JP2010257206A - File server, file providing method and program - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To secure the security of a file to be provided by a file server. <P>SOLUTION: A file server includes: a storage part for storing an electronic file and mask data shielding at least part of the file; and a transmission part for, when the transmission of the file is requested, transmitting the file by shielding it according to the mask data. <P>COPYRIGHT: (C)2011,JPO&INPIT

Description

  The present invention relates to a file server, a file providing method, and a program, and more particularly, to a file server, a file providing method, and a program that provide a file that needs to be secured.

  In a file system and file server via a network, a client requests a security manager, which is a server that manages security, to issue a certificate, receives authentication from the file server, and then performs data input / output operations. By doing so, security is ensured.

  In the method described in Patent Document 1, a PC on which a client application that refers to data operates is encrypted from a file server that operates as a file server after obtaining encryption key information from a meta server that manages security information. Obtain and decode the data block. This ensures data security in the distributed file system.

  In the standardization document ANSI INCITS Working Draft, T10 / 1729-D, "Information technology-SCSI Object-Based Storage Device Commands-2 (OSD-2)", from Security Manager (Security Manager Information, Signature Manager Information) ), And a method of transmitting and receiving a data block encrypted based on the certification information to the file server is described.

  In addition, when performing disclosure control of a part of data in document management, a system is known in which image information of a document is directly processed and the data of the part is not disclosed. However, in such a system, only a part of image data is concealed, and disclosure control of data converted into electronic data and disclosure control based on a plurality of disclosure conditions with different security levels cannot be performed. Further, in order to ensure security, it is necessary to perform processing in a specific closed device.

  In Japanese Patent Application Laid-Open No. 2004-26883, disclosed document masking in which data of a document for which disclosure control is performed is temporarily expanded into display data, and then the expanded data of the disclosed document is blacked and displayed on a display device based on mask position information. A management device is described.

JP 2003-044343 A JP 2004-145529 A

  The following analysis was made by the present inventors. The above technique has the following problems.

  First, a file or object including data that is not desired to be disclosed in part cannot be sent to other terminals on the network while maintaining security. In the disclosed document masking management apparatus described in Patent Document 2, a display application performs masking after converting data into expanded data. Therefore, when sending data to an application, it is necessary to send a file or an object including information before being masked.

  Secondly, the processing for exchanging data requiring security on the network is complicated. According to the security management in the conventional distributed file system, it is necessary to execute input / output permission and encryption after the client receives the signature information and the file server identifies the client based on the signature information. Further, since it is necessary to separately provide a device such as a security manager, the system configuration becomes complicated.

  Third, disclosure control for changing the concealment location of a file according to the security level cannot be performed. For example, a file server in a conventional distributed file system controls input / output by performing authentication in file units or object units. Therefore, the file server cannot disclose only a part of the file according to the client in the input / output control, and only disclose the entire file or not disclose the file at all. I can't. Further, the file server can only paint a part of high-security image data based on the mask data of the image.

  Therefore, securing the security of the file provided by the file server becomes an issue. An object of the present invention is to provide a file server, a file providing method, and a program for solving such problems.

  The file server according to the first aspect of the present invention has a storage unit that holds an electronic file and mask data that conceals at least a part of the file, and when transmission of the file is requested, And a transmission unit that conceals and transmits the file according to the mask data.

  In the file providing method according to the second aspect of the present invention, the file server reads the mask data from the storage unit that holds the electronic file and the mask data that hides at least a part of the file; A transmission step of concealing and transmitting the file according to the mask data when the file server is requested to transmit the file.

  The program according to the third aspect of the present invention is requested to read out mask data from a storage unit that holds an electronic file and mask data that conceals at least a part of the file, and to transmit the file. In such a case, the file server computer is caused to execute transmission processing for concealing and transmitting the file according to the mask data.

  According to the file server, the file providing method, and the program according to the present invention, the security of the file provided by the file server can be ensured.

It is a block diagram which shows the structure of the file server which concerns on the 1st Embodiment of this invention. It is a block diagram which shows the structure of the system containing the file server and client which concern on the 2nd Embodiment of this invention. It is a flowchart which shows operation | movement of the client in the 2nd Embodiment of this invention. It is a flowchart which shows operation | movement of the file server in the 2nd Embodiment of this invention. It is an example of the metadata for object management in the 2nd Embodiment of this invention. It is an example of the metadata for object management in the 2nd Embodiment of this invention. It is an example of the metadata for object management in the 2nd Embodiment of this invention. It is a block diagram which shows the structure of the system containing the file server which concerns on the 3rd Embodiment of this invention, a metaserver, and a client. It is a flowchart which shows operation | movement of the file server in the 4th Embodiment of this invention.

  The file server in the first development form is preferably a file server according to the first viewpoint.

  In the file server of the second development form, the storage unit holds a plurality of mask data according to the security level, and the transmission unit conceals the file with the mask data selected from the plurality of mask data according to the security level. May be transmitted.

  The file server according to the third development form may specify whether mask data needs to be concealed in bit units included in a bit string constituting the file.

  In the file server of the fourth expansion form, the mask data may be a mask rule that represents a rule for hiding at least a part of the file by a predetermined expression.

  In the file server of the fifth expansion form, the transmission unit may transmit the portion that is not concealed and the mask data when concealing the file according to the mask data.

  The client server system of the sixth development form preferably has the above file server and client.

  The file providing method according to the seventh development form is preferably the file providing method according to the second aspect.

  In a file providing method according to an eighth development mode, the storage unit includes a plurality of mask data corresponding to the security level, and conceals the file with mask data selected from the plurality of mask data according to the security level in the transmission step. May be transmitted.

  In the file providing method according to the ninth expansion mode, the mask data may specify whether or not concealment in bit units included in a bit string constituting the file is necessary.

  The file providing method of the tenth development form may be a mask rule in which the mask data represents a rule for hiding at least a part of the file by a predetermined expression.

  In the file providing method of the eleventh development mode, in the transmitting step, the portion that is not concealed when masking the file according to the mask data and the mask data may be transmitted.

  The program in the twelfth development form is preferably a program according to the third viewpoint.

  In the program in the thirteenth development mode, the storage unit holds a plurality of mask data corresponding to the security level, and conceals the file with the mask data selected from the plurality of mask data according to the security level in the transmission process. You may make the file server computer perform the process to transmit.

  The program according to the fourteenth development form may define whether mask data needs to be concealed in bit units included in a bit string constituting a file.

  In the program of the fifteenth development form, the mask data may be a mask rule representing a rule for hiding at least a part of the file by a predetermined expression.

  The program according to the sixteenth development mode may cause the file server computer to execute a process of transmitting a portion that is not concealed and the mask data when the file is concealed according to the mask data in the transmission process.

(Embodiment 1)
A file server according to a first embodiment of the present invention will be described with reference to the drawings. FIG. 1 is a block diagram showing the configuration of the file server 10 of this embodiment. Referring to FIG. 1, the file server 10 includes a storage unit 11 and a transmission unit 12.

  The storage unit 11 holds an electronic file and mask data that is a rule for hiding at least a part of the file. When the transmission unit 12 is requested to transmit a file, the transmission unit 12 conceals and transmits the file according to the mask data. At this time, the security of the file provided by the file server 10 can be ensured. This is because the file concealment process is performed on the file server side.

  The storage unit 11 may hold a plurality of mask data according to the security level, and the transmission unit 12 may transmit the file while concealing the file with mask data selected from the plurality of mask data according to the security level. At this time, the file server can appropriately change the concealment location of the file according to the security level.

  The mask data may define whether or not concealment in bit units included in the bit string constituting the file is necessary. At this time, the file server 10 can perform file disclosure control in bit units.

  The mask data may be a mask rule that represents a rule for hiding at least a part of the file by a predetermined expression. At this time, the capacity of the mask data can be reduced as compared with the case where the mask data is held in bit units.

  The transmission unit 12 may transmit a portion that is not concealed and the mask data when the file is concealed according to the mask data. At this time, the file server 10 can reduce the amount of data to be transmitted.

(Embodiment 2)
A file server according to an embodiment of the present invention will be described with reference to the drawings. FIG. 2 is a block diagram showing a configuration of a client server system including a file server and a client according to the present embodiment.

  Referring to FIG. 2, the client server system according to the present embodiment includes a client 101 and a file server 103. In the client 101, an application that inputs and outputs a file or an object that is a collection of data operates. The file server 103 holds files or objects.

  In this embodiment, as an example, the client 101 and the file server 103 are each one. However, the number of clients and file servers is not limited to this. The storage device 133 is not limited to a magnetic disk device, and may be an optical disk, a silicon disk, or a memory on a controller. The protocol in the file server 101 is not limited to a network file system protocol that performs file input / output, and may be a command set dedicated to object storage, HTTP (Hyper Text Transfer Protocol), or other data input / output protocol via a network. .

  The client 101 requests the file server 103 to input / output data. The file server 103 transmits / receives data to / from the client 101.

  Referring to FIG. 2, the client 101 includes a user application execution unit 110, a file control unit 111, and a network IF unit 112. The user application execution unit 110 executes a program for referring to data on the file server 103.

  The file control unit 111 receives a file reference request from the user application execution unit 110, specifies the location of the file, and then records the corresponding file or an object that is a fragment thereof via the network IF unit 112. An input / output request is sent to the file server 103. If the file control unit 111 does not hold information for specifying the location of the file, the file control unit 111 makes an inquiry to an external server (not shown) that gives the file location via the network IF unit 112 to specify the location of the file. After that, an input / output request is sent to the file server 103.

  Referring to FIG. 2, the file server 103 includes a network IF unit 134, an object data management unit 131, a mask data management unit 135, an application authentication unit 136, an input / output control unit 132, and a storage device 133.

  The object data management unit 131 performs data input / output processing of the corresponding object based on the object input / output request received via the network IF unit 134. In response to an object input / output request from the client 101, the object data management unit 131 receives from the client 101 identification information of the client 101, the application executed by the user application execution unit 110, and the owner executing the application. Based on the identification information, the application authentication unit 136 is inquired to determine whether or not the object can be operated, and the result is returned to the client 101. Thereby, the file server 103 manages whether or not the object operation is possible.

  In the case of the data read operation, the object data management unit 131 reads the object data from the storage device 133 via the input / output control unit 132. The object data management unit 131 sends data to the client 101 via the network IF unit 134. In the case of a write operation, the object data management unit 131 receives data to be written from the client 101 via the network IF unit 134 and then writes the data to the storage device 133 via the input / output control unit 132.

  At the time of reading the object, the object data management unit 131 masks the data by clearing the data area for the data in which the mask bit is set based on the mask data associated with the object, and then the client 101 Send data to.

  On the other hand, when writing an object, the object data management unit 131 gives an instruction to write data to the storage device 133 without processing data sent from the client 101. The object data management unit 131 records the mask data and the mask rule sent from the client 101 after writing in the storage device 133 in the same manner. The object data management unit 131 manages the file ID or object ID in association with the related metadata. The method of managing mask data, mask rules, and objects will be described later.

  When the object is held in the storage device 133, the data area is managed as an object or file while managing the file ID or object ID as identification information by the file system that manages the area of the disk. Also, the object may be fixed length or variable length. In addition to managing with fixed-length blocks, each index may be managed as an object ID.

  A file or object input / output operation according to this embodiment will be described with reference to FIGS. Note that the file operation interface is not limited to an interface used in POSIX (Portable Operating System Interface), and may be an object storage command set or other interface.

  FIG. 3 is a flowchart showing the operation of the client in this embodiment. The operation of the file control unit 111 of the client will be described with reference to FIG. When a file input / output request is issued from a user application operating on the client 101, the file control unit 111 performs the processing shown in FIG. 3 according to the contents of the command in the input / output request.

  First, the file control unit 111 accepts a command issue request based on an application instruction (step S100). The file control unit 111 determines whether the command is an open operation (step S101).

  If it is an open operation (Yes in step S101), an object ID, an application attribute, and an application execution owner attribute are attached, and an object open request is transmitted to the file server 103 (step S102). The file control unit 111 returns the execution result of the process to the application (step S103), and waits for the next command issue request (step S100).

  If the command issuance request is a close operation (Yes in step S104), the file control unit 111 terminates the object operation after releasing the resources required for processing the preceding open request.

  If the command issue request is a read operation (Yes in step S105), the file control unit 111 executes a data read operation (step S106). The file control unit 111 reports the result to the application (step S103) and waits for the next command issue request (step S100).

  If the command issuance request is a write operation (Yes in step S107), a data write (write) operation is executed (step S108), and the mask data and mask rules relating to the written data are stored in the file. It is sent to the server (step S109). The file control unit 111 reports these results to the application (S103), and waits for the next command issue request (step S100).

  FIG. 4 is a flowchart showing the operation of the server in this embodiment. The operation of the object data management unit 131 will be described with reference to FIG.

  The object data management unit 131 receives a command request from the client 101 (step S200). The object data management unit 131 determines whether or not the command request is a file open operation (step S201).

  When the operation is an open operation (Yes in step S201), the object data management unit 131 determines whether or not the application authentication unit 136 can operate the object based on the object ID, the application attribute, and the application execution owner attribute. Is requested to be determined (step S202). Based on the result, the object data management unit 131 returns the execution result to the client 101 (step S203) and waits for the next command request (step S200).

  If the command request is a close operation (Yes in step S204), the object data management unit 131 releases the resources required for the preceding open operation and then ends the operation processing of the object.

  If the command request is a read operation (Yes in step S205), the object data management unit 131 executes the read operation (step S206), and performs mask processing on the data using the mask data stored for each object. Thereafter, the data is sent to the client 101 (step S207). The object data management unit 131 reports the processing result to the client 101 (step S203) and waits for the next command request (step S200).

  If the command request is a write operation (Yes in step S208), the object data management unit 131 executes data writing (step S209), receives mask data or a mask rule related to data from the client 101, and receives a file. Mask data or mask rules are recorded as object management metadata managed by the server (step S210). The object data management unit 131 reports the result to the client 101 (step S203) and waits for the next command request (step S200).

  5 to 7 show examples of object management metadata in this embodiment. A mask data or mask rule management method provided for each file or object in the object data management unit 131 will be described with reference to FIGS.

  Each file or object has a metadata structure for managing the corresponding data area. As an example, the mask information held by each metadata indicates a disclosure condition of data in bit units of data in the data area. The disclosure permission control for each fixed-length area is managed by 0/1 of the bitmap. Referring to FIG. 5, for example, metadata includes a file ID (File ID) or object ID (Object ID) for identifying a file or an object, an attribute (Attribute) that holds a data generation date, an owner, and the like, and data. A device ID (Device ID) for identifying the physical device that performs the operation, a data location (Data Location) indicating a data area in the physical device, and a mask bitmap (Mask Bitmap) for giving mask information of the data area. Here, as a data location, a fixed-length data block list used in UNIX (registered trademark) or the like, or an extent constituted by a pair of a start address and a length of an area used in a CD or DVD, etc. Various management structures can be applied.

  The mask bitmap (Mask Bitmap) is a bundle of mask information for each bit of the data area, and one bit may be assigned to each block. Here, as an example, a mask bitmap is set in units of fixed-length bits.

  When disclosure control of a data area is performed using a mask bitmap (Mask Bitmap), the disclosure content may change according to the security level. Therefore, it is preferable that an independent mask bitmap (Mask Bitmap) can be set according to the security level. As an example, as shown in FIG. 6, a plurality of mask bitmaps may be held in one metadata. At this time, each mask bitmap represents a mask bitmap at each security level.

The mask bitmap (Mask Bitmap) needs to hold a bitmap structure having a length corresponding to a target data area as metadata. On the other hand, if the mask operation has regularity, the mask data may be described as a mask rule. For example, when an example in which an odd number of bytes is masked in units of 1 byte in the data area, the mask M (i) of the i-th bit is
M (i) = mod (i / 8, 2)
Can be specified by. Here, mod (a, b) indicates a remainder (remainder) when a is divided by b. At this time, instead of the mask, the above equation may be coded and recorded as a mask rule. At this time, as shown in FIG. 7, the metadata can hold mask data as a mask rule.

  According to the present embodiment, when a file or object data input / output request is generated from the client to the file server, an object data management unit is provided for each file or object data only in the object server depending on the application or user. As the mask information thus obtained, data can be masked based on a mask bitmap (Mask Bitmap) and a mask rule (Mask Rule), and only a part of the data can be disclosed. Therefore, the control can be simplified, the apparatus can be easily realized, and the disclosure control for a part of the file can be performed according to the security level.

(Embodiment 3)
A file server according to a third embodiment of the present invention will be described with reference to the drawings. FIG. 8 is a block diagram illustrating a configuration of a system including a file server according to the present embodiment. Referring to FIG. 8, the system includes a file server 203, a meta server 202, and a client 201.

  In the client 201, an application that inputs and outputs a file or an object that is a collection of data operates. The file server 203 holds files or objects. Data encryption is performed between the client 201 and the file server 203. The meta server 202 manages security.

  In the present embodiment, as an example, one client 201, one file server 203, and one meta server 202 are provided. However, the number of clients, file servers, and meta servers is not limited to this. Various variations can be applied to the types of the storage devices 223 and 233 and the file input / output protocol as in the second embodiment.

  The client 201 requests the file server 203 to input / output data. The file server 203 transmits / receives data to / from the client 201. The meta server 202 performs application authentication for each application or owner in order to determine whether or not the object can be operated. The storage device 223 of the meta server 202 holds metadata for executing security management of these objects.

  Referring to FIG. 8, the client 201 includes a user application execution unit 210, a file control unit 211, a network IF unit 212, and an encryption / decryption unit 213.

  The file control unit 211 determines whether the user application can be executed based on a response from the file server 203. The file control unit 211 acquires the signature information of the application based on the authentication result of the application inquired of the meta server 202. The encryption / decryption unit 213 encrypts and decrypts data transmitted to and received from the file server 203 based on the acquired signature information.

  Referring to FIG. 8, the file server 203 includes a network IF unit 234, an object data management unit 231, a mask data management unit 235, an input / output control unit 232, a storage device 233, and an encryption / decryption unit 237. .

  The file server 203 transmits and receives data by performing encryption and decryption in the encryption / decryption unit 237 based on the signature information of the application sent from the client 201. Since the application authentication is performed by the meta server 202 provided outside, the file server 203 does not need an application authentication function. However, since the function of the meta server 202 may be realized in any node, the function of the meta server 202 may be realized in the file server 203 as an example.

  Referring to FIG. 8, the meta server 202 includes a network IF unit 224, a metadata management unit 221, an input / output control unit 222, a storage device 223, and an application authentication unit 225.

  The metadata management unit 221 receives, via the network IF unit 224, information related to an application that issues an object input / output request or its owner.

  The application authentication unit 225 generates information such as a signature related to content access based on the received information. At this time, the metadata management unit 221 reads the metadata necessary for application authentication stored in the storage device 223 as necessary via the input / output control unit 222 and determines whether the signature and access are possible. , Notify the application on the client 201. The metadata management unit 221 notifies the associated file server 203 and client 201 of the signature information of the client 201 and file server 203 in the same manner. Thereby, the file server 203 and the client 201 mutually authenticate each other.

  The input / output operation of the file or object in this embodiment is the same as that in the second embodiment. However, in the present embodiment, since the meta server 202 and the file server 203 are provided separately, in the inquiry operation for confirming the location of the object, the external meta server 202 is used and when data is transmitted / received. The point that the encryption process is performed is different from the operation in the second embodiment.

(Embodiment 4)
A file server according to a fourth embodiment of the present invention will be described with reference to the drawings. Since the configuration of the system having the file server according to the present embodiment is the same as that of FIG. 2 in appearance, the file server of the present embodiment will be described with reference to FIGS.

  In this embodiment, data is transmitted and received between the client 101 and the file server 103. At this time, by using the mask rule, the transfer of the transmitted / received data is made efficient.

  In the client 101, an application for inputting / outputting a file or an object (a group of data) operates. The file server 103 holds files or objects. In this embodiment, when data is transmitted / received between the client 101 and the file server 103, a mask rule is transmitted / received together with the data.

  An operation when data is transmitted from the file server 103 to the client 101 will be described. The object data management unit 131 masks the data based on the mask data managed by the mask data management unit 135, deletes the masked data portion, and transmits only the unmasked data portion.

  The file control unit 111 of the client 101 receives the data and the mask rule, reconstructs the data string based on the received data and the mask rule, and outputs the data string to the user application execution unit 110.

  An operation when data is transmitted from the client 101 to the file server 103 will be described. The file control unit 111 of the client 101 transmits data based on the data string and the mask rule received from the user application execution unit 110. Similar to the second embodiment, the file control unit 111 sends the data string to the file server 103 without processing and transmits the mask rule. When it is not necessary to record the data of the mask part, the file control unit 111 transmits the data obtained by deleting the data of the mask part before transmission and transmits the mask rule. The object data management unit 131 of the file server 103 records, in the storage device 133, data that is partially invalidated based on the mask rule.

  The operation of the client 101 according to the present embodiment is different from the operation of the client 101 according to the second embodiment in the following points.

  Referring to FIG. 3, in the data write operation, the client 101 of this embodiment sends the data string to the file server 103 without processing (step S108) and transmits a mask rule (step S109). Further, when it is not necessary to record the data of the mask portion, the data from which the data of the mask portion has been deleted is transmitted before transmission (step S108), and the mask rule is transmitted (step S109).

  On the other hand, in the data read operation, after receiving the data string and the mask rule, the data string is reconstructed based on the data and the mask rule (step S106), and then output to the user application execution unit 110 (step S103). .

  The operation of the file server 103 of this embodiment will be described with reference to the drawings. FIG. 9 is a flowchart showing the operation of the file server of this embodiment. The operation of the file server 103 of the present embodiment is different from the operation of the file server 103 of the second embodiment in the following points.

  In the data write operation, the file server 103 receives a data string from the client 101 (step S309), and then receives a separate mask rule (step S310). If the masked portion of the data is deleted and not sent from the client 101, a data string supplementing the missing data mask portion is recorded based on the mask rule (step S311).

  In the data read operation, after deleting the data in the mask part of the data string based on the data string and the mask rule (step S306), the data and the mask data are transmitted to the client 101 (step S307).

  According to the present invention, the following effects are brought about. First, files or objects containing data that you do not want to be disclosed in part can be securely sent to other terminals on the net.

  According to the conventional technique, it is necessary to control data disclosure in an application. Therefore, in order to manipulate file or object data that includes data that you do not want to disclose, whether the application is adjacent to the storage (file server) without going through the network, does not leak information to the outside Alternatively, it is necessary to implement a complex protocol for realizing secure data transmission / reception between the terminal and the file server.

  However, according to the present invention, a file or object data partially including data that is not desired to be disclosed can be masked (hidden) in the file server. Therefore, it is possible to send the information to the terminal without presenting information that is not desired to be disclosed to the outside, and the configuration of the apparatus can be simplified.

  Secondly, complicated processing when exchanging data requiring security over the network can be omitted.

  According to the present invention, when a file or object data input / output request is issued from the client to the file server, the security level of the application or owner on the client is determined based only on user authentication in a general file input / output service. The mask information (mask bitmap) or the mask rule (Mask Rule) corresponding to the data can be selected to mask the data, and control can be performed so that only a part of the data is disclosed to the user or the application. Therefore, a protocol for ensuring complicated security can be omitted.

  In addition, it is not necessary to perform processing such as file-based security management by separating data that needs to be secured and other data into separate files. Therefore, according to the present invention, security can be ensured by a simple process.

  Thirdly, it is possible to realize control for disclosing a part of a file according to the security level.

  In the prior art, when managing access authentication in units of files, a method of determining whether or not the entire file can be disclosed or processing an image so as not to disclose image data of a predetermined part of the file is used. It has been. According to the present invention, a plurality of mask information (mask bitmap) or mask rules can be provided for each file or object according to the security level. It is also possible to mask data by selecting one of a plurality of mask information or mask rules. Therefore, according to the present invention, the disclosed part can be controlled according to the security level.

  Although the above description has been made based on the embodiment, the present invention is not limited to the above embodiment.

DESCRIPTION OF SYMBOLS 10 File server 11 Memory | storage part 12 Transmission part 101, 201 Client 103, 203 File server 110, 210 User application execution part 111, 211 File control part 112, 134, 212, 224, 234 Network IF part 121,221 Metadata management Unit 125 Application authentication unit 131, 231 Object data management unit 132, 222, 232 Input / output control unit 133, 223, 233 Storage device 135, 235 Mask data management unit 136, 225 Application authentication unit 202 Meta server 213, 237 Encryption / decryption Chemical department

Claims (16)

A storage unit holding an electronic file and mask data for concealing at least a part of the file;
And a transmission unit configured to conceal and transmit the file according to the mask data when requested to transmit the file. The storage unit holds a plurality of mask data corresponding to security levels,
The file server according to claim 1, wherein the transmission unit conceals and transmits the file with mask data selected from the plurality of mask data according to a security level.   The file server according to claim 1, wherein the mask data defines whether or not concealment in bit units included in a bit string constituting the file is necessary.   The file server according to any one of claims 1 to 3, wherein the mask data is a mask rule that represents a rule for concealing at least a part of the file by a predetermined expression.   The file server according to claim 1, wherein the transmission unit transmits a portion that is not concealed and the mask data when the file is concealed according to the mask data.   A client server system comprising the file server according to any one of claims 1 to 5 and a client. A file server reading mask data from a storage unit holding an electronic file and mask data for concealing at least a part of the file;
A file providing method comprising: a transmission step of concealing and transmitting the file according to the mask data when the file server is requested to transmit the file. The storage unit includes a plurality of mask data according to a security level,
The file providing method according to claim 7, wherein in the transmission step, the file is concealed and transmitted by mask data selected from the plurality of mask data according to a security level.   The file providing method according to claim 7 or 8, wherein the mask data defines whether or not concealment in bit units included in a bit string constituting the file is necessary.   The file providing method according to claim 7, wherein the mask data is a mask rule that represents a rule for concealing at least a part of the file by a predetermined formula.   The file providing method according to any one of claims 7 to 10, wherein, in the transmission step, a portion that is not concealed when the file is concealed according to the mask data and the mask data are transmitted. A process of reading mask data from a storage unit holding an electronic file and mask data for concealing at least a part of the file;
A program for causing a file server computer to execute a transmission process of concealing and transmitting the file according to the mask data when transmission of the file is requested. The storage unit holds a plurality of mask data corresponding to security levels,
The program according to claim 12, wherein in the transmission process, a file server computer executes a process of concealing and transmitting the file with mask data selected from the plurality of mask data according to a security level.   The program according to claim 12 or 13, wherein the mask data defines whether or not concealment in bit units included in a bit string constituting the file is necessary.   The program according to any one of claims 12 to 14, wherein the mask data is a mask rule representing a rule for concealing at least a part of the file by a predetermined expression.   The said transmission process WHEREIN: When the said file is concealed according to the said mask data, the process which transmits the part which is not concealed, and the said mask data is made to perform in the computer of a file server. Program.

Images