JP2009193456A - User privilege management device, user privilege management method, program for realizing the management method by computer, and recording medium in which the program is recorded - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To perform data processing based on the privilege granted to a user appropriately. <P>SOLUTION: A main CPU 192 of a user privilege management device 154 executes a program that, in the case where a system administrator applies for the addition of a user to a privileged group, executes a step (S282) for determining whether or not a privileged user that has issued a privileged user addition approval command has accessed, executes a step (S284) for approving a user for whom the addition to the privileged group is applied for, and adding the user to the privileged group if the privileged user accesses (YES in S282), and does not approve the addition of a user to the privileged group if the user that has accessed is not a privileged user (NO in S282). <P>COPYRIGHT: (C)2009,JPO&INPIT

Description

  The present invention relates to a technique for managing user authority, and more particularly, to a technique for accurately managing user authority using a network system.

  Conventionally, in the use of a network system, a user who can browse is restricted with respect to secure data such as a log file of an image job. Therefore, the system administrator of the network system usually grants the authority to view specific data to a specific user, and management is performed so that only the authorized user can view the specific data. Is done.

Patent Document 1 discloses a technique for an image data manager to authorize a specific group of users to view this image data.
JP 2004-310286 A

  In a conventional system, a system administrator can grant an arbitrary authority to an arbitrary user. In the technique described in Patent Document 1, it is assumed that not only a specific group of users but also an image data manager (corresponding to a system manager) can view the image data.

  By the way, there is a case where data related to personal information such as personnel evaluation is managed by a network system, and only the user in the managerial position wants to permit browsing and editing of this data. In such cases, there is a problem that even a system administrator who does not have the authority to view or edit such personal information can view or edit the contents. . That is, there is a problem that data that should be managed so that only managers of a predetermined position or higher can be viewed or edited can be handled similarly by a system administrator who is not a manager.

  When the technique described in Patent Document 1 is applied to such a system, not only a user in a managerial position but also a system administrator can view and edit this data. This is because the system administrator can grant arbitrary authority to himself. There is a problem with a system that permits a system administrator who should not be able to view data to view the data.

  Further, even in the case of managers, in many cases, different hierarchical authorities are given, and there is usually a difference in authority between upper managers and lower managers. It is cumbersome to finely manage browsing and editing data in an appropriate manner in response to such differences in authority.

  Therefore, the object of the present invention is to manage the authority so that only a user having a specific authority can operate, even a user who does not belong to the group cannot operate the data. A user authority management apparatus, a user authority management method, a program for realizing the method on a computer, and a recording medium on which the program is recorded are provided.

  Another object of the present invention is to provide a user authority management device and a user authority management that can easily and precisely manage authority for data operation by giving a difference to authority of a user having authority to operate specific data. A method, a program for realizing the method on a computer, and a recording medium on which the program is recorded are provided.

  A user authority management device according to an aspect of the present invention is used in a system that permits processing on information based on authority that a user has. This user authority management device uses a storage means for storing a user's authority for processing and a user authority stored in the storage means, and grants the authority to the user based on the approval of the authorized user. Or determining means for determining whether or not deletion is possible.

  Preferably, the user authority management apparatus further includes an accepting unit for accepting an application for granting or deleting authority. The determining unit includes a unit for determining whether or not to grant or delete the authority received by the receiving unit based on the approval.

  More preferably, the user authority management apparatus further includes means for determining whether or not to grant the authority based on the approval of the specific user when there is no authorized user. More preferably, the specific user is an administrative user who has no authority but registers the user in the system.

  More preferably, the user authority management apparatus further includes means for storing the degree of importance of the authorized user for each authorized user. The determining means includes means for determining whether or not to grant or delete authority based on the approval of the authorized user and its importance.

  More preferably, the user authority management device further includes a receiving unit for receiving an application for changing the importance level. The determining unit further includes a unit for determining whether or not an application for a change in importance received by the receiving unit is accepted based on the approval of the authorized user.

  More preferably, the degree of importance can be accumulated, and the determining means determines whether to grant or delete authority based on an integrated value of importance of users who approve the granting or deleting of authority among a plurality of authorized users. Means for determining availability;

  More preferably, the means for determining includes granting the authority based on a comparison between a predetermined value and an integrated value of the importance of users who have approved the granting or deleting of the authority among the authorized users. Or comparison means for determining whether or not deletion is possible.

  More preferably, the comparison means includes means for approving grant or deletion of authority when the integrated value exceeds a predetermined value.

  More preferably, the means for determining includes granting or deleting of authority based on a comparison between the integrated value of importance of the user who approves the granting or deleting of authority and the integrated value of importance of the opposite user. Comparing means for determining availability is included.

  More preferably, the comparison unit is configured to approve the grant or deletion of the authority when the integrated value of the importance level of the user who approves whether the authority is granted or deleted is larger than the integrated value of the importance level of the opposite user. Including means.

  More preferably, the user authority management device determines whether to permit the processing based on the importance level of the user in response to receiving a request to execute the certain processing from the certain user. Means are further included.

  More preferably, the user authority management device further includes means for changing the importance level of the user based on the number of executions of the user's process.

  A user authority management method according to a second aspect of the present invention is a user authority management method used in a system that permits a process for information based on an authority possessed by a user. A step of storing the authority, and a step in which the arithmetic processing unit determines whether or not to grant or delete the limit to the user based on the authority stored in the storage device and the approval of the authorized user. .

  A computer program according to a third aspect of the present invention is a computer program that realizes, by a computer, a user authority management device that permits processing of information based on the authority possessed by the user. The storage means for storing the authority and the determination means for determining whether or not to grant or delete the authority for the unprivileged user based on the approval of the authorized user using the authority of the user stored in the storage means To function as.

  Hereinafter, embodiments of the present invention will be described in detail with reference to the accompanying drawings. In the following description, the same parts or processes are denoted by the same reference numerals. Their functions and names are also the same. Therefore, detailed description thereof will not be repeated.

<First Embodiment>
Hereinafter, a user authority management system according to a first embodiment of the present invention will be described with reference to FIGS.

[User Configuration]
FIG. 1 is a diagram showing management targets (user configuration and authority) of a network system including a user authority management system according to the present embodiment.

  Referring to FIG. 1, a management target 100 of a network system includes a general user 116 who is permitted only limited use of the network system (hereinafter, such a user may be simply referred to as a user), A system administrator 102 having the authority to manage the network system, and a user belonging to the privileged group 110 having the authority to operate all data handled in the network system (hereinafter, a user having such authority is simply referred to as a privileged user). May be described). By adding a user registered in the system as a general user 116 to the privileged group 110, the user gains authority as a privileged user and can operate on all data in the system. The data that can be processed by the privileged user may be specific data, not all data in the network system.

  The system administrator 102 can additionally register an unregistered user as a general user 116 who can participate in the network, or can make an application for adding the general user 116 to the privileged group 110 to the privileged user. An additional authority 104, a user deletion authority 106 that can cancel the registration of the general user 116, and can make an application for deleting a privileged user belonging to the privileged group 110 from the privileged group 110, a network A user number change authority 108 that can register the upper limit number of general users 116 that can be registered in the system and can change the number of users that can be registered in the privilege group 110. It should be noted here that the process of adding a user to the privileged group 110 and deleting a privileged user from the privileged group 110 is not necessarily performed immediately by the system administrator 102, but can only be applied. In particular, it requires the approval of privileged users.

  A user (privileged user) belonging to the privileged group 110 has a privileged group approval authority 112 that allows the system administrator 102 to approve an application for adding a privileged user and an application for deleting a privileged user, and specific data in the network system. And a privileged group asset usage authority 114 capable of processing

  In other words, in the present embodiment, the system administrator 102 cannot add the general user 116 to the privileged group 110, but can only apply for addition. The same applies to deleting a user from the privilege group 110. When the privileged user approves these applications, it is possible to add a user to the privileged group 110 and delete a user from the privileged group 110.

[Network environment]
FIG. 2 is a diagram showing a network environment of the network system 150 in which the user authority management system according to the present embodiment is operating.

  Referring to FIG. 2, a network system 150 is connected to a network line 152 and a user authority management server 154 that is connected to the network line 152 and operates a user authority management system for managing the authority of the user who uses the network system 150. And terminals 156A, 156B, and 156C connected to the network line 152, and a data server 158 that is connected to the network line 152 and manages specific data that can be browsed only by the privileged group 110.

  Note that the hardware configurations of the terminals 156A, 156B, and 156C are not necessarily the same, but are basically similar.

[Hardware configuration]
FIG. 3 is a diagram illustrating a hardware configuration of the user authority management server 154.

  Referring to FIG. 3, a user authority management server 154 is connected to a NIC (Network Interface Card) 190 for communicating with the data server 158 or the terminals 156A to 156C via the network line 152, and the NIC 190. A main CPU (Central Processing Unit) 192, a ROM (Read Only Memory) 194 for storing a user's authority management program, and the main CPU 192, which are connected to the bus 206, are connected to the bus 206. A RAM (Random Access Memory) 196 used as a memory, an HDD (Hard Disk Drive) 198 for providing storage areas for various programs, and a main CPU 192 are used. And a storage device 200 for storing various tables used when executing the program that manages The rights.

  A program for managing the authority of the user stored in the ROM 194 includes a privileged user addition application program for accepting an application for adding a general user 116 to the privileged group 110 from the system administrator 102, and a privileged user addition approval program for approving the additional application. And a privileged user deletion application program that accepts a request for deleting a privileged user from the privileged group 110 from the system administrator 102, and a privileged user deletion approval program that approves the deletion application.

  The storage device 200 includes a user management table 202 for storing information related to all users, and a privilege group management table 204 for storing information related to users belonging to the privilege group 110.

[Configuration of User Management Table 202]
FIG. 4 is a diagram showing the configuration of the user management table 202.

  Referring to FIG. 4, user management table 202 is defined by a user ID field for storing an identifier for uniquely identifying a user in network system 150, a user name field for storing a user name, and a user. A password field for storing a password and a group field for storing information on a group to which the user belongs.

  When the user is the system administrator 102, information indicating “system administrator 102” is stored in the group field of the record of the user. When the user is a general user 116, information indicating “general user 116” is stored in the group field of the record.

[Configuration of Privileged Group Management Table 204]
FIG. 5 is a diagram showing the configuration of the privilege group management table 204.

  Referring to FIG. 5, privileged group management table 204 includes a group ID field, a group name field for storing the name of each group, and a user ID field for storing user IDs of users belonging to each group. including.

  There are three groups in the privilege group 110. These include a “privileged group (approval)” to which users belonging to the privileged group 110 belong, a “privileged group (additional candidate)” to which users who have been applied for addition to the privileged group 110 but have not yet been approved, It consists of a “privileged group (deletion candidate)” to which a user who has applied for deletion from the group 110 but has not yet been approved.

Software configuration
6 to 9 are flowcharts showing a control structure of a program for managing the privilege group 110, which is executed by the user authority management server 154 according to the present embodiment. Various functions of the user authority management server 154 are realized by the main CPU 192 executing these programs. These programs are executed by accepting a console command of the user authority management server 154 or a command inputted by logging in to the user authority management server 154 from the terminals 156A to 156C.

(Privileged user addition application program)
FIG. 6 shows the privileges executed by the main CPU 192 when the system administrator 102 accesses the user authority management server 154 to apply for adding a user to the privileged group 110 and enters a privileged user addition application command. It is a flowchart which shows the control structure of a user addition application program. When inputting this command, it is assumed that the password of the accessor and the user ID to be added are input as arguments. The control structure of the privileged user addition application program will be described below with reference to the flowchart shown in FIG.

  In step (hereinafter, step is described as S) 250, the main CPU 192 refers to the user management table 202 and determines whether or not a correct password for the accessor has been input. If the correct password is input (YES in S250), the process proceeds to S252. If not (NO in S250), the process returns to S250 and waits until the correct password is input. In S252, the main CPU 192 determines whether or not the accessing person is the system administrator 102. At this time, the main CPU 192 searches the user management table 202 for a record that matches the user name and password of the accessor, and whether or not information indicating the system administrator 102 is stored in the group field of this record. Determine whether. If it is determined that the accessor is system administrator 102 (YES in S252), the process proceeds to S254. If not (NO in S252), this process ends (this program ends immediately without doing anything).

  In S254, the main CPU 192 adds the user ID of the user to be added (the user ID input as an argument when the command is input) to the user ID field of the privilege group (addition candidate) record of the privilege group management table 204. . In S256, main CPU 192 determines whether there is an authorized privileged user. At this time, the main CPU 192 determines whether or not one or more user IDs exist in the user ID field of the privilege group (approval) record of the privilege group management table 204. If it is determined that there is an authorized privileged user (YES in S256), this process ends (this program ends immediately without doing anything). If not (NO in S256), the process proceeds to S258.

  In S258, the main CPU 192 copies the user ID added to the privilege group (addition candidate) record of the privilege group management table 204 to the user ID field of the privilege group (approval) record of the privilege group management table 204. The copied user is deleted from the user ID field of the privilege group (additional candidate) record. Thereafter, this process ends.

(Privileged user addition approval program)
FIG. 7 illustrates a case where a user (privileged user) in the privileged group 110 accesses the user authority management server 154 to approve a user addition application to the privileged group 110 and inputs a privileged user addition approval command. It is a flowchart which shows the control structure of the privileged user addition approval program performed by CPU192. When inputting this command, it is assumed that the password of the accessor and the user ID to be additionally approved are input as arguments. The control structure of the privileged user addition approval program will be described below with reference to the flowchart shown in FIG.

  In S280, the main CPU 192 determines whether or not the correct password for the accessor has been input in the same manner as in S250. If the correct password is input (YES in S280), the process proceeds to S282. If not (NO in S280), the process returns to S280 and waits until the correct password is input. In S282, the main CPU 192 determines whether or not the accessor is a privileged user. At this time, the main CPU 192 acquires the user ID of the accessor from the user management table 202, and whether or not the acquired user ID exists in the user ID field of the privilege group (approval) record of the privilege group management table 204. Determine. If it is determined that the accessor is a privileged user (YES in S282), the process proceeds to S284. If not (NO in S282), this process ends (this program ends immediately without doing anything).

  In S284, the main CPU 192 determines that the user ID stored in the user ID field of the privilege group (addition candidate) record in the privilege group management table 204 includes the user ID input as an argument when the command is input ( If there is no user ID, it is preferable to notify the user of the possibility of an argument input error.), The user ID is copied to the user ID field of the privilege group (approval) record of the privilege group management table 204. The copied user is deleted from the user ID field of the privilege group (additional candidate) record. Thereafter, this process ends.

(Privileged user deletion application program)
FIG. 8 shows the privileges executed by the main CPU 192 when the system administrator 102 accesses the user authority management server 154 to apply for user deletion from the privilege group 110 and enters a privileged user deletion application command. It is a flowchart which shows the control structure of a user deletion application program. When executing this command, it is assumed that the password of the accessor and the user ID of the user to be deleted are input as arguments. The control structure of the privileged user deletion application program will be described below with reference to the flowchart shown in FIG.

  In S300, the main CPU 192 determines whether or not a correct password for the accessor has been input in the same manner as in S250. If the correct password is entered (YES in S300), the process proceeds to S302. If not (NO in S300), the process returns to S300 and waits until a correct password is input. In S302, the main CPU 192 determines whether or not the accessing person is the system administrator 102 in the same manner as in S252. If it is determined that the accessing person is system administrator 102 (YES in S302), the process proceeds to S304. If not (NO in S302), the process ends (this program ends immediately without doing anything).

  In S304, the main CPU 192 adds the user ID of the user to be deleted (the user ID input as an argument when the command is input) to the user ID field of the privilege group (deletion candidate) record in the privilege group management table 204. . Thereafter, this process ends.

(Privileged user deletion approval program)
FIG. 9 illustrates a case where a user (privileged user) in the privileged group 110 accesses the user authority management server 154 to approve a user deletion application from the privileged group 110 and inputs a privileged user deletion approval command. It is a flowchart which shows the control structure of the privileged user deletion approval program performed by CPU192. When inputting this command, it is assumed that the password of the accessor and the user ID of the user to be deleted are input as arguments. The control structure of the privileged user deletion approval program will be described below with reference to the flowchart shown in FIG.

  In S330, the main CPU 192 determines whether or not a correct password for the accessor has been input in the same manner as in S250. If the correct password is entered (YES at S330), the process proceeds to S332. If not (NO in S330), the process returns to S330 and waits until a correct password is input. In S332, the main CPU 192 determines whether or not the accessor is a privileged user as in S282. If it is determined that the accessor is a privileged user (YES in S332), the process proceeds to S334. If not (NO in S332), this process ends (this program ends immediately without doing anything).

  In S334, the main CPU 192 has the user ID input as an argument at the time of command input in the user ID stored in the user ID field of the privilege group (deletion candidate) record of the privilege group management table 204, and If the user ID is among the user IDs stored in the user ID field of the privilege group (approval) record (if there is no user ID, the user may be notified of the possibility of an argument input error). Preferably, the user ID is deleted from the user ID field of the privileged group (approval) record and the user ID field of the privileged group (deletion candidate) record. Thereafter, this process ends.

[Operation]
The operation of the user authority management server 154 according to the present embodiment based on the above-described structure and flowchart will be described separately for each case. It should be noted that the user management table 202 includes a plurality of general user 116 records, and it is assumed that there is at least one person having the authority of the system administrator 102 among the general users 116.

(Application for additional privileged users by general users 116 other than the system administrator 102)
An operation when a general user 116 other than the system administrator 102 accesses the user authority management server 154 from the terminal 156 and inputs a privileged user addition application command in order to apply for granting authority of the privileged group 110 will be described. . After this access, the user authority management server 154 executes the privileged user addition application program shown in FIG.

  The user authority management server 154 receives a user name, a password, and a user name to be additionally applied from a general user 116 other than the system administrator 102 who is an operator of the terminal 156, and receives a correct password from the general user 116. (S250). When the correct password is input from general user 116 (YES in S250), user authority management server 154 refers to user management table 202 to determine whether the accessor has authority of system administrator 102 or not. In this case, it is determined that the accessing person is not the system administrator 102 (NO in S252). In this case, since the user authority management server 154 ends the privileged user addition application program, nothing is processed.

(Application for additional privileged user by system administrator 102: no privileged user)
An operation when the system administrator 102 accesses the user authority management server 154 from the terminal 156 and inputs a privileged user addition application command in order to apply for granting the authority of the privileged group 110 will be described. After this access, the user authority management server 154 executes the privileged user addition application program shown in FIG.

  The user authority management server 154 receives a user name, a password, and a user name as an additional application target from the system administrator 102 who is an operator of the terminal 156, and receives a correct password from the system administrator 102. (S250). When the correct password is input from system administrator 102 (YES in S250), user authority management server 154 refers to user management table 202 to determine whether the accessor has authority of system administrator 102 or not. In this case, it is determined that the accessing person is the system administrator 102 (YES in S252).

  In the privilege group (additional candidate) of the privileged group management table 204, the user ID of the user who becomes the additional application target is stored (S254). Here, since there is no privileged user (NO in S256), the user authority management server 154 approves the grant of the authority of the privilege group 110 to the user to be added (S258).

(Approval by the user after application for addition of privileged user by the system administrator 102)
An operation when the system administrator 102 accesses the user authority management server 154 from the terminal 156 and inputs a privileged user addition application command in a state where there is at least one privileged user will be described. After this access, the user authority management server 154 executes the privileged user addition application program shown in FIG.

  The operation until the user ID of the user to be added is stored in the privilege group (addition candidate) in the privilege group management table 204 is as described above. Here, since there is a privileged user (YES in S256), the privileged user addition application program by the user authority management server 154 ends (that is, at this time, this general user 116 is not approved as a privileged user). .

  When a privileged user accesses the user authority management server 154 from the terminal 156 and inputs a privileged user addition approval command in order to approve the granting of the authority of the privileged group 110, the user authority management server 154 executes the privileged user addition approval program. (FIG. 7) is executed.

  The user authority management server 154 receives the user name and password from the privileged user and waits until the correct password is input from the privileged user (S280). When the correct password is input from this privileged user (YES in S280), user authority management server 154 refers to user management table 202 and privileged group management table 204 to determine whether the accessor is a privileged user. Is determined, and it is determined that the accessor is a privileged user (YES in S282).

  The user ID stored in the privilege group (addition candidate) of the privilege group management table 204 is copied by the user authority management server 154 to the group ID field of the record of the privilege group (approval), and the privilege group (addition candidate). ) Is deleted from the group ID field of the record (S284). That is, the user authority management server 154 has approved the grant of authority of the privileged group 110 to the general user 116 as an additional application target (that is, the general user 116 has been approved as a privileged user. ).

  On the other hand, when the general user 116 who does not have the authority of the privilege group 110 accesses the user authority management server 154 from the terminal 156 and inputs the privileged user addition approval command in order to approve the grant of the authority of the privilege group 110, The privilege authorization user addition approval program (FIG. 7) is executed by the user authority management server 154.

  The user authority management server 154 receives the user name and password from the general user 116 and waits until the correct password is input from the general user 116 (S280). When a correct password is input from general user 116 (YES in S280), user authority management server 154 refers to user management table 202 and privileged group management table 204 to determine whether the accessor is a privileged user. Is determined, and it is determined that the accessor is not a privileged user (NO in S282). In this case, since the user authority management server 154 ends the privileged user addition approval program, nothing is processed. That is, the user authority management server 154 does not approve the granting of the authority of the privilege group 110 to the general user 116 that is an additional application target (that is, it is approved that the general user 116 becomes a privileged user). Not.)

(Application for deleting privileged users by general users 116 other than the system administrator 102)
An operation when a general user 116 other than the system administrator 102 accesses the user authority management server 154 from the terminal 156 and inputs a privileged user deletion application command in order to apply for deprivation of the authority of the privileged group 110 will be described. . After this access, the user authority management server 154 executes the privileged user deletion application program shown in FIG.

  The user authority management server 154 receives a user name, a password, and a user name to be additionally applied from a general user 116 other than the system administrator 102 who is an operator of the terminal 156, and receives a correct password from the general user 116. (S300). When the correct password is input from general user 116 (YES in S300), user authority management server 154 refers to user management table 202 to determine whether the accessor has authority of system administrator 102 or not. In this case, it is determined that the accessing person is not the system administrator 102 (NO in S302). In this case, since the user authority management server 154 ends the privileged user deletion application program, nothing is processed.

(Application for deleting privileged user by system administrator 102)
An operation when the system administrator 102 accesses the user authority management server 154 from the terminal 156 and inputs a privileged user deletion application command in order to apply for deprivation of the authority of the privileged group 110 will be described. After this access, the user authority management server 154 executes the privileged user deletion application program shown in FIG.

  The user authority management server 154 receives a user name, a password, and a user name as an additional application target from the system administrator 102 who is an operator of the terminal 156, and receives a correct password from the system administrator 102. (S300). When the correct password is input from system administrator 102 (YES in S300), user authority management server 154 refers to user management table 202 to determine whether the accessor has authority of system administrator 102 or not. In this case, it is determined that the accessing person is the system administrator 102 (YES in S302).

  In the privilege group (deletion candidate) of the privilege group management table 204, the user ID of the user who is the application target for deletion is stored (S304). At this time, the user authority management server 154 copies the deletion target user ID stored in the privilege group (approval) record of the privilege group management table 204 to the privilege group (deletion candidate) record.

(Approval by the user after application for deletion of privileged user by the system administrator 102)
When a privileged user accesses the user authority management server 154 from the terminal 156 and inputs a privileged user deletion approval command in order to deprive the grant of authority of the privileged group 110, the user authority management server 154 causes the privileged user deletion approval program. (FIG. 9) is executed.

  The user authority management server 154 receives the user name and password from the privileged user and waits until the correct password is input from the privileged user (S330). When the correct password is input from this privileged user (YES in S330), user authority management server 154 refers to user management table 202 and privileged group management table 204 to determine whether the accessor is a privileged user. Is determined, and it is determined that the accessor is a privileged user (YES in S332).

  The user ID stored in the privilege group (deletion candidate) of the privilege group management table 204 is deleted from the group ID field of the privilege group (approval) record by the user authority management server 154, and the privilege group (deletion candidate) is deleted. ) Is also deleted from the group ID field of the record (S334). In other words, the user authority management server 154 has approved the privilege deprivation of the privileged group 110 for the privileged user that is the object of the deletion application (that is, the privileged user has been deleted from the privileged group 110). .

  On the other hand, when the general user 116 who does not have the authority of the privilege group 110 accesses the user authority management server 154 from the terminal 156 and inputs the privileged user deletion approval command in order to approve the deprivation of the authority of the privilege group 110, The privilege authority user deletion approval program (FIG. 9) is executed by the user authority management server 154.

  The user authority management server 154 receives the user name and password from the general user 116 and waits until the correct password is input from the general user 116 (S330). When a correct password is input from general user 116 (YES in S330), user authority management server 154 refers to user management table 202 and privileged group management table 204 to determine whether the accessor is a privileged user. Is determined, and it is determined that the accessor is not a privileged user (NO in S332). In this case, since the user authority management server 154 ends the privileged user deletion approval program, nothing is processed. That is, the user authority management server 154 does not approve the deprivation of the authority of the privilege group 110 to the privileged user that is the application target for deletion (that is, it is approved that this privileged user becomes the general user 116. Not.)

  As described above, according to the user authority management server according to the present embodiment, only a general user (privileged user) having the privilege of the privilege group is allowed to grant and revoke the privilege of the privilege group. Therefore, only a general user who has the privilege of the privilege group can decide to grant or revoke the privilege of the privilege group, and the system administrator 102 of the network system applies for grant or revoke the privilege of the privilege group. However, it cannot be determined, and information managed in the privilege group cannot be freely manipulated.

[Modification]
In the above-described embodiment, the user authority management server 154 permits only privileged users to grant privilege groups and approve removal. However, the present invention is not limited to such an embodiment. For example, specific data that can be operated by a privileged user is registered in the data server 158, and for which general user (not belonging to a privilege group) this specific data can be viewed or edited. , A privileged user may be allowed to approve. Specifically, only a specific data is permitted to be viewed or edited while being a general user rather than a privileged user.

<Second Embodiment>
The user authority management system according to the second embodiment of the present invention will be described below with reference to FIGS. In the following description, description of the same structure, the same process, and the same operation as those in the first embodiment will not be repeated here. In this embodiment, in order to manage privileged users 1160 having different authorities, each privileged user 1160 has a concept of points (the degree of importance of privileged users).

[User Configuration]
FIG. 10 is a diagram corresponding to FIG. 1 in the first embodiment. FIG. 10 is a diagram showing management targets (user configuration, authority, and service) of the network system including the user authority management system according to the present embodiment. Referring to FIG. 10, network system management target 1000 includes system administrator 1020 corresponding to system administrator 102 in FIG. 1, privilege group 1100 corresponding to privilege group 110 in FIG. 1, data browsing, and data editing. (Execution, deletion), service 1200 such as external access, point change, privileged user addition, privileged user deletion, and the like.

  The system administrator 1020 has a point designation authority 1022 in addition to the user addition authority 104 and the user deletion authority 106. The point designation authority 1022 is an authority that can determine a point of a general user to be applied for addition when applying for a privileged user addition for adding a general user to the privileged user 1160.

  The privileged user 1160 belonging to the privileged group 1100 has the privileged group approval authority 112 and the privileged group asset use authority 114, and in addition, the point 1162 is managed for each privileged user 1160. With this point, even if it is privileged user 1160, only a specific service can be executed, or whether the application for addition or deletion and the point change application are approved as the sum of the points of a plurality of privileged users 1160 Is judged.

[Network environment]
FIG. 11 is a diagram corresponding to FIG. 2 in the first embodiment. FIG. 11 is a diagram showing a network environment of a network system in which the user authority management system according to the present embodiment is operating. Referring to FIG. 11, network system 1500 includes a user authority management server 1540 that executes a program different from user authority management server 154 instead of user authority management server 154 shown in FIG. 2. Details of the different programs will be described later.

[Hardware configuration]
FIG. 12 is a diagram corresponding to FIG. 3 in the first embodiment. FIG. 12 is a diagram showing a hardware configuration of the user authority management server 1540 of the user authority management system according to the present embodiment.

  The program for managing the authority of the user stored in the ROM 194 shown in FIG. 12 includes a privileged user addition application program that accepts an application for adding the general user 116 to the privileged group 1100 from the system administrator 1020, and a general user to the privileged group 1100. The privileged user addition approval program that approves the additional application, the point grant program at the time of service execution that grants points to the privileged user 1160 at the time of execution of the service permitted to the privileged user 1160, and the privileged user 1160 A point changing program for changing points, and a privileged user deleting program for deleting the privileged user 1160 from the privileged group 1100.

  As shown in FIG. 12, the user authority management server 1540 includes a storage device 2000 instead of the storage device 200 of the user authority management server 154 shown in FIG. The storage device 2000 stores a point list table 2100 and a service list table 2200 in addition to the user management table 202 of the storage device 200 shown in FIG. The storage device 2000 also stores a privilege group management table 2040 obtained by adding another table to the privilege group management table 204 shown in FIG. The privilege group management table 2040 includes another privilege group management table 2042 in addition to the privilege group management table 204 shown in FIG.

  Since the stored tables are different as described above, the storage device 2000 of the user authority management server 1540 will be described as having a different configuration from the storage device 200 of the user authority management server 154 according to the first embodiment. . Note that the main CPU 1920 is different from the first embodiment in that it executes a different program, so the hardware configuration is the same. However, in the present embodiment, the above-described first embodiment is the same. The main CPU 192 will be described separately.

[Configuration of Privileged Group Management Table 2042]
FIG. 13 is a diagram showing the configuration of the privilege group management table 2042. Referring to FIG. 13, privileged group management table 2042 increases the group ID field, the group name field for storing the name of each group, and the points of privileged user 1160 belonging to privileged group 1100 at the same time. Point change (increase) field for storing points, point change (decrease) field for storing points when points are simultaneously decreased, and points when points are unified all at once Point total change (unification) field, a total point upper limit field for storing upper limit points of total points of privileged users 1160 belonging to this privileged group 1100, and total points of privileged users 1160 belonging to this privileged group 1100 Lower limit point Comprising a total point lower field for storing, a service usage count storage field for storing the service usage count required for one point increase.

  For example, for the privileged group (approval) identified by the group ID “G_ID01”, when the points of the privileged user 1160 belonging to the privileged group 1100 are increased all at once, the points are increased by 2 points, and when the points are decreased all at once. Decrease the points and unify them to 5 points to unify the points all at once. In addition, for this privilege group 1100, the upper limit of the sum total of the points of privileged users 1160 belonging to this privilege group 1100 is 50 points, and the lower limit is 0 points. When the service usage count reaches 100 times, the points increase by 1 point. Is done.

[Configuration of Point List Table 2100]
FIG. 14 is a diagram showing the configuration of the point list table 2100. Referring to FIG. 14, a point list table 2100 includes a user name storage field 2102 and a point information storage field 2104 for storing point information of each user.

  The point information storage field 2104 stores the current point value, point upper limit value, point lower limit value, and service usage count as point information. Note that the point upper limit value is a value obtained by dividing the total point upper limit (50 points in FIG. 13) of the privilege group 1100 shown in FIG. 13 by the current number of privileged users (5 people in FIG. 14) (in this case, 10). Point). Points cannot be set in a range exceeding the upper limit point and the lower limit point.

  For example, the user with the user name “user01” indicates that the value of the point is “8”, the upper limit of the point is “10”, the lower limit of the point is “0”, and the service usage count is “92”. . This user currently has “8” points and cannot set points beyond the upper limit “10” and the lower limit “0”. In addition, it represents that the various services are used 92 times, and when the various services are executed eight more times, the points are changed from 8 points to 9 points.

[Configuration of Service List Table 2200]
FIG. 15 is a diagram showing the configuration of the service list table 2200. Referring to FIG. 15, service list table 2200 includes a service name storage field 2202 and a service information storage field 2204 for storing service information of each service.

  The service information storage field 2204 stores, as service information, the contents of the service, the value of a point necessary for executing the service, and the value of the point necessary for approval of the service for a specific service. .

  For example, for the user addition service, the user who requests the addition must have “5” or more points, and the approval of all the privileged users 1160 or the sum of the points of the approved privileged users 1160 is “30”. "Is necessary to exceed.

Software configuration
16 to 20 are flowcharts showing a control structure of a program for managing the privilege group 1100, which is executed by the user authority management server 1540 according to the present embodiment. By executing these programs by the main CPU 1920, various functions of the user authority management server 1540 are realized. These programs are executed by accepting a console command of the user authority management server 1540 or a command inputted by logging in to the user authority management server 1540 from the terminals 156A to 156C.

(Privileged user addition application program)
FIG. 16 is a flowchart corresponding to FIG. 6 in the first embodiment. This flowchart shows the privileges executed by the main CPU 1920 when the system administrator 1020 accesses the user authority management server 1540 to apply for the addition of a user to the privilege group 1100 and inputs a privileged user addition application command. The control structure of a user addition application program is shown. When executing this command, it is assumed that the password of the accessor and the user ID of the user to be added are input as arguments.

  The control structure of the privileged user addition application program will be described below with reference to the flowchart shown in FIG.

  In S500, main CPU 1920 provisionally sets points (system administrator judgment) of additional candidate users to privileged group 1100. This process is performed for the following reason.

  At this point, the additional candidate user is not yet a privileged user 1160 and has no points. As will be described later, when this user is approved to be added as a privileged user 1160 (when the processing of S258 in FIG. 16 or S284 in FIG. 17 is performed), various services as shown in the point list table 2100 in FIG. Can receive. However, if you do not have points, you cannot even browse, and you cannot receive the service more than a certain number of times, so points do not increase indefinitely. For this reason, even if the user is added as the privileged user 1160, the privileged user 1160 cannot receive any service. Avoiding such inconvenience is one of the reasons why points are provisionally set.

(Privileged user addition approval program)
FIG. 17 is a flowchart corresponding to FIG. 7 in the first embodiment. This flowchart shows the privileges executed by the main CPU 1920 when the privileged user 1160 accesses the user authority management server 1540 to approve a user addition application to the privilege group 1100 and inputs a privileged user addition approval command. The control structure of a user addition approval program is shown. When inputting this command, it is assumed that the password of the accessor and the user ID to be additionally approved are input as arguments.

  The control structure of the privileged user addition approval program will be described below with reference to the flowchart shown in FIG.

  In S510, the main CPU 1920 determines that the user ID stored in the user ID field of the privilege group (additional candidate) record in the privilege group management table 204 includes the user ID input as an argument when the command is input ( If there is no user ID, it is preferable to notify the user of the possibility of an argument input error.) The user with the user ID is read as an additional candidate user.

  In S512, main CPU 1920 temporarily sets points (privileged user determination) of additional candidate users to privileged group 1100. As described above, if all privileged users 1160 approve the reason for this temporary setting (see S514 described later), it is avoided that the privileged user 1160 without points is generated. Further, the point temporarily set by the privileged user 1160 is given priority over the point temporarily set by the system administrator 1020.

  In S514, main CPU 1920 determines whether or not the point of the additional candidate user to privilege group 1100 is greater than the additional approval point, or whether all privileged users 1160 have approved. If it is determined that the point of the additional candidate user to privileged group 1100 is greater than the additional approval point, or if it is determined that all privileged users 1160 have approved (YES in S514), the process proceeds to S284. It is. If it is determined that the point of the additional candidate user to privileged group 1100 is equal to or less than the additional approval point, and it is determined that none of privileged user 1160 has approved (NO in S514), the process proceeds to S516. It is.

  In S516, main CPU 1920 determines whether or not there is an instruction to change points of additional candidate users to privileged group 1100. At this time, the main CPU 1920 determines whether there is a change instruction based on the information input from the privileged user 1160 that is accessing. If it is determined that there is an instruction to change the point of the additional candidate user (YES in S516), the process returns to S512, and the temporary setting process of the additional candidate user's point is performed by the privileged user 1160, and the additional approval is made. It is determined again. If not (NO in S516), this process ends (that is, addition of an additional candidate user to this privilege group 1100 is not approved).

(Point grant program for service execution)
FIG. 18 shows points executed by the main CPU 1920 when the privileged user 1160 accesses the user authority management server 1540 to execute a service based on authority and inputs a service command (service selection and service execution). The control structure of the grant program is shown. It is assumed that the password of the accessor and the execution target service are input as arguments when this command is input.

  Hereinafter, the control structure of the point grant program will be described with reference to the flowchart shown in FIG.

  In S520, main CPU 1920 selects the service requested by privileged user 1160. The privileged user 1160 inputs a command corresponding to the requested service from the service list table 2200 shown in FIG. Based on this input, the main CPU 1920 selects the service requested by the privileged user 1160. In S522, main CPU 1920 reads the point of privileged user 1160 that has accessed, from point list table 2100 in FIG. 14, and the execution required point for the selected service from service list table 2200 in FIG.

  At S524, main CPU 1920 determines whether or not the point of privileged user 1160 is greater than the service execution point. If it is determined that the point of privileged user 1160 is greater than the service execution point (YES in S524), the process proceeds to S526. If not (NO in S524), this process ends (that is, nothing is processed).

  In S526, main CPU 1920 executes the service requested by privileged user 1160. In S528, main CPU 1920 increases the number of times the privileged user 1160 uses the service. In S530, the main CPU 1920 reads the point-increase usage count of the privileged group 1100 to which the accessed privileged user 1160 belongs from the privileged group management table 2042 in FIG.

  In S532, the main CPU 1920 determines whether or not the service usage count of the privileged user 1160 is larger than the point increase usage count. If it is determined that the service usage count of privileged user 1160 is greater than the point increase usage count (YES in S532), the process proceeds to S534. Otherwise (NO at S532), the process ends. In S534, the main CPU 1920 increases the points of the privileged user 1160. At this time, the service usage count of the privileged user 1160 is reset.

(Point change program)
FIG. 19 shows a point change program executed by the main CPU 1920 when the privileged user 1160 accesses the user authority management server 1540 to execute the point change service based on the authority and inputs a point change service command. The control structure is shown. When inputting this command, it is assumed that the password of the accessor and the identification information of the point change service that is the execution target service are input as arguments. In the following, a case where the privileged user 1160 changes his / her point will be described, but the privileged user 1160 may change the point of the privileged user 1160 other than his / her own. In that case, identification information of privileged users 1160 other than the user is required as an argument.

  Hereinafter, the control structure of the point change program will be described with reference to the flowchart shown in FIG.

  In S540, main CPU 1920 selects the point change service requested by privileged user 1160. In step S542, the main CPU 1920 reads the points of the accessed privileged user 1160 from the point list table 2100 in FIG. 14 and the execution necessary points and approval points for the selected point change service from the service list table 2200 in FIG. put out.

  In S544, main CPU 1920 determines whether or not the point of privileged user 1160 is greater than the execution point of the point change service. If it is determined that the point of privileged user 1160 is greater than the point change service execution point (YES in S544), the process proceeds to S546. Otherwise (NO in S544), this process ends (that is, nothing is processed).

  In S546, main CPU 1920 temporarily sets the point (privileged user determination) of privileged user 1160. This temporarily set point is a point requested by the privileged user 1160. In S548, the main CPU 1920 requests a user of the privileged group 1100 (privileged user 1160) to approve the point change. At this time, when another privileged user 1160 accesses the user authority management server 1540 to approve the point change of the change candidate user and inputs a privileged user 1160 point change approval command, the approval by the other privileged user 1160 is approved. Done.

  At S550, main CPU 1920 determines whether the point change candidate user's point (before the point change) is larger than the point change approval point or whether all privileged users 1160 have approved the point change candidate user's point change. Determine whether. If it is determined that the point change candidate user's point is greater than the point change approval point, or if all privileged users 1160 have been approved (YES in S550), the process proceeds to S552. If it is determined that the point change candidate user's point is equal to or less than the point change approval point and it is determined that none of the privileged users 1160 has approved (NO in S550), this process ends (ie, The point change of this privileged user 1160 is not approved.) In S552, main CPU 1920 changes the point of privileged user 1160.

(Privileged user deletion program)
FIG. 20 shows a privileged user executed by the main CPU 1920 when the privileged user 1160 accesses the user authority management server 1540 to execute the privileged user deletion service based on the authority and inputs a privileged user deletion service command. The control structure of the deletion program is shown. When inputting this command, it is assumed that the password of the accessor, the user ID of the user to be deleted, and identification information of the privileged user deletion service that is the execution target service are input as arguments. The control structure of the privileged user deletion program will be described below with reference to the flowchart shown in FIG.

  In S560, main CPU 1920 selects the user deletion service from privileged group 1100 requested by privileged user 1160. In S562, the main CPU 1920 determines the point of the accessed privileged user 1160 from the point list table 2100 in FIG. 14 and the execution necessary point and the approval point of the selected privileged user deletion service from the service list table 2200 in FIG. Read.

  At S564, main CPU 1920 determines whether or not the point of privileged user 1160 is greater than the execution point of the privileged user deletion service. If it is determined that the privileged user 1160 point is greater than the privileged user deletion service execution point (YES in S564), the process proceeds to S566. If not (NO in S564), this process ends (that is, nothing is processed).

  In S566, main CPU 1920 selects a user to be deleted from privilege group 1100 as a deletion candidate user based on the user ID to be deleted input as an argument at the time of command input. In S568, the main CPU 1920 requests a user (privileged user 1160) in the privileged group 1100 for user deletion approval. At this time, when another privileged user 1160 accesses the user authority management server 1540 to approve the deletion of the deletion candidate user and inputs a privileged user deletion approval command, approval by the privileged user 1160 is performed. The points of the privileged user 1160 are accumulated as the total points of the deletion approval user. Further, when another privileged user 1160 accesses the user authority management server 1540 in order not to approve the deletion of the deletion candidate user and inputs a command against the privileged user deletion, the privileged user 1160 does not approve the deletion. Then, the points of the privileged user 1160 are accumulated as the total points of the users against the deletion. Note that the total point of the privileged group 1100 may be calculated in advance, and the total point of the deletion-approved user may be calculated by subtracting the total point of the deletion-approved user from the total point. Of course, the total points of the deletion-approved users may be calculated by subtracting the total points of the users who are not deleted from the total points.

  In S570, main CPU 1920 determines whether or not the point of the user who has approved the deletion is larger than the point of the user who is not deleting. If it is determined that the point of the deletion-approved user is greater than the point of the user against deletion (YES in S570), the process proceeds to S334. If not (NO in S570), this process ends (that is, deletion of this deletion candidate user is not approved). Note that after the process of S334, a point grant process for the service executed by the privileged user 1160 of FIG. 18 may be performed.

[Operation]
The operation of the user authority management server 1540 according to the present embodiment based on the above structure and flowchart will be described separately for each case. It is assumed that there are a plurality of general user records in the user management table 202, and among these general users, there is at least one person who has the authority of the system administrator 1020.

(Application for adding a privileged user by the system administrator 1020: no privileged user 1160)
An operation when the system administrator 1020 accesses the user authority management server 1540 from the terminal 156 and inputs a privileged user addition application command in order to apply for granting the authority of the privilege group 1100 will be described. After this access, the user authority management server 1540 executes the privileged user addition application program shown in FIG.

  The process is the same as in the first embodiment described above until the user ID of the user to be added is stored in the privilege group (addition candidate) of the privilege group management table 204 (S254).

  Points of additional candidate users are provisionally set by the system administrator 1020 (S500). Here, since there is no privileged user 1160 (NO in S256), the user authority management server 1540 approves the granting of the authority of the privilege group 1100 to the user who is the subject of the additional application (S258). In this case, the point of the user who is approved to be added to the privilege group 1100 is a point temporarily set by the system administrator 1020 and becomes a final point at this point.

(Approval by user after application for privileged user addition by system administrator 1020)
An operation when the system administrator 1020 accesses the user authority management server 1540 from the terminal 156 and inputs a privileged user addition application command in a state where there is at least one privileged user 1160 will be described. After this access, the user authority management server 1540 executes the privileged user addition application program shown in FIG.

  The privileged group (additional candidate) of the privileged group management table 204 stores the user ID of the user to be added (S254), and the system administrator 1020 temporarily sets the additional candidate user's points (S500). The operation is as described above. Here, since privileged user 1160 exists (YES in S256), the privileged user addition application program by user authority management server 1540 ends (that is, at this time, this general user is not approved as privileged user 1160). ).

  When the privileged user 1160 accesses the user authority management server 1540 from the terminal 156 and inputs a privileged user addition approval command to approve the granting of the authority of the privileged group 1100, the user authority management server 1540 allows the privileged user addition approval. The program (FIG. 17) is executed.

  Until the user authority management server 1540 determines that the accessor is the privileged user 1160 (YES in S282), the process is the same as in the first embodiment. Points for additional candidate users are provisionally set by the privileged user 1160 (S512).

  If the point of the additional candidate user is larger than the additional approval point (YES in S514), the user ID stored in the privilege group (addition candidate) of the privilege group management table 204 is set by the user authority management server 1540 to the privilege group. It is copied to the group ID field of the (approved) record and deleted from the group ID field of the privilege group (additional candidate) record (S284).

  Further, even if the point of the additional candidate user is equal to or lower than the additional approval point (NO in S514), there is an instruction to change the point of the additional candidate user (YES in S516), and the additional candidate user's point is additionally approved. If it is larger than the point (YES in S514), the user ID stored in the privilege group (additional candidate) of the privilege group management table 204 by the user authority management server 1540 is the group ID of the record of the privilege group (approval). And deleted from the group ID field of the privilege group (additional candidate) record (S284).

  Furthermore, even if the points of the additional candidate users are equal to or lower than the additional approval points, if all the privileged users 1160 are additionally approved (YES in S514), the user authority management server 1540 executes the privilege regardless of the points of the additional candidate users. The user ID stored in the privilege group (additional candidate) of the group management table 204 is copied to the group ID field of the privileged group (approval) record, and the group ID field of the privileged group (additional candidate) record (S284).

  That is, (1) the point of the additional candidate user set by the privileged user 1160 is higher than the additional approval point, or (2) the point of the additional candidate user set again by the privileged user 1160 is higher than the additional approval point, (3) In the case where all privileged users 1160 have additionally approved, the user authority management server 1540 has approved the granting of the authority of the privilege group 1100 to the general user to be added (That is, this general user is approved as the privileged user 1160).

  If none of the above (1) to (3) is satisfied, the user authority management server 1540 does not approve the granting of the authority of the privilege group 1100 to the general user to be added. (That is, it was not approved that this general user becomes the privileged user 1160).

(Granting points to privileged users 1160)
An operation in a case where the privileged user 1160 accesses the user authority management server 1540 from the terminal 156 and inputs a service command given to the privileged user 1160 will be described. After this access, the user authority management server 1540 executes the point grant program shown in FIG.

  Until the user authority management server 1540 determines that the accessor is the privileged user 1160 (YES in S282), the process is the same as in the first embodiment. A service is selected according to the request of the privileged user 1160 (S520), and the point of the privileged user 1160 and the execution necessary point of the selected service are read (S522).

  If the point of privileged user 1160 that requested the service is greater than the execution point required for the selected service (YES in S524), the service is executed (S526). If the point of privileged user 1160 that requested the service is equal to or less than the execution required point of the selected service (NO in S524), the service is not executed.

  When the service is executed, the number of times the privileged user 1160 is used is increased (S528). The number of points increased use of privileged group 1100 is read (S530), and if the number of service uses of privileged user 1160 is greater than the number of points increased use (YES at S532), the point of privileged user 1160 is increased. (S534). If the service usage count of privileged user 1160 is equal to or less than the point increase usage count (NO in S532), the point of privileged user 1160 is not increased (S534).

(Point change of privileged user 1160)
The operation when the privileged user 1160 accesses the user authority management server 1540 from the terminal 156 and inputs a point change command in the service given to the privileged user 1160 will be described. After this access, the user authority management server 1540 executes the point change program shown in FIG.

  Until the user authority management server 1540 determines that the accessor is the privileged user 1160 (YES in S282), the process is the same as in the first embodiment. The point change service is selected according to the request of the privileged user 1160 (S540), and the points of the privileged user 1160, the execution necessary point of the selected point change service, and the approval point are read (S542).

  If the point of privileged user 1160 that requested the service is greater than the execution point required for the selected point change service (YES in S544), the point change service is executed (S546 to S552). If the point of privileged user 1160 that requested the service is equal to or less than the execution required point of the selected point change service (NO in S544), the service is not executed.

  The operation of the point change service is as follows. The points requested by the privileged user 1160 are provisionally set (S546). The privileged user 1160 is requested to approve the point change (S548), and the other privileged user 1160 accesses the user authority management server 1540 in order to approve the point change of the change candidate user, and issues a privileged user 1160 point change approval command. When entered, approval by another privileged user 1160 is performed.

  If the point of the change candidate user is greater than the change approval point (YES in S550), the user authority management server 1540 changes the point of the change candidate user (S552).

  Even if the change candidate user's point is equal to or less than the change approval point, if all privileged users 1160 approve the change (YES in S550), the change is made by the user authority management server 1540 regardless of the change candidate user's point. The point of the candidate user is changed (S552).

  That is, the user authority management server 1540 applies for a point change if either (4) the point of the change candidate user is higher than the change approval point or (5) all privileged users 1160 approve the change. This means that the point change is approved for the privileged user 1160.

  When neither of the above (4) and (5) is satisfied, the user authority management server 1540 does not approve the point change to the privileged user 1160 who has applied for the point change (that is, , Point change of this privileged user 1160 was not approved.)

(Delete privileged user 1160)
An operation when the privileged user 1160 accesses the user authority management server 1540 from the terminal 156 and inputs a privileged user deletion command in a service given to the privileged user 1160 will be described. After this access, the user authority management server 1540 executes the privileged user deletion program shown in FIG.

  Until the user authority management server 1540 determines that the accessor is the privileged user 1160 (YES in S332), the process is the same as in the first embodiment described above. The privileged user deletion service is selected according to the request of the privileged user 1160 (S560), and the point of the privileged user 1160, the execution necessary point of the selected point change service, and the approval point are read (S562).

  If the point of privileged user 1160 that requested the service is larger than the execution point required for the selected privileged user deletion service (YES in S564), the privileged user deletion service is executed (S566 to S570, S334). If the point of privileged user 1160 that requested the service is equal to or less than the execution necessary point of the selected privileged user deletion service (NO in S564), the service is not executed.

  The operation of the privileged user deletion service is as follows. The privileged user 1160 requested by the privileged user 1160 and desired to be deleted from the privileged group 1100 is selected (S566), and the selected user is copied to the privileged group (deletion candidate) field of the privileged group management table 204 (S304). ). When a privileged user deletion approval is requested to the privileged user 1160 (S568), the other privileged user 1160 accesses the user authority management server 1540 to approve the deletion of the deletion candidate user, and inputs a deletion approval command. Is approved by the privileged user 1160.

  Other privileged users 1160 include a privileged user 1160 group that approves the deletion candidate user for deletion, and a privileged user 1160 group that opposes deletion (or a privileged user 1160 group that does not approve deletion). The points of the privileged user 1160 belonging to each user group are totaled to calculate the total points of the deletion-approved users and the total points of the users who are against deletion.

  If the total point of the deletion-approved user is greater than the total point of the deletion-reverse user (YES in S570), the deletion candidate user is deleted from privilege group 1100 (S334). On the other hand, when the total point of the deletion-approved user is equal to or less than the total point of the deletion-reverse user (NO in S570), this deletion candidate user is not deleted from privilege group 1100.

  It should be noted that the process of determining the processing by summing up such approvals and opposites is not limited to deletion of the privileged user 1160 but can be applied to addition of the privileged user 1160, change of points, and permission of service.

  As described above, according to the user authority management server according to the present embodiment, privileged users are hierarchized by points, the authority is higher for privileged users in the upper hierarchy, and the authority is greater than that for privileged users in the lower hierarchy. . For this reason, privileged users are not uniformly managed, but authority can be managed in detail.

[Modification]
In the above-described embodiment, regardless of the type of service given to the privileged user, the points are increased when the number of times the service is used exceeds the number of services for increasing the points. Depending on the content of the service (for example, if the service is an important service, the weight is increased and if the service is not important, the weight is decreased). If the service is an important service, the points may be increased even with a small number of uses. Absent.

  The embodiment disclosed this time is merely an example, and the present invention is not limited to the embodiment described above. The scope of the present invention is indicated by each claim in the claims after taking into account the description of the detailed description of the invention, and all modifications within the meaning and scope equivalent to the wording described therein are intended. Including.

It is a figure which shows the structure of the management object of the network system containing the user authority management system which concerns on the 1st Embodiment of this invention. It is a figure which shows the network environment of the network system containing the user authority management server 154 which concerns on the 1st Embodiment of this invention. It is a figure which shows the hardware constitutions of the user authority management server 154 shown in FIG. It is a figure which shows the structure of the user management table 202 shown in FIG. It is a figure which shows the structure of the privilege group management table 204 shown in FIG. It is a flowchart which shows the control structure of the privileged user addition application program performed by the user authority management server 154 shown in FIG. It is a flowchart which shows the control structure of a privileged user addition approval program performed by the user authority management server 154 shown in FIG. It is a flowchart which shows the control structure of the privileged user deletion application program performed by the user authority management server 154 shown in FIG. It is a flowchart which shows the control structure of the privileged user deletion approval program performed by the user authority management server 154 shown in FIG. It is a figure which shows the structure of the management object using the network system containing the user authority management system which concerns on the 2nd Embodiment of this invention. It is a figure which shows the network environment of the network system containing the user authority management server 1540 which concerns on the 2nd Embodiment of this invention. It is a figure which shows the hardware constitutions of the user authority management server 1540 shown in FIG. It is a figure which shows the structure of the privilege group management table 2042 contained in the privilege group management table 2040 shown in FIG. It is a figure which shows the structure of the point list table 2100 shown in FIG. It is a figure which shows the structure of the service list table 2200 shown in FIG. It is a flowchart which shows the control structure of the privileged user addition application program performed by the user authority management server 1540 shown in FIG. It is a flowchart which shows the control structure of a privileged user addition approval program performed by the user authority management server 1540 shown in FIG. It is a flowchart which shows the control structure of the point grant program performed by the user authority management server 1540 shown in FIG. 12 is a flowchart showing a control structure of a point change program executed by the user authority management server 1540 shown in FIG. 11. It is a flowchart which shows the control structure of the privileged user deletion program performed by the user authority management server 1540 shown in FIG.

Explanation of symbols

150, 1500 Network system 152 Network line 154, 1540 User authority management server 156 (156A, 156B, 156C) Terminal 158 Data server 190 NIC
192 Main CPU
194 ROM
196 RAM
198 HDD
200 Storage Device 202 User Management Table 204, 2040 Privilege Group Management Table 206 Bus

Claims (16)

A user authority management device used in a system that permits processing on information based on authority that a user has,
Storage means for storing a user's authority for the process;
A user authority management apparatus, comprising: a user authority stored in the storage means; and a determination means for determining whether to grant or delete the authority based on the approval of the user having the authority. . The user authority management device further includes accepting means for accepting an application for granting or deleting the authority,
The user authority management apparatus according to claim 1, wherein the determination unit includes a unit for determining whether or not to grant or delete the authority received by the reception unit based on the approval. 2. The user authority management device according to claim 1, further comprising means for determining whether or not to grant the authority based on an approval of a specific user when there is no user having the authority. User authority management device. The user authority management apparatus according to claim 3, wherein the specific user does not have the authority but is an administrative user who registers the user in the system. The user authority management device further includes means for storing the degree of importance of the authorized user for each authorized user,
The user authority management apparatus according to claim 1, wherein the determination unit includes a unit for determining whether to grant or delete the authority based on the approval of the user having the authority and the degree of importance thereof. The user authority management device further includes accepting means for accepting an application for the change of the importance level,
6. The user authority according to claim 5, wherein the determining means further includes means for determining whether or not an application for a change in importance received by the accepting means is accepted based on the approval of the user having the authority. Management device. The importance can be accumulated,
The determining means includes means for determining whether or not the authority can be granted or deleted based on an integrated value of the importance of the user who approves the grant or deletion of the authority among the users having the authority. The user authority management device according to claim 5. The means for determining includes granting the authority based on a comparison between a predetermined value and an integrated value of importance of users who have approved the grant or deletion of the authority among the authorized users. The user authority management device according to claim 7, further comprising comparison means for determining whether or not deletion is possible. 9. The user authority management apparatus according to claim 8, wherein the comparing means includes means for approving the grant or deletion of the authority when the integrated value exceeds the predetermined value. The means for determining may determine whether to grant or delete the authority based on a comparison between the integrated value of the importance level of the user who approves the grant or deletion of the authority and the integrated value of the importance level of the opposite user. The user authority management device according to claim 7, comprising comparison means for determining The comparison means includes means for authorizing the grant or deletion of the authority when the integrated value of the importance level of the user who approves the grant or deletion of the authority is greater than the integrated value of the importance level of the opposite user. The user authority management device according to claim 10. The user authority management device, in response to receiving a request for executing a certain process from a certain user, means for judging whether to permit the process based on the importance of the user The user authority management device according to claim 5, further comprising: The user authority management apparatus according to any one of claims 5 to 12, further comprising means for changing the degree of importance of the user based on the number of executions of the process by the user. A user authority management method used in a system that permits processing of information based on authority that a user has,
A storage device storing a user's authority for the process;
A user authority management, comprising: a processing unit that determines whether or not to grant or delete the authority based on the authority stored in the storage device and the approval of the user having the authority Method. A computer program that implements a user authority management device used in a system that permits processing of information based on authority that a user has, which is realized by a computer,
Storage means for storing the authority of the user for the processing;
A computer that uses the authority of a user stored in the storage means and functions as a determination means that determines whether or not to grant or delete the authority for a user who does not have the authority based on the approval of the user having the authority. program. The computer-readable recording medium which recorded the program of Claim 15.

Images