JP2009237662A - File management system - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To improve security by restricting any illegal access to a file. <P>SOLUTION: A file management system is provided with a connection controller for controlling the connection between communication terminals, and a file management device for storing and managing a shared file to be shared by the communication terminal. The connection controller is provided with a session information notification means for notifying the file management device of session information to specify a session established between the communication terminals. The file management device is provided with a communication terminal authentication means for storing shared member information for specifying the communication terminals sharing the shared file, inquiring the communication terminal to determine whether or not the session to be predetermined by the session information notified from the connection controller has been established in all communication terminals sharing the shared file on the basis of the shared member information, and permitting, when it is decided that the session has been established in all the communication terminals, communication terminals to access the shared file. <P>COPYRIGHT: (C)2010,JPO&INPIT

Description

  The present invention relates to a file management system, and more particularly to a file management system that manages a file so that it can be shared by communication terminals that have established a session via a network.

  In recent years, computerization of information has progressed, and a file that is electronic data in which predetermined information is recorded is managed by a computer. When a file is shared by a plurality of people, a password or ID is set in advance so that only a limited number of members can access to prevent leakage of data contents, and is given to members. ing. Thus, the member can access the file without permission of other members by using the password and ID, and can perform file operations such as file addition, change, and file transfer.

  As a technique for restricting access to a file, in Patent Document 1, a group that can access a file is set, and only users belonging to the group can access the file. Further, as a related technique, Patent Document 2 discloses a technique that enables access to a specific server when a plurality of users belonging to one group are connected.

JP 2001-331373 A JP 2007-199995 A

  However, as described above, even if a password or ID is used to access a file, if the password is fixed, the password or ID is once leaked to a person other than the member. Then, the file can be accessed by a third party. Then, there is a problem that the contents of the file are leaked to the outside and the reliability is lowered.

  Therefore, an object of the present invention is to limit unauthorized access to a file, which is a problem described above, and to improve security.

  Therefore, a file management system according to an aspect of the present invention stores a connection control device that performs connection control between communication terminals, and a shared file that is connected to the connection control device via a network and is shared by the communication terminals. And a file management device for managing them. The connection control device includes session information notification means for notifying the file management device of session information for specifying a session established between communication terminals. Further, the file management device stores shared member information for identifying a communication terminal that shares the shared file, and from all the communication terminals that are shared members of the shared file based on the shared member information, from the connection control device. Inquires the communication terminal whether or not the session specified by the notified session information has been established, and when it is determined that all communication terminals have established the session, the communication terminal Communication terminal authentication means for permitting access to the shared file is provided.

  A file management system according to another aspect of the present invention stores a connection control device that controls connection between communication terminals, and a shared file that is connected to the connection control device via a network and is shared by the communication terminals. And a file management device that manages the file. The connection control device includes session information notification means for notifying the file management device of session information for specifying a session established between communication terminals. Further, the file management device generates a password based on the session information acquired from the connection control device, sets the password as a password that restricts the operation of the shared file, and specifies the password in the session information. Password setting means for notifying the communication terminal connected by.

  A file management apparatus according to another embodiment of the present invention is a file management apparatus for storing and managing a shared file that is connected to a connection control apparatus that performs connection control between communication terminals via a network and is shared by the communication terminals. The device stores the shared member information for identifying the communication terminal that shares the shared file, and is notified from the connection control device at all the communication terminals that are the shared members of the shared file based on the shared member information. Inquires the communication terminal whether or not the session specified by the session information for specifying the session is established, and determines that the session is established at all communication terminals. A configuration is adopted in which communication terminal authentication means for permitting access to the shared file by the terminal is provided.

  A file management apparatus according to another embodiment of the present invention is a file management apparatus for storing and managing a shared file that is connected to a connection control apparatus that performs connection control between communication terminals via a network and is shared by the communication terminals. A password is generated based on session information for identifying a session established between communication terminals acquired from the connection control device, the password is set as a password for restricting the operation of the shared file, and the password is set. A configuration is adopted in which password setting means for notifying a communication terminal connected in the session specified by the session information is provided.

  A program according to another aspect of the present invention is stored in a file management apparatus that stores and manages a shared file that is connected via a network to a connection control apparatus that performs connection control between communication terminals. A session identified by session information identifying a session notified from the connection control apparatus in all communication terminals that are shared members of the shared file based on shared member information identifying a communication terminal that shares the shared file Communication terminal authentication that allows access to a shared file by the communication terminal when it is determined that all communication terminals have established a session. The configuration of realizing the means is adopted.

  A program according to another aspect of the present invention is stored in a file management apparatus that stores and manages a shared file that is connected via a network to a connection control apparatus that performs connection control between communication terminals. , Generate a password based on the session information that identifies the session established between the communication terminals acquired from the connection control device, set the password as a password that restricts the operation of the shared file, and set the password in the session information A configuration is adopted in which password setting means for notifying a communication terminal connected in a specified session is realized.

  Furthermore, a file management method according to another aspect of the present invention stores a connection control device that performs connection control between communication terminals, and a shared file that is connected to the connection control device via a network and is shared by the communication terminals. And a file management system comprising: a file management system comprising: a file management system comprising: a file management system comprising: a file management system comprising: a file management system comprising: a file management system comprising: Information notification step, and the session information notified from the connection control device at all communication terminals that are shared members of the shared file based on the shared member information that identifies the communication terminal with which the file management device shares the shared file Inquires the communication terminal to determine whether the session specified in is established or not. Having a communication terminal authentication step of granting access to the shared file by the communication terminal when it is determined that the session in the communication terminal is established, a configuration called.

  A file management method according to another aspect of the present invention stores a connection control device that performs connection control between communication terminals, and a shared file that is connected to the connection control device via a network and is shared by the communication terminals. And a file management system comprising: a file management system comprising: a file management system comprising: a file management system comprising: a file management system comprising: a file management system comprising: a file management system comprising: Information notification process and the file management device generates a password based on the session information acquired from the connection control device, sets the password as a password that restricts the operation of the shared file, and identifies the password in the session information Password setting process to notify the connected communication terminal in the session Adopts a configuration that has a.

  Since the present invention is configured as described above, all shared members preset to share a shared file can access and operate the shared file only while forming a common communication state. Become. In other words, when the communication state is changed, access to and manipulation of the shared file becomes impossible. As a result, it is possible to effectively suppress spoofing by a third party and to improve the file access security.

  The present invention allows a file access system that requires a high level of security to permit access to a file that is allowed to be accessed only by a limited number of members, and only when the member forms a common communication state. It has a feature.

And the file management system which is one form of this invention is
A file management system comprising: a connection control device for controlling connection between communication terminals; and a file management device for storing and managing a shared file connected to the connection control device via a network and shared by the communication terminals Because
The connection control device includes session information notification means for notifying the file management device of session information for specifying a session established between communication terminals,
The file management device
In addition to storing shared member information that identifies communication terminals that share shared files,
Based on the shared member information, inquires of the communication terminal whether or not the session specified by the session information notified from the connection control device has been established in all the communication terminals that are shared members of the shared file. Judgment, comprising a communication terminal authentication means for permitting access to the shared file by the communication terminal when it is determined that the session is established in all the communication terminals,
The structure is taken.

  In the file management system, the communication terminal authentication means included in the file management apparatus obtains communication terminal authentication information including information identifying the communication terminal and information identifying the session from the communication terminal with which the session is established. The communication terminal authentication information, the shared member information, and the session information notified from the connection control device are used to determine whether or not a session has been established in all communication terminals. .

  Further, in the file management system, the communication terminal authentication means included in the file management device generates communication terminal authentication reference information by adding the session information notified from the connection control device to the shared member information. Based on the information and the communication terminal authentication information acquired from the communication terminal, a configuration is adopted in which it is determined whether or not a session is established in all the communication terminals.

  According to the above invention, the file management apparatus first stores the shared member information that identifies the communication terminals that share the shared file. This shared member information is registered in advance in the file management apparatus, for example, or is registered from a predetermined communication terminal via the connection control apparatus. When a session is established between the communication terminals, session information for specifying the session is notified from the connection control device, and the file management device receives this. Then, the file management device determines whether or not all of the shared members set in the shared file are connected in the session specified by the session information. For example, information obtained by adding session information to shared member information is used as authentication reference information for each member, and communication terminal authentication information added with information for identifying the terminal and the session is acquired from each communication terminal and compared. If all the communication terminals match, access to the shared file is permitted.

  Therefore, it is possible to access the shared file only when all the shared members preset to share the shared file have a common communication state. As a result, spoofing by a third party can be effectively suppressed, and file access security can be improved.

  In the file management system, the file management device generates a password based on the session information acquired from the connection control device, sets the password as a password that restricts the operation of the shared file, and sets the password as session information. A configuration is adopted in which password setting means for notifying the communication terminal connected in the session specified in is provided.

  In the file management system, the session information notification means included in the connection control device notifies the file management device when the session established between the communication terminals is terminated, and the file management device In addition, a configuration is adopted in which password release means for invalidating the password set in the shared file by the password setting means when the notification of session termination is received from the connection control device.

  The session information includes at least one of connection order information indicating the connection order of communication terminals when establishing a session and connection date / time information of the session.

  According to the above invention, the file management device generates a password based on session information that identifies a session between communication terminals established in the connection control device, and uses this password as a password necessary for the operation of the shared file. Set to shared file. Also, this password is notified to the communication terminal that has established the session. When the communication terminal executes file access using the password notified from the file management apparatus, the file management apparatus determines that the transmitted password matches the password set in the shared file. The operation of the shared file is permitted.

  As a result, only the communication terminals connected in a common session can access the shared file based on the dynamic password generated corresponding to the contents of the session. Can be effectively suppressed. In particular, since the password becomes invalid when the session is disconnected, even if the password is stolen, access to the shared file can be prevented by disconnecting the session. In addition, by generating a password based on information such as session identification information and connection date and time information, a password corresponding to the session can be set more, and decryption and illegal generation of the password can be prevented. As a result, file sharing security can be improved.

In addition, as described above, the file management method according to another aspect of the present invention is as follows.
A session information notification step in which the connection control device notifies the file management device of session information for identifying a session established between communication terminals;
The file management device is specified in the session information notified from the connection control device in all the communication terminals that are shared members of the shared file based on the shared member information that specifies the communication terminal that shares the shared file. A communication that allows access to a shared file by the communication terminal when it is determined that all communication terminals have established a session. Terminal authentication process;
It has the configuration of having.

  Further, in the file management method, the file management device generates a password based on the session information acquired from the connection control device, sets the password as a password that restricts the operation of the shared file, and sets the password. A configuration is adopted in which a password setting step of notifying a communication terminal connected in the session specified by the session information is provided.

  The specific configuration and operation of the present invention will be described below. In addition, although the case where a file is shared by three user terminals (communication terminals) is illustrated below, the number of user terminals that share a shared file is not limited to this.

<Embodiment 1>
A first embodiment of the present invention will be described with reference to FIGS. FIG. 1 is a block diagram showing the configuration of the file management system. FIG. 2 is a functional block diagram showing the configuration of the connection control server. FIG. 3 is a functional block diagram showing the configuration of the file management server. FIG. 4 is a diagram for explaining an example of the management status of the shared file. 5 to 6 are sequence diagrams showing an example of the operation of the file management system. FIG. 7 is a diagram for explaining an example of the management status of the shared file. 8 to 9 are sequence diagrams showing an example of the operation of the file management system. FIG. 10 is a diagram for explaining an example of a shared file management status. 11 to 12 are sequence diagrams showing an example of the operation of the file management system. FIG. 13 is a sequence diagram illustrating an example of the operation of the file management system.

[Constitution]
As shown in FIG. 1, the file management system in this embodiment includes a user terminal A11, a user terminal B12, and a user terminal C13 that can share a shared file. And the connection control server 2 which performs connection control via the network N between the said user terminal A11, B12, C13, and manages these group communication states is provided. Furthermore, a file management server 3 connected to the connection control server 2 via the network N and managing access to the shared file from the user terminals A11, B12, C13 is provided. Hereinafter, each configuration will be described in detail.

  The user terminal A11, the user terminal B12, and the user terminal C13 are communication terminals that can communicate with one or more other user terminals by establishing a session. For example, each user terminal A11 or the like is session-controlled with other communication terminals such as POC (Push-to-Talk over Cellular), VOIP (Voice over Internet Protocol), chat, and the like by connection control being performed by the connection control server 2. Is an information processing terminal having a function of establishing a call and performing data communication.

  Here, it is assumed that the user terminal A11 has the file Z and desires to allow and share the access to the user terminal B12 and the user terminal C13. In this case, the user terminal A11 transmits a group sharing instruction including a user identifier given in advance to the user terminals B12 and C13 to the connection control server 2. Then, the connection control server 2 notifies the user terminal B12 and the user terminal C13 of a request for establishing a group session. In response to this, the user terminal B12 and the user terminal C send a group sharing response to the connection control server 2 to notify the participation in the group session. Thereby, a group session is established by the connection control server 2 between the user terminals A11, B12, and C13, and communication and communication with each other are possible.

  In addition, the user terminal A11 performs identity verification (such as voice, video, and character input) as to whether or not the other user terminals B12 and C13 with which the group session is established are the correct users who want to share the shared file Z. . When it is determined that the other user terminals B 12 and C 13 are correct, the user terminal A 11 transmits a file sharing instruction with the shared file Z attached to the connection control server 2. At this time, the user terminal A11 adds the ID, which is identification information given to each of the user terminals A11, B12, and C13 sharing the shared file Z, to the file sharing instruction and transmits it. When the shared file Z is already stored in the file management server 3, the user terminal A11 may transmit information specifying the shared file Z and the ID of the user terminal to share.

  Further, when receiving an ID input request from the file management server 3 as described later, each of the user terminals A11, B12, and C13 uses a unique ID that is unique identification information for the own terminal, and identification information unique to the group session. It has a function of generating a dynamic ID to which a certain session ID is added and transmitting it to the file management server 3.

  Further, each user terminal A11, B12, C13 receives and stores the password when receiving the distribution of the password from the file management server 3 as will be described later. Each user terminal A11, B12, C13 can access the shared file Z stored in the file management server 3 using the received password, and execute operations such as browsing and updating.

  Further, the user terminal A11 has a function of notifying the connection control server 2 of this instruction when desiring to end the group session established as described above. In response to this, the connection control server 2 makes a group sharing end request to the user terminals B12 and C13, and the user terminals B12 and C13 have a function of making a group sharing end response. As a result, the session is terminated, and the sharing of the shared file is also terminated at the same time.

  Next, the configuration of the connection control server 2 will be described with reference to FIG. The connection control server 2 (connection control device) is a general server computer, and as shown in FIG. 2, a session constructed by incorporating a predetermined program into an equipped arithmetic device (not shown). A control unit 21 and a session information notification unit 22 are provided.

  When the session control unit 21 receives a group sharing instruction from the user terminal A11 as described above, it makes a group sharing request to the other user terminals B12 and C13, and receives a group sharing response in response thereto. As described above, it has a function of establishing a group session between the user terminals A11, B12, and C13 and controlling connection of these terminals. In addition, when the session control unit 21 receives an instruction to end group sharing from the user terminal A11, the session control unit 21 requests the other user terminals B12 and C13 to end.

  Further, the session information notification unit 22 (session information notification means), when a session is established between the user terminals A11, B12, C12, session information indicating the contents of the established session, specifically, The session information including the session ID, which is identification information for identifying the session, the connection order information indicating the connection order of the user terminals A11, B12, and C13 when establishing the session, and the connection date and time information of the session is stored in the file management server 3 It has the function to transmit to. The session ID is information generated by the connection control server 2. The session information only needs to include at least the session ID, and other information may not necessarily be included.

  Further, as described above, the session information notification unit 22 performs file management on the shared file Z itself (or information specifying the shared file Z) notified from the user terminal A11 and the ID for specifying the shared user terminal. A function of notifying the server 3;

  Furthermore, as described above, when the session control unit 21 ends the session, the session information notification unit 22 notifies the file management server 3 to that effect. Specifically, the file management server 2 is instructed to stop sharing the shared file Z that has been shared among the user terminals A11, B12, and C13 that have established the terminated session.

  Next, the configuration of the file management server 3 will be described with reference to FIGS. The file management server 3 (file management device) is a general server computer that stores and manages files. Then, as shown in FIG. 3, the file management server 3 includes a file sharing information acquisition unit 31 and a user authentication unit 32 that are constructed by incorporating a predetermined program into an equipped arithmetic device (not shown). A password setting unit 33, a file access management unit 34, and a sharing cancellation unit 35. In addition, a file storage unit 36 and a shared user management information storage unit 37 are formed in the equipped storage device.

  When the file sharing information acquisition unit 31 receives the shared file Z and the IDs of the user terminals A11, B12, and C13 serving as shared members from the user terminal A as described above, first, The shared file Z is stored in the file storage unit 36. At this time, the shared file Z is set so as not to be shared. Further, the fixed IDs of the user terminals A11, B12, C13 received together with the shared file Z are stored in the shared user management information storage unit 37 in association with the shared file Z as shown in FIG. This is shared member information that identifies user terminals that share a shared file. The shared member information remains associated with the shared file Z thereafter.

  Further, the file sharing information acquisition unit 31 sets the session ID, which is transmitted when the session is established between the user terminals A11, B12, and C13 as described above, for identifying the session, as the shared member information. It is added to the fixed ID of the user terminal, set as a dynamic ID for identifying each user terminal A11, B12, C13, and as authentication reference information (communication terminal authentication reference information) that serves as a reference when authenticating each user terminal Remember. For example, as shown in FIG. 4B, when the session ID is “XYZ”, the dynamic IDs corresponding to the user terminals A11, B12, C13 are “aaaXYZ”, “bbbbXYZ”, “cccXYZ”. Are set respectively.

  Further, the user authentication unit 32 (communication terminal authentication means) is shared by the user terminal that has established a session based on the dynamic ID set corresponding to each user terminal A11, B12, C13 as described above. It authenticates whether the file Z can be accessed. Specifically, a dynamic ID input request is made to each of the user terminals A11, B12, and C13 via the network N in response to the notification of the user terminal from the connection control server 2 described above. Whether or not the dynamic ID (communication terminal authentication information) transmitted from each of the user terminals A11, B12, and C13 is received and matches the dynamic ID stored in the shared user management information storage unit 37. Check out. Thereby, it is possible to check whether or not all communication terminals sharing the shared file are connected to the session with the session ID “XYZ”. When all the dynamic IDs match, the password setting unit 33 is notified to permit access to the shared file. On the other hand, if even one of them does not match or is not received, access to the shared file is not permitted.

  In addition, when the user authentication unit 32 receives a notification that all user terminals have been successfully authenticated, the password setting unit 33 (password setting unit) generates a password for restricting the operation of the shared file. Then, the password is set in the shared file, and the password is notified to the user terminals A11, B12, and C13 that have established a session. Specifically, as described above, the connection date and time information of the session notified from the connection control server 2 (for example, “10212231” when the connection date and time is 12:31 on October 22), and fixing of each user terminal A dynamic password (a combination of connection order information (for example, “aaabbbccc”) indicating the connection order of the session of the user terminal and a session ID (for example, “XYZ”) using the ID (aaa, bbb, ccc). For example, “10221231aaabbbcccXYZ”) is generated. Thus, a password unique to the session and the user terminal connected to the session is generated. Then, as shown in FIG. 4C, the password is set in the shared file stored in the file storage unit 36. In addition, the generated password is notified to each user terminal A11, B12, C13 that has established a session, and sharing permission of the shared file Z is notified. Note that the dynamic password generation method described above is an example, and the present invention is not limited to this. That is, in the above, a dynamic password is generated by combining session connection date / time information, connection order information, and session ID, but by including at least one of these information, it is unique to the session. Just generate a password.

  The file access management unit 34 manages access from the user terminal to the shared file stored in the file storage unit 36. Specifically, when a password is set for a shared file, only the user terminals that have accessed the same password are permitted to operate the shared file (reading, appending, etc.) Access from a user terminal that does not have a password is rejected.

  In addition, upon receiving a session end notification from the connection control server 2, the sharing canceling unit (password canceling unit) sets the password set in the shared file Z shared by the user terminals establishing the session. And the shared file Z cannot be shared. In other words, the password distributed to the user terminal is invalidated, and access to the shared file Z is disabled at any terminal.

[Operation]
Next, the operation of the file management system configured as described above will be described. First, with reference to the sequence diagrams of FIGS. 5 to 6, an operation when setting a shared file for the first time and sharing the shared file will be described.

  First, when the user terminal A12 wants to access the file Z held by the user terminal A11 in common between the user terminal B12 and the user terminal C13, the user terminal A11 assigns a user identifier assigned in advance to the user terminals B12 and C13. An instruction is transmitted to the connection control server 2. That is, the user terminal A11 notifies the connection control server 2 that it is desired to establish a group session with the user terminal A11, the user terminal B12, and the user terminal C13 (step S1).

  Then, the connection control server 2 that has received the group sharing instruction from the user terminal A11 assigns the identifiers of all the user terminals A, B, and C constituting the group session to the user terminal B12 and the user terminal C13, respectively. A sharing request is transmitted (steps S2 and S4). Then, the user terminals B12 and C13 that have received the group sharing request transmit a group sharing response to the connection control server 2 (steps S3 and S5), notifying that they will participate in the group session. Thereby, the connection control server 2 that has received the group sharing response establishes a group session with the user terminals A11, B12, and C13 (see step S6, dotted line). This session is possible by any communication means such as POC, VOIP, and chat.

  Subsequently, between the user terminals A11, B12, and C13 in which the group session is established, the user terminal A11 confirms the identity of the user who wants to access the file Z in common through the group session (voice, video, Character input, etc.) is performed (step S6). When the communication session is established, the connection control server 2 sets the connection order “A → B → C” of the user terminals in this session, the dynamic session ID “XYZ” that is identification information for identifying the session, and the connection date and time. The information to represent is produced | generated and transmitted to the file management server 3 (step S6, session information notification process). The file management server 3 that has received the information on the session performs notification / management of session ID: XYZ, connection time, and order as communication session management.

  Subsequently, the user terminal A11 who determines that the member who wants to share the shared file Z is connected to the same session and is correct transmits a file sharing instruction with the shared file Z attached to the connection control server 2 (step S1). S7). Upon receiving the file sharing instruction, the connection control server 2 adds the shared file sent from the user terminal A11 and the IDs assigned to the user terminals A11, B12, and C13 constituting the already managed group session. A sharing instruction is transmitted to the file management server 3 (step S8).

  Subsequently, the file management server 3 that has received the file sharing instruction permits access only to the user terminal A11, user terminal B12, and user terminal C13 constituting the group session in order to manage access to the shared file Z. Is created (step S9), and the access permission state for the shared file Z is made unshareable. At this time, as shown in FIG. 4B, data (communication terminal authentication reference information) in which a session ID is added to a unique ID of each user terminal as a dynamic ID for specifying a user terminal that can access the shared file Z Is generated and stored in association with the shared file Z.

  Subsequently, the file management server 3 transmits an ID input instruction to the user terminal A11, the user terminal B12, and the user terminal C13 (steps S10, S12, and S14). Then, each of the user terminals A11, B12, and C13 that received the ID input instruction receives an ID input response to which the dynamic ID (communication terminal authentication information) generated by the respective fixed ID and dynamic session ID: XYZ is given, The file is transmitted to the file management server 3 (steps S11, S13, S15). The file management server 3 that has received these ID input responses, all of the dynamic IDs input from the user terminal A11, the user terminal B12, and the user terminal C13, and the dynamic ID set in association with the shared file Z are all Authentication is performed to determine whether they match (communication terminal authentication step).

  If all the dynamic IDs match, a dynamic password is created using the connection time, connection order, ID unique to the user terminal, and session ID (step S16). For example, if the connection time is 12:31 on October 22nd, the connection order is A → B → C, and the session ID is XYZ, the dynamic password is “10221231 aaabbbcccXYZ”. Thus, since the generated password uses information related to the session, it is valid only during the session, and this password becomes invalid after the session ends, as will be described later.

  Subsequently, the file management server 3 sets the generated password in the shared file Z as a password for restricting the operation of the shared file Z as shown in FIG. Is being shared (step S17). Further, the file management server 3 transmits a share permission notification of the shared file Z together with the generated password to the user terminals A11, B12, and C13 (steps S18, S19, and S20), and accesses the shared file Z. And that the operation is possible (password setting step).

  Thereafter, when the file management server 3 receives the dynamic password “102212231aaabbbccccXYZ” at the time of an access request to the shared file Z from the user terminals A11, B12, and C13, the file management server 3 permits each user terminal to operate the shared file Z. (Step S21).

  Thereafter, when the user terminal A11 desires to end the group session, the user terminal A11 transmits a group sharing end instruction to the connection control server 2 (step S22). The connection control server 2 that has received this group sharing end instruction transmits a group sharing end request to the user terminals B12 and C13 (steps S23 and S25). The user terminals B12 and C13 that have received the group sharing end request permit the end of the group session and transmit a group sharing end response to the connection control server 2 (steps S24 and S26). In this way, the connection control server 2 that has received all the group sharing end responses clears the state during the group session, that is, ends the session (step S27).

  Further, the connection control server 2 once transmits a file sharing stop instruction to the file management server 3 in order to deny access to the shared file Z (step S28). The file management server 3 that has received the file sharing stop instruction disables access from all users of the shared file Z, and invalidates the password set in the shared file Z (step S29).

  Next, as described above, with reference to FIG. 7 to FIG. 9, the operation when the file sharing is already performed once and then the group session is ended (step S <b> 100) and access to the shared file Z is performed again. To explain.

  First, when the user terminal A11 wants to access the shared file Z again in common between the user terminal B12 and the user terminal C13, the user terminal A11 is given in advance to the user terminals B12 and C13 as described above. The group sharing instruction with the user identifier is transmitted to the connection control server 2. That is, the user terminal A11 notifies the connection control server 2 that it is desired to establish a group session with the user terminal A11, the user terminal B12, and the user terminal C13 (step S101).

  Then, the connection control server 2 that has received the group sharing instruction from the user terminal A11 assigns the identifiers of all the user terminals A, B, and C constituting the group session to the user terminal B12 and the user terminal C13, respectively. A sharing request is transmitted (steps S102 and S104). Then, the user terminals B12 and C13 that have received the group sharing request transmit a group sharing response to the connection control server 2 (steps S103 and S105) and notify that they will participate in the group session. Thereby, the connection control server 2 that has received the group sharing response establishes a group session with the user terminals A11, B12, and C13 (see step S106, dotted line).

  Subsequently, whether or not the user terminal A11 wants to access the file Z in common between the user terminals A11, B12, and C13 with which the group session has been established is confirmed through this group session (voice, video, text, etc.). Input) (step S106). When the communication session is established, the connection control server 2 sets the connection order “A → B → C” of the user terminals in this session, the dynamic session ID “LMN” which is identification information for identifying the session, the connection date and time. Information to be expressed is generated and transmitted to the file management server 3 (step S106, session information notification step). At this time, the information indicating the session ID and the connection date / time is different from the examples of FIGS. 5 and 6 described above.

  Subsequently, the user terminal A11 that determines that the member who wants to share the shared file Z is connected to the same session and is correct is connected to the connection control server 2 with the shared file Z already registered in the file management server 3. The designated file sharing instruction is transmitted (step S107). Then, the connection control server 2 that has received the file sharing instruction specifies the shared file sent from the user terminal A11 and adds the IDs assigned to the user terminals A11, B12, and C13 constituting the already managed group session. The file sharing instruction is transmitted to the file management server 3 (step S108).

  Subsequently, the file management server 3 that has received the file sharing instruction permits access only to the user terminal A11, user terminal B12, and user terminal C13 constituting the group session in order to manage access to the shared file Z. Is created (step S109), and the access permission state for the shared file Z is made unshareable. At this time, as shown in FIG. 7A, the fixed ID of the user terminal capable of sharing the shared file Z is already stored in association with the shared file Z. Generates a dynamic ID to which a different session ID “LMN” is added, and stores it in association with the shared file Z as shown in FIG. Thus, the dynamic ID in this example is different from that in the previous session described above.

  Subsequently, the file management server 3 transmits an ID input instruction to the user terminal A11, the user terminal B12, and the user terminal C13 (steps S110, S112, and S114). Then, each of the user terminals A11, B12, and C13 that has received the ID input instruction transmits an ID input response to which the dynamic ID generated by the respective fixed ID and dynamic session ID: LMN is given to the file management server 3. (Steps S111, S113, S115). The file management server 3 that has received these ID input responses, all of the dynamic IDs input from the user terminal A11, the user terminal B12, and the user terminal C13, and the dynamic ID set in association with the shared file Z are all Authentication is performed to determine whether they match (communication terminal authentication step).

  If all dynamic IDs match, a dynamic password is created using the connection time, connection order, ID unique to the user terminal, and session ID (step S116). This time, the connection time is October 22, 14:24, the connection order is A → B → C, the session ID is LMN, and the connection time and session ID are different from the previous session establishment. A password different from “10221424aaabbcccLMN” is generated.

  Subsequently, the file management server 3 sets the generated password in the shared file Z as a password for restricting the operation of the shared file Z as shown in FIG. Is being shared (step S117). In addition, the file management server 3 transmits a share permission notification of the shared file Z together with the generated password to the user terminals A11, B12, and C13 (steps S118, S119, and S120), and accesses the shared file Z. And that the operation is possible (password setting step).

  After that, when the file management server 3 receives the dynamic password “10221424aaabbbcccLMN when requesting access to the shared file Z from the user terminals A11, B12, and C13, the file management server 3 permits each user terminal to operate the shared file Z ( Step S121).

  Thereafter, when the user terminal A11 wishes to end the group session, the user terminal A11 transmits a group sharing end instruction to the connection control server 2 (step S122). The connection control server 2 that has received this group sharing end instruction transmits a group sharing end request to the user terminals B12 and C13 (steps S123 and S125). The user terminals B12 and C13 that have received the group sharing end request permit the end of the group session and transmit a group sharing end response to the connection control server 2 (steps S124 and S126). In this way, the connection control server 2 that has received all the group sharing end responses clears the state during the group session, that is, ends the session (step S127). Further, the connection control server 2 once transmits a file sharing stop instruction to the file management server 3 in order to deny access to the shared file Z (step S128). Receiving the file sharing stop instruction, the file management server 3 disables access from all users of the shared file Z, and invalidates the password set in the shared file Z (step S129).

  Next, as described above, after performing the file sharing once and then ending the group session (step S200), the operation when the access to the shared file Z is performed again without the permission of the user terminal C13 is performed. This will be described with reference to FIGS.

  First, when the user terminal A11 wants to access the shared file Z again in common between the user terminal B12 and the user terminal C13, the user terminal A11 is given in advance to the user terminals B12 and C13 as described above. The group sharing instruction with the user identifier is transmitted to the connection control server 2. That is, the user terminal A11 notifies the connection control server 2 that it wants to establish a group session with the user terminal A11, the user terminal B12, and the user terminal C13 (step S201).

  Then, the connection control server 2 that has received the group sharing instruction from the user terminal A11 assigns the identifiers of all the user terminals A, B, and C constituting the group session to the user terminal B12 and the user terminal C13, respectively. A sharing request is transmitted (steps S202 and S204). At this time, the user terminal B12 that has received the group sharing request transmits a group sharing response to the connection control server 2 (step S203), notifying that it will participate in the group session. On the other hand, the user terminal C13 that has received the group sharing request refuses to form a group session, and therefore does not transmit a group sharing response (step S205). Then, the connection control server 2 establishes a group session only with the user terminals A11 and B12 (see step S206, dotted line).

  Subsequently, whether or not the user terminal A11 wants to access the file Z in common between the user terminals A11 and B12 with which the group session has been established is confirmed through this group session (voice, video, character input, etc.). ) Is executed (step S206). When the communication session is established, the connection control server 2 determines the connection order “A → B” of the user terminals in this session, the dynamic session ID “OPQ” which is identification information for identifying the session, and information indicating the connection date and time. Is transmitted to the file management server 3 (step S206, session information notification step). At this time, the information indicating the session ID and the connection date / time is different from the example described above.

  Subsequently, the user terminal A11 that determines that the member who wants to share the shared file Z is connected to the same session and is correct is connected to the connection control server 2 with the shared file Z already registered in the file management server 3. The designated file sharing instruction is transmitted (step S207). Upon receiving the file sharing instruction, the connection control server 2 designates the shared file sent from the user terminal A11 and adds the IDs assigned to the user terminals A11 and B12 constituting the already managed group session. A sharing instruction is transmitted to the file management server 3 (step S208).

  Subsequently, the file management server 3 that has received the file sharing instruction performs dynamic ID for permitting access only to the user terminal A11 and the user terminal B12 constituting the group session in order to perform access management of the shared file Z. Is created (step S209), and the access permission state for the shared file Z is made unshareable. At this time, as shown in FIG. 10A, the fixed ID of the user terminal capable of sharing the shared file Z is already stored in association with the shared file Z. Generates a dynamic ID to which a different session ID “OPQ” is added, and stores it in association with the shared file Z as shown in FIG. However, in this case, since the user terminal C13 is not connected to the group session as described above, the dynamic ID is not generated and stored.

  Subsequently, the file management server 3 transmits an ID input instruction to the user terminals A11 and B12 that have established a group session (steps S210 and S212). Then, each of the user terminals A11 and B12 receiving the ID input instruction transmits an ID input response to which the fixed ID and the dynamic session ID: dynamic ID generated by OPQ are added to the file management server 3 ( Steps S211, S213). The file management server 3 that has received these ID input responses determines whether or not the dynamic IDs respectively input from the user terminal A11 and the user terminal B12 match the dynamic ID set in association with the shared file Z. Authentication is performed (communication terminal authentication step). Then, in the case of this example, since there is no ID input response from the user terminal C13, it is determined that it does not match the set dynamic ID, and the access permission state remains unpermitted. Then, a file sharing non-permission notice is sent to the user terminals A12 and B12 (steps S214 and S215), and access to the shared file Z is not permitted.

  Thereafter, the user terminal A11 transmits a group sharing end instruction to the connection control server 2 (step S216). The connection control server 2 that has received this group sharing end instruction transmits a group sharing end request to the user terminal B12 (step S217). The user terminal B12 that has received the group sharing end request permits the end of the group session, and transmits a group sharing end response to the connection control server 2 (step S218). In this way, the connection control server 2 that has received the group sharing end response clears the state during the group session, that is, ends the session (step S219).

  Next, as described above, when the file sharing has already been performed once and then the group session is ended (step S300), when the access to the shared file Z is performed again, the user terminal D14 pretending to be the user terminal C The operation when the user joins the group session will be described with reference to FIG.

  First, when the user terminal A11 wants to access the shared file Z again in common between the user terminal B12 and the user terminal C13, the user terminal A11 is given in advance to the user terminals B12 and C13 as described above. The group sharing instruction with the user identifier is transmitted to the connection control server 2. That is, the user terminal A11 notifies the connection control server 2 that it is desired to establish a group session with the user terminal A11, the user terminal B12, and the user terminal C13 (step S301).

  Then, the connection control server 2 that has received the group sharing instruction from the user terminal A11 assigns the identifiers of all the user terminals A, B, and C constituting the group session to the user terminal B12 and the user terminal C13, respectively. A sharing request is transmitted (steps S302 and S304). However, in this example, the group sharing request that should have been transmitted to the user terminal C13 is transmitted to the user terminal D14 impersonating the user terminal C13 (step S304).

  Then, the user terminals B12 and D14 that have received the group sharing request transmit a group sharing response to the connection control server 2 (steps S303 and S305) and notify that they will participate in the group session. Then, the connection control server 2 establishes a group session with the user terminals A11, B12, and D14 (see step S306, dotted line).

  Subsequently, whether or not the user terminal A11 wishes to access the file Z in common among the user terminals A11, B12, and D14 with which the group session has been established is confirmed through this group session (voice, video, and text). Input, etc.) is performed (step S306). However, in this example, since the user terminal D14 is not the user terminal C13 that desires sharing, the user terminal A11 transmits a group sharing end instruction to the connection control server 2 in order to immediately end the group session ( Step S307). The connection control server 2 that has received this group sharing end instruction transmits a group sharing end request to the user terminals B12 and D14 (steps S308 and S310). The user terminals B12 and D14 that have received the group sharing end request permit the end of the group session and transmit a group sharing end response to the connection control server 2 (steps S309 and S311). In this way, the connection control server 2 that has received the group sharing end response clears the state during the group session, that is, ends the session (step S312).

  As described above, according to the present invention, it is possible to access a shared file only when all the sharing members preset to share the shared file have a common communication state. As a result, file access security can be improved.

  In addition, since only user terminals connected in a common session can access a shared file based on a dynamic password generated corresponding to the contents of the session, unauthorized access by a third party can be prevented. It can be effectively suppressed. In particular, since the password becomes invalid when the session is disconnected, even if the password is stolen, access to the shared file can be prevented by disconnecting the session.

  INDUSTRIAL APPLICABILITY The present invention can be applied to a system that enables sharing of a file (video, image, document file, etc.) that requires a high degree of security, such as access, browsing, and modification by a plurality of people. Have

It is a block diagram which shows the structure of a file management system. It is a functional block diagram which shows the structure of a connection control server. It is a functional block diagram which shows the structure of a file management server. It is a figure for demonstrating an example of the management situation of a shared file. It is a sequence diagram which shows an example of operation | movement of a file management system. FIG. 6 is a sequence diagram showing an example of the operation of the file management system, showing the continuation of FIG. 5. It is a figure for demonstrating an example of the management situation of a shared file. It is a sequence diagram which shows an example of operation | movement of a file management system. FIG. 6 is a sequence diagram showing an example of the operation of the file management system, showing the continuation of FIG. 5. It is a figure for demonstrating an example of the management situation of a shared file. It is a sequence diagram which shows an example of operation | movement of a file management system. FIG. 6 is a sequence diagram showing an example of the operation of the file management system, showing the continuation of FIG. 5. It is a sequence diagram which shows an example of operation | movement of a file management system.

Explanation of symbols

2 Connection control server 3 File management server 11 User terminal A
12 User terminal B
13 User terminal C
14 User terminal D
21 Session control unit 22 Session information notification unit 31 File share information acquisition unit 32 User authentication unit 33 Password setting unit 34 File access management unit 35 Share release unit 36 File storage unit 37 Shared user management information storage unit

Claims (16)

A file management device comprising: a connection control device for controlling connection between communication terminals; and a file management device for storing and managing a shared file connected to the connection control device via a network and shared by the communication terminals. A system,
The connection control device comprises session information notification means for notifying the file management device of session information for specifying a session established between the communication terminals,
The file management device includes:
Storing shared member information for identifying the communication terminal sharing the shared file;
Whether or not a session specified by the session information notified from the connection control device has been established in all the communication terminals that are shared members of the shared file based on the shared member information. Inquiring to the terminal and determining, provided with a communication terminal authentication means that permits access to the shared file by the communication terminal when it is determined that a session is established in all the communication terminals,
A file management system characterized by that. The communication terminal authentication means included in the file management apparatus acquires communication terminal authentication information including information specifying the communication terminal and information specifying the session from the communication terminal where the session is established, and the communication terminal Determining whether or not a session is established in all the communication terminals based on the authentication information, the shared member information, and the session information notified from the connection control device;
The file management system according to claim 1. The communication terminal authentication means included in the file management device generates communication terminal authentication reference information by adding the session information notified from the connection control device to the shared member information, and the communication terminal authentication reference information; Based on the communication terminal authentication information acquired from the communication terminal, it is determined whether a session is established in all the communication terminals,
The file management system according to claim 2, wherein: The file management device generates a password based on the session information acquired from the connection control device, sets the password as a password that restricts the operation of the shared file, and the password is specified by the session information. Password setting means for notifying the communication terminal connected in a session
The file management system according to claim 1, 2 or 3. The session information notification means of the connection control device notifies the file management device to that effect when a session established between the communication terminals is terminated,
The file management device includes password release means for invalidating the password set in the shared file by the password setting means when receiving a notification of session termination from the connection control device.
The file management system according to claim 4, wherein: The session information includes at least one information among connection order information indicating a connection order of the communication terminals when establishing the session and connection date and time information of the session.
The file management system according to claim 4 or 5, wherein A file management device comprising: a connection control device for controlling connection between communication terminals; and a file management device for storing and managing a shared file connected to the connection control device via a network and shared by the communication terminals. A system,
The connection control device includes session information notification means for notifying the file management device of session information for specifying a session established between the communication terminals,
The file management device generates a password based on the session information acquired from the connection control device, sets the password as a password that restricts the operation of the shared file, and the password is specified by the session information. Password setting means for notifying the communication terminal connected in a session
A file management system characterized by that. A file management device that stores and manages a shared file that is connected via a network to a connection control device that performs connection control between communication terminals and is shared by the communication terminal,
Storing shared member information for identifying the communication terminal sharing the shared file;
Whether or not a session specified by session information for specifying a session notified from the connection control device is established in all the communication terminals that are shared members of the shared file based on the shared member information Communication terminal authentication means for permitting access to the shared file by the communication terminal when it is determined that all the communication terminals have established a session. ,
A file management apparatus. A password is generated based on the session information acquired from the connection control device, the password is set as a password that restricts the operation of the shared file, and the password is connected in the session specified by the session information. Password setting means for notifying the communication terminal
9. The file management apparatus according to claim 8, wherein: A file management device that stores and manages a shared file that is connected via a network to a connection control device that performs connection control between communication terminals and is shared by the communication terminal,
A password is generated based on session information that identifies a session established between the communication terminals acquired from the connection control device, the password is set as a password that restricts the operation of the shared file, and the password is set to the session Comprising password setting means for notifying the communication terminal connected in the session specified by the information;
A file management apparatus. To a file management device that stores and manages a shared file that is connected via a network to a connection control device that performs connection control between communication terminals, and is shared by the communication terminal,
In all the communication terminals that are shared members of the shared file based on shared member information that identifies the communication terminal that shares the shared file, session information that identifies the session notified from the connection control device. Inquires the communication terminal to determine whether or not a specified session is established, and when it is determined that all the communication terminals have established a session, A program for realizing communication terminal authentication means for permitting access.   In the file management device, a password is generated based on the session information acquired from the connection control device, the password is set as a password that restricts the operation of the shared file, and the password is specified in the session information. 12. The program according to claim 11, for realizing password setting means for notifying the communication terminal connected in a session. To a file management device that stores and manages a shared file that is connected via a network to a connection control device that performs connection control between communication terminals, and is shared by the communication terminal,
A password is generated based on session information that identifies a session established between the communication terminals acquired from the connection control device, the password is set as a password that restricts the operation of the shared file, and the password is set to the session The program for implement | achieving the password setting means to notify to the said communication terminal connected in the session specified by information. A file management device comprising: a connection control device for controlling connection between communication terminals; and a file management device for storing and managing a shared file connected to the connection control device via a network and shared by the communication terminals. A file management method by the system,
A session information notification step in which the connection control device notifies the file management device of session information for identifying a session established between the communication terminals;
The session notified from the connection control device to all the communication terminals that are shared members of the shared file based on shared member information that specifies the communication terminal that the file management device shares the shared file with Whether the session specified by the information has been established is inquired from the communication terminal, and when it is determined that all the communication terminals have established a session, the sharing by the communication terminal A communication terminal authentication process that permits access to the file;
A file management method characterized by comprising: The file management device generates a password based on the session information acquired from the connection control device, sets the password as a password that restricts the operation of the shared file, and the password is specified in the session information. A password setting step for notifying the communication terminal connected in a session.
15. The file management method according to claim 14, wherein: A file management device comprising: a connection control device for controlling connection between communication terminals; and a file management device for storing and managing a shared file connected to the connection control device via a network and shared by the communication terminals. A file management method by the system,
A session information notification step in which the connection control device notifies the file management device of session information for identifying a session established between the communication terminals;
The file management device generates a password based on the session information acquired from the connection control device, sets the password as a password that restricts the operation of the shared file, and the password is specified in the session information. A password setting step for notifying the communication terminal connected in the session,
A file management method characterized by comprising:

Images