JP6631091B2 - Information processing apparatus and information processing program - Google Patents

Description

  The present invention relates to an information processing device and an information processing program.

  Patent Literature 1 has an object to provide an unauthorized access monitoring system and a program for automatically identifying unauthorized access from a large amount of access information, and an unauthorized access information database stores unauthorized access information sequentially and determines the same person. The processing unit refers to the unauthorized access information database and determines whether or not the unauthorized access information is unauthorized access information by the same person based on the degree of coincidence regarding a predetermined item. The conditions are stored, and the unauthorized person determination processing unit determines, for a plurality of unauthorized access information determined by the same person determination processing unit as the same person, whether or not the unauthorized access is performed by referring to the determination condition of the determination condition database, It is disclosed that it is determined whether the same person is a fraudulent person.

  Patent Literature 2 has an object to automatically set different types of access rights to one document based on the relationship between the document and the document access requester. The document type, the authority holder group, and the document A group relation information storage unit for storing right relation information including a group to which the access requestor belongs and a weight given to the document access requester, and a document type, a document state, and a document access requester to be set. An access right information storage unit for storing access right information including a type of the access right and a weight condition for setting the access right, wherein the access right determination unit holds the right of the document in response to the access request for the document A weight to be given to the document access requester is specified based on the group and the document access requester (related group), and the specified weight and access request are specified. It is disclosed to determine the status and type of the document access requester access to be set in the right based on the type of the documents of a document.

  Patent Literature 3 has an object to provide an access control system provided with inconsistency / redundancy detection. The inconsistency rule detection processing unit provided in the access control system includes role conversion means, inconsistency rule detection means, and inconsistency part extraction. The role conversion means reads all subject roles and object roles from the subject role repository or the object role repository, and identifies the role information to uniquely identify the position in the structure of each role. The inconsistency rule detection means and the inconsistency part extraction means receive the role information from the role conversion means, read the propagation rules from the propagation rule repository, and convert the symbols into ACLs (access control list) to which the propagation rules are applied. Extract inconsistent lists from within And, a conflict from the extracted list to extract a combination of subjects rolls and objects roll is disclosed.

JP-A-2002-334061 JP 2010-020419 A JP 2005-182478 A

In the related art, when setting an access right to a document, setting of an unauthorized access right is prevented.
However, when an illegal access right is intentionally set, or when an illegal access right is mistakenly set, these cannot be detected.
According to the present invention, even after an unauthorized access right has been set for a document, if the document is accessed, there is a possibility that an incorrect access right is set for the document. It is an object of the present invention to provide an information processing apparatus and an information processing program which are configured to give a notification to that effect.

  The gist of the present invention to achieve this object lies in the inventions in the following items.

According to the first aspect of the present invention, a first storage means for storing a document and a keyword related to the document in association with each other, a second storage means for storing a rule in which the keyword is associated with the user, and a user accessing the document In the case, when the combination of the keyword corresponding to the document and the user is not in the rule, a notification unit for notifying that there is a possibility that an unauthorized access right to the document may be set to the user is provided. When a document is accessed, the number of times of reference to the keyword corresponding to the document is increased, and when the number of times of reference is greater than or equal to a predetermined threshold, a rule that associates the user with the keyword is set. have a generating means for generating said second storage means stores rules generated by said generating means is an information processing apparatus.
According to a second aspect of the present invention, there is provided a first storage unit for storing a document and a keyword related to the document in association with each other, a second storage unit for storing a rule in which the keyword is associated with the user, and a user accessing the document. In this case, the combination of the keyword corresponding to the document and the user is not in the rule, and the combination of the keyword corresponding to the document and another second user in the group to which the user belongs is the rule. If not, the information processing apparatus includes a notification unit that notifies that there is a possibility that an unauthorized access right to the document may be set to the user.
According to a third aspect of the present invention, there is provided a first storage unit for storing a document and a keyword related to the document in association with each other, a second storage unit for storing a rule in which the keyword is associated with the user, and a user accessing the document. In the case, when the combination of the keyword corresponding to the document and the user is not in the rule, a notification unit for notifying that there is a possibility that an unauthorized access right to the document may be set to the user is provided. The notification means is an information processing apparatus for notifying a manager or an owner of the document.
According to a fourth aspect of the present invention, a first storage means for storing a document and a keyword related to the document in association with each other, a second storage means for storing a rule in which the keyword is associated with the user, and a user accessing the document In the case, when the combination of the keyword corresponding to the document and the user is not in the rule, a notification unit for notifying that there is a possibility that an unauthorized access right to the document may be set to the user is provided. An information processing apparatus that has a first display for changing the access right of the document or a second display for changing the rule.
According to a fifth aspect of the present invention, a first storage means for storing a document and a keyword related to the document in association with each other, a second storage means for storing a rule in which the keyword is associated with the user, and a user accessing the document In the case, when the combination of the keyword corresponding to the document and the user is not in the rule, a notification unit for notifying that there is a possibility that an unauthorized access right to the document may be set to the user is provided. The information processing apparatus includes a prohibition unit that prohibits the user from accessing the document when the notification is performed by the notification unit.

The invention according to claim 6 is such that, when a document is accessed, the number of times of reference to a keyword corresponding to the document is increased, and when the number of times of reference is greater than or greater than a predetermined threshold, the keyword is assigned to the user. The information processing apparatus according to any one of claims 2 to 5, further comprising a generation unit configured to generate a rule corresponding to the rule, wherein the second storage unit stores the rule generated by the generation unit. Device.

The invention according to claim 7 , wherein the notifying unit is configured to invalidate the document if the combination of the keyword corresponding to the document and another second user in the group to which the user belongs is not included in the rule. The information processing apparatus according to any one of claims 1 to 3 , wherein the information processing apparatus notifies the user that a proper access right may be set to the user.

The invention according to claim 8 is the information processing apparatus according to any one of claims 1 , 2, 4 , and 5 , wherein the notifying unit notifies a manager or an owner of the document.

The invention according to claim 9 is characterized in that the notifying means performs a first display for changing the access right of the document or a second display for changing the rule. To the information processing device according to any one of items 3 to 5 .

The invention of claim 10, wherein if the notification by the notification means is performed, the information processing apparatus according to claim 1, any one of 4 to further have a prohibiting means for prohibiting access to the document by the user It is.

The invention according to claim 11, wherein a first storage means for storing a document in association with a keyword relating to the document, a second storage means for storing a rule in which the keyword is associated with the user, Is accessed, when the combination of the keyword corresponding to the document and the user is not in the rules, a notification is given to the effect that the user may have been set with an unauthorized access right to the document. Notifying means , when there is access to the document, increase the number of times of reference of the keyword corresponding to the document, and when the number of times of reference is greater than or greater than a predetermined threshold, associate the user with the keyword. rules to function as generating means for generating said second storage means stores rules generated by said generating means, the information processing program It is.
According to a twelfth aspect of the present invention, there is provided a computer comprising: a first storage unit for storing a document in association with a keyword related to the document; a second storage unit for storing a rule in which the keyword is associated with the user; Is accessed, the combination of the keyword corresponding to the document and the user is not in the rule, and the combination of the keyword corresponding to the document and another second user in the group to which the user belongs is An information processing program for functioning as notifying means for notifying that there is a possibility that an unauthorized access right to the document may be set to the user when the rule is not within the rules.
The invention according to claim 13 is a computer, comprising: a first storage unit for storing a document and a keyword related to the document in association with each other; a second storage unit for storing a rule in which the keyword is associated with the user; Is accessed, when the combination of the keyword corresponding to the document and the user is not in the rules, a notification is given to the effect that the user may have been set with an unauthorized access right to the document. The notifying unit is an information processing program that functions as a notifying unit, and notifies the administrator or the owner of the document.
According to a fourteenth aspect of the present invention, there is provided a computer, comprising: a first storage unit for storing a document and a keyword related to the document in association with each other; a second storage unit for storing a rule in which the keyword is associated with the user; Is accessed, when the combination of the keyword corresponding to the document and the user is not in the rules, a notification is given to the effect that the user may have been set with an unauthorized access right to the document. An information processing program that functions as a notifying unit, wherein the notifying unit performs a first display for changing the access right of the document or a second display for changing the rule. is there.
The invention according to claim 15 is a computer, comprising: a first storage unit for storing a document and a keyword related to the document in association with each other; a second storage unit for storing a rule in which the keyword is associated with the user; Is accessed, when the combination of the keyword corresponding to the document and the user is not in the rules, a notification is given to the effect that the user may have been set with an unauthorized access right to the document. A notification unit, and an information processing program for functioning as a prohibition unit that prohibits the user from accessing the document when the notification is performed by the notification unit.

According to the information processing apparatus of the present invention, even if an unauthorized access right is set to a document, if the document is accessed, the setting of the unauthorized access right to the document is not performed. It is possible to give a notification to the effect that it may have been done. Also, by utilizing the fact that the document is accessed, it is possible to generate a rule that associates a user with a keyword.
According to the information processing apparatus of claim 2, even after an unauthorized access right has been set for a document, if the document is accessed, the setting of the unauthorized access right for the document is disabled. It is possible to give a notification to the effect that it may have been done. Also, if another second user in the group to which the user belongs does not comply with the rules, the user shall be notified that the document may have been set with an incorrect access right. Can be.
According to the information processing apparatus of the third aspect, even if an unauthorized access right is set to a document, if the document is accessed, the setting of the unauthorized access right to the document is not performed. It is possible to give a notification to the effect that it may have been done. In addition, it is possible to notify the administrator or the owner of the document.
According to the information processing apparatus of the present invention, even if an unauthorized access right is set to a document, if the document is accessed, the setting of the unauthorized access right to the document is not performed. It is possible to give a notification to the effect that it may have been done. Further, a first display for changing the access right of the document or a second display for changing the rule can be performed.
According to the information processing apparatus of the fifth aspect, even if an unauthorized access right is set to a document, if the document is accessed, the setting of the unauthorized access right to the document is not performed. It is possible to give a notification to the effect that it may have been done. If the user does not conform to the rules, the user can be prohibited from accessing the document.

According to the information processing apparatus of the sixth aspect , it is possible to generate a rule that associates a user with a keyword by utilizing the fact that a document is accessed.

According to the information processing apparatus of claim 7 , when another second user in the group to which the user belongs does not conform to the rule, an unauthorized access right may be set for the document. Can be notified.

According to the information processing apparatus of the eighth aspect , it is possible to notify the administrator or the owner of the document.

According to the information processing apparatus of the ninth aspect , the first display for changing the access right of the document or the second display for changing the rule can be performed.

According to the information processing apparatus of the tenth aspect , when the user does not conform to the rules, the user can be prohibited from accessing the document.

According to the information processing program according to claim 11, even after had been set invalid access to the document, when an access to the document, the setting of unauthorized access to the document It is possible to give a notification to the effect that it may have been done. Also, by utilizing the fact that the document is accessed, it is possible to generate a rule that associates a user with a keyword.
According to the information processing program of the twelfth aspect, even after the unauthorized access right is set to the document, if the document is accessed, the setting of the unauthorized access right to the document is not performed. It is possible to give a notification to the effect that it may have been done. Also, if another second user in the group to which the user belongs does not comply with the rules, the user shall be notified that the document may have been set with an incorrect access right. Can be.
According to the information processing program of the present invention, even if an unauthorized access right is set to a document, if the document is accessed, the setting of the unauthorized access right to the document is not performed. It is possible to give a notification to the effect that it may have been done. In addition, it is possible to notify the administrator or the owner of the document.
According to the information processing program of the present invention, even if an unauthorized access right is set to a document, if the document is accessed, the setting of the unauthorized access right to the document is not performed. It is possible to give a notification to the effect that it may have been done. Further, a first display for changing the access right of the document or a second display for changing the rule can be performed.
According to the information processing program of the present invention, even if an unauthorized access right is set to a document, if the document is accessed, the setting of the unauthorized access right to the document is not performed. It is possible to give a notification to the effect that it may have been done. If the user does not conform to the rules, the user can be prohibited from accessing the document.

FIG. 2 is a conceptual module configuration diagram illustrating a configuration example according to the present embodiment. FIG. 2 is an explanatory diagram illustrating a system configuration example using the present embodiment. 5 is a flowchart illustrating a processing example according to the exemplary embodiment; FIG. 4 is an explanatory diagram illustrating an example of a data structure of a document management table. FIG. 4 is an explanatory diagram illustrating an example of a data structure of an object access right table. FIG. 9 is an explanatory diagram illustrating an example of a data structure of a keyword reference history table. FIG. 4 is an explanatory diagram illustrating an example of a data structure of an access rule table. FIG. 4 is an explanatory diagram illustrating an example of a data structure of a user property table. FIG. 9 is an explanatory diagram illustrating a display example of a warning area. FIG. 2 is a block diagram illustrating an example of a hardware configuration of a computer that implements the exemplary embodiment.

Hereinafter, an example of a preferred embodiment for realizing the present invention will be described with reference to the drawings.
FIG. 1 is a conceptual module configuration diagram of a configuration example according to the present embodiment.
Note that a module generally refers to a component such as software (computer program) and hardware that can be logically separated. Therefore, the module in the present embodiment indicates not only a module in a computer program but also a module in a hardware configuration. Therefore, the present embodiment is directed to a computer program for causing these modules to function as a program (a program for causing a computer to execute each procedure, a program for causing a computer to function as each means, ), And a description of a system and a method. However, for the sake of explanation, “store”, “store”, and equivalent words are used. However, when the embodiment is a computer program, these words are stored in a storage device or stored. This means that control is performed so as to be stored in the device. Further, the modules may correspond to the functions on a one-to-one basis, but in implementation, one module may be configured with one program, a plurality of modules may be configured with one program, and conversely, one module may be configured. May be composed of a plurality of programs. Also, a plurality of modules may be executed by one computer, or one module may be executed by a plurality of computers in a distributed or parallel environment. Note that one module may include another module. Hereinafter, the term “connection” is used not only for a physical connection but also for a logical connection (data transmission / reception, instruction, reference relationship between data, and the like). "Predetermined" means that the process is determined before the process of interest, and not only before the process according to the present embodiment starts but also after the process according to the present embodiment starts. Also, before the target processing, it is used in accordance with the situation / state at that time or with the intention of being determined according to the situation / state up to that time. When there are a plurality of "predetermined values", the values may be different from each other, or two or more values (including all values, of course) may be the same. In addition, a description having a meaning of “if it is A, do B” is used to mean “determine whether or not it is A, and if it is A, do B”. However, this does not apply to cases where it is not necessary to determine whether or not it is A.
In addition, a system or an apparatus is configured by connecting a plurality of computers, hardware, apparatuses, and the like by communication means such as a network (including one-to-one correspondence communication connection), and one computer, hardware, and apparatus. Etc. are also included. “Apparatus” and “system” are used as synonymous terms. Of course, the “system” does not include anything that is merely a social “mechanism” (social system) that is an artificial arrangement.
In addition, for each process performed by each module or when a plurality of processes are performed in a module, target information is read from the storage device, and after performing the process, the processing result is written to the storage device. is there. Therefore, description of reading from the storage device before processing and writing to the storage device after processing may be omitted. Note that the storage device here may include a hard disk, a RAM (Random Access Memory), an external storage medium, a storage device via a communication line, a register in a CPU (Central Processing Unit), and the like.

The information processing apparatus 100 according to the present embodiment has a function as a document management system and manages access rights. As shown in the example of FIG. 1, a user interface module 105, a document management DB 110, It has a keyword extraction module 115, a keyword reference history processing module 120, an access rule processing module 125, a keyword reference history DB 130, an access rule DB 135, and an unauthorized access notification module 145. In particular, if the document is accessed after the access right is set (that is, during operation of the document management system), it is determined whether or not the access right granted to the document may be illegal. To judge.
The document (hereinafter also referred to as an object) is mainly text data, and in some cases, electronic data (also referred to as a file) such as a figure, an image, a moving image, and audio, or a combination thereof, and is stored, edited, searched, and the like. And those that can be exchanged as individual units between systems or users, including those similar to these. Specifically, it includes a document, a Web page, and the like created by the document creation program.

The user terminal 190 is connected to the user interface module 105 of the information processing apparatus 100, and is used by a user who accesses a document. The administrator terminal 195 is connected to the access rule information display module 140 and the unauthorized access notification module 145 of the information processing apparatus 100, and can be operated by the administrator of the information processing apparatus 100, the boss of the user who uses the user terminal 190, or the like. used. The user terminal 190 and the administrator terminal 195 are a personal computer, a mobile terminal (a mobile phone including a smartphone, etc.) having a communication function, and the like.
The user interface module 105 has an access rule information display module 140, and is connected to the document management DB 110, the unauthorized access notification module 145, the access rule DB 135, the user terminal 190, and the administrator terminal 195. The user interface module 105 provides a user interface to the user terminal 190 and the administrator terminal 195 in order to use the functions of the information processing apparatus 100. For example, a user interface (functional parts for display and input) for causing the user terminal 190 to search for a document stored in the document management DB 110 is generated.

The document management DB 110 is connected to a user interface module 105, a keyword extraction module 115, and a keyword reference history processing module 120. The document management DB 110 has a role as a database in a so-called document management system. The contents stored in the document management DB 110 include document metadata, document contents, and the like. The document access right is also held here. A document and a keyword related to the document are stored in association with each other. The document management DB 110 stores, for example, a document management table 400 and an object access right table 500.
FIG. 4 is an explanatory diagram showing an example of the data structure of the document management table 400. The document management table 400 has an object ID column 410 and a keyword column 420. The object ID column 410 stores information (object ID: IDentification) for uniquely identifying a document in the present embodiment. The keyword column 420 stores keywords relating to the document.

FIG. 5 is an explanatory diagram showing an example of the data structure of the object access right table 500. The object access right table 500 is used for access right management, and has an object ID column 510 and an access right column 520. The object ID column 510 stores an object ID. The access right column 520 stores the access right of the document indicated by the object ID. The object access right table 500 may be prepared for each type of access right (reference right, edit right, delete right, etc.), or the object access right table may be prepared using a general ACL (Access Control List). The table 500 may be constructed.
Note that the object access right table 500 may be configured so that the access right of the registered document can be manually set or changed when the document is registered in the document management DB 110. That is, the user may arbitrarily set the document access right.

The keyword extraction module 115 is connected to the document management DB 110. The keyword extraction module 115 extracts, from a document, a phrase serving as a keyword of a rule (also referred to as an access rule) in the access rule DB 135. For example, the contents of a document may be subjected to natural language processing to extract keywords. As the natural language processing, specifically, morphological analysis, tf-idf (Term Frequency Inverse Document Frequency), keyword extraction using a document structure, and the like are used. The keyword extraction using the document structure is to extract words in a title, a table of contents, an index, and the like in a document as keywords. Alternatively, keywords may be extracted for attributes of the document (document name, owner, creation date, update date, etc.).
Note that the keyword extraction module 115 may use, as keywords, a document attribute or a specific phrase specified by the user, in addition to the automatically extracted keywords. In a specific usage situation, when the user recognizes a clear keyword, specifying the keyword enables efficient creation of an access rule.

  The keyword reference history processing module 120 is connected to the document management DB 110 and the access rule processing module 125. The keyword reference history processing module 120 counts the history information for each keyword corresponding to the document accessed in the document management DB 110 and stores it in the keyword reference history DB 130.

  The keyword reference history DB 130 is connected to the access rule processing module 125. The keyword reference history DB 130 stores the result of counting by the keyword reference history processing module 120 (the number of times of reference for each keyword). The keyword reference history DB 130 stores, for example, a keyword reference history table 600. FIG. 6 is an explanatory diagram showing an example of the data structure of the keyword reference history table 600. The keyword reference history table 600 has a keyword column 610, a User-81 column 681, a User-82 column 682, and the like. The keyword column 610 stores keywords. The User-81 column 681 stores a user or a group. For example, the User-81 column 681 stores the number of times of reference by User-81. The User-82 column 682 stores the number of times of reference by User-82. More specifically, in the example of FIG. 6, User-81 indicates that the document to which the keyword "A project" is attached is accessed 15 times. When a plurality of keywords correspond to one document, one is added to the number of references for each of those keywords.

  The access rule processing module 125 is connected to the keyword reference history processing module 120, the keyword reference history DB 130, the access rule DB 135, and the unauthorized access notification module 145. When a user accesses a document, if the combination of the keyword corresponding to the document and the user is not included in the rule in the keyword reference history table 600, the access rule processing module 125 sends the unauthorized access notification module 145 Control is performed so as to notify that there is a possibility that an unauthorized access right to the document may be set to the user. When this notification is made, the user is prohibited from accessing the document. When a user accesses a document and the combination of the keyword corresponding to the document and the user is within the rules in the keyword reference history table 600, the user is not notified and the user is notified of the document. Make access.

Further, the access rule processing module 125 determines that the combination of the keyword corresponding to the document and another second user (B) in the group to which the user (A) belongs (the combination of the keyword and the user (B)) If not, a notification may be sent to the effect that the user (A) may have an unauthorized access right to the document. Here, the following two conditions are set.
(Condition 1) When a user accesses a document, the combination of the keyword corresponding to the document and the user is not included in the rule. (Condition 2) The keyword corresponding to the document and another combination in the group to which the user belongs. The combination of the second user is not in the rules. If these two conditions are met, a notification is given to the effect that the user may have unauthorized access to the document. Is also good.
If the condition 1 is not satisfied or the condition 2 is not satisfied, the user is allowed to access the document without notification.

  Further, the access rule processing module 125 increases the number of times of reference to the keyword corresponding to the document when the document is accessed, and when the number of times of reference exceeds or exceeds a predetermined threshold value, May be generated in accordance with the user. Specifically, when a document is accessed, one is added to the keyword and the number of times the user who accessed the keyword reference history table 600 in the keyword reference history DB 130 references the document. Then, when the number of times of reference is greater than or greater than a predetermined threshold, a rule (combination of keyword and user) is added to the access rule table 700 in the access rule DB 135. Of course, if the rule already exists in the access rule table 700, nothing is done.

The access rule DB 135 is connected to the access rule processing module 125 and the access rule information display module 140 of the user interface module 105. The access rule DB 135 stores a rule that associates a keyword generated by the access rule processing module 125 with a user. The access rule DB 135 stores, for example, an access rule table 700. FIG. 7 is an explanatory diagram showing an example of the data structure of the access rule table 700. The access rule table 700 has an access rule ID column 710, a keyword column 720, and an accessible user column 730. The access rule ID column 710 stores information (access rule ID) for uniquely identifying an access rule in the present embodiment. The keyword column 720 stores a keyword. The accessible user column 730 stores users who can access the document to which the keyword is attached.
If the document is accessed by the user (A) and the user (A) is not included in the accessible user column 730 of the keyword row assigned to the document (if the rule is violated), It is determined that there is a possibility that the access right is set incorrectly. For example, the keyword “A project” is assigned to the accessed document, and the user who accessed the document is “User-81”, “User-91”, “User-111”, “User-92”, “User-92”. If the value is other than "-93", it is determined that there is a possibility that an unauthorized access right to the document is set for the user.
On the other hand, when the document is accessed by the user (A), and the user (A) is included in the accessible user column 730 of the keyword row assigned to the document (when the rule is not violated). Determines that the setting is not an unauthorized access right.
Note that the above-described example shows a case where only one keyword is assigned to a document. In the case where there is a plurality, if one or more of the keywords is not included in the accessible user column 730, it may be determined that there is a possibility of setting an unauthorized access right. Conversely, for all keywords, it may be determined that the setting is not an improper access right, provided that the user is included in the accessible user column 730. In addition, using the result of comparing the number or ratio of keywords that do not violate the rule ((the number of keywords that do not violate the rule) / (the total number of keywords assigned to the document)) with a predetermined threshold value, It may be determined whether there is a possibility of setting an access right. More specifically, if the number or ratio of the keywords is greater than or equal to a predetermined threshold, it may be determined that there is no possibility of setting an unauthorized access right. If the number or ratio of the keywords is less than or less than a predetermined threshold value, it may be determined that there is a possibility of setting an unauthorized access right.

The unauthorized access notification module 145 is connected to the access rule processing module 125 and the administrator terminal 195. Under the control of the access rule processing module 125, the unauthorized access notification module 145 notifies the user that the unauthorized access right to the target document may be set to the target user. The notification may be an email, a chat, an electronic bulletin board, a notification using social media, a push notification, or the like.
Further, a notification may be made to a manager or a document owner as a notification destination. The administrator may include an administrator of the information processing apparatus 100, a supervisor of a target user, and the like. The owner of the document may include the creator of the document.
In this case, the target user may not be included in the notification destination.
In addition, when notifying the target user, a different notification from the notification to the administrator or the document owner may be performed. For example, a message such as "confirming access right" or "no access right" may be displayed for the target user.

  For example, when an access of User-X suddenly occurs in a document including a “functional specification” in a title, the document is notified to an administrator or a document owner. In other words, a document including the keyword “functional specification” is a document that has not been accessed by User-X until now, and therefore, there is a possibility that an access right may have been improperly set. More specifically, in the keyword reference history table 600, the keyword “Function Specification” of User-X has a reference count of 0, so the access rule table 700 is accessible to the keyword “Function Specification”. User column 730 does not include User-X. Therefore, a notification is given to the effect that an unauthorized access right to the target document may be set in User-X.

The access rule information display module 140 is connected to the access rule DB 135 and the administrator terminal 195. The access rule information display module 140, when a notification (a notification that an unauthorized access right may be set) is issued by the unauthorized access notification module 145, after or simultaneously with the notification, A first display for changing an access right or a second display for changing a rule is performed. As a result of confirming the access right of the document by the notified person, if it is determined that the access right is unauthorized, the access right of the document is changed by the first display. If the person receiving the notification confirms the access right to the document and determines that the access right is valid, the rule is changed by the second display.
Further, the access rule information display module 140 may display the access rule table 700 in the access rule DB 135 and enable the access rule table 700 to be edited.

FIG. 2 is an explanatory diagram showing a system configuration example using the present embodiment.
The information processing device 100, the user terminal 190A, the user terminal 190B, the user terminal 190C, the administrator terminal 195, and the user / group management device 250 are connected via a communication line 290. The communication line 290 may be wireless, wired, or a combination thereof, and may be, for example, the Internet or an intranet as a communication infrastructure. Further, the function of the information processing apparatus 100 may be realized as a cloud service.
The user terminal 190 accesses a document in the information processing device 100 by a user operation. If the information processing apparatus 100 determines that there is a possibility that an unauthorized access right to the document has been set for the user, the information processing apparatus 100 notifies the administrator terminal 195 of that fact.

The user / group management device 250 is accessed by the information processing device 100 and stores information indicating which group the user belongs to. The user / group management device 250 stores, for example, a user property table 800. FIG. 8 is an explanatory diagram showing an example of the data structure of the user property table 800. The user property table 800 has an object ID column 810, a belonging group column 820, an attribute A column 830A, an attribute X column 830X, and the like. The object ID column 810 stores an object ID that is information for uniquely identifying an object in the present embodiment. The belonging group column 820 stores the group to which the user indicated by the object ID belongs. The attribute A column 830A stores the attribute A of the user (for example, an e-mail address, a name, an e-mail address of a boss, etc.). The attribute X column 830X stores the attribute X of the user.
The user / group management apparatus 250 uses the user property table 800 to request the user when the information processing apparatus 100 requests a survey of “another user (B) in the group to which the user (A) belongs”. The group to which (A) belongs is extracted, the user (B) belonging to the group is extracted, and the user (B) is returned to the information processing apparatus 100.

FIG. 3 is a flowchart illustrating a processing example according to the present embodiment. Specifically, it is a flowchart illustrating a processing example of the access rule processing module 125.
In step S300, the process is started by a user's access.
In step S302, keywords of the object (document) are extracted.
In step S304, the keyword reference history DB 130 is updated.
In step S306, it is determined whether or not any of the keywords exceeds the threshold value in the keyword reference history DB 130. If any of the keywords exceeds the threshold, the process proceeds to step S308. Otherwise, the process proceeds to step S310.
In step S308, the access rule DB 135 is updated.
In step S310, it is determined whether or not there is a keyword access rule. If yes, the process proceeds to step S312; otherwise, the process proceeds to step S318.

In step S312, it is determined whether or not the user is included in the access rule of the keyword. If the user is included, the process proceeds to step S318; otherwise, the process proceeds to step S314.
In step S314, it is determined whether or not users belonging to the same group are in the access rule. If yes, the process proceeds to step S316; otherwise, the process proceeds to step S320.
In step S316, the access rule DB 135 is updated.
In step S318, it is determined whether or not all keywords have been checked. If checked, the process ends (step S399); otherwise, the process returns to step S310.
In step S320, a mail notification is sent to the manager / owner.
Steps S314 and S316 may be omitted. That is, if No in step S312, the process of step S320 may be performed.

For example, when a user accesses a document, the following processing is performed. It is assumed that an access right is set to the user for the document. That is, the object access right table 500 includes a combination of the object ID of the document and the user ID of the user.
The keyword of the accessed object (document) is extracted from the document management table 400 in the document management DB 110 (step S302).
For the extracted keyword, the reference history count of the user is increased by one in the keyword reference history table 600 in the keyword reference history DB 130 (step S304).
Check all keywords, and if there is any access that is equal to or greater than the threshold value in the keyword reference history DB 130 (Yes in step S306), add it to the access rule table 700 of the access rule DB 135 (step S308).

Check whether or not the extracted keyword includes a user in the keyword accessible user column 730 (access rule) in the access rule table 700 (step S310).
If the access rule includes a user (Yes in step S312), no processing is performed, and if there is a keyword that has not been checked (No in step S318), the next keyword is checked (step S318). Return to S310).
If the access rule does not include a user (No in step S312), the user of the group to which the user belongs is included in the access rule using the user property table 800 in the user / group management device 250. In this case (Yes in step S314), the user is added to the corresponding access rule in the access rule DB 135 (step S316).
If the access rule does not include a user (No in step S312), and if the user of the group to which the user belongs is not included in the access rule (No in step S314), there is a possibility of impropriety. Judge and notify the manager or owner (step S320).

The following describes three use cases. In each case, it is assumed that the user has an access right to the document.
(1) When the User-81 accesses the Document-123 From the document management table 400 shown in the example of FIG. 4, two keywords of the Document-123 are "budget" and "A project". From the access rule table 700 shown in the example of FIG. 7, since User-81 is a user who can access both the access rules (access rule IDs: 6 and 1) of “budget” and “A project”, it is determined that the access is illegal. I will not admit it.

(2) When User-91 Accesses Document-123 From the document management table 400 shown in the example of FIG. 4, two keywords of Document-123 are “budget” and “A project”. From the access rule table 700 shown in the example of FIG. 7, User-91 is a user who can access only the “A project” with the access rule, and is not a user who can access the “budget” access rule.
Further, members (User-92, User-93) of “Project A Development G” to which User-91 belongs are extracted from the user property table 800 illustrated in the example of FIG. 8, and the members (User-92, User-92, User-93) also determines from the access rule table 700 shown in the example of FIG. 7 that there is a possibility of unauthorized access because it is not a member of the “budget” access rule, and notifies the administrator or the owner. I do.

(3) When the User-83 accesses the Document-123 From the document management table 400 shown in the example of FIG. 4, two keywords of the Document-123 are "budget" and "A project". From the access rule table 700 shown in the example of FIG. 7, User-83 is a user who can access only the “B project” with the access rule, and is not a user who can access the “budget” access rule.
Next, the members (User-81, User-82) of the “planning group” to which User-83 belongs are extracted from the user property table 800 shown in the example of FIG. 8, and among them, User-81 and User-82 are extracted. Since 82 is a member of the access rule of “budget” from the access rule table 700 shown in the example of FIG. 7, it is determined that the possibility of access fraud is low. Then, the access count of the keyword reference history table 600 of the keyword reference history DB 130 is updated, and User-83 is added to the rule ID: 6 of the access rule table 700 of the access rule DB 135. The condition for establishing the access rule may be that all members of the group (not including the target user) are in the accessible user column 730 of the corresponding keyword in the access rule table 700, May be in the accessible keyword column 730 of the corresponding keyword in the access rule table 700, or the number of members in the accessible keyword column 730 of the corresponding keyword in the access rule table 700. Or whether there is a possibility of setting an unauthorized access right using the comparison result of the ratio ((number of members not violating the rules) / (total number of members belonging to the group)) and a predetermined threshold value It may be determined whether or not it is. More specifically, if the number or ratio of the members is greater than or equal to a predetermined threshold value, it may be determined that there is no possibility of setting an unauthorized access right. If the number or ratio of the members is less than or less than a predetermined threshold value, it may be determined that there is a possibility of setting an unauthorized access right.

The warning area 910 displayed on the screen 900 of the administrator terminal 195 by the unauthorized access notification module 145 or the access rule information display module 140 will be described. FIG. 9 is an explanatory diagram showing a display example of the warning area 910.
A warning area 910 is displayed on a screen 900 of a display device such as a liquid crystal display of the administrator terminal 195.
In the warning area 910, a document attribute table 920, an applied access rule table 930, a violation indication icon 940, a rule correction button 952, and an access right change button 954 are displayed. The document attribute table 920 corresponds to the document management table 400, and has an object ID column 922 and a keyword column 924. The object ID column 922 displays an object ID indicating the accessed document. The keyword column 924 displays keywords in the document.
The applied access rule table 930 corresponds to the access rule table 700, and has an access rule ID column 932, a keyword column 934, and an accessible user column 936. The access rule ID column 932 displays the applied access rule ID. The keyword column 934 displays a keyword in the access rule. The accessible user column 936 displays accessible users corresponding to the keywords in the access rule.

For example, in the warning area 910, "Document-123" was accessed by "User-91". However, access rights may have been granted improperly. The reason is as follows. Is displayed. Then, the corresponding part of the document management table 400 of the target document is displayed as the document attribute table 920, and the corresponding part of the access rule table 700 of the applied rule is displayed as the applied access rule table 930. Then, for example, the violation indication icon 940 may be displayed in the line of the rule violating in the applied access rule table 930.
When the user (administrator or the like) of the administrator terminal 195 determines that the target user “User-91” should be allowed to access the document, an operation of selecting the rule modification button 952 Is performed, and “User-91” is added to the accessible user column 936 of the line indicated by the violation indication icon 940 in the applied access rule table 930. Then, the corresponding part of the access rule table 700 is corrected to reflect the addition. If the user of the administrator terminal 195 determines that the target user “User-91” should not be allowed to access the document, an operation of selecting the access right change button 954 is performed. Correction is made to delete "User-91" from the access right column 520 corresponding to "Document-123" in the object access right table 500.

  The hardware configuration of a computer that executes the program according to the present embodiment is a general computer as illustrated in FIG. 10, and specifically includes a personal computer, a computer that can be a server, and the like. That is, as a specific example, the CPU 1001 is used as a processing unit (arithmetic unit), and the RAM 1002, the ROM 1003, and the HD 1004 are used as storage devices. As the HD 1004, for example, a hard disk or an SSD (Solid State Drive) may be used. CPU 1001 that executes programs such as user interface module 105, keyword extraction module 115, keyword reference history processing module 120, access rule processing module 125, access rule information display module 140, unauthorized access notification module 145, and stores the programs and data RAM 1002, a ROM 1003 storing a program for starting the computer, etc., and an auxiliary storage device (even a flash memory or the like) having functions as a document management DB 110, a keyword reference history DB 130, an access rule DB 135, and the like. A receiving device 1006 for receiving data based on a user's operation on a keyboard, a mouse, a touch panel, a microphone, and the like; T, an output device 1005 such as a liquid crystal display and a speaker, a communication line interface 1007 for connecting to a communication network such as a network interface card, and a bus 1008 for exchanging data by connecting them. . A plurality of these computers may be connected to each other by a network.

Of the above-described embodiments, the ones according to the above-described embodiments are implemented by causing a system having the present hardware configuration to read a computer program which is software, and the software and hardware resources cooperate with each other. Is realized.
Note that the hardware configuration shown in FIG. 10 shows only one configuration example, and the present embodiment is not limited to the configuration shown in FIG. 10 but has a configuration capable of executing the modules described in this embodiment. I just need. For example, some modules may be configured by dedicated hardware (for example, an application specific integrated circuit (ASIC) or the like), and some modules may be in an external system and connected by a communication line. Alternatively, a plurality of systems shown in FIG. 10 may be connected to each other by a communication line so as to operate in cooperation with each other. In particular, in addition to personal computers, portable information communication devices (including mobile phones, smartphones, mobile devices, wearable computers, etc.), information appliances, robots, copiers, fax machines, scanners, printers, and multifunction devices (scanners, printers, An image processing apparatus having at least two functions, such as a copying machine and a facsimile, may be incorporated.

  Further, in the description of the above-described embodiment, in the comparison with a predetermined value, “greater than”, “less than”, “greater than”, and “smaller (less than)” are contradictory to the combination. As long as does not occur, they may be "greater than", "smaller (less than)", "greater than" and "less than", respectively.

The above-described program may be provided by being stored in a recording medium, or the program may be provided by a communication unit. In this case, for example, the above-described program may be regarded as an invention of a “computer-readable recording medium on which the program is recorded”.
The “computer-readable recording medium on which the program is recorded” refers to a computer-readable recording medium on which the program is recorded, which is used for installing, executing, and distributing the program.
The recording medium is, for example, a digital versatile disk (DVD), which is a standard defined by the DVD Forum, such as "DVD-R, DVD-RW, DVD-RAM, etc.", and DVD + RW. Blu-ray discs such as "DVD + R, DVD + RW, etc." which are standards, compact discs (CDs) such as read-only memory (CD-ROM), CD recordable (CD-R), CD rewritable (CD-RW), etc. Blu-ray (registered trademark) Disc), magneto-optical disk (MO), flexible disk (FD), magnetic tape, hard disk, read-only memory (ROM), electrically erasable and rewritable read-only memory (EEPROM (registered trademark) )), Flash memory, random access memory (RAM) , SD (Secure Digital) memory card, and the like.
Then, the program or a part thereof may be recorded on the recording medium and stored or distributed. In addition, the communication may be, for example, a wired network used for a local area network (LAN), a metropolitan area network (MAN), a wide area network (WAN), the Internet, an intranet, an extranet, or a wireless communication. The data may be transmitted using a transmission medium such as a network or a combination thereof, or may be transmitted on a carrier wave.
Furthermore, the above-mentioned program may be a part of another program, or may be recorded on a recording medium together with a separate program. Further, the program may be divided and recorded on a plurality of recording media. Further, the program may be recorded in any form as long as it can be restored, such as compression or encryption.

100: Information processing device 105: User interface module 110: Document management DB
115 ... Keyword extraction module 120 ... Keyword reference history processing module 125 ... Access rule processing module 130 ... Keyword reference history DB
135 ... Access rule DB
140: Access rule information display module 145: Unauthorized access notification module 190: User terminal 195: Administrator terminal 250: User / group management device 290: Communication line

Claims (15)

First storage means for storing a document and a keyword related to the document in association with each other;
Second storage means for storing a rule that associates a keyword with a user;
When a user accesses a document, if the combination of the keyword and the user corresponding to the document is not included in the rules, it is likely that an unauthorized access right to the document may be set to the user. A notification means for notifying ,
When a document is accessed, the number of times of reference to the keyword corresponding to the document is increased, and when the number of times of reference is greater than or greater than a predetermined threshold, a rule is generated that associates the user with the keyword. a generating unit that possess,
The second storage unit stores a rule generated by the generation unit,
Information processing device. First storage means for storing a document and a keyword related to the document in association with each other;
Second storage means for storing a rule that associates a keyword with a user;
When the user accesses the document, the combination of the keyword corresponding to the document and the user is not in the rule, and the keyword corresponding to the document and another second user in the group to which the user belongs An information processing apparatus comprising: a notifying unit that notifies that there is a possibility that an unauthorized access right to the document may be set to the user when the combination of the documents is not included in the rule. First storage means for storing a document and a keyword related to the document in association with each other;
Second storage means for storing a rule that associates a keyword with a user;
When a user accesses a document, if the combination of the keyword and the user corresponding to the document is not included in the rules, it is likely that an unauthorized access right to the document may be set to the user. have a notification means for performing notification,
The notifying unit notifies a manager or an owner of the document,
Information processing device. First storage means for storing a document and a keyword related to the document in association with each other;
Second storage means for storing a rule that associates a keyword with a user;
When a user accesses a document, if the combination of the keyword and the user corresponding to the document is not included in the rules, it is likely that an unauthorized access right to the document may be set to the user. have a notification means for performing notification,
The notifying unit performs a first display for changing the access right of the document or a second display for changing the rule;
Information processing device. First storage means for storing a document and a keyword related to the document in association with each other;
Second storage means for storing a rule that associates a keyword with a user;
When a user accesses a document, if the combination of the keyword and the user corresponding to the document is not included in the rules, it is likely that an unauthorized access right to the document may be set to the user. A notification means for notifying ,
An information processing apparatus comprising a prohibition unit for prohibiting the user from accessing the document when the notification is performed by the notification unit. When a document is accessed, the number of times of reference to the keyword corresponding to the document is increased, and when the number of times of reference is greater than or greater than a predetermined threshold, a rule is generated that associates the user with the keyword. Generating means for performing
The second storage unit stores a rule generated by the generation unit,
The information processing apparatus according to claim 2 . The notification means is configured such that when the combination of the keyword corresponding to the document and another second user in the group to which the user belongs is not in the rule, an unauthorized access right to the document is given to the user. Notify that it may be set,
The information processing device according to claim 1. The notifying unit notifies a manager or an owner of the document,
Claim 1, the information processing apparatus according to any one of 2, 4 and 5. The notifying unit performs a first display for changing the access right of the document or a second display for changing the rule;
The information processing apparatus according to any one of claims 1 3, 5. The notification when the notification is performed by means The apparatus according to any one of claims 1 to 4 which further have a prohibiting means for prohibiting access to the document by the user. Computer
First storage means for storing a document and a keyword related to the document in association with each other;
Second storage means for storing a rule that associates a keyword with a user;
When a user accesses a document, if the combination of the keyword and the user corresponding to the document is not included in the rules, it is likely that an unauthorized access right to the document may be set to the user. A notification means for notifying ,
When a document is accessed, the number of times of reference to the keyword corresponding to the document is increased, and when the number of times of reference is greater than or greater than a predetermined threshold, a rule is generated that associates the user with the keyword. to function as a generating unit that,
The second storage unit stores a rule generated by the generation unit,
Information processing program. Computer
First storage means for storing a document and a keyword related to the document in association with each other;
Second storage means for storing a rule that associates a keyword with a user;
When the user accesses the document, the combination of the keyword corresponding to the document and the user is not in the rule, and the keyword corresponding to the document and another second user in the group to which the user belongs An information processing program for functioning as notifying means for notifying that there is a possibility that an unauthorized access right to the document may be set to the user when the combination of the documents is not in the rule. Computer
First storage means for storing a document and a keyword related to the document in association with each other;
Second storage means for storing a rule that associates a keyword with a user;
When a user accesses a document, if the combination of the keyword and the user corresponding to the document is not included in the rules, it is likely that an unauthorized access right to the document may be set to the user. Function as a notification means for notifying ,
The notifying unit notifies a manager or an owner of the document,
Information processing program. Computer
First storage means for storing a document and a keyword related to the document in association with each other;
Second storage means for storing a rule that associates a keyword with a user;
When a user accesses a document, if the combination of the keyword and the user corresponding to the document is not included in the rules, it is likely that an unauthorized access right to the document may be set to the user. Function as a notification means for notifying ,
The notifying unit performs a first display for changing the access right of the document or a second display for changing the rule;
Information processing program. Computer
First storage means for storing a document and a keyword related to the document in association with each other;
Second storage means for storing a rule that associates a keyword with a user;
When a user accesses a document, if the combination of the keyword and the user corresponding to the document is not included in the rules, it is likely that an unauthorized access right to the document may be set to the user. A notification means for notifying ,
An information processing program for functioning as a prohibition unit that prohibits the user from accessing the document when the notification is performed by the notification unit .

Images