JP4011593B2 - Electronic original management apparatus and method - Google Patents

Description

  The present invention relates to computerization of a document, and relates to an apparatus and method for managing an original of an important electronic document.

Conventionally, originals of important documents have been managed as paper media, which have been managed by filing and organizing them. However, with the recent spread of personal computers and the expansion of the network environment, the digitization of various services such as business transactions and electronic payments has progressed, and important documents that have been handled as paper media are recorded and processed on electronic media. Has been. As computerization progresses, document management applications linked with databases appear, and documents are currently being managed using these applications.
"Development of originality assurance electronic storage system", [online], [searched on August 22, 2005], Internet <URL: http://www.nmda.or.jp/nmda/ipa/gen/ipa- gen.html>

However, the conventional document management application has the following problems.
1. Since a document is managed by a computer managed by the user, the creation date and time of the document can be easily falsified.
2. Since the document is managed by a computer managed by the user, the document can be easily deleted.
3. Since the document is managed by a computer managed by the user, the document can be easily altered. Even if the document management application records a history of document operations, the history can be easily altered.
4). When a document is copied, an electronic document with exactly the same content is created, so it is impossible to know which is the original document.

  As described above, since electronic documents have various problems that do not exist in paper media, the operation of electronic documents is more restricted than paper media. For this reason, in spite of the great deal of electronic processing, the document is finally output to a paper medium for contract and order processing or stored as a forensic document.

  SUMMARY OF THE INVENTION An object of the present invention is to provide an apparatus and a method for more safely managing an original digitalized important document.

FIG. 1 is a principle diagram of an electronic original management apparatus according to the present invention. The electronic original management apparatus in FIG. 1 includes a registration unit 1, a grant unit 2, a management unit 3, and an issue unit 4.
In the first aspect of the present invention, the registration unit 1 registers electronic information as original information, and the grant unit 2 logically identifies the electronic information logically and uniquely with respect to the electronic information; Location identification information indicating the physical location of electronic information is assigned. The management means 3 manages original information using combination identification information based on a combination of logical identification information and location identification information, and the issuing means 4 includes the combination identification information and is used for accessing the original information. Issue registration certificate information.

  The electronic information registered by the registration unit 1 corresponds to, for example, an electronically important document, and the registered electronic information is stored in the registration unit 1. The physical location of the electronic information corresponds to, for example, a location (address or the like) where the electronic information is stored in the registration unit 1. The management means 3 generates combination identification information by combining the logical identification information and the location identification information given by the assignment means 2, and gives the combination identification information to the original information. And the issuing means 4 produces | generates the registration certificate information containing the combination identification information, and issues it to a registrant.

  The electronic information is registered as original information, and the granting means 2 gives the electronic information logical identification information that uniquely identifies the electronic information and location identification information that represents the physical location of the electronic information. To do. The management means 3 manages the original information using the combination identification information based on the combination of the logical identification information and the location identification information, and the issuing means 4 includes the combination identification information and is used for accessing the original information. Issue registration certificate information.

  According to such an electronic original management apparatus, since electronic information is handled as original information only after being registered, it is possible to clarify that a copy of electronic information generated on the registrant side is not original information. Further, since the registrant and other users access the original information using the issued registration certificate information, the registered original information can be uniquely identified. Therefore, the safety of original management is improved.

  Further, in the second aspect of the present invention, the management means 3 generates a series of corresponding instances of original information according to time-series changes in electronic information, and manages the series of instances as one original series. To do. The granting means 2 gives the original sequence identification information to the original sequence, and the issuing means 4 includes the original sequence identification information, and is a registration certificate used for accessing one of the series of instances. Publish information.

  The instance of the original information is generated when the registered electronic information changes due to update or the like, and the management unit 3 manages the series of instances using the original sequence identification information provided by the providing unit 2. And the issuing means 4 produces | generates the registration certificate information containing the original series identification information, and issues it to a registrant.

  According to such an electronic original management apparatus, it is possible to handle a series of electronic information that is generated by updating or the like as one group. In addition, the registrant and other users access each instance using the issued registration certificate information, so that the registered original document series can be uniquely identified. Therefore, the safety of original management is improved.

  For example, the registration unit 1 in FIG. 1 corresponds to an original sequence management unit 34 and a document storage unit 36 in FIG. 4 to be described later, and the adding unit 2 in FIG. 1 includes a physical ID creation unit 37 and an identification ID creation unit in FIG. 1 corresponds to the original sequence management unit 34 in FIG. 4, and the issuing unit 4 in FIG. 1 corresponds to the original sequence management unit 34 and the registration certificate creation unit 35 in FIG. .

Another electronic original management apparatus according to the present invention includes a registration unit 1, a grant unit 2, an issue unit 4, a registration request reception unit, and a registration certificate transmission unit.
The registration request receiving means receives electronic information and a request for registering the electronic information as original information. The assigning unit 2 assigns electronic information identification information for uniquely identifying the electronic information as original information registered in the electronic original management apparatus . The registration unit 1 registers electronic information as original information and electronic information identification information in association with each other. The issuing means 4 converts the electronic information with a one-way function, and includes the electronic information identification information, the conversion result of the electronic information with the one-way function , and the document name of the electronic information for accessing the original information. Issuing registration certificate information used for. The registration certificate transmission means transmits the issued registration certificate information to the original information registration request source.

  According to the present invention, an electronic original management apparatus is provided separately from a computer environment used by a user, and processing such as registration, update, and movement of an electronic document is performed using a registration certificate issued by the electronic original management apparatus. Is called. This makes it possible to give the electronic document safety (originality) equivalent to or better than that of the paper medium.

The best mode for carrying out the present invention will be described below in detail with reference to the drawings.
In the present invention, an electronic original management apparatus is provided separately from a computer environment that provides services to users. In addition, electronic documents registered in the electronic original management device are all handled as electronic originals, regardless of the attributes such as “original” and “copy” that depend on the application, and a registration certificate is issued for the electronic original. The Handling all as an electronic original corresponds to a state in which the electronic document is output on paper, and thereafter, the user of the electronic original accesses the electronic original using the issued registration certificate. For example, the following electronic originals are registered.
1. Securities, health insurance cards, banknotes, etc. By presenting the original, the rights and values can be shown, or the original can be transferred.
2. Documents generated by commercial activities (forensic documents), such as receipts. The original can be kept and submitted as evidence during audits.
3. Documents attached to contracts, such as family register copies and registry copies. The certified copy of the family register and the certified copy of the registry are guaranteed to be the same as the contents registered in the original of the registered family register and registry, and are stored together with the contract as the original to guarantee the identity at the time of contract.
4). Contracts, etc. Two original copies of the same contract will be created and each original will be kept by each party that has signed the contract.
5). Wills, contracts, etc. Establishing a third party such as a lawyer or notary office, the third party keeps the original, and the parties keep the copy.
6). Documents that are generated in general business, such as minutes and planning documents. Keep the originals of these documents and share them with multiple parties.
7). Documents generated by government agencies and local governments. Set and manage custodians and disclosure levels.
8). Documents submitted as evidence during patent disputes, such as research notes and design documents.
9. Image information that is evidence of research, such as photographs of DNA (deoxyribonucleic acid) taken with an electron microscope or films showing the state of wind tunnel experiments.

FIG. 2 shows an electronic original model stored in the electronic original management apparatus in the present embodiment. In FIG. 2, a secure archiver (SA) corresponds to an electronic original management apparatus and performs the following processing.
P1: An electronic document processed and created by a user's computer becomes an electronic original only after being registered in the SA. In this way, by handling an electronic document as an original document only after it is registered in the SA, even if the electronic document is copied on the user side and the same electronic document is created, they are not the original document, but they are not in the original document but in the SA. Clarify that the electronic document is the original.
P2: Next, the SA issues a registration certificate for the registered electronic document (electronic original). As described above, the SA issues a registration certificate, and the user accesses the electronic original in the SA using the registration certificate, whereby the electronic original in the SA can be uniquely identified.
P3: Next, even if an electronic document having the same content on the user side is registered twice in the SA, it is handled as a separate original in the SA. In this way, by handling electronic documents registered in SA as separate electronic originals, even if the same content is printed on paper media, it can be handled as physically separate objects, even if they are the same. Even if it is content, it can be identified electronically as independent originals.
P4: Next, when an electronic original is updated, the electronic document at each time point is held as an instance of the original. In addition, a registration certificate is issued for each instance. By processing in this way, the user can take out an instance of a certain original at a certain point in time using the registration certificate.
P5: A series of instances held in P4 are handled as one original. By processing in this way, it is possible to handle an original whose state changes due to update or the like as one original.
P6: Next, only a copy from the electronic original registered in the SA is handled as a copy of the electronic original. By processing in this way, it is possible to clearly distinguish a copy document generated on the user side from a copy of an electronic original.
P7: Next, a process of clearly distinguishing at which point the copy created from the original of the electronic original is the copy of the electronic original is performed. Also, a registration certificate is issued for a copy of the electronic original. In this way, by issuing a registration certificate that clearly indicates when the electronic original is a copy, the user can clearly identify when the electronic original copy is a copy. It becomes possible.
P8: Next, the registration information specified by the application such as the original and copy attributes, and the management information uniquely managed by the SA such as the copy and original attributes and the creation date and time are integrated with the electronic document. In this way, by integrating the electronic document, management information, and registration information independently of the application, it is possible to refer to the attributes of the electronic original at the destination even if the document moves. Become.
P9: Next, falsification detection information (portion represented by SA surrounded by a circle) is created by integrating the electronic document, management information, and registration information. Thus, by creating falsification detection information including not only electronic documents but also management information and registration information, consistency of the electronic documents, management information, and registration information is maintained.

  FIG. 3 is a configuration diagram of an electronic original management system including the above-described secure archiver. The system of FIG. 3 includes an SA 11, a service client (user terminal) 12, and a local environment 13, and an electronic original 14 is exchanged between the service client 12 and the SA 11 and between the two SAs 11. The document record 15 corresponds to the registration certificate in FIG. 2 and is used to access the electronic original 14 in the SA 11.

  The service client 12 and the SA 11 are connected to a communication network, and the service client 12 accesses the electronic original 14 in the SA 11 using the document record 15 issued from the SA 11 when registering the electronic original. Further, in the exchange between the SAs 11, in the case of network connection, the electronic original 14 is exchanged using the document record 15 as in the communication between the service client 12 and the SA 11. When offline, the electronic original 14 is exchanged using the secure medium 16.

  The local environment 13 on the service client side is a system that guarantees safety (originality) such as uniqueness of an electronic original in one department or office in the company, and includes a local SA 21 and a user terminal 22. . An electronic original managed in the local SA 21 is guaranteed to be original only in the local environment 13 and is not linked to an electronic original in the other SA 11. Electronic local information can be exchanged between the local SA 21 and the external SA 11 via the communication network or the secure medium 16.

  FIG. 4 is a block diagram of SA11 in FIG. 4 includes a network interface 31, a request interpretation unit 32, a response creation unit 33, an original sequence management unit 34, a registration certificate creation unit 35, a document storage unit 36, a physical ID creation unit 37, an encryption processing unit 38, and a key holding unit. Unit 39, identification ID creating unit 40, time generating unit 41, device ID holding unit 42, and incremental counter 43.

  Among these, the document storage unit 36 and the physical ID creation unit 37 constitute a file system, and include an encryption processing unit 38, a key holding unit 39, an identification ID creation unit 40, a time generation unit 41, a device ID holding unit 42, and an incremental. The counter 43 is implemented as security hardware.

  FIG. 5 is a flowchart of the processing performed by SA11. One transaction of SA11 consists of receiving a request from the client 12, processing in the device in response to the request, and sending a response to the client 12. First, the network interface 31 receives a request from the client 12 (step ST1), and the request interpreter 32 identifies the type of request (step ST2).

  Next, the original sequence management unit 34 performs processing according to each request (step ST3) and creates a processing result (step ST4). Then, the response creation unit 33 creates a reply message to the client 12 (step ST5), and the network interface 31 transmits the reply message to the client 12 (step ST6). Thereby, one transaction is completed.

  For example, when a document registration request is received from the client 12, the request interpretation unit 32 interprets that the request type is document registration, and passes the document sent from the client 12 to the original sequence management unit 34.

  Next, the original sequence management unit 34 requests the identification ID creation unit 40 to create a logical identification ID via the encryption processing unit 38 and stores the document in the document storage unit 36. The identification ID creation unit 40 obtains a time stamp from the time generation unit 41, obtains a device ID of SA11 from the device ID holding unit 42, obtains a counter value representing a document ID in the device from the incremental counter 43, and A logical identification ID is generated.

  Also, the cryptographic processing unit 38 applies a digital signature to the logical identification ID using the device key (SA individual key) held in the key holding unit 39 and passes the logical identification ID to the original sequence management unit 34. The physical ID creation unit 37 creates a physical ID representing the physical location of the document and passes it to the original document series management unit 34 via the document storage unit 36.

  The original sequence management unit 34 concatenates the logical identification ID and physical ID and passes them to the encryption processing unit 38. The cryptographic processing unit 38 performs signature processing using the device key held in the key holding unit 39 and returns the generated digital data to the original sequence management unit 34 as an identification ID. The original sequence management unit 34 manages the received identification ID as identification information of the document requested to be registered.

  Next, the original document series management unit 34 instructs the registration certificate creation unit 35 to create a document record, and the registration certificate creation unit 35 creates a document record and returns it to the original document series management unit 34. Then, the original sequence management unit 34 passes the document record to the response creation unit 33, and the response creation unit 33 creates a response message to the client 12, sends it to the client 12 via the network interface 31, and performs processing. finish. The same applies to the configuration of SA21 in FIG.

Next, the processing performed by the system of FIG. 3 will be described in more detail with reference to FIGS.
As described above, the SA issues a document record as a registration certificate to the user when registering an electronic original. The user uses the document record to access the electronic original in the SA, or sends the document record to the original sharer. The sharer can use the original by accessing the SA using the sent document record. The requirements for document records are as follows:
1. Prove the fact of electronic original registration.
2. Provides information indicating to which original in the SA is issued.
3. Information indicating which electronic document of the user is registered as the original is provided.
4). Provides information on the original registrant (owner).
5). Provides information on the SA to be accessed.
6). Detect tampering of document records.

  Because of these requirements, SA publishes information as shown in FIG. 6 embedded in a document record. The hash value 51 of the electronic original is a value obtained by compressing the content of the original registered in the SA using a hash function. By comparing the hash value 51 with the hash value of the electronic document held by the user, it can be confirmed that the electronic document is indeed a document registered in the SA. Therefore, the hash value 51 is used as information that proves the fact of registration. Instead of the hash value 51, the result of converting the original content with another one-way function may be used.

  The identification ID 52 is identification information for uniquely identifying the electronic original in the SA, and is generated from the logical identification ID and the physical ID. The SA adds an identification ID to the document record as information indicating to which electronic original the document record is issued.

  The electronic document name 53 on the user side corresponds to the file name managed on the user side, and is added as information associating the electronic original in the SA with the electronic document of the user. The user ID 54 is identification information used for authentication at the time of original registration, and is added to the document record as information on the original registrant (owner).

  The SA connection destination information 55 corresponds to the SA IP (Internet Protocol) address, FQDN (Fully Qualified Domain Name), etc., and is added to the document record as SA identification information to be accessed. In addition, the SA signature 56 is signature information that is calculated and attached by the SA to the document record information when the document record is issued, and is also endorsed information indicating that the document record has been issued by the SA. The user can verify whether or not the electronic document has been tampered with by transmitting the document record to which the signature 56 is attached to the SA.

  Next, management of the original sequence will be described. The state of the original registered in the SA is changed by operations such as update, move, and delete. Each time the state changes, the SA holds the original instance at that time and manages a series of instances as an original sequence. Then, an original sequence ID is given to the original sequence to uniquely identify it. As a result, when viewed from the service client, the sequence can be specified as one original and taken out.

  FIG. 7 shows how the original sequence is uniquely identified by the original sequence ID. When the electronic document D1 is registered in the SA as the electronic document D1-1, the SA gives SID1 as the original sequence ID to the electronic document D1-1 and manages it as the original sequence S1.

  After that, when the electronic document D1 is modified, the original state changes, and re-registration is performed, the SA generates an instance of the electronic document D1-2 with SID1 as the original sequence ID, and holds it To do. Thereafter, whenever a state change occurs, instances such as the electronic documents D1-3, D1-4, and D1-5 are held, and a series of instances are identified by SID1.

  In addition, the electronic document D2 registered separately from the electronic document D1 is newly given SID2 as the original sequence ID. A series of instances D2-1, D2-2, D2-3, D2-4, D2-5, and the like of the electronic document D2 are identified by SID2 and managed as the original sequence S2. At this time, even if the contents of the electronic document D2 are exactly the same as the contents of the electronic document D1, the SA manages each as a separate electronic original.

  By using such an original sequence ID, it is possible to identify a series of instances generated by a state change as one original. However, when auditing forensic documents, etc., it is necessary to identify and retrieve an instance at an arbitrary point in a certain original series. Therefore, SA gives a time stamp to the instance at each time point of the original sequence.

  FIG. 8 shows a state in which instances that change in time series in a certain original series are managed by time stamps. When the electronic document D1 is registered as the electronic document D1-1, the time stamp T1 at the time of registration is given, and thereafter each time the state changes, the time stamps T2, T3, T4, T5, etc. are given to each instance. The user can specify and take out an instance of an electronic original at an arbitrary point in time by specifying the original sequence ID and the time stamp.

  Next, in order to clarify the requirements for managing the original and copy of the electronic original, the problem of copying the electronic document is first clarified. If an electronic document is copied, there will be an electronic document that is exactly the same as the original, so the copy will be flooded and it will be impossible to identify which is the original. For this reason, conventionally, copying has been managed by an operation method such as attaching a label to a medium.

  Even if an electronic document is illegally copied, it cannot be identified at the copy source, and the copy can be handled as an original electronic document at the copy destination. Yes. In the case of a paper medium, the original and the copy can be identified from the texture.

  In the case of a paper medium, when a plurality of copies are created, each copy can be physically identified. However, since an electronic document exists as a copy having exactly the same contents as the original, it cannot be distinguished from the original, let alone identifying each copy.

For these reasons, the following requirements are required for managing originals and copies of electronic originals.
1. Provide users with a means of uniquely pointing to the original and copy of the electronic original. Information that identifies the original and the copy is provided to the user so that the electronic original from which the copy is copied can be identified.
2. Even when copying multiple times, each copy can be uniquely identified.

In order to satisfy these requirements, SA manages the following originals and copies.
1. Unique identification of original and copy of electronic original by document record Register electronic document in SA, and the electronic document in SA indicated by the document record issued at the time of registration is the original, and a copy of the original is generated only from the electronic original To manage. Also, a document record is issued when a copy is generated, and only the electronic document in the SA indicated by the document record is handled as a copy of the original.

By managing the electronic document indicated by the document record as an electronic original or a copy thereof, the document record uniquely identifies the original in the SA even if the user copies the document record. It becomes possible. Therefore, it is possible to solve the problem of not knowing which is the original and the problem of overflowing copies.
2. Management by Type Attribute An attribute (type attribute) for identifying an original and a copy is given to the electronic original registered in the SA. Further, when generating a copy of the original, an electronic document that inherits the original sequence ID and the time stamp is generated, a copy is given as a type attribute, and this electronic document is used as a copy of the original. The copy of the electronic original generated in this way clearly indicates from which electronic original instance the copy was generated. The type attribute is added to the document record and notified to the user, and the user identifies the original and copy of the electronic original by referring to the document record.

  In addition, the electronic original copy is given a type attribute including a serial number indicating how many times the copy is made, and even if the copy is made a plurality of times, each copy can be identified as an independent document. This serial number is added to the document record to notify the user, and the user identifies each copy of the electronic original as independent. Thus, a plurality of copies are managed by the type attribute including the serial number.

  FIG. 9 shows a state in which an original and a copy of an electronic original are uniquely identified using a document record. When the electronic document D1 is registered in the SA as an electronic original, it is held in the SA as an electronic original O1 (original). Then, a document record R1 (original) is issued for the electronic original.

  This document record R1 uniquely identifies the electronic original O1 in the SA. Even if this document record R1 is copied by the user's personal computer or the like, since the copy of the document record R1 uniquely points to the electronic original O1 in the SA, it is impossible to know which is the original original. The problem does not arise.

  Next, when an electronic original O2 (copy), which is a copy of the original, is generated for the electronic original O1, a document record R2 is issued for the electronic original O2 as well as the electronic original O1. Even if the document record R2 is copied, the copy of the document record R2 can uniquely identify the electronic original O2 in the SA.

  Note that copying of the electronic document D1 on the user side is a normal copying operation, and the electronic document D1-C at the copy destination has no effect as an original. This is because, in the user's system, the electronic document in the SA uniquely indicated by the document record R1 is managed as the original.

  According to such management of the original and copy of the electronic original, even if the electronic original in the SA is illegally and conveniently updated, the user's system can keep the latest state of the original in the SA An instance valid as an original can be retrieved by a document record. Therefore, the security of uniquely identifying the original and the copy of the electronic original is provided.

  FIG. 10 shows how a type attribute is assigned to an electronic document. When the electronic document D1 is registered as an original in the SA, SID1 is given as an original series ID, T1 is given as a time stamp, an original is given as a type attribute, and it is registered as an electronic original (original). The original is set as the initial value of the type attribute for all electronic documents registered by the user in the SA. At the time of registration, the SA issues an electronic original document record R1 (original) to the user.

  When the user requests the SA to generate a copy of the electronic original, the SA inherits the original sequence ID and time stamp of the electronic original and newly generates an electronic original (copy) whose type attribute is changed to copy. The reason why the original series ID and the time stamp are inherited is to clearly identify the copy of the instance at the point of time. Then, the SA issues a document record R2 (copy) to the user as in the case of the electronic original (original).

  FIG. 11 shows how a plurality of original copies are independently managed by serial numbers given to the type attribute, and the user uniquely identifies them. When the user requests to generate a copy of the electronic original (original), the SA generates the electronic original (copy (1)) by the same process as in FIG. At this time, a serial number (1) is given to the copy of the type attribute.

  When the user requests to generate a copy of the electronic original again, the electronic original (copy (2)) is generated, and a serial number (2) is given to the copy of the type attribute. In addition, document records R2 and R3 are issued to the user for the electronic original copy (1) and copy (2), respectively. Thus, by giving a serial number to the copy of the type attribute, it becomes possible to independently manage the copy of each electronic original in the SA. In addition, the user can uniquely identify a copy of each electronic original using a document record.

Next, management of the physical location of a document will be described. Since the paper medium disappears from the original location when it is moved, it is possible to recognize where the original is physically located. However, even if the location of the original was managed using the original management book, it was not possible to guarantee the location (location) where the original should be. Similar to paper media, electronic documents have the following problems.
1. The location of the electronic document cannot be uniquely identified.
2. Since copying and moving can be performed easily, unauthorized copying and theft cannot be detected.

Therefore, SA performs the following processing on the electronic original to guarantee the location of the electronic original.
1. Information (physical ID) for physically specifying the location is given to the electronic original registered in the SA, and the location is uniquely specified.
2. An illegal copy is detected using the physical ID.

  In an environment where networks and offline systems coexist, it is expected that a plurality of SAs manage electronic originals. Therefore, the physical ID is composed of an SA-ID that identifies the SA and an address ID that indicates in which position in which medium in the SA. For example, a physical address on the medium is used as the address ID.

  FIG. 12 shows a state in which the location of the electronic original is specified by the physical ID and an unauthorized copy is detected. PID1, which is a physical ID of the electronic document D1, is composed of an SA-ID and an address ID (AID1) of the document storage unit 36, and the physical ID is added to the electronic document D1. The electronic document D2 and the electronic document D3 are electronic originals that are normally stored using AID2 and AID3 as address IDs, respectively.

  The physical ID table is held in the physical ID creation unit 37 of FIG. 4 and stores the correspondence between each electronic document and the physical ID generated from its address ID. The physical IDs of the electronic documents D1, D2, and D3 are PID1, PID2, and PID3, respectively.

  Here, when the administrator or the like illegally copies the electronic document D1, the copied electronic document D1-C is stored in a place where AID4 is an address ID. In this case, the physical ID of the electronic document D1-C is PID1, and the physical ID registered in the physical ID table is PID4 composed of SA-ID and AID4. Therefore, if both physical IDs are compared, it can be seen that they are different, and an unauthorized copy is detected. Note that when an unauthorized copy is made to another SA, the SA-ID is different, and thus the unauthorized copy is detected in the same manner.

Next, FIG. 13 shows an example of changes in various types of identification information in the original sequence. In FIG. 13, the identification information is changed by the following procedure.
P1: Registration At time T1, the user registers the electronic document D1-1 in SA1. SA1 firstly assigns SID1 as an original sequence ID as a registration process. This original sequence ID uniquely identifies a sequence whose original state changes. Second, T1 is allocated as a time stamp. By this time stamp, the instance at each time point in the original sequence is uniquely identified. Third, the original is set as the type attribute. The type attributes of the electronic document registered in the SA are all original.

Then, SA1 logically uniquely identifies the original at each time point based on these identification information, that is, the original sequence ID, the time stamp, and the type attribute. Fourth, PID1 is allocated as a physical ID. With this physical ID, the location of the electronic document is clarified, and unauthorized copying is detected.
P2: Update (status change)
At time T2, the user updates the electronic document D1-1 and generates the electronic document D1-2. Thereby, the state of the original changes. At this time, the original sequence ID and the type attribute are not changed, and electronic originals to which T2 and PID2 are assigned as new time stamps and physical IDs are created.
P3: Copy creation The user creates a copy of the electronic document D1-2. At this time, the original sequence ID and the time stamp are not changed, and electronic originals to which copy (1) and PID3 are allocated as new type attributes and physical IDs are created. The time stamp is not changed in order to clearly identify that it is a copy at a certain point in the original series. The time when the copy was created is held as management information such as history. Further, a serial number is assigned to the copy attribute, and an instance of each copy is managed.
P4: Movement At time T3, the user moves the electronic document D1-2 from SA1 to SA2. At this time, the original sequence ID and the type attribute are not changed, and electronic originals to which T3 and PID4 are assigned as new time stamps and physical IDs are created. Since the physical ID includes an ID that uniquely identifies the SA, this can be used to detect unauthorized movement of the electronic document.

Next, the process performed in SA is demonstrated in detail. FIG. 14 shows how the identification ID is generated. Here, processing is performed in the following procedure. P1: Logical identification ID creation request Upon receiving an electronic document registration request, the original document series management unit 34 makes a logical identification ID creation request to the security hardware.
P2: Request At the time of request, the original sequence management unit 34 gives the security hardware a type attribute that specifies whether the request is for the original original or the request for the copy original. In the case of a copy original, a logical identification ID of the original copy source is also given.
P3: Logical Identification ID Generation The security hardware includes the cryptographic processing unit 38, the key holding unit 39, the identification ID creation unit 40, the time generation unit 41, the device ID holding unit 42, and the incremental counter 43 shown in FIG.

The identification ID creation unit 40 generates an original sequence ID 61 from the device ID held by the device ID holding unit 42 and the counter value held by the incrementer counter 43, and a real-time clock (RTC) in the time generation unit 41. A time stamp 63 is generated from the time output by. Then, these pieces of information are linked with the type attribute 62 designated by the original sequence management unit 34 to generate a logical identification ID. In the case of a copy original, a logical identification ID is generated by inheriting the original sequence ID and time stamp included in the given logical original ID.
P4: SA Signature The cryptographic processing unit 38 uses the SA individual key 64 held in the key holding unit 39 to generate an SA digital signature for the information linked in P3. The SA digital signature corresponds to a MAC (Message Authentication Code) created with the SA individual key 64. The cryptographic processor 38 concatenates the MAC value to the information concatenated in P3, and generates a final logical identification ID 66 that logically identifies the electronic document. In FIG. 14, SA surrounded by a circle represents that the generated information includes the digital signature of SA.
P5: Logical identification ID response The cryptographic processing unit 38 returns the logical identification ID 66 to the original sequence management unit 34 as a security hardware processing result for the logical identification ID creation request.
P6: Electronic Document Storage The file system includes a document storage unit 36 and a physical ID creation unit 37. The original sequence management unit 34 stores the electronic document in the document storage unit 36 in the file system using the returned logical identification ID 66 as a file name.
P7: Identification ID creation request The original sequence management unit 34 makes an identification ID creation request to the security hardware. At this time, the physical ID 67 is acquired from the physical ID creation unit 37, and the logical identification ID 66 and the physical ID 67 are given to the security hardware.
P8: SA Signature The cryptographic processing unit 38 generates an SA signature for information obtained by concatenating the logical identification ID 66 and the physical ID 67 using the SA individual key 64. Then, the information obtained by concatenating the logical identification ID 66 and the physical ID 67 is concatenated with the SA signature to generate the identification ID 68. P9: Identification ID response The cryptographic processing unit 38 obtains the processing result of the security hardware in response to the identification ID creation request. An identification ID 68 is returned.
P10: The identification ID is stored in the management information. The identification ID 68 is stored as the electronic original management information.

FIG. 15 shows how an electronic document is stored in SA. Here, processing is performed in the following procedure.
P1: The original sequence management unit 34 acquires the electronic document 71 and the registration information 72 from the client, and instructs the security hardware to generate an identification ID. The registration information 72 includes a user ID and a user's electronic document name.
P2: The security hardware generates an identification ID 68 and returns it to the original sequence management unit 34.
P3: The original sequence management unit 34 associates the electronic document 71, the registration information 72, and the management information 73 with the identification ID 68 and concatenates these pieces of information. The management information 73 includes SA connection destination information.
P4: The original sequence management unit 34 instructs the security hardware to generate falsification detection information. At this time, information obtained by connecting the electronic document 71, the registration information 72, and the management information 73 is given to the security hardware.
P5: The security hardware generates an SA signature for the received information using the SA individual key 64. Then, it is added to the management information as falsification detection information, and an electronic original 74 is generated.
P6: The security hardware returns the electronic original 74 as a processing result.
P7: The original sequence management unit 34 registers the electronic original 74 as the original in the file system.

FIG. 16 shows how a document record is generated. Here, processing is performed in the following procedure.
P1: Document record information shaping The original sequence management unit 34 acquires the identification ID and SA connection destination information from the management information of the electronic original 74, and the user ID and the electronic document of the user from the registration information of the electronic original 74. The name is acquired, and the acquired information is passed to the registration certificate creation unit 35 in FIG. The registration certificate creation unit 35 formats the received information as document record information 81 and returns it to the original sequence management unit 34.
P2: Document record creation instruction The original sequence management unit 34 gives the electronic document 71 and the document record information 81 to the security hardware, and instructs the creation of the document record.
P3: Hash value calculation The cryptographic processor 38 in the security hardware calculates a hash value 82 of the electronic document 71.
P4: Hash value concatenation The cryptographic processing unit 38 concatenates the hash value 82 with the document record information 81.
P5: Falsification detection information generation The cryptographic processing unit 38 generates falsification detection information using the SA individual key 64 and links the falsification detection information to the document record information 81 in the same manner as in the process of FIG. 83 is generated.
P6: Document record response The encryption processing unit 38 returns the document record 83 to the original sequence management unit 34 as a processing result.
P7: The original sequence management unit 34 transmits the document record 83 to the client.

Next, registration, search, document record verification, identity verification, update, movement, check-out / check-in, and state transition acquisition, which are basic functions of SA, will be described.
FIG. 17 shows how electronic documents are registered. Registration refers to registering an electronic document generated by a client as an original in the SA. Here, processing is performed in the following procedure.
P1: The client creates an electronic document 71 having a file name 91, and creates service-dependent information as registration information 72, such as attributes such as confidentiality and storage period.
P2: The client encrypts the file name 91, the electronic document 71, and the registration information 72 with the session key between the client and the SA, and transmits it to the SA. In FIG. 17, the character “S” enclosed in a circle indicates that the information is encrypted with the session key.
P3: The SA decrypts the received information, automatically generates management information including an identification ID, creation date and time, falsification detection information, and the like for the electronic document 71. The generated information is the electronic document 71 and the registration information 72. To create an original 74 of the original. P4: SA issues a document record 83 as a result of registration. The document record 83 includes information as shown in FIG. Among these, as the SA connection destination information, for example, an SA alias name is used. Basically, other processing is performed using this document record 83.
P5: The SA encrypts the document record 83 with the session key and notifies the client.
P6: The client decrypts the received information, associates the document record 83 with the file name 91, and updates the information.

FIG. 18 shows how electronic documents are searched (referenced). The search is to retrieve an electronic document stored in the SA using document record information (identification ID) as a key. Here, processing is performed in the following procedure.
P1: The client selects the document record 83 of the electronic document to be searched, and confirms the SA to be accessed from the connection destination information.
P2: The client sends the document record 83 to the SA.
P3: SA searches the original 74 using the identification ID of the document record 83 as a key.
P4: The SA notifies the client of the electronic document of the retrieved original 74.
P5: The client associates the received electronic document with the file name 91 and updates the information.

FIG. 19 shows how document records are verified. The document record verification is to verify whether or not the document record held in the client is the latest. In FIG. 19, the state of the electronic original in the SA has been changed by updating or the like, and the latest document record is newly notified. Here, processing is performed in the following procedure.
P1: The client selects an electronic document to be verified. Here, the electronic document 93 with the file name 92 is selected.
P2: The client sends the document record 94 of the electronic document 93 to the SA.
P3: The SA retrieves the original sequence ID from the identification ID of the document record 94 sent from the client, and searches for the electronic original 95 with the latest time stamp in the original sequence corresponding to the original sequence ID. Then, the identification ID of the electronic original 95 and the identification ID of the document record 94 are compared. If they match, it can be seen that the document record 94 is the latest, and if they do not match, it can be seen that the state of the electronic original has changed.
P4: SA detects that the state of the electronic original has changed, and creates the latest document record 96.
P5: The SA notifies the client of the latest document record 96.
P6: The client associates the notified document record 96 with the file name 91 and updates the information. Thereafter, when the latest electronic document is acquired, the electronic document is acquired by the search process of FIG. 18 using the document record 96.

FIG. 20 shows the state of identity verification. The identity verification is to verify whether or not the electronic document stored in the client and the electronic original in the SA are the same. Here, processing is performed in the following procedure.
P1: The client selects the electronic document 93 and document record 94 to be verified.
P2: The client sends the document record 94 and the electronic document 93 to the SA.
P3: The SA calculates the falsification detection information of the electronic document 93 sent from the client and compares it with the falsification detection information of the electronic original 97 in the SA indicated by the document record 94 to verify whether or not they are the same. To do.
P4: The SA signs the verification result 98 and notifies the client.
P5: The client confirms the verification result 98.

FIG. 21 shows how the electronic document is updated. Update refers to associating an electronic document in a client corresponding to an electronic document in the SA with an electronic document in the SA as an updated document. Here, processing is performed in the following procedure.
P1: The client creates an electronic document D2 as an update document, and selects registration information G2 related to the document record R1, electronic document D2, and electronic document D2 of the electronic document D1 to be updated.
P2: The client sends the document record R1, the electronic document D2, and the registration information G2 to the SA.
P3: SA acquires the electronic original O1 corresponding to the document record R1, updates the time stamp portion of ID1 that is the identification ID, and generates ID2 as a new identification ID. Then, the electronic document D2 is registered in association with ID2, and the electronic original O2 is generated. At this time, the management information M1 and registration information G1 of the electronic original O1 are updated to become management information M2 and registration information G3, respectively. The registration information G3 includes registration information G1 and registration information G2.
P4: SA creates the document record R2 of the updated electronic original O2.
P5: SA notifies the client of document record R2.
P6: The client associates the document record R2 with the file name of the electronic document D2, and updates the information.

22 and 23 show how the electronic document is moved. The movement is to move the electronic document in the SA to another SA. Depending on the service form, the information of the electronic document of the movement source may be left or deleted. Here, it is assumed that the information of the electronic document of the movement source is left, and processing is performed in the following procedure.
P1: The client selects the electronic document D1 to be moved and the destination SA. The list of destination SAs is indicated from the source SA as required.
P2: The client sends information 101 specifying the document record R1 of the electronic document D1 and the destination SA to the source SA.
P3: The source SA performs an export process on the electronic document D1 of the electronic original O1 indicated by the document record R1. First, an electronic document D1 whose identification ID is ID1, management information M1, and registration information G1 are connected. Next, falsification detection information is generated for the concatenated data using a common key (individual shared key, group shared key, etc.) shared by the destination SA and the source SA. Then, the tamper detection information is linked with the original linked data to generate packed data 102.
P4: The migration source SA sends the packed data 102 to the migration destination SA.
P5: The migration destination SA verifies whether the packed data 102 has been tampered with and performs import processing. In this process, the packed data 102 is unpacked, and the electronic document D1, management information M1, and registration information G1 are extracted.
P6: The destination SA updates the time stamp and physical ID of ID1, and generates ID2 that is an identification ID having a different time stamp and physical ID.
P7: The destination SA sends a non-repudiation record 103 and ID2 to the source SA as a non-repudiation process by the three-way handshake.
P8: The migration source SA updates the received ID2 time stamp to generate ID3, and registers the hash value 104 of the electronic document D1 as the information (electronic original O3) of the moved electronic document in association with ID3. The electronic original O3 includes management information M3 to which ID2 that is the identification ID of the destination is added, and registration information G1.
P9: The migration source SA sends a non-repudiation prevention record 103 to the migration destination SA as a non-repudiation prevention process by the 3-way handshake.
P10: The movement destination SA registers the electronic document D1 as the moved electronic document (electronic original O2) in association with ID2. The electronic original O2 includes management information M2 to which ID1 that is an identification ID of the transfer source is added, and registration information G1.
P11: The source SA generates a document record R3 including information on ID2.
P12: The source SA sends the document record R3 to the client.
P13: The destination SA generates a document record R2 including ID1 information.
P14: The migration destination SA transmits the document record R2 to the client.
P15: The client associates the document records R2 and R3 with the file name of the electronic document D1, and updates the information.

FIG. 24 shows a state of check-out and check-in. Checkout is to lock the original registered in the SA according to a request from the user so that the state of the original is not changed until a check-in request is made. Check-in means that the original is unlocked in response to a request from the user. Here, processing is performed in the following procedure.
P1: The client selects the electronic document D1 to be checked out.
P2: The client sends a document record R1 of the electronic document D1 to the SA and requests a checkout.
P3: SA performs a checkout process. First, a checkout attribute is given to the management information M1 of the electronic original O1 including the electronic document D1, and the time stamp of ID1, which is an identification ID, is updated to generate ID2 having a different time stamp. Then, a document record R2 having a checkout attribute is created.
P4: The SA notifies the client of the document record R2.
P5: The client updates the electronic document D1 to the electronic document D2. This update process can be performed not only on the client but also on the electronic document with ID 2 in the SA using the update function. The update process may be performed a plurality of times.
P6: The client sends the document record R2, the final electronic document D2, and the registration information G2 of the electronic document D2 to the SA, and requests check-in.
P7: SA performs check-in processing. First, the time stamp of ID2 is updated to generate ID3, and the management information M2 is generated by adding a check-in attribute to the management information M1. Then, the electronic document D2 is registered as the electronic original O2.
P8: SA creates a document record R3 having a check-in attribute.
P9: SA notifies the client of the document record R3.
P10: The client updates the information by associating the document record R3 with the file name of the electronic document D2.

FIG. 25 shows a state transition acquisition. The state transition acquisition is acquisition of state transition information indicating how the state of the electronic original pointed to by the document record has transitioned. The state transition information corresponds to the history of operations performed on the electronic original and is held as part of the management information. Here, processing is performed in the following procedure.
P1: The client selects an electronic document 93 from which state transition information is to be acquired.
P2: The client sends the document record 94 of the electronic document 93 to the SA.
P3: The SA acquires the state transition information 105 from the latest management information of the electronic original 97 in the SA indicated by the document record 94.
P4: The SA notifies the client of the state transition information 105.
P5: The client confirms the contents of the state transition information 105.

  FIG. 26 shows an example of state transition information. In this state transition information, at 12:00 on February 17, 1998, user A registers the original in SA1, and at 14:00, user B moves the original from SA1 to SA2, and at 15:00. It is recorded that user C made a copy of the original and user D moved the original from SA2 to SA3 at 16:00. Therefore, the user can trace the state of the electronic original from the time of registration to the present by referring to the state transition information.

  In the embodiment described above, an electronic important document is mainly registered in the SA as an electronic document. However, in addition to this, arbitrary electronic information in an arbitrary format can be registered in the SA. . For example, audio data, image data, video data, etc. can be registered and managed in the same way as an electronic document.

  Incidentally, the SAs 11 and 21, the client 12, and the terminal 22 in FIG. 3 can be configured using an information processing apparatus (computer) as shown in FIG. 27, for example. 27 includes a CPU (central processing unit) 111, a memory 112, an input device 113, an output device 114, an external storage device 115, a medium driving device 116, and a network connection device 117, which are connected via a bus 118. Are connected to each other.

  The memory 112 includes, for example, a ROM (read only memory), a RAM (random access memory), and the like, and stores programs and data used for processing. For example, the original sequence management unit 34 and the registration certificate creation unit 35 shown in FIG. 4 are stored in the memory 112 as program modules. The CPU 111 performs necessary processing by executing a program using the memory 112.

  The input device 113 is, for example, a keyboard, a pointing device, a touch panel, or the like, and is used for inputting an instruction or information from a user or an administrator. The output device 114 is, for example, a display, a printer, a speaker, or the like, and is used for outputting an inquiry to a user or an administrator and a processing result.

  The external storage device 115 is, for example, a magnetic disk device, an optical disk device, a magneto-optical disk device, or the like. The information processing apparatus stores the above-described program and data in the external storage device 115, and can use them by loading them into the memory 112 as necessary. The external storage device 115 is also used as the document storage unit 36 and the physical ID creation unit 37 in FIG.

  The medium driving device 116 drives the portable recording medium 119 and accesses the recorded contents. As the portable recording medium 119, an arbitrary computer-readable recording medium such as a memory card, a flexible disk, a CD-ROM (compact disk read only memory), an optical disk, or a magneto-optical disk is used. The user can store the above-described program and data in the portable recording medium 119 and load them into the memory 112 for use as necessary. The portable recording medium 119 is also used as the secure medium 16 in FIG.

  The network connection device 117 communicates with an external device via an arbitrary network (line) such as a LAN (local area network) and performs data conversion accompanying the communication. The information processing apparatus can receive the above-described program and data from an external apparatus via the network connection apparatus 117 and use them by loading them into the memory 112 as necessary. The network connection device 117 corresponds to, for example, the network interface 31 in FIG.

  FIG. 28 shows a computer-readable recording medium that can supply a program and data to the information processing apparatus of FIG. Programs and data stored in the portable recording medium 119 or the external database 120 are loaded into the memory 112. Then, the CPU 111 executes the program using the data and performs necessary processing.

It is a principle figure of the electronic original management apparatus of this invention. It is a figure which shows an electronic original model. It is a block diagram of an electronic original management system. It is a block diagram of a secure archiver. It is a flowchart of a process of a secure archiver. It is a figure which shows a document record. It is a figure which shows management of an original series. It is a figure which shows time series management. It is a figure which shows the identification of an original and a copy. It is a figure which shows the management by a type attribute. It is a figure which shows management of multiple copies. It is a figure which shows the detection of an unauthorized copy. It is a figure which shows the change of identification information. It is a figure which shows the production | generation of identification ID. It is a figure which shows storage of an electronic document. It is a figure which shows the production | generation of a document record. It is a figure which shows a registration process. It is a figure which shows a search process. It is a figure which shows a document record verification process. It is a figure which shows an identity verification process. It is a figure which shows an update process. It is FIG. (1) which shows a movement process. It is a figure (the 2) which shows a movement process. It is a figure which shows a check-out / check-in process. It is a figure which shows a state transition acquisition process. It is a figure which shows state transition information. It is a block diagram of information processing apparatus. It is a figure which shows a recording medium.

Explanation of symbols

DESCRIPTION OF SYMBOLS 1 Registration means 2 Giving means 3 Management means 4 Issuing means 11, 21 Secure archiver 12 Service client 13 Local environment 14, 74, 95, 97, O1, O2, O3 Original original 15, 83, 94, 96, R1, R2 , R3 document record 16 secure medium 22 user terminal 31 network interface 32 request interpretation unit 33 response creation unit 34 original sequence management unit 35 registration certificate creation unit 36 document storage unit 37 physical ID creation unit 38 encryption processing unit 39 key holding unit 40 Identification ID creation unit 41 Time generation unit 42 Device ID holding unit 43 Incremental counter 51, 82, 104 Hash value 52, 68 Identification ID
53 User's electronic document name 54 User ID
55 SA connection destination information 56 SA signature 61, SID1, SID2 Original sequence ID
62 Type attribute 63 T1, T2, T3, T4, T5 Time stamp 64 SA individual key 66 Logical identification ID
67, PID1, PID2, PID3, PID4 Physical ID
71, 93, D1, D1-1, D1-2, D1-3, D1-4, D1-5, D1-C, D2, D2-1, D2-2, D2-3, D2-4, D2- 5 Electronic document 72, G1, G2, G3 Registration information 73, M1, M2, M3 Management information 81 Document record information 91, 92 File name 98 Verification result 101 Information on destination SA 102 Packed data 103 Non-repudiation record 105 State transition information 111 CPU
112 memory 113 input device 114 output device 115 external storage device 116 medium drive device 117 network connection device 119 portable recording medium 120 database S1, S2 original series AID1, AID2, AID3, AID4 address ID

Claims (22)

Registration request receiving means for receiving electronic information and a request for registering the electronic information as original information;
A granting unit for giving electronic information identification information for uniquely identifying the electronic information as original information registered in an electronic original management device ;
Registration means for registering the electronic information as the original information and the electronic information identification information in association with each other;
The electronic information is converted by a one-way function , and includes the electronic information identification information, a conversion result of the electronic information by the one-way function , and a document name of the electronic information for accessing the original information. Issuing means for issuing registration certificate information to be used;
Registration certificate transmitting means for transmitting the issued registration certificate information to a registration request source of the original information;
An electronic original management apparatus comprising: The assigning means assigns , to the electronic information , combination identification information based on a combination of logical identification information including the electronic information identification information and location identification information indicating the location of the electronic information in the registration means, The registration means registers the electronic information as the original information in association with the combination identification information, and the issuing means registers the registration certificate information including the combination identification information, the conversion result , and the document name. The electronic original management apparatus according to claim 1, wherein the electronic original management apparatus issues the electronic original. Receiving means for receiving registration certificate information;
Search means for searching for the original information using combination identification information included in the received registration certificate information;
3. The electronic original management apparatus according to claim 2, further comprising transmission means for transmitting the retrieved original information to a registration certificate information transmission source.   The electronic original management apparatus according to claim 2, wherein the registration certificate information includes connection destination information of an electronic original management apparatus in which the original information is registered.   The location identification information includes device identification information of the electronic original management device, a medium in which the original information is registered in the electronic original management device, and a physical address indicating a position on the medium. 2. An electronic original management apparatus according to 2. The logical identification information includes type attribute information for identifying whether the electronic information is an original or a copy,
When the granting unit accepts a request to register electronic information as an original, it gives combination identification information based on a combination of logical identification information including type attribute information indicating that the electronic information is original and the location identification information. And
When a request for creating a copy of the original information is received, combination identification information based on a combination of logical identification information including type attribute information indicating that the electronic information is a copy and the location identification information is given. The electronic original management apparatus according to claim 2.   3. The electronic original management apparatus according to claim 2, wherein the combination identification information is digitally signed using an individual key unique to the electronic original management apparatus. The electronic original management according to claim 2, wherein the issuing means digitally signs the combination identification information, the conversion result, and the document name using an individual key unique to the electronic original management apparatus. apparatus. In order for the electronic original management device to generate a series of instances of original information in accordance with a change in state of the original information, and to handle the series of instances as one original series,
The logical identification information includes a combination of identification information of the electronic original management device and the electronic information identification information as original sequence identification information for uniquely identifying the original sequence, and uniquely identifies an instance in the original sequence 3. The electronic original management apparatus according to claim 2, wherein the instance identification information includes time stamp information when a state change is made with respect to the original information . When the state changes to the original information has been performed for the state change original copy information, the same original sequence identity with the original sequence identification information included in the logical identification information of the original information, the newly generated time A means for adding combination identification information based on a combination of logical identification information including instance identification information that is stamp information and location identification information indicating the location of the original information whose state has been changed, and registering as new original information The electronic original management apparatus according to claim 9, further comprising: Receiving means for receiving registration certificate information;
Search means for searching for original information to which instance identification information that is time stamp information indicating that it is the latest among the original series corresponding to the original series identification information included in the received registration certificate information;
Comparing means for comparing the instance identification information of the retrieved original information with the instance identification information included in the received registration certificate information;
And a transmission unit configured to transmit registration certificate information based on the retrieved original information to a registration certificate information transmission source when the instance identification information compared by the comparison unit does not match. 9. An electronic original management apparatus according to 9.   When original information is moved from another electronic original management apparatus, new combination identification information is generated and the original information is recorded, and the generated combination identification information is transmitted to the other electronic original management apparatus. The electronic original document management apparatus according to claim 2. An electronic original access device connected so as to be capable of bidirectional communication with an electronic original management device registered as original information.
Transmitting means for transmitting a registration request for registering electronic information as original information to the electronic original management device;
From the electronic original management device, converting the electronic information electronic information identification information for uniquely identifying the original document information registered in the electronic original management device, the electronic original management device the electronic information in a one-way function Receiving means for receiving registration certificate information including the converted result and the document name of the electronic information ;
Recording means for recording the registration certificate information;
Access means for accessing original information registered in the electronic original management device by sending the registration certificate information to the electronic original management device;
An electronic original access device comprising: The transmitting means transmits the electronic information document name included in the registration request,
The recording means records the document name transmitted by the transmitting means in association with the received registration certificate information,
14. The access unit according to claim 13 , wherein the access unit sends registration certificate information recorded corresponding to the selection of the document name to the electronic original management apparatus to access the original information. Electronic original access device. 15. The electronic original access apparatus according to claim 14 , wherein the access means refers to original information registered in the electronic original management apparatus. Included in the registration certificate information in order for the electronic original management device to generate a series of instances of original information in response to a change in state of the electronic information registered as the original, and to handle the series of instances as one original series The identification information includes a combination of identification information of the electronic original management device and electronic information identification information as original sequence identification information for uniquely identifying the original sequence, and an instance for uniquely identifying an instance in the original sequence As identification information, it is configured to include time stamp information when a state change is made to the electronic information ,
When receiving from the electronic original management apparatus the notification that the registration certificate information is not the latest in the original series and the latest registration certificate information, accessing the electronic original management apparatus using the received registration certificate information 14. The electronic original access device according to claim 13 , wherein the electronic original access apparatus is configured to receive the latest original information in the original series. Computer
Registration request receiving means for receiving electronic information and a registration request for the electronic information;
A granting unit for giving electronic information identification information for uniquely identifying the electronic information as original information registered in the computer ;
Registration means for registering the original information as the electronic information in association with the electronic information identification information;
The electronic information is converted by a one-way function , and includes the electronic information identification information, a conversion result of the electronic information by the one-way function , and a document name of the electronic information for accessing the original information. Issuing means for issuing registration certificate information to be used;
Registration certificate transmitting means for transmitting the issued registration certificate information to a registration request source of the electronic information;
Program to function as. Computer
Registration request receiving means for receiving electronic information and a request for registering the electronic information as an original;
A granting unit for giving electronic information identification information for uniquely identifying the electronic information as original information registered in the computer ;
Registration means for registering the original information as the electronic information in association with the electronic information identification information;
The electronic information is converted by a one-way function , and includes the electronic information identification information, a conversion result of the electronic information by the one-way function , and a document name of the electronic information for accessing the original information. Issuing means for issuing registration certificate information to be used;
Registration certificate transmitting means for transmitting the issued registration certificate information to a registration request source of the electronic information;
The computer-readable recording medium which recorded the program for functioning as. A computer connected to an electronic original management apparatus registered as electronic information as original information so as to be capable of bidirectional communication.
Transmitting means for transmitting a request for registering electronic information as an original to the electronic original management device;
Wherein the electronic original management device, identification information for uniquely identifying the electronic information as original document information registered in the computer, the conversion result of the electronic original management apparatus has to convert the electronic information in the one-way function, and the Receiving means for receiving registration certificate information including a document name of electronic information ;
Recording means for recording the registration certificate information;
Access means for accessing original information registered in the electronic original management device by sending the registration certificate information to the electronic original management device;
Program to make it function. A computer connected to an electronic original management apparatus registered as electronic information as original information so as to be capable of bidirectional communication.
Transmitting means for transmitting a request for registering electronic information as an original to the electronic original management device;
Wherein the electronic original management device, identification information for uniquely identifying the electronic information as original document information registered in the computer, the conversion result of the electronic original management apparatus has to convert the electronic information in the one-way function, and the Receiving means for receiving registration certificate information including a document name of electronic information ;
Recording means for recording the registration certificate information;
Access means for accessing original information registered in the electronic original management device by sending the registration certificate information to the electronic original management device;
A computer-readable recording medium having recorded thereon a program for causing it to function. Registration request receiving means for receiving electronic information and a request for registering the electronic information as original information;
A granting unit for giving electronic information identification information for uniquely identifying the electronic information as original information registered in an electronic original management system ;
Registration means for registering the electronic information as the original information and the electronic information identification information in association with each other;
The electronic information is converted by a one-way function , and includes the electronic information identification information, a conversion result of the electronic information by the one-way function , and a document name of the electronic information for accessing the original information. Issuing means for issuing registration certificate information to be used;
Registration certificate transmitting means for transmitting the issued registration certificate information to a registration request source of the original information;
An electronic original management system comprising: A computer receiving electronic information and a registration request for the electronic information;
A step of giving electronic information identification information for uniquely identifying the electronic information as original information registered in the computer to the electronic information;
The computer registers the original information as the electronic information and the electronic information identification information in association with the recording means;
A computer converts the electronic information with a unidirectional function , and includes the electronic information identification information, a conversion result of the electronic information with the unidirectional function , and a document name of the electronic information , and access to the original information Issuing registration certificate information used for
A computer transmitting the issued registration certificate information to a registration request source of the electronic information;
The electronic original management method characterized by performing.

Images