs login determination using the credit information included in the message, and the corresponding user stored in the message transmission source and the storage unit of the server processing unit 330. Associate with a profile. In the specific embodiment of the present invention, in each processing process in each functional module on the server side after login authentication, the transmitted credit information and the user profile stored in the storage unit of the server processing unit 330 are used. Based on the above, login determination is performed, and the calling of each processing process is approved based on the subject identification information included in the user profile. The security of the content management processing can be improved by confirming the identity of the transmission source in each functional module.

  In step S205, the front processing unit 338 generates a content management processing request based on the primary processing request command included in the received primary processing request message. In this case, a series of primary processing request commands can be buffered and interpreted in units of processing to generate a content management processing request. Details of generation of a primary processing request command in the transmission plug-in 306 and generation of a content management processing request from the primary processing request command in the front processing unit 338 will be described later.

  In step S206, the front processing unit 338 further includes a content management processing identification value corresponding to the generated content management processing request, and content that includes processing target specifying information in the case of a processing request for a specific content management database and content. A management processing / approval request is transmitted to the authentication approval management unit 340.

  In step S207, the authentication approval management unit 340 that has received the content management processing / approval request converts the content management processing identification value, the processing target identification information, and the subject identification information stored in the user profile and associated with the transmission source user. Based on this, the approval process of the content management process is executed.

  In step S208, the authentication approval management unit 340 returns a content management process / approval result response to the front processing unit 338. If not approved, the front processing unit 338 transmits a content management processing non-permission response message to the reception plug-in 308 of the client processing unit 300 and receives the content management processing non-permission response message in step S218. In step S219, the reception plug-in 308 reports the content management processing disapproval to the browser 310, and the browser 310 notifies the user using the GUI.

  On the other hand, if the content management process is approved, the front processing unit 338 issues an approved content management process request (step S209). In step S210, the content management unit 344 that has received the content management processing request stores the database name and the table name corresponding to the content management database that is the target of the content management processing stored in the user profile additional information or the user management database. If necessary, the actual database name and table name encrypted are obtained using the DB name encryption key corresponding to the database in the user profile.

  In step S211, the content management unit 344 issues an SQL statement to the content management database in the content / data storage unit 352, and performs operations such as reading and writing. In step S212, the content management unit 344 receives a response from the content / data storage unit 352, and in step S213, transmits a content management processing response message including the database processing result to the front processing unit 338.

  The front processing unit 338 that has received the content management processing response message uses browser software such as HTML format or XML format to present the result from the database processing result included in the message to the browser 310 of the client processing unit 300. Display data in a format that can be handled is created, and is transmitted as a process response message to the reception plug-in 308 in step S215. In step S216, the reception plug-in 308 presents the display result to the browser 310 and ends the process. The display data can include a GUI associated with each content management processing request and a GUI presentation command. The GUI is associated with an object identification value, and is called by various event attributes and the transmission plug-in 306. Associated with processing. Also, display screen identification information for identifying the screen state displayed based on the result of content management processing, and when the content of specific content is included in the display data, the display range of the content included in the display data and content management Correspondence with data in the database can be stored in the work profile of the storage unit. In a specific embodiment, the display screen identification information can be set in response to front processing such as menu display, list display, and content content display, but is not particularly limited.

<Section D-4: Extraction of Content Management Processing from Event Detection>
The details of the processing process for generating the primary processing request message from the input operation performed on the GUI object presented to the browser 310 and the processing process for extracting the content management processing from the primary processing request message will be described below. A description will be given with reference to specific embodiments.

  In the present invention, a GUI associated with various content management processing requests is presented to the user via the browser 310, an input operation performed on the GUI is detected, and the various content management processing requests associated with the GUI are detected on the server side. Let it run. In a specific embodiment of the present invention, when an event such as a click or a double click performed on the GUI presented to the browser 310 in association with the content management processing request is detected, the transmission plug-in 306 In step S203, a primary processing request command including an object identification value of a GUI to be operated and an event attribute such as click or double click is generated. In step S204, a primary processing request message is transmitted to the front processing unit 338. When the GUI object has a status value, the primary processing request message can further include the status value.

  On the other hand, the front processing unit 338 that has received the primary processing request message determines the content management process requested to be processed from the operation object identification value and the event attribute (including the state value if the state value is included), A content management processing request is issued to the content management unit 344 after approval in step S207, and the content management processing associated with the GUI and the event is executed.

  Display of managed content information such as a managed content list display request, a content management level change request, a content display request, a display page feed request, and a specified page display request as a content management processing request associated with the GUI object described above There is a request. Similarly, data can be input to content using a GUI object, for example, a GUI that mimics a PC keyboard can be presented, content in document format can be written, and an instrument keyboard can be imitated By presenting a GUI, the audio content can be authored.

In the specific embodiment of the present invention described above, event information including an operation target object identification value, an event attribute, and a state value is transmitted from the client processing unit 300 to the server processing unit 330. , The requested content management process is determined from the event information. However, in the present invention, the client processing unit 300 may perform a part of the determination process. For example, for a simple process, the corresponding process of the server processing unit 330 can be called directly from the client processing unit 300 without being a process of transmitting event information.

  In the present invention, it is further possible to input text to the content by keyboard input using the browser 310 as an interface. When the keyboard input operation to the direction key associated with the movement of the cursor for editing the content content or the various keys for character input is detected, the transmission plug-in 306, for example, the input key or the input character string Is converted to input character string information such as an escape sequence, the event attribute indicating that it is keyboard input, the object identification value of the input object currently focused, the input character string information, and the processing target to be written A primary processing request command including specific information is generated and transmitted to the front processing unit 338.

  On the other hand, the front processing unit 338 that has received the primary processing request message determines that it is a key input process from the event attribute and the target object identification value, and the input target object identification value, the processing target specifying information, and the server side The input target and input position such as the page number being edited and the cursor position are specified from the current working state profile held. Further, the front processing unit 338 performs cursor movement processing and character string overwriting based on the input character string information and the input mode such as the overwrite mode or the insertion mode included in the work state profile. A processing request or an insertion processing request is issued to the content management unit 344 after approval in step S207, and the content management unit 344 performs processing for moving the cursor and processing the target content in the content management database. Executes character string insertion processing or character string overwrite processing. Also, using the same processing for character input, the above-mentioned content management processing request can be executed in association with a hot key, shortcut key, or function key. It is also possible to input Japanese using kanji incode or kanji outcode.

  The work state profile is stored in the storage unit of the server processing unit 330 in association with the user profile and user profile additional information, and includes the current display screen identification information, the current cursor position, the coordinates of the selected object, and the like. It is a profile that stores the state. In addition, the work state profile can include processing target identification information corresponding to the specific content currently accessed, and from the client processing unit 300, for specifying the content of the content management processing target one by one. The target content can be identified without receiving the processing target specifying information.

  In the present invention, the browser 310 can be used as an interface to operate the embedded position of the embedded object of the content with the mouse. For example, when an operation such as drag and drop of an embedded image or object is performed, the operation target object identification value, event attribute, and pointer coordinates at the time of event detection (expressed in absolute coordinates on the browser, etc.) A primary processing request command including event information is generated. Regarding operations such as drag-and-drop, it is preferable to determine a request process using a series of events such as a mouse button depression, a mouse movement, and a mouse button release as a processing unit. Therefore, for example, the front processing unit 338 buffers the primary processing request message including a series of event information such as the target object identification value, the pointer coordinates when the mouse button is pressed, and the pointer coordinates when the mouse button is released. A content management processing request command is generated from the input operation information. In the case of moving an embedded object by drag and drop, the movement distance is calculated from the pointer coordinate when the mouse button is pressed down, and the relative distance of the pointer coordinate when the mouse button is released, and drag and drop is performed from the operation target object identification value. Identify the target embedded object. Such a series of processing determinations may be performed on the client side.

  Similar to dragging and dropping embedded objects in content with the mouse, a series of target object identification values, event attributes, and pointer coordinates at the time of event detection (such as absolute coordinates on the browser) generated from a series of mouse operation events Based on the primary processing request command including input operation information (represented by), drawing processing requests for illustration contents and embedded objects, such as drawing straight lines, curves, polygons, and arcs, selection range selection, and selection areas A process request such as nudge can be executed as a content management process. In addition, by performing mapping from mouse pointer coordinates to cursor position information, character string operation processing such as selection of character strings and drag and drop of selected character strings, and processing such as cursor position specification are content management processing. Can be executed. Further, it is possible to detect a drag-and-drop input event such as an image file from outside the window of the browser 310 and paste a locally stored image object or the like on the content.

  The event processing by the browser can be performed using the event monitoring function of the browser, and the browser uses the GUI object included in the display data transmitted from the front processing unit 338 and the event handler associated with each event. It can be implemented by calling an API method included in the plug-in program installed on the side. The API is called upon detection of an associated event, and transmits a primary processing request message including identification information of a GUI object and other information necessary for instructing a content processing request to the front processing unit 338. The display data is created according to browser identification information such as InternetExplorer (trademark) or Netscape (trademark) included in the processing request message from the browser 310, and event processing by the browser is performed using a W3C event model or the like. It can be performed using Java (registered trademark) Script based on the event model according to the browser.

<Section D-5: Content Management Processing>
FIG. 10 shows correspondence information between content management processing and event information held by the server processing unit 330 in a specific embodiment of the present invention. In the present embodiment, the server processing unit 330 corresponds to the content management processing shown in FIG. 10 in order to determine the requested content management processing from the primary request message transmitted from the transmission plug-in 306 of the client processing unit 300. A map 420 is held. The content management processing correspondence map 420 stores an operation target object identification value (object ID) for specifying an object presented to the browser 310 of the client processing unit 300, and a field 420b that stores event information. And a field 420c for storing a content management process (content management process identification value) corresponding to the object identification value of the field 420a and the event of the field 420b. Hereinafter, for convenience, each content management process in the content management system 100 will be described with reference to a client side process and a server side process. A detailed processing sequence in each functional module is omitted as appropriate, and the above description should be referred to.

  In a specific embodiment of the present invention, the server processing unit 330 receives a request to display a list of non-public contents and edit contents associated with a user ID, or public contents with a public level set for the purpose of publishing, and receives a management content list. A display can be presented to the client processing unit 300. The client processing unit 300 that has detected a predetermined input operation such as a click with respect to the GUI associated with the list display request, the object identification value (for example, “image0001”) of the operation target GUI and the event attribute (for example, “ primary processing request message including “click”) is transmitted to the server processing unit 330.

  On the other hand, the server processing unit 330 that has received the primary processing request message makes a determination based on the operation object identification value and the event attribute. For example, “content” corresponding to “image0001” and “click” in the map shown in FIG. Based on the processing content “list display”, it is determined that the request is a list display request. If necessary, a DB name encryption key corresponding to each content management database in the user profile, and a database name and table name corresponding to each DB name encryption key read from the user profile additional information or the user management database, Based on the above, an encrypted name is generated. Further, the server processing unit 330 accesses each content management database using the obtained encrypted name, and stores the content data associated with the subject identification information such as the user ID and the group ID corresponding to the transmission source user. A list including titles and basic attributes is obtained, display data for list display is created, and the list display data is transmitted to the client processing unit 300 as a content management processing response message. Upon receiving the processing response message, the client processing unit 300 presents the display result to the browser 310, and ends the managed content list display processing. In the management content list display, identification of the management level of each content can be improved by associating and presenting the content title and the management level.

  In another embodiment of the managed content list display of the present invention, instead of accessing each content management database of the content / data storage unit 352, a page that holds indexes and keywords of content information in each content management database A managed content list can be obtained by accessing the content information database in the data storage unit 346. Further, by the same processing process, management processing such as tree view display and keyword search result list display can be executed as content management processing similar to the management content list display.

  In a specific embodiment of the present invention, the server processing unit 330 receives a new content creation request from a user having a private content management database, and holds a new content in the private content management database. Database areas such as can be provided. When a predetermined input operation such as a click is detected for the GUI associated with the new content creation request, the client processing unit 300 detects the GUI object identification value (for example, “image0002”) that is the operation target, and the event attribute. A primary processing request message including (for example, “click”) is transmitted to the server processing unit 330.

  On the other hand, the server processing unit 330 that has received the primary processing request message determines the request processing based on the operation object identification value and the event attribute, and corresponds to, for example, “image0002” and “click” in the map shown in FIG. It is determined from the processing content “create new content” that the request is a new content creation request. Then, the encryption name of the private content management database is generated based on the DB name encryption key for the private content management database in the user profile and the database name that can be read from the user profile additional information or the user management database. To do. Subsequently, the server processing unit 330 generates a new table name of a table necessary for storing new single content, obtains an encrypted name from the new table name, and creates a new table in the database. Define. At the same time, the server processing unit 330 registers the new table name before encryption corresponding to the new content in the user profile additional information and the user management database in association with the user ID. Furthermore, the server processing unit 330 transmits a response to the new table creation processing as a content management processing response message to the client processing unit 300. The client processing unit 300 that has received the processing response message presents the display result to the browser 310, and ends the content management processing. In the specific embodiment of the present invention, the management structure in which the table is defined in units of contents is referred to, but the present invention is not limited to this.

  Furthermore, in a specific embodiment of the present invention, in the above-described managed content list display, a GUI associated with each content is presented to the browser and a request for selecting a content in the content management database corresponding to each content is received. Can do. When a predetermined input operation such as a click on the GUI associated with each content is detected, the client processing unit 300, for example, when each content is associated with an object identification value, the GUI that is the operation target. A primary processing request message including an object identification value (for example, “button0001”) and an event attribute (for example, “click”) is transmitted to the server processing unit 330.

  On the other hand, the server processing unit 330 that has received the primary processing request message determines the requested content management processing based on the operation object identification value and the event attribute, and, for example, “button0001” and “button0001” in the map shown in FIG. From the processing content “display content (ID = 0001,0000001)” corresponding to “click”, from the database with the database ID “0000001”, the display request is for the content with the content ID “0001”. Is determined. In the present embodiment, the processing content for the operation target object identification value includes processing target identification information for specifying content, and the content requested to be selected is specified. The client processing unit 300, if necessary, a DB name encryption key corresponding to a content management database that stores the content specified in the user profile, a user profile additional information, or a database name read from the user management database, The encrypted name is generated based on the table name corresponding to the selected content.

  Further, the server processing unit 330 accesses the content management database, inquires the content / data storage unit 352 for the specified display contents of the content data corresponding to the processing target specifying information, and selects from the inquiry result. Content display data is generated and sent to the client processing unit 300 as a processing response message. When transmitting the display data of the selected content as a response message, the processing target specifying information is notified to the client side, and the content to be operated is specified when a content management processing request is made for the specific content thereafter. Used for. Further, the correspondence between the display content of the content included in the display data and the data in the content management database is stored in the work state profile of the storage unit.

  As the size of the specified display content, for example, in the case of content in a document format, it is preferable to use a page unit when the content is in a print form, because writing is possible with a print layout. However, it is not particularly limited. The display content start position may be a position corresponding to the first page, and a page accessed in advance is associated with the content and stored in the content / data storage unit 352 as a history. You may also display a new page. Furthermore, in the present invention, display page designation such as page feed and page designation can be performed by the same processing.

  Furthermore, in a specific embodiment of the present invention, a GUI for requesting a management level change request for private content, edited content, or public content managed by the user is presented in association with, for example, the content in the management content list display described above. The management level change request can be received. By instructing to change the management level online, it is possible to smoothly transition from content creation to publication and use, from the writing stage to the editing / proofreading stage and the publishing stage. The process for changing the management level of private content stored in the private content management database to the public level, that is, the process for copying to the public management database will be described as an example of the management level change processing process. .

  For example, when a predetermined input operation event such as selection by clicking is detected for a GUI having three states associated with a content management level change request, the client processing unit 300 identifies the object of the GUI that is the operation target. A primary processing request command including the value, the detected event attribute, and the state value of the object is generated, and a primary processing request message is transmitted to the server processing unit 330.

  Upon receiving the primary processing request message, the server processing unit 330 determines the requested content management processing based on the operation object identification value and the event attribute. For example, “pulldown0001” and “select” in the map shown in FIG. It is determined that the request is a management level change request based on the processing content “change management level of selected content” corresponding to. Further, the management level change content is specified based on the state value of the object. For example, when specifying the public level setting request from “select (public)” in the map shown in FIG. 10, the server processing unit 330 specifies the content of the management level changing process from the operation target object identification value. Then, a public level setting request including processing target specifying information of the specified content is issued, and processing is executed after approval. At that time, the server processing unit 330 obtains the encrypted name based on the corresponding DB name encryption key in the user profile and the database name and table name obtained from the user profile additional information or the user management database. Access the private content management database.

  The server processing unit 330 that has successfully accessed the private content management database reads the corresponding content data, and further stores a copy of the read content data in the public content management database. In a specific embodiment of the present invention, when unpublished content is made public, content may be newly registered in the public content management database, and content data in the private content management database may not be deleted. . Furthermore, since the public content and the original non-public content are stored in association with each other, the revision work can be smoothly performed thereafter as necessary. Further, the server processing unit 330 reflects the change in the registered content accompanying the change in the management level in the user profile additional information and the user management database, and transmits a processing response message to the browser 310. In a specific embodiment of the present invention, data in a content information database such as an index, a keyword, and keyword position information associated with a change in management level can be updated when registering newly published content.

<Section E: Embodiment of Content Production Using Content Management System>
An embodiment of content production using the content management system 100 of the present invention will be described below. FIG. 11 is a diagram schematically showing a change in management level from content writing to publication in a specific embodiment of the present invention. The content data storage unit 352 includes a private content management database 510, an edited content management database 520, and a public content management database 530. In FIG. 11, the private content management database 510 created for each user having the AUTHOR role and the edited content management database created for each editing request are referred to as one for convenience. The number is not particularly limited.

  The private content management database 510 stores the private content 500a, and the author can access the private content 500a via the browser 310a and write the content. On the other hand, since the editor does not have the DB name encryption key for the private content 500a at this stage, the editor does not have the right to access the content 500a. However, by setting the management level of the non-public content to the edit level using the non-public content 500a of the author as an edit request, the editor who has accepted the edit request acquires the right to access the content. In other words, an edited content management database 520 that is newly associated with the author and the editor is defined and created via the browser 310a in operation OP1, and the private content 500a is copied and edited in the edited content management database 520. Let it be content 500b. At the same time, the DB name encryption key of the edited content management database 520 is stored in the key store in the user data storage unit 350 corresponding to the author and the editor, and the name encryption key is shared. Thereby, the editor can edit and proofread the content of the content 500b via the browser 310b.

  In addition, message exchange between users, such as an edit request from an author user to an editor user, an author request from an editor user to an author user, and a co-author request among multiple author users, and multiple users The key store is exchanged between, for example, a message box for storing a message from another user in association with the subject identification information such as a user ID is defined in the storage unit of the server processing unit 330 and is performed via the message box. Can do. Here, the message box is a storage area in which, for example, the right of full access is set for the associated user ID, and the right of only new writing is set for the other user IDs. The user can confirm whether or not there is a request by confirming the contents of the message box. However, in the present invention, any means can be used for the process for exchanging and sharing the key store as long as it is a method for realizing a safe exchange of information between users in the system. The standard technology used in the private message, and the technology used in the web collaboration known so far can also be used. In another embodiment, in a user management database, a user ID and an E-mail address may be registered in association with each other, and a message having a small security management request may be exchanged by e-mail.

  As described above, by temporarily creating the edited content management database 520 and sharing a common DB name encryption key, collaboration between a plurality of users such as an author and an editor becomes possible. Note that, in a specific embodiment of the present invention, when one user is updating the content of the content 500b being edited, an update process by another user is received until an instruction to complete the update process of the user is received. By using exclusive control that does not allow the execution of the content, it is possible to prevent the confusion of the work state between users accessing the same content, and to maintain the content editing / proofreading consistency.

  On the other hand, the author who requested the editing and confirmed the completion of the editing / proofreading work by the editor, in operation OP2, via the browser 310a, the content 500b is added to the private content 500a in the private content management database 510. The update process is performed with the contents of, and the editing work is completed. If the edited content management database 520 is not necessary for the subsequent processing, the edited content management database 520 can be deleted in operation OP5. Further, the author can set the management level of the content 500a to the public level via the browser 310a in operation OP3, and can copy it as the public content 500c in the public content management database 530. In the case of making the public content private again, the author can delete the public content through the browser 310a in operation OP4.

  Further, according to another embodiment of the content production work of the present invention, the content editing work using the edited content management database is performed simultaneously by the author and the editor by using the communication management unit 348. Work can be done. Hereinafter, the simultaneous collaboration work between the author and the editor using the communication management unit 348 of the present invention will be described with reference to FIG. 5 again. The description will be made on the assumption that the author and the editor have already logged in.

  The front processing unit 338 referred to in a specific embodiment of the present invention is a functional module that executes processing for returning a processing result as a processing response message to the author's browser 310a that has transmitted the processing request message. . On the other hand, when the browser 310b of another editor is accessing the same content, the front processing unit 338 does not transmit a processing response message to the browser 310b, so that the content changed by the browser 310a is the other content. There is a problem that the consistency of the working state may not be maintained unless exclusive control is performed without being reflected in the display content of the editor browser 310b.

  The communication management unit 348 is a functional module provided to solve the above-described problem. In order to reflect the processing result to the browser 310b that accesses the same content and is not the transmission source of the processing request message. This is a functional module having a function of transmitting redisplay data. The communication management unit 348 monitors the user profile stored in the storage unit, and stores the logged-in user ID and the transmission source IP address / port number in association with each other. Further, the communication management unit 348 monitors the work state profile associated with each login user ID that holds the current work state of each user, and the user ID that accesses the specific content management database and content is the user. The ID and the processing target specifying information are stored in association with each other. According to another embodiment of the content production work of the present invention, when the content management unit 344 receiving the processing result of the content management processing request determines that the content management processing is for specific content data, Separately from the above-described content management processing process in the content management processing, a multiple transmission source access determination request including the transmission source user ID of the content management processing request and the processing target specifying information is transmitted to the communication management unit 348.

  The communication management unit 348 that has received the multiple transmission source access determination request includes a user ID other than the transmission source user ID (hereinafter, the user ID associated with the processing target identification information included in the multiple transmission source access determination request). , Refer to as non-transmission source user ID). If the communication management unit 348 determines that the content is not associated with the non-transmission source user ID, the communication management unit 348 notifies the content management unit 344 that access from a plurality of transmission sources has not been performed. The unit 344 ends the processing process for reflecting the processing result to another browser.

  On the other hand, when the non-transmission source user ID is associated, the communication management unit 348 determines that there is currently access from a plurality of transmission sources to the content corresponding to the processing target specifying information, and authentication approval management The display content update process / approval request including the content management process identification value corresponding to the display content update process request, the processing target specifying information, and the non-transmission source user ID is transmitted to the unit 340.

  Upon receiving the display content update processing / approval request, the authentication approval management unit 340 receives the content management processing identification value, the processing target identification information, and the subject identification information stored in the user profile associated with the non-transmission source user ID. Based on the above, an approval process of the display content update process is executed, and an approval process result is returned to the communication management unit 348 as a display update process / approval result response. When the communication management unit 348 is not approved, the communication management unit 348 transmits a display content update processing non-permission response message to the client processing unit 300.

  On the other hand, when the display content update process is approved, the communication management unit 348 issues a display content update process request to the content management unit 344. The content management unit 344 that has received the display content update processing request, based on the display screen identification information stored in the work state profile associated with the non-transmission source user ID and the processing target specifying information, The content update display processing response is transmitted to the communication management unit 348 in cooperation with 352, and the communication management unit 348 generates content update display data, and the IP address associated with the non-transmission source user ID. -Send a display content update message to the port number. For the processing target specifying information associated with the transmission source user ID, a processing process using the communication management unit 348 described above is executed for each associated non-transmission source user ID.

  By using the communication management unit 348 as described above, it is possible to maintain consistency of editing work among collaborators without using exclusive control for content update processing. Further, by sharing the work state information in the work state profile among a plurality of users, it is possible to perform a collaborative work while browsing the same edit screen and content display contents. The simultaneous collaborative work using the communication management unit 348 can be used not only for the author-editor but also for the collaborative work between the authors having a co-authorship relationship.

  The above-described processing process provides the same display screen and input interface on a browser used by two or more users, such as an author and an editor, or a first author and a second author. By using together with chat, voice call system, and video conference system, which are additionally provided to the system 100, it becomes possible to perform simultaneous collaborative work while keeping in touch, and improve the efficiency of editing work. be able to.

  Although the details of the processing in the content management system have been described above, in the above-described embodiment, the operations on the contents of each content management database are described so as to issue an SQL statement to the database and perform an inquiry process one by one. However, it is not limited to this method. For example, the information in the content management database that is the target of the content management process of the login user is stored in the work state profile corresponding to the login user, the content management process is performed on the content management database information of the work state profile, The processing is reflected in the content management database at a certain time, when the system is in an idle state, or when a content management database reflection command is received from the user, thereby reducing the access load to the database. In simultaneous collaborative work using the communication management unit 348, information in the common work state profile is shared among collaborators, and information in the common work state profile is referred to and rewritten. Thus, the update response time can be shortened and the access load to the database can be reduced.

<Section F: Embodiment of Content Usage Using Content Management System>
With reference to FIG. 11 again, an embodiment of content use will be described. In a specific embodiment of content usage using the content management system of the present invention, a user with the role of USER is published in the published content management database 530 via the browser 310c. Access rights for viewing only are given to the contents, for example, the published contents 500c and other published contents 500d and 500e published by the management level change process of the operation OP3, and access to each published contents 500c to 500e, You can browse the contents. In the present invention, content browsing is a display composed of a browsing GUI that does not include a copyright GUI using the same processing process as the content selection request, display page feed request, and specified page display request described above. This can be done using the screen. Note that, in a specific embodiment of the present invention, browsing of content is performed on display data created for each page in a predetermined display range, for example, a printing form of content, for a single browsing request, By not permitting batch download of content, it is possible to prevent duplication of batch content and enhance copyright protection.

  Furthermore, in a specific embodiment of the present invention, content is managed in block units such as chapters, sections, and paragraphs for document format content, and content is managed in image units for illustration and image format content. Public content can be searched and a browsing request can be made in units of these content components. Furthermore, a plurality of content constituent units are registered in the content management database by the author or editor as a content set associated with a layout relationship including order and arrangement. In addition, the user can also associate a plurality of contents and register them as fusion contents. In this case, the authors of the plurality of contents are not prevented from being different. The fused content is registered in the public content management database and the content information database, and the fused content can be newly searched.

  In a specific embodiment of content usage using the content management system of the present invention, the content is managed in units of content components such as a block unit or an image unit, so that it is specified by the author or specified by the viewer The related information of a series of content composition units is stored in the content data storage unit 352 and the content information database.

  In a specific embodiment of content usage using the content management system of the present invention, an evaluation can further be set for the content, and the evaluation is stored in association with the content ID corresponding to the content information database. . The evaluation of the public content can be set based on the input evaluation information by presenting an evaluation input GUI to the viewed user.

  In a specific embodiment of the present invention, when browsing public content by a user, the server processing unit 330 counts the number of pages viewed or counts the browsing time, stores the content usage status, and stores each content. Can be charged using a dedicated line connected to the payment system based on a charge per unit page or per unit time (charging condition) set in advance. Furthermore, based on the copyright holder user ID associated with the content included in the viewed page, the area ratio of the content in the page with respect to each user ID, and the content evaluation information Incentives are prorated according to the set reward ratio and the fee charged to the viewer for each page, and paid by the payment system. Such billing conditions are stored in association with each content ID, and can be set by the author user or editor user using this system.

  The billing process may correspond to credit settlement using a credit card or the like, immediate settlement using a debit card, payment using electronic money, cash payment, or transfer to a financial institution.

  Furthermore, in another embodiment of content use using the content management system of the present invention, the user downloads and encrypts and saves the entire associated content unit in a dedicated playback device, not for each page, Content can be browsed using a dedicated playback device. Encryption is performed using an encryption key stored in a non-replicatable non-volatile memory or smart card of a dedicated playback device, and the encryption key or content data is distributed to the user after the settlement process. The By adopting this configuration, even if the encrypted data is copied to another storage medium, it cannot be played back by other than the downloaded playback device, so that the content is suitably protected in copyright, and the user can You can browse away from. Furthermore, a specific client terminal 112 installed in a bookstore or the like is used as a dedicated terminal, and for printable content, the dedicated terminal is permitted to print the entire content, provided to the user as a printed matter, and charged. be able to.

  Although the present invention has been described with the embodiments shown in the drawings, the present invention is not limited to the embodiments shown in the drawings, and other embodiments, additions, modifications, deletions, etc. It can be changed within the range that can be conceived by a trader, and any embodiment is included in the scope of the present invention as long as the effects and effects of the present invention are exhibited.

  The present invention provides a content management system, a content management system, and a content management system that realizes an online work environment via a network by setting and managing a source of access rights to the content so as to protect the copyright to the maximum extent consistently from content production to publication It can be used as a management method and program.

1 is a schematic diagram of a content management system in a specific embodiment of the present invention. The figure which shows schematic structure of the database server in the specific embodiment of this invention. The block diagram which shows the functional module structure of the content management system in specific embodiment of this invention. The block diagram which shows the function module structure of the client process part in specific embodiment of this invention. The block diagram which shows the more detailed functional module structure of the server process part in specific embodiment of this invention. The figure showing the table structure of the table group A which comprises the user management database managed by the user data storage part in specific embodiment of this invention. It is a figure showing the table structure of the table group B which comprises the user management database managed by the user data storage part in specific embodiment of this invention. The sequence diagram of the user login authentication process in the specific embodiment of the present invention. The figure which shows the process sequence of the main content management processes in specific embodiment of this invention. The figure which shows the corresponding map of the content management process in specific embodiment of this invention. The schematic diagram of the management level change from the writing of content to release in the specific embodiment of this invention.

Explanation of symbols

DESCRIPTION OF SYMBOLS 100 ... Content management system, 102 ... Web application server, 104 ... Database server, 108 ... Firewall, 110 ... Management terminal, 112-116 ... Client terminal, 120 ... User data, 122 ... Content database, 124 ... Page Data 126 ... Storage area 130 ... Network 132 ... Internal network 134 ... Internal segment 200 ... MPU 202 ... Non-volatile memory 204 ... Memory 206 ... Storage control interface 208 ... Storage device 210 ... Internal bus 212... Interface 214 214 I / O device 216 VRAM 218 graphic chip 220 display device 222 NIC 224 network 300 client processing unit 30 ... C communication unit, 304 ... C encrypted communication processing unit, 306 ... transmission plug-in, 308 ... reception plug-in, 310 ... browser, 312 ... authentication plug-in, 314 ... C authentication information storage unit, 320 ... network, 330 ... Server processing unit, 332 ... S communication unit, 334 ... S encrypted communication processing unit, 336 ... S authentication information storage unit, 338 ... front processing unit, 340 ... authentication approval management unit, 342 ... authentication information issuing unit, 344 ... content Management unit, 346 ... Page / data storage unit, 348 ... Communication management unit, 350 ... User / data storage unit, 352 ... Content / data storage unit, 400 ... User information / related table group A, 402 ... User table, 404 ... Roll map table, 406... Managed content DB information table, 408... Managed content table information table, 41 ... user information / related table group B, 412 ... content DB information table, 414 ... content table information table, 416 ... content DB owner information table, 418 ... group table, 420 ... content management processing correspondence map, 500 ... content, 510 ... Non-public content management database, 520 ... Edit content management database, 530 ... Public content management database

Claims (17)

A content management system for managing and providing content via a network, the content management system comprising:
Server means connected to the network and including database means for storing the content;
A reception plug-in connected to the network and receiving display data generated by the server and the server means and including a display command of an area associated with the content management process, and displayed on the browser; and Terminal means including: a transmission plug-in that identifies an input event for the region, generates a request for server means, and transmits a message including the input event and the request to the server means;
The server means receives the message transmitted by the terminal means, identifies the input event detected by the browser and the area where the input has been performed from the message, and stores the input event and the area in the input event. The corresponding commanded content management process is selected and executed, the content stored in the database means is updated, the display data including a result response of the content management process is generated, and the generated display data is Transmitting to the terminal means;
Content management system. The input event is an input operation on a keyboard provided in the terminal means, the message includes input key information for identifying an input key, and the server means performs the input key as the content management process. The content management system according to claim 1, wherein a character string is identified from information, and the character string input process is executed on the content stored in the database unit. The database means includes a private content management database that stores the content for private purposes,
The server means further includes management name storage means for storing a management name including at least one of a database management name of the private content management database and a table management name of a table defined in the private content management database. ,
The private content management database is managed with an encrypted name obtained by the management name corresponding to the private content management database and a name encryption key for encrypting the management name,
The server means uses the encrypted name to access the private content management database and execute the content management process.
The content management system according to claim 1 or 2. The server means includes user data including a user identification value, first certification information associated with the user identification value, and a correspondence relationship between the user identification value and the management name of the private content management database. Including user data storage means for storing,
The terminal means includes authentication information storage means for storing second certification information and the name encryption key corresponding to the private content management database,
The server means compares the second certification information received from the terminal means with the first certification information included in the user data and corresponding to the user identification value received from the terminal means, and An authentication means for executing the process;
Approving means for approving the execution of the content management process in accordance with the user identification value;
The content management system according to claim 3. The content management system further comprises second terminal means connected to the network,
The database means further includes an edited content management database for storing the content being edited,
The management name storage means stores the management name corresponding to the edited content management database,
The server means includes name encryption key issuing means for issuing a second name encryption key for encrypting the management name of the edited content management database;
The edited content management database is managed with a second encrypted name obtained by the corresponding management name and the second name encryption key,
The server means, as the content management process, uses the encrypted name corresponding to the private content management database and the encrypted name corresponding to the edited content management database in the private content management database. Copying the stored content to the edited content management database;
Transmitting the second name encryption key to the terminal means and the second terminal means;
The content management system according to claim 3 or 4. The database means stores a public content management database storing the content to be published, the content, a user identification value corresponding to the author of the content, and a charging condition for browsing the content in association with each other. ,
The server means extracts content display content from the public content management database in response to a browsing instruction request transmitted from the terminal means, generates the display data including the content display content, and generates the display data To the terminal means,
Calculating a charging fee from the user identification value corresponding to the author of the content included in the display data and the charging condition, and executing a charging process;
The content management system according to any one of claims 1 to 5. The database means further stores a plurality of the contents as a content set in association with the order or arrangement,
In response to a browsing instruction request transmitted from the terminal unit, the server unit extracts content display content corresponding to the content included in the content set from the public content management database, and displays the content display content. Generating the display data including,
The content management system according to claim 6. A server means including a database means for managing and providing content via the network and connected to the network and storing the content; a browser connected to the network; and a presentation command for an area associated with the content management processing Receiving display data for generating display data from the server means, identifying a receiving plug-in to be displayed on the browser and an input event for the area of the browser, generating a request for the server means and the input A content management method in a content management system, including terminal means including a transmission plug-in that transmits a message including an event and the request to the server means, and the content management method includes:
Receiving the message transmitted by the terminal means;
Identifying the input event detected by the browser and the area where the input has been performed from the message;
Selecting and executing a commanded content management process corresponding to the input event and the region, and updating the content stored in the database means;
A content management method for causing the server means to execute the step of generating the display data including the updated content and transmitting the generated display data to the terminal means. The input event is an input operation on a keyboard provided in the terminal means, and the message includes input key information for identifying an input key,
9. The content according to claim 8, wherein the updating step is a step of identifying a character string from the input key information and executing the character string input process on the content stored in the database means. Management method. The updating step further comprises:
Determining whether it is a request to create a private content management database;
Creating a new private content management database as the content management process when it is determined that it is a request to create the private content management database,
The step of creating the new private content management database includes:
Generating a management name including at least one of a database management name of the private content management database and a table management name of a table defined in the private content management database, and storing the management name in the database means; ,
Generating a name encryption key for encrypting the management name of the private content management database;
Generating an encrypted name of the private content management database using the management name and the name encryption key;
Defining and creating the private content management database using the management name;
Transmitting the name encryption key to the terminal means.
The content management method according to claim 8. The content management method further includes the step of receiving the message including a name encryption key transmitted from the terminal means;
Generating the encrypted name using the management name stored by the database means and the name encryption key included in the message;
The updating step includes:
The content management method according to claim 10, further comprising a step of executing the content management process by accessing the private content management database using the encrypted name. The server means stores user data including a user identification value and first certification information associated with the user identification value, and the content management method further includes:
The second proof information received from the terminal means is compared with the first proof information stored in the user data corresponding to the user identification value received from the terminal means, and an authentication process is executed. Steps,
An approval step of approving execution of the content management process according to the user identification value,
The content management method according to any one of claims 8 to 11. A computer-executable program for causing an information processing apparatus to execute a content management method for managing and providing content via a network,
The program is
Database means for storing the content;
Functional means for receiving a message transmitted by a terminal means via a transmission plug-in;
From the message, the function means for specifying the input event detected by the browser of the terminal means and the area where the input was performed;
Functional means for selectively executing the commanded content management process corresponding to the input event and the region to update the content stored in the database means;
A function unit that generates display data including the updated content and transmits the generated display data to a reception plug-in of the terminal unit is realized in the information processing apparatus.
program. The input event is an input operation on a keyboard provided in the terminal means, and the message includes input key information for identifying an input key,
14. The functional means for updating is a functional means for identifying a character string from the input key information and executing input processing of the character string on the content stored in the database means. Program. The updating function means further includes:
Functional means for determining whether or not the request is for creating a private content management database;
A function unit that creates a new private content management database as the content management process when it is determined that the request is a creation request for the private content management database, and a function unit that creates the new private content management database Is
Functional means for generating a management name including at least one of a database management name of the private content management database and a table management name of a table defined in the private content management database, and storing the management name in the database means When,
Functional means for generating a name encryption key for encrypting the management name of the private content management database;
Functional means for generating an encrypted name of the private content management database using the management name and the name encryption key;
Functional means for defining and creating the private content management database using the management name;
Functional means for transmitting the name encryption key to the terminal means,
The program according to claim 13. The function means for receiving comprises:
Receiving the message including the name encryption key transmitted from the terminal means;
The program is
Using the management name stored in the database means, and the function means for generating the encrypted name using the name encryption key included in the message,
The functional means for updating is
Using the encrypted name, including functional means for accessing the private content management database and executing the content management processing;
The program according to claim 15. The program further includes:
Functional means for storing user data that includes user identification values and user data including first certification information associated with the user identification values;
A function of performing authentication processing by comparing the second certification information received from the terminal means and the first certification information corresponding to the user identification value received from the terminal means, included in the user data Means,
Functional means for approving the execution of the content management process according to the user identification value,
The program according to any one of claims 14 to 16.

Images