JP2019091114A - Information processing apparatus, information processing method and information processing program - Google Patents

Abstract

To provide an information processing apparatus, an information processing method and an information processing program capable of realizing an improvement of data security.SOLUTION: A management server apparatus detects a security strength set to a processing of at least processing stage of data (first security strength) at S12, and detects a security strength set to an attribute of an operator who performs a data processing of the data (second security strength) at S14. Next, the security strength to the data processing of the data is complexly determined based on the detected first security strength and second security strength at S15. After then, whether to execute the data processing of the data is controlled based on the determined security strength at S16.SELECTED DRAWING: Figure 13

Description

  The present invention relates to an information processing apparatus, an information processing method, and an information processing program.

  In the document management system disclosed in Patent Document 1 (Japanese Patent Laid-Open No. 2009-301108), when the user instructs printing of document information from the user via the client PC, the document attribute / user characteristic comparison unit User characteristics of the user who issued the print instruction stored in the information storage unit, and user characteristics corresponding to print setting information associated with the document information instructed to be printed, stored in the document information storage unit Compare with the history of Then, based on the comparison result, the main control unit determines, from the print setting information stored in the document information storage unit, the print setting information to be used when printing the document information instructed to be printed. Thus, when printing a document to be managed, it is possible to automatically determine correlated print settings from the characteristics of the user and the attributes of the document.

  Further, the document management system of Patent Document 1 does not print document information for which security settings are made. In this way, the security of the document information for which security setting has been made can be maintained (see paragraph 0215, etc.).

JP, 2009-301108, A

  Here, we consider maintaining data security. For example, it is assumed that security setting is performed on data for each process such as deletion or correction. In this case, since the process other than the prohibited process can be performed by any user such as a user or an operator such as a group, it is difficult to maintain confidentiality.

  On the other hand, for example, it is assumed that security setting is performed on data for each user such as a user or a group. In this case, since data processing is possible regardless of processing such as deletion or correction, there is a problem of lack of security integrity (a security setting with weak security strength).

  Nowadays, improvement of data security is desired from the viewpoint of preventing falsification of data and leakage of confidential information.

  The present invention has been made in view of the above-described problems, and an object thereof is to provide an information processing apparatus, an information processing method, and an information processing program capable of realizing improvement of data security.

  In order to solve the problems described above and achieve the object, the information processing apparatus according to the present invention sets at least a first security strength set for each data processing stage, and for each operator who performs data processing of the data. A detection unit for detecting the second security strength detected, and a determination unit for complexly determining the security strength for data processing of the data based on the first security strength and the second security strength detected. And a control unit that controls whether or not to execute data processing of the data based on the determined security strength.

  Further, in the information processing apparatus according to the present invention, when the determination unit determines that the first security strength and the second security strength are different from each other, the first security strength and the second security strength are different. Among the security strengths of (1) and (2), the security strength matching the preset security strength is selected and determined.

  Further, in the information processing method according to the present invention, the detection unit includes at least a first security strength set for each processing step of data, and a second security strength set for each operator who performs data processing of the data. A detecting step of detecting, a determining step of determining in a composite manner the security strength for data processing of the data based on the detected first security strength and the second security strength, and a control section Control step of controlling whether or not to execute data processing of the data based on the determined security strength.

  Further, the information processing program according to the present invention detects a computer, at least a first security strength set for each processing step of data, and a second security strength set for each operator who performs data processing of the data. And a determination unit that determines the security strength for data processing of the data based on the detected first security strength and the second security strength, and the determined security strength. It is characterized in that it functions as a control unit that controls whether or not to execute data processing of the data based on that.

  According to the present invention, it is possible to realize improvement of data security.

FIG. 1 is a system configuration diagram of a general-purpose document creation system according to the embodiment. FIG. 2 is a hardware block diagram of a client terminal device provided in the general-purpose document creation system of the embodiment. FIG. 3 is a view showing various programs and data stored in the HDD of the client terminal device. FIG. 4 is a functional block diagram of each function realized by the CPU of the client terminal device executing a document creation program. FIG. 5 is a hardware configuration diagram of a management server device provided in the general-purpose document creation system of the embodiment. FIG. 6 is a view showing various programs and data stored in the HDD of the management server device. FIG. 7 is a diagram showing an example of affiliation data of the operator, which is used when the management server apparatus performs the security determination process. FIG. 8 is a diagram showing an example of state-based security data used when the management server apparatus performs security determination processing. FIG. 9 is a view showing an example of affiliation-based security data used when the management server device performs security determination processing. FIG. 10 is a functional block diagram of each function realized by the CPU of the management server device executing the security management program stored in the HDD. FIG. 11 is a diagram showing a workflow of the general-purpose document creation system of the embodiment. FIG. 12 is a flow chart showing the flow of the security strength determination operation in the client terminal device. FIG. 13 is a flowchart showing the flow of the security strength determination operation in the management server device. FIG. 14 is a view showing an example of the data status code of the document corresponding to each process of the workflow process. FIG. 15 is a schematic view of a first specific example of the composite security strength determination operation. FIG. 16 is a schematic diagram of a second specific example of the composite security strength determination operation. FIG. 17 is a schematic diagram of a third specific example of the composite security strength determination operation.

  Hereinafter, as an example, a general-purpose document creation system according to an embodiment to which an information processing apparatus, an information processing method, and an information processing program according to the present invention are applied will be described in detail based on the drawings. The present invention is not limited by the present embodiment.

[1. Overview]
If security strength is set for each data processing, or security strength is set for each person in charge, manager, or operator, it becomes difficult to maintain the confidentiality or integrity of data security.

  Therefore, the general-purpose document creation system according to the embodiment determines the security strength complexly determined based on both the data processing of each stage of the workflow and the attributes of each operator such as a person in charge, a manager, or a group. Set for each data processing of each stage of workflow. Thereby, it is possible to maintain security or integrity and to realize improvement of data security. The specific configuration and operation will be described below.

[2. System configuration]
FIG. 1 is a system configuration diagram of a general-purpose document creation system according to the embodiment. As shown in FIG. 1, the general-purpose document creation system of the embodiment includes one or more client terminal devices 1 and one or more management server devices 2 that perform security management. The client terminal devices 1 and the management server device 2 are communicably connected to each other via a predetermined network 3 such as a LAN (Local Area Network) or the Internet.

[3. Hardware configuration of client terminal]
Although it is an example, FIG. 2 is a hardware block diagram of the client terminal device 1. As shown in FIG. 2, the client terminal device 1 includes a central processing unit (CPU) 11, a read only memory (ROM) 12, a random access memory (RAM) 13, a hard disk drive (HDD) 14, and an input. An output interface (input / output I / F) 15 and a communication unit 16 are provided. The CPUs 11 to the communication unit 16 are mutually connected via a bus line 17. Further, an input unit 18 such as a keyboard device and a mouse device and a display unit 19 such as a monitor device are connected to the input / output I / F 15.

  FIG. 3 is a view showing various programs and data stored in the HDD 14 of the client terminal device 1. As shown in FIG. 3, the HDD 14 stores a document creation program, operation menu data, document input screen data, management data and the like. In this example, although these programs and data are described as being stored in the HDD 14, they may be stored in the ROM 12, the RAM 13, or another storage unit such as an external memory.

  The document preparation program is a program for preparing general-purpose documents such as, for example, a loan assessment business of the financial industry or an issuance management business of a construction contract of the real estate industry. The document creation program sets security for data processing based on the processing stage of the document creation workflow and the affiliation of the operator. Thereby, data security can be improved. Details will be described later.

  The operation menu data is data for displaying on the display unit 19 a menu screen of predetermined operations such as a document creation operation and a security setting operation. The operator operates the input unit 18 to select a desired menu.

  The document input screen data is data for displaying a document input screen for inputting predetermined data into a general-purpose document. The operator operates the input unit 18 to input predetermined data in each input field of the document input screen to create a process. The management data is data such as an identification card received from a customer, a withholding slip, a drawing or a work report generated at the construction stage.

[4. Function of client terminal]
FIG. 4 shows a functional block diagram of each function realized by the CPU 11 of the client terminal device 1 executing a document creation program. As shown in FIG. 4, the CPU 11 executes a document creation program when creating a general-purpose document, whereby the display control unit 21, the document creation processing unit 22, the security control unit 23, the management control unit 24, and the communication control unit 25. Each function of the storage control unit 26 and the application processing unit 27 is realized.

  The display control unit 21 controls the display unit 19 to display an operation menu screen, a document input screen, and the like. The document creation processing unit 22 performs processing for creating a document by performing input processing on predetermined data input from the operator in each input field of the document input screen. The security control unit 23 performs control to maintain the data security set based on each process of the document creation workflow and the attribute of the operator as described later. The management control unit 24 manages data stored in the storage unit such as the HDD 14, such as an identification card received from a customer, a withholding tax slip, a drawing generated at the construction stage, or a work report.

  The communication control unit 25 controls communication with the management server device 2 via the network 3. The storage control unit 26 stores and controls data such as the identification card and the withholding slip received from the customer with respect to the storage unit such as the HDD 14 and performs readout control. The application processing unit 27 transmits the prepared document to, for example, the client terminal device 1 such as a supervisor, and performs an approval application and the like.

  In the above description, the display control unit 21 to the application processing unit 27 shown in FIG. 4 are realized by software using a document creation program. However, part or all of the display control unit 21 to the application processing unit 27 may be realized by hardware such as an IC (Integrated Circuit).

  The document creation program is a file in an installable format or an executable format, for example, CD-ROM, flexible disk (FD), CD-R, DVD (Digital Versatile Disk), Blu-ray Disc (registered trademark), semiconductor The program may be provided by being recorded in a recording medium readable by a computer device such as a memory. The document preparation program may also be provided in the form of installation via a network such as the Internet. The document creation program may be provided by being incorporated in advance in a ROM or the like in an apparatus such as an MFP or a server device.

[5. Hardware Configuration of Management Server Device]
Although this is an example, FIG. 5 is a hardware configuration diagram of the management server device 2. As illustrated in FIG. 5, the management server device 2 includes a CPU 31, a ROM 32, a RAM 33, a hard disk drive (HDD) 34, an input / output interface (input / output I / F) 35, and a communication unit 36. The CPUs 11 to the communication unit 16 are mutually connected via a bus line.

  FIG. 6 is a view showing various programs and data stored in the HDD 34 of the management server device 2. As shown in FIG. 6, the HDD 34 stores a security management program, document data, affiliation data, security data classified by state, security data classified by affiliation, security discrimination strength setting value, and the like. In this example, these programs and data are described as being stored in the HDD 34, but may be stored in the ROM 32, the RAM 33, or another storage unit such as an external memory.

  The security management program determines the data security strength based on the information indicating the processing stage of the data acquired from the client terminal 1 and the information indicating the affiliation of the operator, and the security management program 2 notifies the client terminal 1 of the data security strength. It is a program. The document data is data of a document created and transmitted by the client terminal device 1. Affiliation data is data indicating the affiliation of each operator.

(Affiliation data)
FIG. 7 shows an example of affiliation data. As can be seen from FIG. 7, as the affiliation data, the affiliation of each operator, the operator code and the operator name are stored in association with each other. As the information indicating the affiliation of the operator, information indicating the work place of the Tokyo head office or the Osaka branch office etc. is stored in addition to the information indicating the post of the operator such as a system manager, a department manager, a section manager. Alternatively, as the affiliation of the operator, information indicating a group to which the operator belongs, such as the counter business permission group or the counter business non-permission group, is stored.

  The operator code is a unique code assigned to each operator. In the example of FIG. 7, the operator A is given a unique code "1987". The position of this operator A is a system administrator, and both the Tokyo head office and the Osaka branch office are at work locations, and belong to the window work permission group. Similarly, the operator C has a unique code "2377". The position of this operator C is the position of a section manager, and the Tokyo head office is the work place, and belongs to the group where the window business is not available.

(Security data by status)
Next, security data classified by state shown in FIG. 6 is data indicating security strength set for each processing step of workflow processing. FIG. 8 shows an example of security data classified by state. As shown in FIG. 8, data status codes and data status names are stored as security data classified by status. Further, as the status-based security data, information (information indicating security strength) indicating whether or not processing of data in each processing step of the workflow is stored is stored.

  The data state name is a processing name given to each processing step of the workflow processing. In the case of the example of FIG. 8, “registered” which is a processing stage in which the assessment content (personal information) received at the window is registered from the client terminal device 1 to the management server device 2, and A certain "document selected" is stored in the storage unit as a data state name. Further, in the case of the example of FIG. 8, “WF in process” which is a processing stage for workflow application to the superior etc., “WF rejected” in which the applied workflow is rejected by the superior etc. “WF approved”, which is a processing stage at which the applied workflow has been approved by the supervisor, etc., is stored in the storage unit as a data state name.

  Each data state name is assigned a data state code which is a unique code. In the example of FIG. 8, “10” for “registered”, “20” for “document selected”, “30” for “WF application in progress”, and “WF rejected” Data status codes of “40” and “50” are attached to “40” and “WF approved”, respectively.

  In addition, a predetermined security strength is set for each process performed on data of each process stage of the workflow. Specifically, “o” in FIG. 8 indicates “permit” for processing, “x” indicates “non-permission for processing”, and “Δ” indicates security strength “only reference is possible”. That is, in the example of FIG. 8, the security strength of permission (O) is set for each process of correction, deletion, document selection, and WF application for data in the “registered” process stage of the workflow. Example.

  Also, in the example of FIG. 8, no correction is permitted for data in the “document selected” processing stage of the workflow, and only data reference is possible (Δ), deletion, document selection and WF application In each of the processes, the security strength of permission (o) is set. Similarly, in the example of FIG. 8, no correction is permitted for data in the processing stage of “WF approval” of the workflow, and only data reference is possible (Δ), deletion, document selection and WF application In each of the processes, the security strength of denial (x) is set.

(Security data by department)
Next, the belonging-partwise security data shown in FIG. 6 is data indicating the security strength set for each affiliation of each operator. FIG. 9 shows an example of the belonging-partwise security data. As shown in FIG. 9, a group code and an affiliation name are stored as the affiliation-based security data. Further, as the affiliation-based security data, information (information indicating security strength) indicating whether or not processing of data in each processing step of the workflow is stored is stored.

  As affiliation names, for example, job title names of respective operators such as a system administrator, a department manager, a section manager, a part-time job, etc. are stored. In the example of FIG. 9, security data classified by department by job title is illustrated. However, the security data by affiliation includes security data for each group, such as the Tokyo head office and the Osaka branch office shown in FIG. Should be understood to be included.

  Each affiliation name is provided with a group code which is a unique code. In the case of the example of FIG. 9, "10" for "system manager", "20" for "section manager", "30" for "section manager", and "for section manager" Group codes of “40” and “general” are attached to “50” and “60” to “part-time job”, respectively.

  As shown in FIG. 7, for the affiliation name of “Tokyo Head Office”, “70” for the affiliation name of “Osaka branch office”, and “80” for the affiliation name of “Osaka branch office”, A group code of "90" and a group name of "95" are attached to the affiliation names of the "service impossible group".

  Further, in each process performed on data of each process step of the workflow, a predetermined security strength is set for each affiliation of the operator. Specifically, “o” in FIG. 9 indicates “permit” for processing, “x” indicates “non-permission for processing”, and “Δ” indicates security strength “only reference is possible”. That is, in the example of FIG. 9, the security strength of permission (O) is set for each process of data correction, deletion, document selection, and WF application for an operator whose affiliation is "system administrator". Show that.

  Also, in the example of FIG. 9, for the operator whose affiliation is “general employee (general)”, correction to the data is prohibited, and only reference is possible (Δ), deletion, document selection, WF It indicates that the security level of denial (x) is set for each process of application. Similarly, in the example of FIG. 9, the security strength of disapproval (x) is set for all operations of modification, deletion, document selection, and WF application for an operator whose affiliation is "part-time job". It is shown that.

(Security discrimination strength setting value)
Next, the security determination strength setting value shown in FIG. 6 is a value indicating whether to select the security strength stronger in security or to select the security strength weaker in security. Although described later, the general-purpose document creation system of the present embodiment decrypts based on the security strength set according to the affiliation of the operator and the security strength set for the processing applied to the data at the processing stage of the workflow. Determine security strength. At this time, different security strengths may be used, such as when the security strength set for each affiliation of the operator is “○” and the security strength set for processing applied to data in the workflow processing stage is “x”. Complex processing may have to be performed to determine security strength. In such a case, select the stronger security strength (the security strength of "x" in this example), or select the weaker security strength (the security strength of "o" in this example). Is designated in advance by the security discrimination strength setting value.

  Although this is an example, in this security discrimination strength setting value, a value (for example, a value of “1”) for selecting the stronger security strength (“x” security strength in the above example) is set by default. There is. For example, the administrator of the management server device 2 is free to set the security discrimination strength setting value to a value (for example, a value of “0”) for selecting the weak security strength (security strength of “o” in the above example) Can be changed to

[6. Function of Management Server Device]
Next, FIG. 10 shows a functional block diagram of each function realized by the CPU 31 of the management server device 2 executing the security management program stored in the HDD 34 or the like. As shown in FIG. 10, the CPU 31 implements the functions of the storage control unit 37, the communication control unit 38, and the security determination unit 39 by executing a security management program.

  The storage control unit 32 stores and controls document data and the like of the document created by the client terminal device 1 in a storage unit such as the HDD 34, and also performs readout control. The communication control unit 38 transmits and receives data to and from the client terminal device 1 via the network 3. For example, the communication control unit 38 acquires document data from the client terminal device 1 and notifies the client terminal device 1 of the determined security strength.

  The security determination unit 39 is an example of a detection unit and a determination unit, and is decrypted based on the security strength set according to the affiliation of the operator and the security strength set for the processing to be applied to the data in the processing stage of the workflow. Security strength is determined. The communication control unit 38 notifies the client terminal device 1 of the determined security strength.

  In the above description, the storage control unit 37 to the security setting unit 39 shown in FIG. 10 are realized by software using a security management program. However, part or all of the storage control unit 37 to the security setting unit 39 may be realized by hardware such as an IC (Integrated Circuit).

  Also, the security management program is an installable or executable file, for example, a CD-ROM, a flexible disk (FD), a CD-R, a DVD (Digital Versatile Disk), a Blu-ray Disc (registered trademark), a semiconductor The program may be provided by being recorded in a recording medium readable by a computer device such as a memory. Also, the security management program may be provided in the form of installation via a network such as the Internet. Further, the security management program may be provided by being incorporated in advance in a ROM or the like in an apparatus such as an MFP or a server apparatus.

[7. Workflow processing operation]
Next, the workflow processing operation of the general-purpose document creation system of the embodiment will be described. FIG. 11 is a diagram showing a workflow of this general-purpose document creation system. As shown in FIG. 11, the general-purpose document creation system creates and manages documents by the “data registration process”, the “document selection / output process”, and the “attachment management process”.

  The data registration process is, for example, a process of registering the assessment contents (personal information) received at the reception window, when it is explained in the loan assessment business of the financial industry. The data registration process is, for example, a process of registering the contents of the received contract, when it is described in the issue management work of the construction contract of the real estate industry, for example.

(Data registration process)
Specifically, in the "data registration step", the operator operates the input unit 18 of the client terminal device 1 to input an operator code and a password. The CPU 11 (a login processing unit (not shown)) of the client terminal device 1 performs login processing based on the operator code and the password. After the login process, the display control unit 21 controls the display unit 19 to display the operation menu based on the operation menu data. When data registration is designated by the operator based on the operation menu, the display control unit 21 controls the display unit 19 to display a data registration screen. The operator operates the input unit 18 to input data such as the assessment content (personal information) received at the reception window or the content of the contract received in the entry field of the data registration screen, and instructs registration.

  When registration is instructed, the communication control unit 25 transmits the data input by the operator via the communication unit 16 to the management server device 2 together with the operator code (and the password) input at the time of login. The CPU 31 (storage control unit 37) of the management server device 2 stores and controls data such as personal information or contents of a contract received from the client terminal device 1 in the HDD 34 together with an operator code (and a password). Thereby, the data registration process is completed, and it is possible to create a desired document.

(Document selection process)
Next, when creating a desired document, the operator operates the input unit 18 to acquire, from the management server device 2, data such as the personal information stored earlier or the contents of the received contract, etc. Select the desired documents to be created. That is, when creation of a document is designated, the display control unit 21 displays a document selection menu for selecting a desired document based on the document input screen data. Then, when a desired document is designated by the operator, the display control unit 21 displays a document selection menu for selecting the desired document based on the document input screen data.

  The display control unit 21 displays an input screen of a desired document selected from the document selection menu by the operator. The document creation processing unit 22 performs input processing of predetermined data such as data acquired from the management server device 2, predetermined text data, table data, etc. input by the operator in the input field of the input screen of the selected document. Create document data. As a result, a selection document in a state in which data is input is created, and the processing stage of the workflow becomes the processing stage of "document selected".

(Document output process (WF application process))
Next, the operator instructs to transmit the selected document in which the data has been input, and instructs to apply for approval of the workflow related to the selected document and contents. When the transmission instruction and the approval application instruction are issued, the communication control unit 25 transmits the data of the prepared document and the data indicating that the approval application instruction is issued to the client terminal device 1 of the approver via the network 3. Send. Thereby, the processing stage of the workflow becomes the processing stage of “workflow application in progress (WF application in progress)”. The application processing unit 27 of the client terminal device 1 of the approver checks in stages whether there is a problem in the received selection documents and contents (stage approval), and finally the workflow corresponding to the received selection documents and contents is finally Process approval (finally approved)

  The selection document and the data of the contents thus subjected to the approval process are transmitted to the management server apparatus 2 by the communication control unit 25 of the client terminal apparatus 1 of the approver together with the approval data indicating that the approval has been made. The storage control unit 37 of the management server device 2 associates the data of the selected document and the content received from the client terminal device 1 with the operator code (and password) of the corresponding operator, and stores it in the HDD 34 as document data.

(Attachment control process)
The data of the selection documents and the contents thus approved are managed by the management control unit 24 of the client terminal device 1 of the administrator in the attached management process. This attached management process is a process of managing the ID card or the withholding slip etc. received from the customer, as described in the loan evaluation business of the financial industry. The data registration process is a process for managing drawings and work reports generated at the construction stage, as described in the issue management work of the construction contract of the real estate industry.

[8. Security strength determination operation]
(Summary of security decision operation)
Next, the general-purpose document creation system according to the embodiment determines the security strength for each of the attributes of the operator and each process of the workflow processing stage, and enables data processing based on the determined security strength. First, the outline of the security strength determination operation in the general-purpose document creation system will be described using the flowcharts of FIGS. 12 and 13.

  FIG. 12 is a flow chart showing the flow of the security strength determination operation in the client terminal device 1. The CPU 11 of the client terminal device 1 executes the document creation program shown in FIG. 3 to execute the processing of the flowchart of FIG. 12 with each function shown in FIG. FIG. 13 is a flowchart showing the flow of the security strength determination operation in the management server device 2. By executing the security management program shown in FIG. 6, the CPU 31 of the management server device 2 executes the processing of the flowchart of FIG. 13 by each function shown in FIG.

  First, in step S1 of the flowchart of FIG. 12, the communication control unit 25 of the client terminal device 1 of the operator, together with the operator code (and password) which is the login information of the operator, request processing information indicating the processing requested by the operator To control the communication unit 16 so as to transmit the control server device 2 to the management server device 2.

  The management server device 2 determines the security strength based on the attributes of the operator and the processing of the workflow processing stage requested by the operator, as described below. Then, the management server device 2 determines the propriety of the process requested by the operator based on the determined security strength, and transmits a process availability notification (process availability notification or error notification) to the client terminal device 1.

  In step S2 of the flowchart of FIG. 12, the communication control unit 25 of the client terminal device 1 of the operator determines whether or not the processing availability notification from the management server device 2 has been received. The management server device 2 generates a process availability notification as follows according to the flowchart of FIG. 13 and transmits it to the client terminal device 1 of the operator.

  That is, in step S11 of the flowchart of FIG. 13, the communication control unit 38 of the management server device 2 acquires the login information and the request processing information of the operator from the client terminal device 1. In step S12, the security determination unit 39 refers to the security data classified by state shown in FIG. 6 based on the received request processing information, thereby processing the workflow requested by the operator described with reference to FIG. Detect the security strength set for the process at the stage.

  In step S13, the security determination unit 39 detects the attribute of the operator described using FIG. 7 by referring to the affiliation data shown in FIG. 6 based on the login information of the operator. Further, in step S14, the security determination unit 39 sets the attribute of the operator described with reference to FIG. 9 by referring to the security data classified by affiliation shown in FIG. 6 based on the affiliation of the operator. Detect security strengths.

  Then, in step S15, the security determination unit 39 sets “security strength set for processing at the processing stage of the workflow requested by the operator” and “security set for the attribute of the operator. Based on the “strength”, the security strength for processing at the processing stage of the workflow requested by the operator is determined in a combined manner. The specific description will be described later.

  Next, in step S16, the security determination unit 39 determines, based on the determined security strength, whether the processing at the processing stage of the workflow requested by the operator is possible. If it is determined by the security determination unit 39 that the process at the process stage of the workflow requested by the operator is possible (step S16: Yes), the process proceeds to step S17. In step S17, the communication control unit 38 transmits a process enable notification indicating that the process is possible to the client terminal device 1 of the operator via the network 3, and ends the process of the flowchart in FIG.

  On the other hand, when it is determined that the process at the processing stage of the workflow requested by the operator is not permitted by the security determination unit 39 (step S16: No), the process proceeds to step S18. In step S18, the communication control unit 38 transmits an error notification indicating that the process is not permitted, to the client terminal device 1 of the operator via the network 3, and ends the process of the flowchart of FIG.

  Next, the process availability notification that is such a process availability notification or an error notification is received by the client terminal device 1 of the operator in step S2 of the flowchart of FIG. The security control unit 23 of the client terminal device 1 of the operator determines the propriety of the processing at the processing stage of the workflow requested by the operator based on the received processing propriety notification (step S3).

  When the process control notice is received from the management server device 2, the security control unit 23 determines that the process is possible in step S 3 (step S 3: Yes), and processes the requested workflow in step S 14. Execute the process in the stage. On the other hand, when an error notification has been received from the management server device 2, the security control unit 23 determines that the process is impossible in step S3 (step S3: No). If it is determined in step S3 that the process can not be performed, the display control unit 21 causes the display unit 19 to display an error message (such as an error voice or the like) such as "request processing can not be performed" in step S7. The display control is performed, and the processing of the flowchart of FIG. 12 is ended.

  Next, in step S15, the security control unit 23 instructs the operator to give an instruction to shift to a new process, as in the case of shifting from the data registration step described with FIG. 11 to the document selection step, for example. Determine if it is not. If it is determined that a shift to a new process is instructed (step S5: Yes), the process returns to step S1. In step S1, the communication control unit 25 transmits, to the management server device 2, the request processing information indicating the processing newly requested by the operator, together with the operator code (and password) of the operator as described above. Thereby, on the management server device 2 side, based on the security strength set for each attribute of the operator as described above and the security strength set for the process newly requested by the operator, The security strength is complexly determined and notified to the client terminal device 1.

  The security control unit 23 of the client terminal device 1 controls permission or non-permission of execution of each process in each process step of the workflow process based on the security strength notified from the management server device 2.

  On the other hand, when it is determined by the security control unit 23 that the instruction to shift to a new process is not instructed (step S5: No), the communication control unit 25 determines in step S16 by the above processable notification. The data (processed data) generated by performing the processing that has become possible is transmitted to the management server device 2, and the processing of the flowchart in FIG. 12 is ended. The storage control unit 37 of the management server device 2 stores the processed data received from the client terminal device 1 in the HDD 34 as document data as shown in FIG. The document data stored in the HDD 34 is read from the HDD 34 in response to a read request from the client terminal device 1 and transmitted to the client terminal device 1. The client terminal device 1 can acquire document data from the management server device 2 at a desired timing.

[9. Specific Example of Security Strength Determination Operation]
(First example)
Next, such a security determination operation will be described based on a specific example. As an example, as shown in FIG. 14, the above-mentioned security determination operation will be described using an example of creating each document of work flow processing of reinforcing steel construction, gas pressure welding construction, concrete construction, formwork construction, and steel frame construction. . For example, the data status code of rebar construction is “10”, the data status code of gas pressure welding construction is “20”, the data status code of concrete construction is “30”, the data status code of formwork construction is “40”, , Data status code of steel construction is "50".

  FIG. 15 is a schematic diagram of the first concrete example of the composite security strength determination operation described above. Among these, FIG. 15A is an example of the above-described security data classified by status, and shows the security strength of each process for data of each status in each construction. Specifically, FIG. 15 (a) shows the state of “registered” described above, correction, deletion, document selection, and workflow application (WF application for data of reinforcement work with data status code “10”. Each process of) indicates that all execution is possible (marked with ○ in the figure).

  In addition, FIG. 15 (a) shows the state of “document selected” as described above, correction, deletion, document selection and workflow application (WF application) to data of gas pressure welding work with data status code “20”. For each process, it is only possible to view the data for correction (marked by △ in the figure), deletion, document selection and WF application can all be executed (marked by ○ in the figure) It shows that it is.

  Also, FIG. 15 (a) shows the state of “WF under application” described above, correction, deletion, document selection and workflow application (WF application) for data of concrete construction with data status code “30”. For each processing, for document selection processing, only browsing of data is possible (marked with △ in the figure), and correction, deletion and WF application can not all be executed (× in the figure) It shows that it is a mark).

  On the other hand, FIG. 15 (b) is an example of the above-mentioned belonging security data, and shows the security strength for each attribute of the operator. Specifically, FIG. 15B shows that, in the case of the manager who has the above-mentioned group code “20”, all the processes for data correction, deletion, document selection and workflow application (WF application) can be executed ( In the figure, it indicates that it is a mark of ○). Further, in FIG. 15 (b), when the above-mentioned group code is "40", each process of data correction, document selection and workflow application (WF application) can be executed (marked with ○ in the figure) The deletion process indicates that it is impossible to execute (marked with x in the figure).

  Here, in the case of the general-purpose document creation system of the actual form, security strength is determined in an integrated manner based on security data classified by status and security data classified by affiliation. However, for example, when the security data classified by state is the security strength (mark of 許可) permitting data processing, and the security data classified by affiliation is the security strength (mark of ×) prohibiting the processing by the operator, or If the operator determines the security strength based on different security strengths or if one of the security strengths is selected, as in the case where the operator belongs to both the managerial and clerical manager attributes, some arrangement is required. is necessary.

  Although this is an example, in such a case, the general-purpose document creation system according to the embodiment selects the stronger security strength (mark of x) as the default setting. The selection setting of such security strength may be set by the administrator or the like to, for example, the weak security strength (mark of ○) or an intermediate security strength (mark of Δ).

  FIG. 15C shows that when it is necessary to determine the security strength based on different security strengths, it is set to be determined by the stronger security strength (mark of x) (decision An example of departmental functions).

  FIG. 15 (d) shows the composite determination result of the security strength for each construction. Such a determination result is calculated by the security determination unit 39 of the management server device 2. Hereinafter, an example of calculation of security strength by the security determination unit 39 will be described.

  In the case of the example shown in FIG. 15, the operator belongs to the manager's job and the clerk, as shown in FIG. 15 (b). For managerial positions, data correction, deletion, document setting and WF application are all permitted (all マ ー ク marks). However, deletion of data is not permitted for the chief clerk (mark of x), correction, document setting and WF application are permitted (mark of ○). For this reason, as shown in FIG. 15C, the security determination unit 39 determines to use the security strength of the chief worker as the security strength classified by affiliation.

  Next, the security determination unit 39 determines the respective security supply degrees (FIG. 15 (b)) of correction, deletion, document selection, and WF application set as the security strength of the clerk (FIG. 15 (a)). We compare the security strength of each process of correction, deletion, document selection, and WF application at each process stage of the workflow of each construction shown in. In the case of this example, as described with reference to FIG. 15C, the setting is made such that the determination is made based on the stronger security strength (mark of x). For this reason, the security determination unit 39 performs each processing step of the workflow for each construction shown in FIG. 15 (a) and security strength for correction, deletion, document selection, and WF application of the chief executive shown in FIG. 15 (b). Among the security strengths for the correction, deletion, document selection, and WF application in S., the stronger one is selected to obtain the determination result of the security strength shown in FIG.

  That is, as shown in FIG. 15 (a), the security strengths of correction, deletion, document selection, and WF application to the data of “registered” of reinforcing bar construction are “○”, “○”, “○”, respectively. It is "○". Further, as shown in FIG. 15B, the security strengths of correction, deletion, document selection, and WF application for the chief clerk are “o”, “x”, “o”, “o”, respectively. . Therefore, as shown in FIG. 15 (d), the security determination unit 39 selects the security strength of the stronger (more severe) of the security strengths of the two, and the data of “registered” of the reinforcing bar construction For each process of correction, deletion, document selection, and WF application, the determination result of the security strength of “o”, “x”, “o”, “o” is obtained.

  Similarly, as shown in FIG. 15 (a), the correction, deletion, document selection, and security strength of the WF application for the concrete construction “WF in application” data are respectively “X”, “X”, “Δ” "," X ". Further, as shown in FIG. 15B, the security strengths of correction, deletion, document selection, and WF application for the chief clerk are “o”, “x”, “o”, “o”, respectively. . Therefore, as shown in FIG. 15 (d), the security determination unit 39 corrects the “WF application in progress” data of the concrete work by selecting the stronger one of the two security strengths. For each process of deletion, document selection, and WF application, security strength determination results of “x”, “x”, “Δ”, and “x” are obtained.

  Similarly, as shown in FIG. 15 (a), the security strengths of correction, deletion, document selection, and WF application for data of “WF approval” of mold work are “Δ”, “x”, “x” respectively. "," X ". Further, as shown in FIG. 15B, the security strengths of correction, deletion, document selection, and WF application for the chief clerk are “o”, “x”, “o”, “o”, respectively. . For this reason, as shown in FIG. 15 (d), the security determination unit 39 corrects the data of “WF approval” of the formwork construction by selecting the stronger one of the security strengths of the both. For each process of deletion, document selection, and WF application, the determination result of the security strength of “Δ”, “x”, “x”, “x” is obtained.

(Second example)
Next, a second specific example of the security determination operation will be described. Also in this second example, the data status code of rebar construction is “10”, the data status code of gas pressure welding construction is “20”, the data status code of concrete construction is “30”, the data status code of formwork construction Is “40”, and that the data status code of the steel frame construction is “50”, as in the first example described above.

  FIG. 16 is a schematic diagram of a second specific example of the composite security strength determination operation. Among these, FIG. 16A is an example of the above-described security data classified by status, and shows the security strength of each process for data of each status in each construction. Specifically, FIG. 16 (a) shows the state of “registered” described above, correction, deletion, document selection, and workflow application (WF application for data on reinforcement work with data status code “10”. Each process of) indicates that all execution is possible (marked with ○ in the figure).

  Also, FIG. 16 (a) shows the state of “document selected” described above, correction, deletion, document selection and workflow application (WF application) to data of gas pressure welding work with data status code “20”. For each process, it is only possible to view the data for correction (marked by △ in the figure), deletion, document selection and WF application can all be executed (marked by ○ in the figure) It shows that it is.

  Also, FIG. 16 (a) shows the state of “WF under application” described above, correction, deletion, document selection, and workflow application (WF application) for data of concrete construction with data status code “30”. For each processing, for document selection processing, only browsing of data is possible (marked with △ in the figure), and correction, deletion and WF application can not all be executed (× in the figure) It shows that it is a mark).

  On the other hand, FIG. 16 (b) is an example of the above-mentioned belonging security data, and shows the security strength of each attribute of the operator. Specifically, FIG. 16B shows that, in the case of the system administrator with the above-mentioned group code “10”, all the processes for data correction, deletion, document selection and workflow application (WF application) can be executed. (In the figure, it is indicated that it is a mark of ○). Also, FIG. 16B shows that data correction, deletion, document selection and workflow application (WF application) can not be performed in the case of the general employee (general) whose group code is “50” described above (in the figure, The mark x) indicates that only data browsing is possible at the time of correction of the data (mark △ in the figure).

  In FIG. 16C, similarly to the first specific example described above, when it is necessary to determine the security strength based on different security strengths, setting is performed by the stronger security strength (mark of x). It shows that it has become.

  FIG. 16D shows the determination results of the security strength for each construction. Such a determination result is calculated by the security determination unit 39 of the management server device 2 as in the first specific example described above.

  In the case of the example shown in FIG. 16, the attribute of the operator is a system administrator and a general employee, as shown in FIG. 16 (b). For the system administrator, data correction, deletion, document setting and WF application are all permitted (all マ ー ク marks). However, for general employees, data correction, deletion, document setting and WF application are all disapproved (marked with x), and it is only possible to view data when correcting data ( △ mark). For this reason, as shown in FIG. 16C, the security determination unit 39 determines to use the security strength of a general employee as the security strength classified by affiliation.

  Next, the security determination unit 39 sets each security strength (FIG. 16B) of correction, deletion, document selection, and WF application set as the security strength of this general employee (FIG. 16A). The security strength of each process of correction, deletion, document selection, and WF application in each process step of the workflow of each construction shown is compared. In the case of this example, as described with reference to FIG. 16C, it is set to be determined by the stronger security strength (mark of x). For this reason, the security determination unit 39 determines the security levels for correction, deletion, document selection, and WF application for general employees shown in FIG. 16 (b), and each processing step of the workflow for each construction shown in FIG. 16 (a). Of the security strengths for correction, deletion, document selection, and WF application in S., the stronger one is selected to obtain the security strength determination result shown in FIG.

  That is, as shown in FIG. 16 (a), the security data of correction, deletion, document selection, and WF application to the data of “registered” of reinforcing bar construction are “○”, “○”, “○”, respectively. It is "○". Also, as shown in FIG. 16B, the security data of the correction, deletion, document selection, and WF application for the general employee is “Δ”, “x”, “x”, “x”, respectively. . Therefore, as shown in FIG. 16 (d), the security determination unit 39 corrects and deletes the "registered" data of the reinforcing bar construction by selecting the stronger one of the security strengths of the both. For each process of document selection and WF application, the determination result of the security strength of “Δ”, “×”, “×”, “×” is obtained.

  Similarly, as shown in FIG. 16A, the correction, deletion, document selection, and security data of WF application for the “WF application” data of concrete construction are “X”, “X”, “Δ” respectively. "," X ". Also, as shown in FIG. 16B, the security data of the correction, deletion, document selection, and WF application for the general employee is “Δ”, “x”, “x”, “x”, respectively. . Therefore, as shown in FIG. 16 (d), the security determination unit 39 corrects the “WF application in progress” data of the concrete work by selecting the stronger one of the two security strengths. For each process of deletion, document selection, and WF application, the determination result of the security strength of “x”, “x”, “x”, “x” is obtained.

  Similarly, as shown in FIG. 16 (a), the security strengths of correction, deletion, document selection, and WF application for data of “WF approval” of formwork construction are “Δ”, “x”, “x” respectively. "," X ". Also, as shown in FIG. 16B, the security strengths of correction, deletion, document selection, and WF application for general employees are “Δ”, “x”, “x”, and “x”, respectively. . Therefore, as shown in FIG. 16 (d), the security determination unit 39 corrects the data of the “WF approval” of the formwork construction by selecting the stronger one of the security strengths of the both. For each process of deletion, document selection, and WF application, the determination result of the security strength of “Δ”, “x”, “x”, “x” is obtained.

(Third example)
Next, a third specific example of the security determination operation will be described. In the above-described specific examples, when it is necessary to determine the security strength based on different security strengths, the security strength (mark of x) is determined as the stronger security strength. On the other hand, in the third specific example described below, when it is necessary to determine the security strength based on different security strengths, an example in which the weaker security strength (mark of ○ or Δ) is determined. It is.

  Also in this third example, the data status code of rebar construction is “10”, the data status code of gas pressure welding construction is “20”, the data status code of concrete construction is “30”, the data of formwork construction The status code is "40", and the data status code of steelwork is "50", as in the above-described respective examples.

  FIG. 17 is a schematic diagram of a third specific example of the composite security strength determination operation. Among these, FIG. 17A is an example of the above-described security data classified by status, and shows the security strength of each process for data of each status in each construction. Specifically, FIG. 17A shows the state of “registered” described above, correction, deletion, document selection, and workflow application (WF application for data of reinforcement work with data status code “10”. Each process of) indicates that all execution is possible (marked with ○ in the figure).

  Also, FIG. 17 (a) shows the state of “document selected” described above, correction, deletion, document selection and workflow application (WF application) to data of gas pressure welding work with data status code “20”. For each process, it is only possible to view the data for correction (marked by △ in the figure), deletion, document selection and WF application can all be executed (marked by ○ in the figure) It shows that it is.

  Further, FIG. 17 (a) shows the state of “WF under application” described above, correction, deletion, document selection, and workflow application (WF application) for data of concrete work with data status code “30”. For each processing, for document selection processing, only browsing of data is possible (marked with △ in the figure), and correction, deletion and WF application can not all be executed (× in the figure) It shows that it is a mark).

  On the other hand, FIG. 17B is an example of the above-mentioned belonging security data, and shows the security strength of each attribute of the operator. Specifically, in FIG. 17B, the workflow application (WF application) is disapproved (marked with an x in the figure) in the case of the operator of the section manager who has the above-mentioned group code “30”, and the correction Each process of deletion and document selection indicates that execution is permitted (marked with ○ in the figure).

  As described above, in the case of the third specific example shown in FIG. 17, when it is necessary to determine the security strength based on the different security strengths, the security strength of the weak (easier) one (○ or It is set to be determined by the mark △).

  FIG. 17C shows the determination result of the security strength for each construction. Such a determination result is calculated by the security determination unit 39 of the management server device 2 as in the above-described specific examples.

  That is, the security determination unit 39 determines whether the security strengths of the section manager's job are set as correction, deletion, document selection, and WF application security strengths (FIG. 17B) and FIG. 17A. The security strength of each process of correction, deletion, document selection, and WF application in each process step of the workflow of each construction shown is compared. In the case of this example, as described above, it is set to be determined by the weak security strength (o mark). For this reason, the security determination unit 39 performs each processing step of the work flow of each construction shown in FIG. 17A and the security strength for correction, deletion, document selection, and WF application of the section manager shown in FIG. Of the security strengths for the correction, deletion, document selection, and WF application, the weak security strength is selected, and the determination result of the security strength shown in FIG. 17C is obtained.

  Specifically, as shown in FIG. 17 (a), the security strengths of correction, deletion, document selection, and WF application for the “registered” data of reinforcement work are “o”, “o”, “ ○ "," ○ ". Also, as shown in FIG. 17B, the security strengths of correction, deletion, document selection, and WF application for the section manager's job are “o”, “o”, “o”, “x”, respectively. . For this reason, as shown in FIG. 17C, the security determination unit 39 corrects and deletes the “registered” data of the reinforcing bar construction by selecting the weak security strength among the security strengths of the both. For each process of document selection and WF application, the determination result of the security strength of “o”, “o”, “o”, “o” is obtained.

  Similarly, as shown in FIG. 17A, the correction, deletion, document selection, and security data of WF application for the “WF application” data of concrete construction are “X”, “X”, “Δ”, respectively. "," X ". Also, as shown in FIG. 17B, the security data of the correction, deletion, document selection, and WF application for the section manager's job is “o”, “o”, “o”, “x”, respectively. . Therefore, as shown in FIG. 17 (c), the security determination unit 39 corrects the “WF application in progress” data of the concrete work by selecting the security strength of the weak one among the security strengths of the both. For each process of deletion, document selection, and WF application, the determination result of the security strength of “o”, “o”, “o”, “x” is obtained.

  Similarly, as shown in FIG. 17A, correction, deletion, document selection, and security strength of WF application to data of “WF approval” of steel frame construction are “Δ”, “x”, “x” respectively. , "X". Also, as shown in FIG. 17B, the security strengths of correction, deletion, document selection, and WF application for the section manager's job are “o”, “o”, “o”, “x”, respectively. . Therefore, as shown in FIG. 17C, the security determination unit 39 corrects and deletes the data of “WF approval” of the steel frame construction by selecting the security strength of the weak one among the security strengths of the both. For each process of document selection and WF application, the determination result of the security strength of “o”, “o”, “o”, “x” is obtained.

[10. Effect of embodiment]
As apparent from the above description, the general-purpose document creation system of the present embodiment is based on the security strength set for each affiliation of the operator and the security strength set for each processing of each processing step of the workflow processing. To determine security strength in a complex manner. Then, permission or non-permission of execution of each process in each process step of the workflow process is controlled by the determined security strength.

  If security settings are performed on data for each process such as deletion or correction, any process other than the prohibited process can be executed by anyone such as a user or a group, so that confidentiality can be maintained. Is difficult. In addition, if security setting is performed on data for each operator, data processing becomes possible regardless of the contents of processing such as deletion or correction, so that there is a problem of lack of security integrity.

  However, in the case of the general-purpose document creation system of the present embodiment, since it is possible to control whether or not to execute each process using the security strength determined in a complex manner for each affiliation of the operator and each process of the workflow process. And integrity of security can be maintained, and data security can be improved.

  Also, detailed security settings can be made possible, such as for each operator and for each process.

  Further, when it is necessary to determine the security strength based on different security strengths, the general-purpose document creation system of the present embodiment determines the setting to determine the security strength on the stronger side and the security strength on the weaker side. The administrator or the like can selectively set the setting. Therefore, the security setting operation can have freedom and flexibility.

[11. Modified example]
The present invention may be practiced in various different embodiments within the scope of the technical idea of the present invention, other than the embodiments described above. In addition, the processing procedures, control procedures, specific names, each processing, data and the like shown in the present specification and the drawings can be arbitrarily changed.

  For example, although the security strength is determined on the management server device 2 side in the description of the above-described embodiment, the belonging data, the state-by-state security data (first security strength), and the belonging security data (second And the security discrimination strength setting value may be stored on the client terminal device 1 side, and the CPU 11 of the client terminal device 1 may compositely determine the security strength using these data. Even in this case, the same effect as described above can be obtained.

  In addition, all or any part of the processing functions of the CPU 11 and the CPU 31 may be realized by the CPU and a program interpreted and executed by the CPU, or may be realized as hardware by wired logic. May be The program is recorded in a non-temporary computer-readable recording medium including a programmed instruction for causing the information processing apparatus to execute the processing described in the present embodiment, and the client terminal apparatus as necessary. 1 or mechanically read by the management server device 2. That is, a computer program for giving instructions to the CPU in cooperation with the OS and performing various processes is recorded in the storage unit such as the ROM or the HDD. The computer program is executed by being loaded into the RAM, and cooperates with the CPU to configure the control unit.

  In addition, this computer program may be stored in an application program server connected to the client terminal device 1 or the management server device 2 via an arbitrary network, and all or part of it may be downloaded as necessary. It is also possible.

  Furthermore, the program for executing the processing described in the present embodiment may be stored in a non-temporary computer readable recording medium, or may be configured as a program product. Here, the "recording medium" means a memory card, a universal serial bus (USB) memory, a secure digital (SD) card, a flexible disk, a magneto-optical disk, a ROM, an erasable programmable read only memory (EPROM), and an EEPROM (registration). Trademarks (Electrically Erasable and Programmable Read Only Memory), CD-ROM (Compact Disk Read Only Memory), MO (Magneto-Optical disk), DVD (Digital Versatile Disk), and Blu-ray (registered trademark) Disc etc. It shall include any "portable physical media". Therefore, a recording medium storing a program for executing the processing or the processing method as described in the present specification also constitutes the present invention.

  The “program” is a data processing method described in any language or description method, and may be in any format such as source code or binary code. Note that the “program” is not necessarily limited to one that is configured in a single way, and achieves its function in cooperation with a separate program represented by a plurality of modules or libraries or a separate program represented by the OS. Including things. In addition, as a specific configuration and reading procedure for reading the recording medium in each device shown in the embodiment, an installation procedure after reading, and the like, a known configuration and procedure can be used.

  Further, the specific form of distribution and integration of the devices is not limited to that shown in the drawings, and all or part thereof may be functionally or physically in any unit according to various additions or according to the functional load. It can be distributed and integrated. That is, the embodiments described above may be implemented in any combination, and the embodiments may be implemented selectively.

  The present invention is applicable to, for example, a document preparation system and a document preparation apparatus for preparing documents in the business such as loan appraisal business of the financial industry or issue management business of construction contract of the real estate industry. .

1 Client terminal
11 CPU
14 HDD
16 Communication unit
18 Input section
19 Display
21 Display control unit
22 Document Creation Processing Department
23 Security control unit
24 Management control unit
25 Communication control unit
26 Storage control unit
27 Application Processing Unit 2 Management Server Device
31 CPU
34 HDD
36 Communication unit
37 Storage control unit
38 Communication control unit
39 Security Decision Unit 3 Network

Claims (4)

A detection unit that detects at least a first security strength set for each processing step of data, and a second security strength set for each operator who performs data processing of the data;
A determination unit which determines compositely the security strength for data processing of the data based on the detected first security strength and the second security strength;
An information processing apparatus, comprising: a control unit that controls whether to execute data processing of the data based on the determined security strength. The determination unit is preset among the first security strength and the second security strength when the first security strength and the second security strength are different from each other. The information processing apparatus according to claim 1, wherein a security strength that matches the security strength is selected and determined. A detection step of detecting at least a first security strength set for each data processing stage and a second security strength set for each operator who performs data processing of the data;
A determining step of determining in a composite manner the security strength for data processing of the data based on the first security strength and the second security strength detected;
A control step of controlling whether or not to execute data processing of the data based on the determined security strength. Computer,
A detection unit that detects at least a first security strength set for each processing step of data, and a second security strength set for each operator who performs data processing of the data;
A determination unit which determines compositely the security strength for data processing of the data based on the detected first security strength and the second security strength;
An information processing program comprising: functioning as a control unit that controls whether or not execution of data processing of the data is performed based on the determined security strength.

Images