JP2009301207A - Information processing apparatus and program - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide a technique for managing access right to information, which dispenses with the need for using identifiers of a user and a group, because the identifiers of the user and the group may be changed. <P>SOLUTION: Information is acquired which includes identification information for identifying at least other one piece of information as authority information representing use authority. Furthermore, the information processing apparatus stores use history information, in advance, which identifies information used in the past; refers to authority information included in acquired information; permits use of information acquired, if another information identified by the authority information is included in information which is identified by use history information and is used in the past; and processes the acquired information. <P>COPYRIGHT: (C)2010,JPO&INPIT

Description

  The present invention relates to an information processing apparatus and a program.

  The following methods are considered as a method of giving an individual user or a member of an authorized user group the right to access content anonymously.

An access request is received from a user having a persona identifier, and then a challenge message is created that includes at least a portion of the persona identifier and verification data such as pseudo-random data. The challenge message is sent to a persona server that performs an authorization delegation function that creates an authentication object that can be extracted only by individual users or members of a group. The generated authentication object is transferred to the user. Upon receiving an authentication object from the persona server, the user retrieves the decrypted data from the persona server. If the persona user is a legitimate user, the data retrieved from the persona server is used to unlock the authentication object package by the hardware with security function of the user computer, and the verification data is extracted. After receiving and confirming the verification data from the user, the content provider permits access to the content selected by the user (Patent Document 1).
JP-T-2004-536411

  Since the identifiers of users and groups are subject to change, information access right management technology that does not require the use of these user and group identifiers is provided.

  The invention according to claim 1 is an information processing apparatus, and includes an acquisition means for acquiring information including specific information for specifying at least one other piece of information as authority information indicating a use authority, and information used in the past. The storage means for storing the usage history information to be identified and the authority information included in the acquired information are referred to, and other information identified by the authority information is identified in the usage history information and used in the past. It is determined whether or not it is included in the information, and has permission means for permitting use of the information acquired when it is included, and processing means for processing the information permitted to be used by the permission means. It is.

  A second aspect of the present invention is the information processing apparatus according to the first aspect, wherein the specific information is a hash value of information.

  The invention according to claim 3 is the information processing apparatus according to claim 1 or 2, wherein the usage history information is a Bloom filter based on a hash value of information used in the past.

  A fourth aspect of the present invention is the information processing apparatus according to any one of the first to third aspects, wherein the usage history information includes at least information used in the past based on an instruction received from the outside. It further includes setting means for setting so as not to indicate that there is a history of partial use.

  The invention according to claim 5 is a program, the acquisition means for acquiring information including specific information for specifying at least one other information as authority information indicating use authority, and information used in the past. The storage means for storing the usage history information for identifying and the authority information included in the acquired information is referred to, and other information specified by the authority information is specified in the usage history information in the past. Determining whether it is included in the received information, and allowing it to function as permission means for permitting use of the acquired information and processing means for processing information permitted to be used by the permission means; It is what.

  According to the first and fifth aspects of the present invention, access right management that does not require the use of user or group identifiers becomes possible.

  According to the second aspect of the present invention, access right management that does not require the use of a user or group identifier can be performed using a hash value.

  According to the third aspect of the invention, the Bloom filter is used to speed up the judgment.

  According to the invention described in claim 4, it is possible to control access right deletion.

  Embodiments of the present invention will be described with reference to the drawings. The information processing apparatus 1 according to the embodiment of the present invention includes a control unit 11, a storage unit 12, an operation unit 13, a display unit 14, and a communication unit 15.

  Here, the control unit 11 is a program control device such as a CPU (Central Processing Unit), and operates according to a program stored in the storage unit 12. In the present embodiment, the control unit 11 acquires information to be accessed (document data or the like) according to a user instruction. Then, whether this information can be accessed (use authority) is determined based on the history of information accessed by the user in the past, and when it is determined that access is possible, use of the acquired information (viewing, editing, etc.) ) Is executed. Details of the processing of the control unit 11 will be described later.

  The storage unit 12 includes a storage element such as a RAM (Random Access Memory). The storage unit 12 holds a program executed by the control unit 11. This program may be provided by being stored in a computer-readable recording medium such as a DVD-ROM (Digital Versatile Disc-Read Only Memory) and copied there. The storage unit 12 also operates as a work memory for the control unit 11. Further, in the present embodiment, history information (access history information: corresponding to usage history information) representing information accessed by the user in the past is held in the storage unit 12. For example, as shown in FIG. 2, this information may be a list of hash values calculated based on the content of information accessed by the user in the past.

  The operation unit 13 includes a keyboard, a mouse, and the like, receives a user operation, and outputs the content of the operation to the control unit 11. The display unit 14 is a display or the like, and displays information according to an instruction input from the control unit 11. The communication unit 15 is, for example, a network interface, and exchanges information with a file server or other information processing apparatus connected via communication means such as a network.

  Next, the contents of processing by the information processing apparatus 1 of the present embodiment will be described. The control unit 11 according to the present embodiment executes a process for setting an access right (access right setting process) and a process for determining the presence / absence of the access right (right determination process).

[Access right setting process]
The control unit 11 receives input of information (hereinafter, referred to as target information for distinction) that is an object of access right setting processing, and receives an instruction to set an access right for the target information. The control unit 11 requests the user to specify other information (information different from the target information) that is the source of the access right. When the user designates other information, the control unit 11 calculates a hash value of the designated other information using a predetermined hash function. Then, the calculated hash value is recorded in the target information. When a plurality of pieces of information are designated as other information, the control unit 11 computes a hash value for each of the designated pieces of information and records a set of hash values obtained by the computation in the target information. To do.

  As a result, as shown in FIG. 3, the list (L) of the calculated hash values (or a set thereof) is recorded in the target information together with the contents (C).

[Access processing]
Further, the control unit 11 uses a predetermined hash function (access right setting) every time access to information is performed as a result of determining the access authority by the authority determination process described later. The hash value of the accessed information (in this case, for example, only the content C may be used) is calculated using the same hash function as in the processing. The calculated hash value is added to the storage unit 12 as access history information. Thereby, the access history information as illustrated in FIG. 2 is recorded in the storage unit 12.

[Authority judgment processing]
The authority determination process by the control unit 11 will be described. The control unit 11 acquires information to be accessed according to a user instruction. For example, the control unit 11 acquires information to be accessed from a file server connected via a network or the like via the communication unit 15. And the control part 11 starts the process which investigates the presence or absence of the access right to the acquired information (FIG. 4). First, the control unit 11 checks whether or not an access right is set for the acquired information (S1). Whether or not the access right is set can be checked by checking whether or not a list of hash values is recorded in the acquired information. That is, if a list of hash values is not recorded in the acquired information, the control unit 11 determines that no access right is set for the information, executes the above-described access process, and A hash value is calculated, and the calculated hash value is recorded in the access history information (S4).

  And the control part 11 performs the process of permitting access to information and displaying or editing information according to a user's instruction | indication (S5).

  On the other hand, if the access right is set to the acquired information in the process S1, a list of hash values recorded as authority information in the information is read (S2).

  Then, the control unit 11 determines whether or not the hash value included in the read hash value list is included in the access history information stored in the storage unit 12 (S3). For example, it is checked whether or not all the hash values matching the hash values h1, h2,... Included in the list extracted from the acquired information are included in the access history information. If all the hash values that match the hash values h1, h2,... Included in the list extracted from the acquired information are included in the access history information, it is assumed that there is an authority, and the process proceeds to step S4. Continue processing.

  In the process S3, if all the hash values matching the hash values h1, h2,... Included in the list extracted from the acquired information are not included in the access history information, it is assumed that there is no authority. The user is informed that the acquired information cannot be accessed (S6), and the process is terminated.

  Here, an example has been described in which, in process S3, it is checked whether or not all hash values that match the hash values h1, h2,... Included in the list extracted from the acquired information are included in the access history information. Not limited to this, it may be determined whether or not any one of hash values matching the hash values h1, h2,... Included in the list extracted from the acquired information is included in the access history information.

[Invalidation]
Further, the control unit 11 may set the access history information so as not to indicate that there is a history of using at least a part of information used in the past according to an instruction received from the outside. As an example, the control unit 11 deletes at least a part of the hash value included in the access history information. This instruction includes, for example, information on at least one hash value to be deleted. The control unit 11 checks whether or not the hash value included in the received instruction is stored in the access history information in the storage unit 12. If the hash value is stored in the access history information, the control unit 11 stores the hash value in the storage unit 12. Delete from access history information.

  This instruction may be generated, for example, by the administrator operating the information processing apparatus 1. When generating this instruction, the control unit 11 requests the administrator to specify information that is a source of the hash value to be deleted. When the administrator specifies information, the control unit 11 calculates a hash value of the specified information and includes the calculated hash value in the deletion instruction. The control unit 11 also transmits the deletion instruction to the destination (information processing apparatus 1) designated by the administrator in accordance with the instruction input from the administrator.

[Operation]
The information processing apparatus 1 according to the present embodiment is configured as described above and operates as follows. The information processing apparatus 1 according to the present embodiment stores a list of hash values of information accessed in the past as access history information. In the following example, it is assumed that the list of hash values recorded in the access history information is h1, h2, and h3.

  When the user designates the information A to be accessed, the information processing apparatus 1 acquires the information A and checks whether the information A includes a list of hash values representing the access right. If a list of hash values is included here, the information processing apparatus 1 refers to the list of hash values assuming that the access right is set. Here, if the hash value h1 is set in the list, the information processing apparatus 1 permits access to the information A because the set hash value h1 is included in the access history information. Then, processing such as displaying information A or editing information A according to the user's instruction is performed.

  Further, when performing this access, the information processing apparatus 1 calculates the hash value ha of the information A and records it in the access history information. As a result, the list of hash values included in the access history information is h1, h2, h3, ha.

  When the user designates information B including the hash value h4 as an access target in the list of hash values representing the access right, the information processing apparatus 1 acquires the information B and accesses the information B with the access right. Whether a list of hash values representing is included is checked. Here, since the list of hash values is included, the information processing apparatus 1 refers to the list of hash values assuming that the access right is set. And since the hash value h4 included in this list is not included in the stored access history information, the information processing apparatus 1 does not permit access to the information B, and performs a process of displaying that effect. To finish the process.

[Example using date and time]
Furthermore, in the present embodiment, the access history information is recorded not only by specific information such as hash values of information accessed in the past, but also by recording the access date and time (access date and time) as shown in FIG. Good. Further, as the authority information indicating the access right, not only a list of specific information such as a hash value but also information indicating an elapsed time from the access date may be included.

  For example, when the information on the elapsed time T from the access date is associated as the authority information, the control unit 11 refers to the list of hash values extracted from the information to be accessed in the authority determination process, and The hash value contained in and the access date / time information associated therewith are found by searching.

  When the hash value is found here, the control unit 11 refers to the access date / time information associated with the hash value, and whether it has exceeded the elapsed time T specified in the authority information from the current (processing date / time). Check for no. Here, if the specified elapsed time has not been exceeded, the control unit 11 performs processing assuming that the access right exists, and if not, performs processing assuming that there is no access right. If there are multiple information on the found hash value and access date and time, if either of them does not exceed the specified elapsed time, the processing may be performed assuming that there is an access right, or all of them are specified. As long as the elapsed time is not exceeded (if any one exceeds the elapsed time), the processing may be performed assuming that there is no access right.

  In addition, the hash value may have no access right unless all the hash values included in the authority information are found by the search, or may have the access right if any one is found by the search.

[Example using Bloom filter]
In the above description, an example in which a list of hash values of information accessed by the user in the past is stored as access history information is described. However, the present embodiment is not limited to this. For example, the access history information may be a Bloom Filter based on a hash value of information accessed in the past.

  The Bloom filter uses a bit array of length M bits initially initialized to “0” and k different hash functions f1, f2,... Fk. In the access process, the control unit 11 obtains a hash value (hash value added to the access history information in the above example) for the accessed information using a predetermined hash function, and further obtains the hash value obtained here. In general, different hash values hf1, hf2,..., Hfk are obtained using the k hash functions f1, f2,. Then, a remainder obtained by dividing these hash values by M is obtained, and each bit on the bit array corresponding to each obtained remainder is set to “1”.

  In the authority determination process, the control unit 11 obtains a list of hash values included in the information to be accessed, and uses the hash values included in the list as k hash functions f1, f2,. In general, different hash values hf1, hf2,... hfk are obtained using fk. Then, a remainder obtained by dividing these hash values by M is obtained.

  The control unit 11 refers to each bit value on the bit array corresponding to each of the obtained remainders, and checks whether they are all “1”. If all of these are “1”, the processing is performed assuming that there is an access right. If any one is not “1”, the processing is performed assuming that there is no access right.

  In this Bloom filter, there is a possibility of false positive determination (possibility of being accessed despite not having been accessed in the past), but it can be used effectively if it can be sufficiently ignored. Furthermore, in this embodiment, instead of a simple Bloom filter, a counting filter (L. Fan, P. Cao, J. Almeida, and A. Broder. Summary cache: A scalable wide-area Web cache sharing protocol. In Proceeding of SIGCOMM '98, 1998) may be used. When using this counting filter, as a invalidation process, a specific hash value is specified, hash values corresponding to the k hash functions are obtained, and a remainder obtained by dividing each hash value by M is obtained. The counter at the position on the array corresponding to each of the remainders is decremented by “1”.

[Another example of access right information]
Further, in the present embodiment, an example in which the authority information indicating the access right is included in the information to be accessed is not limited to this. For example, a list of hash values or the like serving as authority information is stored in an external server or the storage unit 12 of the information processing apparatus 1 in association with information such as a file name that specifies each information, and the control unit 11 When executing the authority determination process, the authority information may be acquired by referring to the stored list.

[Example of information]
In the above description, the information is, for example, document information. However, the information is not limited thereto, and may be, for example, a web page. In this case, authority information indicating access authority is included in the content of the web page, and if there is no history of accessing other information (for example, other web pages) indicated by this authority information, the web page is displayed. I won't let you.

  The information may be an e-mail, or may include a plurality of types of information such as e-mails, web pages, documents. For example, by creating a web page that includes the hash value hm of a specific electronic mail in the authority information, the web page cannot be browsed without referring to the specific electronic mail.

  As described above, according to the present embodiment, even if the user or group identifier is changed, the user does not need to reset the access right by maintaining the access history information. Information access right management technology that does not require the use of an identifier is provided.

  Also, this access right management technique does not necessarily require cryptographic processing. Furthermore, if a Bloom filter or the like is used, it becomes difficult to know what information the user has accessed due to the leakage of the information even though the history of the information accessed by the user is recorded.

It is a block diagram showing the structure of the information processing apparatus which concerns on embodiment of this invention, and a connection example. It is explanatory drawing showing the example of the access history information which the information processing apparatus which concerns on embodiment of this invention hold | maintains. It is explanatory drawing showing the example of the content of the information which the information processing apparatus which concerns on embodiment of this invention makes into the object of a process. It is a flowchart figure showing the example of the processing which the information processor concerning an embodiment of the invention performs. It is explanatory drawing showing another example of the access history information which the information processing apparatus which concerns on embodiment of this invention hold | maintains.

Explanation of symbols

DESCRIPTION OF SYMBOLS 1 Information processing apparatus, 11 Control part, 12 Storage part, 13 Operation part, 14 Display part, 15 Communication part.

Claims (5)

Acquisition means for acquiring information including specific information for identifying at least one other information as authority information indicating use authority;
Storage means for storing usage history information for identifying information used in the past;
Refers to the authority information included in the acquired information, determines whether other information specified by the authority information is included in information used in the past specified by the usage history information, and includes Permission means to permit the use of the acquired information when
Processing means for processing information permitted to be used by the permission means;
An information processing apparatus comprising:   The information processing apparatus according to claim 1, wherein the specific information is a hash value of information.   The information processing apparatus according to claim 1, wherein the usage history information is a Bloom filter based on a hash value of information used in the past.   The apparatus further comprises setting means for setting the usage history information so as not to indicate that there is a history of using at least a part of information used in the past based on an instruction received from outside. The information processing apparatus according to any one of 1 to 3. Computer
Acquisition means for acquiring information including specific information for identifying at least one other information as authority information indicating use authority;
Storage means for storing usage history information for identifying information used in the past;
Refers to the authority information included in the acquired information, determines whether other information specified by the authority information is included in information used in the past specified by the usage history information, and includes Permission means to permit the use of the acquired information when
Processing means for processing information permitted to be used by the permission means;
A program characterized by functioning as

Images