JP4248447B2 - Information processing apparatus, information processing system, information processing method, and program - Google Patents

Description

  The present invention relates to an information processing apparatus, an information processing system, an information processing method, and a program capable of managing and providing a data file such as a form file in consideration of security.

  In recent years, electronic form systems have been used. If the employee's salary details and the like are managed by a single form file in the electronic form system, access control cannot be applied to each employee at present. Accordingly, when a user refers to the form file, all pages can be referred to, so that the salary details of all employees can be seen. For this reason, only managers can handle form files that manage personal information such as salary details, but employees cannot.

  However, personal information to be notified to employees, such as salary details, requires the creation of a salary statement by extracting each employee's page from the monthly report file. If it can be handled, it is possible to save the administrator from having to create a pay statement.

  Therefore, there is a method of dividing the form file for each employee when taking the form data from the host so that the employee can handle the form file while protecting the personal information. For example, in a company with 1000 employees, the form file is divided into 1000 as shown in FIG. If the form file is divided in this way and access control is performed for each form file, each employee can refer only to his / her personal information.

  However, according to the above method, it takes time to register the form file because division processing is performed when registering the form file, and the number of form files increases because the form file is created for each page of each employee. This causes a problem of consuming resources of the electronic form system.

  In addition, because the form file is divided, when the administrator tries to refer to / search the entire form file, it is necessary to refer to / search all the form files, which takes time and processing time. It will be. Therefore, in order to solve such a problem, a method of performing access control for each page of each employee without dividing the form file is necessary.

  Patent Document 1 discloses a technology related to a file security system that can maintain security and can easily search for data from a common file. According to this system, by assigning security information to a document file for each page, section unit or area, it is possible to control pages that can be referred to in the document file according to the user's access authority. In addition, this file security system can specify not only specific areas of individual document files but also specific forms by adding security information to specific areas of fixed forms for document files that also have fixed form information. It is also possible to grant viewing authority only to the area.

JP 2002-268944 A

  However, the above file security system provides security information to a specific area of a fixed form for each page, section unit or area of a document file in an environment where a plurality of users refer to a document file such as a common FAX. Although the access control is performed by this method, nothing has been done to the document file itself, so when the document file is leaked, if the assigned security information is removed, There is a problem that information is seen.

  In addition, the file security system performs access control by assigning security information to a document file received by FAX or the like. Since there is no particular consideration when receiving, even if there is a series of document files that are sent regularly, they are saved as separate files, so it is troublesome to refer collectively. There is a problem that it takes.

  Therefore, an object of the present invention is to enable access control to a data file without dividing the data file, to prevent consumption of system resources of the information processing apparatus, and to save time and effort when the user refers to and searches the data file. In addition to reducing this, it is also intended to improve security when a data file is leaked.

An information processing apparatus according to the present invention is input with area information recording means for recording position information of an area for performing access control on a form file and position information of an area in which characters used for authentication are arranged in a position information table. Extraction means for extracting form data arranged in an area for performing the access control recorded in the area information recording means of each page from form data arranged in a plurality of pages constituting the form file. A first recording unit that records the form data extracted by the extraction unit and a page on which the extracted form data is arranged as a security information file, and a form data that forms the form file. among them, form data other than document data located in the area to perform the access control which is extracted by the extraction means Included in the access instruction received by the access instruction accepting means and the second instruction means for recording the information separately from the security information file, the access instruction accepting means for accepting an access instruction for the form file from the client and identification information of the user, by using the characters that the characters used for authentication is stored in the position information table arranged in the region arranged in the form file that is accepted the access instruction, from the security information files the user specifies a page accessible form data is stored, the specified acquiring means for acquiring the form data of the pages, the document file that has received the access instruction by the access instruction accepting means, said utilization Stored by the area information recording means of the page accessible by the user The form data extracted by the extracting means is displayed on the client terminal in the area to be stored, and the area stored by the area information recording means on the page other than the page accessible by the user is extracted by the extracting means. The page accessible by the user is recorded in the form data of the page acquired by the acquisition unit and the second recording unit so that the form data is not displayed on the client terminal. Synthesize the form data and output the form data recorded in the second recording means without using the form data extracted by the extracting means for pages other than the page accessible by the user And synthesize and output the form data of all the pages of the form file that has received the access instruction . Synthesizing means, and transmitting means for transmitting the form data synthesized by the synthesizing means to the client.
An information processing system of the present invention is an information processing system in which an information management apparatus that manages form data constituting an input form file and one or a plurality of information processing apparatuses can communicate with each other via a communication network. Area information recording means for recording, in a position information table, position information of an area for controlling access to a file and position information of an area where characters used for authentication are arranged, and a plurality of pages constituting the input form file Extracting from the form data respectively arranged in the area information recording means of each page the form data arranged in the area for performing the access control, and the form extracted by the extracting means and data, in association with the page form data to be issued the extract is placed serial as security information file First recording means for, out of the form data constituting the document file, the document data other than document data located in the area to perform the access control which is extracted by the extraction means, wherein the security information files and the Second recording means for recording separately, access instruction receiving means for receiving an access instruction for the form file from a client, user identification information included in the access instruction received by the access instruction receiving means , by using the character the character to be used in authentication is stored in the position information table of the form file that has received the access instruction is placed in the area to be placed, the user-accessible form from the security information files identify the page data is stored, the form data of the page where the specific An acquisition unit Tokusuru, the form file that has received the access instruction by the access instruction accepting means, in a region where the user is stored by the area information recording means accessible pages extracted by the extraction means form Data is displayed on the client terminal, and the form data extracted by the extracting unit is not displayed on the client terminal in an area stored by the area information recording unit of a page other than the page accessible by the user. For the page accessible by the user, the form data of the page acquired by the acquisition unit and the form data recorded in the second recording unit are combined, and the user accesses For pages other than possible pages, they were extracted by the extraction means. A synthesis unit that synthesizes and outputs the form data of all pages of the form file that has received the access instruction by outputting the form data recorded in the second recording unit without using the form data; And sending means for sending the form data synthesized by the means to the client.
The information processing method of the present invention includes an area information recording step for recording, in a position information table, position information of an area for performing access control on a form file and position information of an area in which characters used for authentication are arranged. An extraction step of extracting form data arranged in an area for performing the access control recorded in the area information recording step of each page from form data arranged in a plurality of pages constituting the form file. A first recording step for associating the form data extracted by the extraction step with a page on which the extracted form data is arranged and recording it as a security information file; and for the form data constituting the form file among them, they are arranged in the area for performing the access control which is extracted by the extraction step Accepted by a second recording step for recording form data other than the form data separately from the security information file, an access instruction accepting step for accepting an access instruction for the form file from a client, and the access instruction accepting step Using the identification information of the user included in the access instruction and the character arranged in the area where the character used for authentication stored in the position information table of the form file that accepted the access instruction is arranged , wherein the user from the security information file identifies the page accessible form data is stored, it accepted an acquisition step of acquiring document data of the page where the specified access instruction by the access instruction accepting step the form file, the user can access In the area stored by the area information recording step of the active page, the form data extracted by the extraction step is displayed on the client terminal, and the area information recording step of the page other than the page accessible by the user In order to prevent the form data extracted in the extraction step from being displayed on the client terminal in the area stored by the above, for the page accessible by the user, the form data of the page acquired in the acquisition step And the form data recorded in the second recording step, and for the pages other than the page accessible by the user, the second data is not used without using the form data extracted in the extraction step. Output the form data recorded by the recording step The composition step of combining and outputting the form data of all pages of the form file that has received the access instruction, and the transmission step of transmitting the form data combined in the combining step to the client. To do.
The program according to the present invention includes a region information recording unit that records, in a location information table, location information of a region in which access control to a form file is performed and location information of a region in which characters used for authentication are arranged Extraction means for extracting form data arranged in the area for performing the access control recorded in the area information recording means of each page from the form data arranged in each of a plurality of pages constituting the form file; Of the form data constituting the form file, the first recording means for recording the form data extracted by the extracting means and the page on which the extracted form data is arranged in association with each other, form data other than document data located in the area to perform the access control which is extracted by the extraction means Second recording means for recording separately from the security information file, access instruction receiving means for receiving an access instruction for the form file from a client, and use included in the access instruction received by the access instruction receiving means using the user identification information, and a character that character used for authentication stored in the position information table of the form file that is accepted the access instruction is placed in the area to be placed, said from the security information files identify the page for a user accessible form data is stored, the specified acquiring means for acquiring the form data of the pages, the document file that has received the access instruction by the access instruction accepting means, said user Is stored by the area information recording means of the accessible page The form data extracted by the extraction means is displayed on the client terminal in the area to be stored, and the area stored by the area information recording means on the page other than the page accessible by the user is extracted by the extraction means. The page accessible by the user is recorded in the form data of the page acquired by the acquisition unit and the second recording unit so that the form data is not displayed on the client terminal. Synthesize the form data and output the form data recorded in the second recording means without using the form data extracted by the extracting means for pages other than the page accessible by the user And synthesizes and outputs the form data of all pages of the form file that has received the access instruction. The computer is caused to function as combining means and transmitting means for transmitting the form data combined by the combining means to the client.

  According to the present invention, the data corresponding to the area where the access control to the data file is controlled is extracted from the data constituting the data file, and the extracted data and other data are separated and recorded. , It is possible to control access to the data file without dividing the data file, to prevent the consumption of system resources of the information processing device, and to reduce the effort for the user to browse and search because it is a single file Is possible. Further, since the data outside the area is recorded among the data constituting the data file in the second data recording means, even if the data leaks, the data in the area is not seen.

  DESCRIPTION OF EXEMPLARY EMBODIMENTS Hereinafter, preferred embodiments to which the invention is applied will be described in detail with reference to the accompanying drawings.

  FIG. 1 is a diagram showing a configuration of an electronic form system according to an embodiment of the present invention. The connection configuration of various terminals on the network in FIG. 1 is merely an example, and it is needless to say that various configurations can be taken according to applications and purposes.

  A client PC (administrator) 101 is a client terminal used by a person who views a form and checks an editing result. The client PC 101 can send and receive data to and from the form server 100 via the network 103.

  A client PC (general user) 102 is a client terminal used by a person who views and edits a form. The client PC 102 can send and receive data to and from the form server 100 via the network 103.

  FIG. 2 is a diagram for explaining the hardware configuration of the computer system in the form server 100 and the client PCs 101 and 102. In FIG. 2, the CPU 201 comprehensively controls each device connected to the system bus 204. The ROM 203 or the external memory 211 stores an operating system (OS) that is a control program of the CPU 201 and programs for realizing various functions to be described later of each server or each client.

  The RAM 202 functions as a main memory, work area, temporary save area, and the like for the CPU 201.

  The input controller 205 controls input from the input unit 209. Examples of the input unit 209 include a pointing device such as a keyboard and a mouse in a terminal such as a server or a client. Moreover, in a printing apparatus etc., a touch panel, a button, a switch, etc. are mentioned.

  The display controller 206 controls display on the display unit 210. Examples of the display unit 210 include a CRT and a liquid crystal.

  An external memory controller (MC) 207 controls access to an external memory 211 that stores a boot program, various applications, font data, user files, edit files, printer drivers, and the like. In addition, various tables and parameters for realizing various functions of each server or each client are stored. Examples of the external memory 211 include a hard disk (HD), a floppy (registered trademark) disk (FD), a compact flash (registered trademark) connected to a PCMCIA card slot via an adapter, and smart media.

  The communication I / F controller 208 executes communication control processing with an external device via the network 103.

  A program 212 for realizing the present embodiment is recorded in the external memory 211 and is executed by the CPU 201 by being loaded into the RAM 202 as necessary. Further, the form file 213 used by the program 212 is stored in the external memory 211, and detailed description thereof will be described later.

  The hardware configuration of the client PC 101 and the client PC 102 is the same as that of the form server 100. However, the program 212 includes a client module for displaying a form and is different from that of the form server 100. Further, the form file 213 receives only a part necessary for display by communication with the form server 100, and is different in that the client PC 101 and the client PC 102 are not originally held.

  The form file 213 is form display data, is composed of one or a plurality of files, and contains one or a plurality of pages. Within the form server 100, the same type of a plurality of form files 213 are managed as a group, and each form file 213 is called a generation within the group.

  The security location storage unit 214 stores area information for performing access control. The security information storage unit 215 stores data to be displayed in an area where access control is performed.

  The form file 213, the security location storage unit 214, and the security information storage unit 215 may be stored in the form server 100 or may be stored in another database server.

  FIG. 3 is a flowchart showing a basic flow of display data display processing by the electronic form system according to the present embodiment.

  As described above, the client PC 101, the client PC 102, and the form server 100 are connected to each other via the network 103. Then, the client PC 101 and the client PC 102 execute various processes related to electronic form display via various operation screens provided from the form server 100. One example will be described below.

  In step S301, the administrator client PC 101 displays the operation information provided from the form server 100 on the display screen via the browser, and generates a form including a form ID selected by operating the mouse or the like by the administrator. Information to be identified is transmitted to the form server 100.

  In step S302, the form server 100 receives information specifying the form transmitted by the administrator client PC 101 in step S301, and corresponds the form data necessary for display on the corresponding administrator client PC 101 to the form ID or the like. Extracted from the form file 213 and transmitted to the administrator client PC 101.

  In step S <b> 303, the administrator client PC 101 displays a form image from the form data transmitted from the form server 100 on the display unit 210.

  In step S304, an arbitrary area of the form displayed by the administrator operating the pointing device or the like is selected.

  As shown in FIG. 4, a desired range is selected by surrounding a desired range with a rectangular broken line displayed by a mouse drag operation or the like (hereinafter, the selected range is referred to as a selection range). This selection range is defined by having the coordinates of two points (upper left and lower right). A plurality of selection ranges such as a matching key 401, an input key 402, and a total key 403 can be designated.

  The matching key 401 is a range used when a general user opens a security form to determine whether or not the page is a reference-permitted page. A user ID is obtained by acquiring a character string within the range. Compare with etc.

  The input key 402 is an area that allows general users to input within this range. For example, if a general user refers to and confirms a form, it is used when performing operations such as checking the form.

  The total key 403 is used when the administrator wants to refer to the form in a processed form as shown in FIG. 12 when referring to the form.

  After determining the selection range, the administrator client PC 101 transmits range rectangle position information (coordinate position) to the form server 100.

  In step S <b> 305, the form server 100 that acquired the position information stores the information in the security position storage unit 214. For example, the position information table 500 is stored in a format as shown in FIG. It should be noted that “1” is registered in the security information 501 item (field) in the record storing the range rectangle position information, and the security information 501 item is stored in the record that does not yet store the range rectangle position information. 0 "is registered.

  FIG. 6 is a flowchart showing the flow of processing for extracting data for access control from form data transmitted from the host and storing it in the security information storage unit 215.

  When form data is transferred from the host to the form server 100, it is temporarily stored in a spool directory on the form server 100.

  At the stored stage, in step S601, the form server 100 starts a form registration process. In subsequent step S602, it is determined whether the form to be registered is a “security form” or a “normal form”. This determination is made from “1” and “0” of the security information 501 items stored in the security location storage unit 214 using the form ID of the sent form as a key.

  If it is a normal form (security information 501 item “0”), it is recorded in the form file 213 as a normal form. Here, the sorting process may be performed. In the sorting process, a process for dividing a form is performed when the form is fetched. For example, in a company with 1000 employees, the form is divided into 1000 as shown in FIG.

  If it is a security form (security information 501 item “1”), the conventional form registration process does not occur, and in step S604, the form ID of the sent form is stored as a key in the security location storage unit 214. The coordinate information stored in the matching key 502 item, the input key item, and the total key 504 and 505 items is acquired and stored in the RAM or the like.

  In step S605, the sent form data is sequentially read into the RAM or the like in page units from the first page. In step S606, based on the coordinate information, data such as characters in the key position (here, matching key 502, input key 503, totaling key 504, 504) is extracted from the form data.

  In step S607, the extracted character data or the like is associated with the type of the form file, and a form security table 700 as shown in FIG. 7 is created and added, and stored in the security information storage unit 215. Note that the data (form data) not extracted in step S607 out of the form data is recorded in a recording area different from the security information storage unit or another recording medium. As described above, by separating and storing data corresponding to the selected area and other data, it is possible to prevent leakage of confidential data included in the selected area even when form data is leaked. .

  FIG. 8 is a flowchart showing a flow when a general user operating the client PC 102 refers to a form file.

  In step S <b> 801, the general user refers to the operation screen displayed on the display device of the client PC 102 and inputs an ID, password, and the like for identifying and authenticating the user from the input device.

  The client PC 102 transmits the input user ID, password, etc. to the form server 100.

  In step S802, the form server 100 receives the input information transmitted by the client PC 102 in step S801, checks the user ID, password, and the like, and displays a form that can be referred to by the general user in a list. Information necessary for the transmission is transmitted to the client PC 102. Note that the user ID is stored in a RAM or the like for use in step S809.

  In step S803, the client PC 102 receives the information transmitted from the form server 100, and displays a form list screen as shown in FIG. 9 on the display device.

  In step S <b> 804, the client PC 102 transmits information such as a form ID for specifying the form to the form server 100 for the form selected by the general user.

  In step S805, the form server 100 receives information such as the form ID transmitted from the client PC 102 in step S804, and expands the form data. Here, expanding the form data refers to acquiring form data necessary for generating the form from the form file 213 using the form ID transmitted from the client PC 102 as a key, and temporarily storing it in the RAM or the like. That means.

  In step S806, it is determined from the expanded form data whether the form selected by the client PC 102 is a security form or a normal form in step S804. Specifically, it is determined by referring to the position information table 500 stored in the security position storage unit 214 using the form ID information received in step S805 as a key.

  For example, when the form ID “kyyuyo” is selected from the form list shown in FIG. 9, the position information table 500 shown in FIG. 5 is searched using “kyyuyo” as a key, and the security information 501 field flag of the “kyyuyo” table is searched. Whether it is a security form or a normal form is determined based on whether “0” or “1”. In the case of “kyuyu”, the security information 501 field is “1”, so it is determined as a security form. If it is a normal form, the process proceeds to step 807, and if it is a security form, the process proceeds to step S808.

  In step S807, the form server 100 transmits the form data expanded in step S805 to the client PC.

  In steps S808 to S810, the form server 100 performs a security check in units of pages (from the first page to the last page).

  In step S808, using the form ID information received in step S805 and the page number of the form being checked as a key, a record with the same form ID and page is searched from the form security table 700 shown in FIG. Data such as characters recorded in the record matching 701 field is acquired.

  In step S809, matching is performed between the received user ID and data such as characters acquired in step 808 in step S802.

  In step S810, if matching is found in step S809, data such as characters in the input 702, total 1 (703), and total 2 (704) fields is acquired from the record and recorded in the RAM or the like. Here, if the character data in the matching 701 field and the user ID match, it is determined as “match”, and if they do not match, it is determined as “mismatch”.

  In step S810, if there is a mismatch in the matching in step S809, the process proceeds to the next page. In step S809 at this time, the user ID and the matching 701 field are compared. However, the information is only an example and may be information other than the user ID. In addition, the comparison with the matching 701 field may be performed in various ways, for example, a numerical value is large or small, and a character is included in the character.

  After the comparison is made up to the final page, the form data stored in the RAM or the like is transmitted to the client PC 102 in the process of step S811. If data such as characters in the input 702, total 1 (703), and total 2 (704) fields are recorded from the record in the RAM or the like in step S810, these characters or the like are selected in step S804. To the created form.

  The composition is based on the position information table 500 shown in FIG. 5, and data such as characters in the matching 701, input 702, total 1 (703), total 2 (704) fields recorded in the RAM etc. It will be combined with the corresponding area of the page to be.

  In step S812, the client PC 102 receives the form data transmitted from the form server 100, creates a form image from the form data, and displays a screen as shown in FIG. 10 on the display device. In step S811, for pages that have been “matched” by matching, data such as characters is displayed in the personal name code 1001, the confirmation field 1002, the transfer destination 1003, and the total amount 1004 as shown in FIG. "Is not displayed on the page.

  If there is no “matching” page, error notification information may be transmitted without transmitting the form data in step S811. In this way, unnecessary form data need not be transmitted. If there is a “matching” page, the “mismatching” page may be deleted in step S811, and only the form data of the “matching” page may be transmitted. In this way, the client PC 102 can receive only necessary form data.

  FIG. 11 is a flowchart showing a flow when an administrator operating the client PC 101 refers to a form file.

  In step S1101, the administrator refers to the operation screen displayed on the display device of the client PC 101, and inputs a user ID, password, and the like for identifying and authenticating the user from the input device. The client PC 101 transmits the input user ID, password, etc. to the form server 100.

  In step S1102, the form server 100 receives the input information transmitted by the client PC 101 in step S1101, checks the user ID, password, and the like, and sends information necessary for displaying all forms to the list to the client PC 101. Send.

  In step S1103, the client PC 101 receives information transmitted from the form server 100 and displays a form list screen as shown in FIG. 9 on the display device.

  In step S <b> 1104, the client PC 101 transmits information such as a form ID for specifying the form to the form server 100 for the form selected by the administrator.

  In step S1105, the form server 100 receives information such as the form ID transmitted from the client PC 101 in step S1104, and determines whether the selected form is a security form or a normal form.

  Specifically, determination is made by referring to the position information 500 table stored in the security position storage unit 214 using the form ID information received in step S1105 as a key.

  For example, when the form ID “kyyuyo” is selected from the form list shown in FIG. 9, the position information table 500 shown in FIG. 5 is searched using “kyyuyo” as a key, and the security information 501 field flag of the “kyyuyo” table is searched. Whether it is a security form or a normal form is determined based on whether “0” or “1”. In the case of “kyuyu”, the security information 501 field is “1”, so it is determined as a security form.

  If it is a normal form, the process proceeds to step S1105. If it is a security form, the process proceeds to step S1106.

  In step S1106, display keys (matching key 502, input key 503, total key 1 (504), total key 2 (505)) are acquired from position information table 500 shown in FIG. 5 recorded in security position storage unit 214. Then, the client PC 101 transmits information such as information such as the form ID, the display key and the display key name (for example, “input code”, “confirmation column”, “transfer destination”, “transfer amount”). The name of the display key is associated with the display key and recorded in the external memory 211 or the like.

  In step S <b> 1107, the client PC 101 receives information such as the form ID, the display key, and the name of the display key transmitted from the form server 100. Here, on the display device of the client PC 101, a screen for selecting whether to display the form selected in step S1104 as a normal form or to display the part for which access control is being aggregated ( (Not shown) is displayed.

  If it is selected by the administrator to display the part for which access control is being performed in the aggregated state, based on the received information such as the form ID, the display key, and the information related to the name of the display key, FIG. A screen as shown is displayed on the display device.

  The administrator refers to the display screen 1200 and selects any one or a plurality of display keys. The client PC 101 transmits the selected display key information to the form server 100. If it is selected to be displayed as a normal form, information indicating that it is displayed as a normal form is transmitted.

  If the form server 100 determines that the form is a normal form in step S1105, or if it is selected to be displayed as a normal form in step S1107, the form data related to the form selected in step S1104 in step S1108. Is obtained from the form file 213, expanded in a RAM or the like, and transmitted to the client PC 101. Here, expanding the form data refers to obtaining form data necessary for generating the form from the form file 213 using the form ID transmitted from the client PC 101 as a key, and temporarily storing it in the RAM or the like. That means. If it is selected to display as a normal form in step S911, the data separated and recorded in the security information storage unit 215 is combined with the form data and then transmitted to the client PC 101.

  On the other hand, if the display key is selected in step S1107, information necessary for displaying the part for which access control is being performed in the aggregated state is recorded in the security information storage unit 215 in step S1110. It is acquired from the form security table 700 shown in FIG.

  For example, if “matching”, “input”, “total 1”, “total 2” is selected as the display key in step S1107, the data corresponding to the item selected from the form security table 700 shown in FIG. The data of the generation is acquired, expanded in a RAM or the like, and transmitted to the client PC 101.

  In step S1109, the client PC 101 displays a display screen corresponding to the received data on the display device.

  If the display key is selected in step S1107, a tabulation table as shown in FIG. 13 is displayed in step S1111.

  According to the present embodiment, since it is not necessary to divide a form file for each user who performs access control, it is possible to prevent wasteful use of system resources, and the administrator can create a form file by using a single file. It is possible to reduce the trouble of referring to / searching for.

  In addition, when the form data is acquired from the host, the data in the area where access control is performed is stored separately in a separate database and combined when the user accesses the form file, so the form file is leaked. Even if it does, the data in the predetermined area will not be seen.

  Furthermore, a series of form data periodically transmitted is associated with the same form name in the electronic form system and stored for a plurality of generations, which takes time even when referring to a plurality of generation form files. You can easily refer to it without.

  In the present embodiment, for example, in step S804 in FIG. 8, a plurality of generations are selected, or a dialog screen is displayed to select a plurality of generations, and the processing in steps S808 to S810 is performed for each generation. By doing so, the form image display in step S812 can be displayed not only for one generation but also for a plurality of generations.

  Similarly, the administrator side obtains the form data developed in step S1108 or the selected data acquired in step S1110 over a plurality of generations by selecting a plurality of generations in step S1104 in FIG. The image display in step S1109 or the total image display in step S1111 can be displayed for a plurality of generations.

  Display with a specified page range is also possible. Also, when referring to the form of the administrator, it is possible to display by designating a page instead of processing all the pages of the form. In this case, at the same time as selecting the form in step S1104 of FIG. 11, the administrator selects the page range to be displayed by displaying a dialog screen or the like. The list shown in FIG. 13 or the like finally displayed can be only the selected page range. Specifying the page range in this way is effective when it is desired to display data of only a specific department / store when the page of the form is continuous for each department or store of the company.

  Display the results of a form search. Also, instead of specifying a range of pages, it is also possible to create a list only for pages found by searching for forms.

  In the above description, a form file is described as an example of the data file. However, the present invention can also be applied to, for example, an image file other than the form file. In this case, character data that is confidential information is extracted from the image file by OCR (Optical Character Reader), and the image data in the image file and the extracted character data are combined in accordance with an access instruction to the image file. Thus, the same effects as those of the above embodiment can be obtained.

  Another object of the present invention is to supply a storage medium storing software program codes for realizing the functions of the above-described embodiments to a system or apparatus, and the computer (or CPU or MPU) of the system or apparatus stores the storage medium. Needless to say, this can also be achieved by reading and executing the program code stored in.

  In this case, the program code itself read from the storage medium realizes the functions of the above-described embodiments, and the program code itself and the storage medium storing the program code constitute the present invention.

  As a storage medium for supplying the program code, for example, a flexible disk, a hard disk, an optical disk, a magneto-optical disk, a CD-ROM, a CD-R, a magnetic tape, a nonvolatile memory card, a ROM, or the like can be used.

  Further, by executing the program code read by the computer, not only the functions of the above-described embodiments are realized, but also an OS (basic system or operating system) running on the computer based on the instruction of the program code. Needless to say, a case where the functions of the above-described embodiment are realized by performing part or all of the actual processing and the processing is included.

  Further, after the program code read from the storage medium is written in a memory provided in a function expansion board inserted into the computer or a function expansion unit connected to the computer, the function is determined based on the instruction of the program code. It goes without saying that the CPU or the like provided in the expansion board or function expansion unit performs part or all of the actual processing and the functions of the above-described embodiments are realized by the processing.

It is a figure which shows the structure of the electronic form system which concerns on one Embodiment of this invention. 2 is a diagram for explaining a hardware configuration of a computer system in a form server 100 and client PCs 1010 and 102. FIG. It is a flowchart which shows the basic flow of the display process of the display data by an electronic form system. It is a figure for demonstrating the selection range selected on a display screen by drag operation, such as a mouse | mouth. It is a figure which shows the example of 1 structure of a position information table. It is a flowchart which shows the flow of the process which extracts the data which perform access control from the form data transmitted from a host, and stores it in a security information storage part. It is a figure which shows the example of 1 structure of a form security table. It is a flowchart which shows the flow of a process of client PC when a general user refers to a form file. It is a figure which shows the example of a display of a form list screen. It is a figure which shows the structural example of the form image displayed on a display screen. It is a flowchart which shows the flow of client PC when an administrator refers to a form file. It is a figure which shows the example of a display of the selection screen of a display key. It is a figure which shows the structural example of the summary table image displayed on a display screen. It is a figure which shows the divided | segmented form file typically.

Explanation of symbols

100: Form server 101, 102: Client PC
103: Network 201: CPU
202: RAM
203: ROM
204: System bus 205: Input controller 206: Display controller 207: External memory controller 208: Communication I / F controller 209: Input unit 210: Display unit 211: External memory 212: Program 213: Form file 214: Security position storage unit 215 : Security information storage

Claims (4)

Area information recording means for recording, in a position information table, position information of an area for controlling access to the form file and position information of an area in which characters used for authentication are arranged ;
Extraction that extracts form data arranged in the area to be subjected to the access control recorded in the area information recording unit of each page from the form data arranged in each of a plurality of pages constituting the input form file Means,
First recording means for associating and recording form data extracted by the extracting means and a page on which the extracted form data is arranged as a security information file;
A form data other than the form data arranged in the area for performing the access control extracted by the extraction unit among the form data constituting the form file is recorded separately from the security information file. Recording means;
Access instruction receiving means for receiving an access instruction for the form file from the client;
Arranged in the area where the identification information of the user included in the access instruction received by the access instruction receiving means and the character used for authentication stored in the location information table of the form file that received the access instruction are arranged by using the character, an acquisition unit for the user from the security information file identifies the page accessible form data is stored, and acquires the form data of the page where the specified
The form file extracted by the extracting unit is stored in the area stored in the area information recording unit of the page accessible by the user, and the client terminal receives the form file received by the access instruction receiving unit. In order to prevent the form data extracted by the extraction means from being displayed on the client terminal in the area stored by the area information recording means of a page other than the page accessible by the user. For pages that can be accessed by the user, the form data of the page acquired by the acquisition unit and the form data recorded in the second recording unit are combined, and the page other than the page accessible by the user For pages, do not use the form data extracted by the extraction means By outputting the document data to be recorded in the second recording means, synthesizing means for synthesizing and outputting the document data of all pages of the document file which has received the access instruction,
An information processing apparatus comprising: a transmitting unit that transmits the form data combined by the combining unit to the client. An information processing system in which an information management apparatus that manages form data constituting an input form file and one or a plurality of information processing apparatuses can communicate via a communication network,
Area information recording means for recording, in a position information table, position information of an area for controlling access to the form file and position information of an area in which characters used for authentication are arranged ;
Extraction that extracts form data arranged in the area to be subjected to the access control recorded in the area information recording unit of each page from the form data arranged in each of a plurality of pages constituting the input form file Means,
First recording means for associating and recording form data extracted by the extracting means and a page on which the extracted form data is arranged as a security information file;
A form data other than the form data arranged in the area for performing the access control extracted by the extraction unit among the form data constituting the form file is recorded separately from the security information file. Recording means;
Access instruction receiving means for receiving an access instruction for the form file from the client;
Arranged in the area where the identification information of the user included in the access instruction received by the access instruction receiving means and the character used for authentication stored in the location information table of the form file that received the access instruction are arranged by using the character, an acquisition unit for the user from the security information file identifies the page accessible form data is stored, and acquires the form data of the page where the specified
The form file extracted by the extracting unit is stored in the area stored in the area information recording unit of the page accessible by the user, and the client terminal receives the form file received by the access instruction receiving unit. In order to prevent the form data extracted by the extraction means from being displayed on the client terminal in the area stored by the area information recording means of a page other than the page accessible by the user. For pages that can be accessed by the user, the form data of the page acquired by the acquisition unit and the form data recorded in the second recording unit are combined, and the page other than the page accessible by the user For pages, do not use the form data extracted by the extraction means By outputting the document data to be recorded in the second recording means, synthesizing means for synthesizing and outputting the document data of all pages of the document file which has received the access instruction,
An information processing system comprising: transmitting means for transmitting the form data synthesized by the synthesizing means to the client. An area information recording step for recording, in the position information table, position information of an area for controlling access to the form file and position information of an area in which characters used for authentication are arranged ;
Extraction that extracts form data arranged in the area for performing the access control recorded in the area information recording step of each page from the form data arranged on each of a plurality of pages constituting the input form file Steps,
A first recording step of recording the form data extracted in the extraction step in association with a page on which the extracted form data is arranged as a security information file;
The form data other than the form data arranged in the area for performing the access control extracted in the extraction step among the form data constituting the form file is recorded separately from the security information file. Recording step;
An access instruction receiving step for receiving an access instruction for the form file from the client;
Arranged in the area where the identification information of the user included in the access instruction received by the access instruction reception step and the character used for authentication stored in the position information table of the form file that received the access instruction are arranged by using the character, an acquisition step of the user from the security information file identifies the page accessible form data is stored, and acquires the form data of the page where the specified
The form file extracted in the extraction step is stored in the area stored in the area information recording step of the page accessible by the user, and the form data extracted in the extraction step is stored in the client terminal. In order to prevent the form data extracted by the extraction step from being displayed on the client terminal in the area stored by the area information recording step of a page other than the page accessible by the user. For pages accessible by the user, the form data of the page acquired by the acquisition step and the form data recorded by the second recording step are combined, and the page other than the page accessible by the user For pages, the extraction step The second recording by outputting a form data recorded by step, synthesis step of synthesizing and outputs the form data of all pages of the document file which has received the access instruction without using form data extracted by When,
And a transmitting step of transmitting the form data combined in the combining step to the client. Area information recording means for recording, in a position information table, position information of an area for controlling access to the form file and position information of an area in which characters used for authentication are arranged ;
Extraction that extracts form data arranged in the area to be subjected to the access control recorded in the area information recording unit of each page from the form data arranged in each of a plurality of pages constituting the input form file Means,
First recording means for associating and recording form data extracted by the extracting means and a page on which the extracted form data is arranged as a security information file;
A form data other than the form data arranged in the area for performing the access control extracted by the extraction unit among the form data constituting the form file is recorded separately from the security information file. Recording means;
Access instruction receiving means for receiving an access instruction for the form file from the client;
Arranged in the area where the identification information of the user included in the access instruction received by the access instruction receiving means and the character used for authentication stored in the location information table of the form file that received the access instruction are arranged by using the character, an acquisition unit for the user from the security information file identifies the page accessible form data is stored, and acquires the form data of the page where the specified
The form file extracted by the extracting unit is stored in the area stored in the area information recording unit of the page accessible by the user, and the client terminal receives the form file received by the access instruction receiving unit. In order to prevent the form data extracted by the extraction means from being displayed on the client terminal in the area stored by the area information recording means of a page other than the page accessible by the user. For pages that can be accessed by the user, the form data of the page acquired by the acquisition unit and the form data recorded in the second recording unit are combined, and the page other than the page accessible by the user For pages, do not use the form data extracted by the extraction means By outputting the document data to be recorded in the second recording means, synthesizing means for synthesizing and outputting the document data of all pages of the document file which has received the access instruction,
A program for causing a computer to function as transmission means for transmitting form data combined by the combining means to the client.

Images