TW201331783A - Method for accessing protected digital document and system thereof - Google Patents
Method for accessing protected digital document and system thereof Download PDFInfo
- Publication number
- TW201331783A TW201331783A TW101102066A TW101102066A TW201331783A TW 201331783 A TW201331783 A TW 201331783A TW 101102066 A TW101102066 A TW 101102066A TW 101102066 A TW101102066 A TW 101102066A TW 201331783 A TW201331783 A TW 201331783A
- Authority
- TW
- Taiwan
- Prior art keywords
- protected file
- file
- user
- network
- web browser
- Prior art date
Links
Landscapes
- Information Transfer Between Computers (AREA)
- Storage Device Security (AREA)
Abstract
Description
本發明有關於受保護電子文件的權限管理方法與其系統,尤其是關於免安裝文件安全性控管軟體的受保護文件存取方法與其系統。The invention relates to a method for managing rights of a protected electronic file and a system thereof, in particular to a protected file access method and system thereof for the installation-free file security control software.
在保護電子檔案之版權權限管理(privileges management)方面,習知方式之一通常會採取的方式是在客戶端(client)安裝加解密應用程式(AP)。使用者需要輸入帳號、密碼存取該檔案,而加解密程式會以使用者輸入之帳號、密碼藉由與網路連線,向認證伺服器(Authentication,Authorization & Accounting Server)查詢,藉以辨識該使用者身份。當身份認證通過後,認證伺服器會將使用者對應之權利(rights,是組織之外的人所獲的授權)、或權限(privileges,是組織之內的人所獲的授權)傳回客戶端應用程式。此時應用程式會依據所回傳的權利或權限,決定使用者對此檔案可以執行的動作,如唯讀、可寫入、可列印等等動作。One of the conventional ways of protecting privileges management of electronic archives is to install an encryption and decryption application (AP) on the client. The user needs to input the account number and password to access the file, and the encryption/decryption program queries the authentication server (Authentication, Authorization & Accounting Server) by using the account and password input by the user to identify the account. User identity. When the identity authentication is passed, the authentication server will pass the user's corresponding rights (rights, the authorization obtained by the person outside the organization), or the authority (privileges, the authorization obtained by the person within the organization) to the client. End application. At this point, the application will determine the actions that the user can perform on the file, such as read-only, writable, printable, etc., depending on the rights or permissions returned.
由上述可知,一份受到保護的文件,當傳遞給使用者閱讀時,使用者都需要安裝相對應的一個文件安全性控管軟體,並通過上述的認證,才能閱讀(或修改)電子文件。安裝加解密應用程式軟體是一個額外的負擔。It can be seen from the above that a protected file is required to be installed by the user to install a corresponding file security control software, and the above-mentioned authentication can read (or modify) the electronic file. Installing the encryption and decryption application software is an additional burden.
針對上述技術缺失,本發明乃提供一系統與方法,於此一方法下,客戶端可免除安裝文件安全性控管軟體,卻可以存取受保護的電子文件。In view of the above-mentioned technical deficiencies, the present invention provides a system and method. Under this method, the client can exempt the installation file security control software but can access the protected electronic file.
本發明所欲解決的技術問題是,在客戶端可免安裝文件安全性控管軟體的情況下,仍可以存取受保護文件。本發明主要是利用使用者端作業平台上已經存在的瀏覽工具,進行受保護文件的閱讀,讓使用者享受不需要額外安裝相關軟體,就可以通過認證且閱讀文件的便利。The technical problem to be solved by the present invention is that the protected file can still be accessed if the client can install the file security control software. The invention mainly utilizes the browsing tool already existing on the user-side operating platform to read the protected file, so that the user can enjoy the convenience of authenticating and reading the file without the need to additionally install the related software.
為了解決上述問題,本發明讓一使用者端以網頁瀏覽器連結一網路服務器即可閱讀受保護的文件,方法包含下列步驟:(a)於所述使用者端開啟一網頁瀏覽器程式,經由一網路連結至所述網路服務器,所述網路服務器經由所述網路提供一虛擬應用服務;(b)因應使用者端選擇之受保護文件,所述虛擬應用服務啟動用以閱讀所述受保護文件的一應用程式,並開啟所述受保護文件;(c)將開啟的文件影像傳輸到使用者端,供使用者端於網頁瀏覽器程式上操作。In order to solve the above problem, the present invention allows a user to access a protected file by connecting to a web server with a web browser. The method includes the following steps: (a) opening a web browser program on the user end, Linking to the web server via a network, the web server provides a virtual application service via the network; (b) the virtual application service is activated for reading in response to the protected file selected by the user end An application of the protected file, and opening the protected file; (c) transmitting the opened file image to the user end for the user to operate on the web browser program.
為了解決上述問題,本發明的系統讓一使用者端以網頁瀏覽器連結一網路服務器即可閱讀受保護的文件,此系統包含:一第一人端,將受保護文件傳送至一網路服務器,取回所述受保護文件的所在位置,將所述所在位置藉由一網路通知一使用者端;所述使用者端,開啟一網頁瀏覽器程式經由所述網路連結至所述網路服務器;所述網路服務器,因應使用者端選擇之受保護文件,經由所述網路提供一虛擬應用服務,且所述虛擬應用服務啟動用以閱讀所述受保護文件的一應用程式,並開啟所述受保護文件,將開啟的文件影像傳輸到使用者端,供使用者端於網頁瀏覽器程式上操作。In order to solve the above problem, the system of the present invention allows a user to access a protected file by connecting to a web server with a web browser. The system includes: a first person, transmitting the protected file to a network. Retrieving, by the server, a location of the protected file, and notifying the user of the location by using a network; the user end, opening a web browser program to connect to the a web server that provides a virtual application service via the network in response to the protected file selected by the user end, and the virtual application service launches an application for reading the protected file And opening the protected file, and transmitting the opened file image to the user end for the user to operate on the web browser program.
本發明之其他詳細特徵及特點,可由以下方法或終端系統的實施方式的說明以及申請專利範圍得知。Other detailed features and characteristics of the present invention will be apparent from the description of the following methods or embodiments of the end system and the scope of the claims.
本創作以下所稱之受保護文件,為最廣義的電子資料或資訊,其可能包含文字、方程式、聲音、影像、圖形、動畫等等攜帶資訊的任何資料文件。The protected documents referred to below in this creation are the most comprehensive electronic materials or information, which may contain any information files such as words, equations, sounds, images, graphics, animations, etc.
本創作以下所稱之使用者端或第一人端可例如但不限於客戶端電腦,如桌上型、可攜式電腦、網路伺服器,或手持通訊系統,如智慧型手機,其具有與網路連線的認證功能,而能接收或傳輸一受保護文件。例如iPod,iPad,iPhone或其他廠牌的個人電腦或伺服器等等皆屬於使用者端或第一人端使用的終端機。本創作以下所稱之網路服務器則可以是一般性的伺服器(server)。The user or first person referred to herein below may be, for example but not limited to, a client computer such as a desktop, a portable computer, a web server, or a handheld communication system, such as a smart phone, having An authentication function that is connected to the Internet and can receive or transmit a protected file. For example, an iPod, an iPad, an iPhone or other brand of personal computers or servers, etc., belong to the terminal used by the user or the first person. The web server referred to below in this creation can be a general server.
如圖1配合圖2所示,本發明供免安裝文件安全性控管軟體的受保護文件存取方法包含步驟(a),(b)及(c);其中(a)步驟執行:於所述使用者端25開啟一網頁瀏覽器程式250,經由一網路連結至所述網路服務器23,所述網路服務器23經由所述網路提供一虛擬應用服務230;(b)步驟執行:因應使用者端25選擇之受保護文件210,所述虛擬應用服務230啟動用以閱讀所述受保護文件210的一應用程式,並開啟所述受保護文件;(c)步驟執行:將開啟的文件影像傳輸到使用者端25,供使用者端於網頁瀏覽器程式250上操作。As shown in FIG. 1 and FIG. 2, the protected file access method for the installation file security control software of the present invention includes steps (a), (b) and (c); wherein (a) the step is performed: The user terminal 25 opens a web browser program 250, which is connected to the web server 23 via a network, and the web server 23 provides a virtual application service 230 via the network; (b) the step is performed: In response to the protected file 210 selected by the user terminal 25, the virtual application service 230 launches an application for reading the protected file 210 and opens the protected file; (c) step execution: will be turned on The file image is transmitted to the user terminal 25 for the user to operate on the web browser program 250.
前述網頁瀏覽器程式(browser)250亦稱為虛擬文件編輯器(virtual document editor)。The aforementioned web browser (browser) 250 is also referred to as a virtual document editor.
其中,所述使用者端25是一資料處理系統(如桌上型或可攜式電腦)或一通訊系統(如智慧型手機),所述受保護文件的所在位置232是由一第一人端21將一鏈結(link)訊息藉由該網路通知該使用者端25。The user terminal 25 is a data processing system (such as a desktop or portable computer) or a communication system (such as a smart phone), and the location of the protected file 232 is determined by a first person. The terminal 21 notifies the user terminal 25 of a link message via the network.
其中,所述網頁瀏覽器程式250(或稱虛擬文件編輯器)是選自具有(可支援)可程式(programmable)、互動(interactive)功能的可擴展標記語言(XML),而所述可擴展標記語言包括超文本標記語言(HTML 5)或具有類似功能者。所述虛擬應用服務250例如是一遠端桌面(remote desktop)。遠端桌面安裝有,例如,文件閱讀器,包括文書(word)、試算(excel)或簡報(powerpoint)等等閱讀器。The web browser program 250 (or virtual file editor) is selected from an extensible markup language (XML) having (supportable) programmable and interactive functions, and the expandable Markup languages include Hypertext Markup Language (HTML 5) or those with similar functionality. The virtual application service 250 is, for example, a remote desktop. The remote desktop is installed, for example, a file reader, and includes a reader such as a word, an excel, or a powerpoint.
其中此一方法進一步包括步驟(d):使用者端25於網頁瀏覽器程式250上的操作會傳回給虛擬應用服務230。The method further includes the step (d): the operation of the user terminal 25 on the web browser program 250 is passed back to the virtual application service 230.
利用此方式,使用者端25就不需要安裝任何新的軟體,利用原有的瀏覽工具,便可以閱讀受到保護的文件,而且文件本身也同樣受到網路伺服器上安裝的版權權限管理程式所保護。In this way, the user terminal 25 does not need to install any new software, and the protected file can be read by using the original browsing tool, and the file itself is also subject to the copyright authority management program installed on the network server. protection.
如圖3配合圖4所示,本發明第二實施例的受保護文件存取方法包含步驟(a),(b)及(c);其中(a)步驟執行:於所述使用者端25開啟一網頁瀏覽器程式(browser)250,經由一網路連結至所述網路服務器23且將所述受保護文件210送至所述網路服務器23,所述網路服務器23提供一虛擬應用服務230;(b)步驟執行:因應使用者端25所送至的受保護文件210,所述虛擬應用服務230啟動用以閱讀所述受保護文件210的一應用程式,並開啟所述受保護文件210;(c)步驟執行:將開啟的文件影像傳輸到使用者端25,供使用者端於網頁瀏覽器程式230上操作。As shown in FIG. 3, the protected file access method of the second embodiment of the present invention includes steps (a), (b) and (c); wherein the (a) step is performed: at the user terminal 25 Opening a web browser (browser) 250, connecting to the web server 23 via a network and sending the protected file 210 to the web server 23, the web server 23 providing a virtual application Service 230; (b) Step execution: In response to the protected file 210 sent by the user terminal 25, the virtual application service 230 launches an application for reading the protected file 210 and opens the protected file. File 210; (c) Step execution: Transfer the opened file image to the user terminal 25 for the user to operate on the web browser program 230.
其中,所述網頁瀏覽器程式250(或稱虛擬文件編輯器)是選自具有(可支援)可程式(programmable)、互動(interactive)功能的可擴展標記語言(XML),而所述可擴展標記語言包括超文本標記語言(HTML 5)或具有類似功能者。所述虛擬應用服務250例如是一遠端桌面(remote desktop)。遠端桌面安裝有,例如,文件閱讀器,包括文書(word)、試算(excel)或簡報(powerpoint)等等閱讀器。The web browser program 250 (or virtual file editor) is selected from an extensible markup language (XML) having (supportable) programmable and interactive functions, and the expandable Markup languages include Hypertext Markup Language (HTML 5) or those with similar functionality. The virtual application service 250 is, for example, a remote desktop. The remote desktop is installed, for example, a file reader, and includes a reader such as a word, an excel, or a powerpoint.
其中此一方法進一步包括步驟(d):使用者端25於網頁瀏覽器程式250上的操作會傳回給虛擬應用服務230。The method further includes the step (d): the operation of the user terminal 25 on the web browser program 250 is passed back to the virtual application service 230.
由上述的流程說明,可以得知本創作的預期目的確可達成,並達到預期的功效。From the above process description, it can be known that the intended purpose of the creation can be achieved and achieve the desired effect.
本創作的方法之實施例可實現於軟體、硬體、或硬體及軟體的結合。軟體可包含儲存於機械可讀取媒體之指令,用以使一資料處理系統執行實現上述方法之步驟。資料處理系統可包含一般用途處理器及/或可利用特殊的處理器,例如數位訊號處理器(DSP)、控制器、或客製化指令序列。Embodiments of the inventive method can be implemented in software, hardware, or a combination of hardware and software. The software can include instructions stored on the mechanically readable medium for causing a data processing system to perform the steps of implementing the methods described above. The data processing system can include a general purpose processor and/or can utilize a special processor, such as a digital signal processor (DSP), controller, or custom instruction sequence.
如圖2搭配圖1所示,實施本發明方法的一種執行受保護文件存取方法的系統包含:一第一人端21,將受保護文件210傳送至一網路服務器23,取回所述受保護文件的所在位置232,將所述所在位置232藉由一網路通知一使用者端25;所述使用者端25,開啟一網頁瀏覽器程式250經由所述網路連結至所述網路服務器23;所述網路服務器23,因應使用者端25選擇之受保護文件210,經由所述網路提供一虛擬應用服務230,且所述虛擬應用服務230啟動用以閱讀所述受保護文件的一應用程式,並開啟所述受保護文件210,將開啟的文件影像傳輸到使用者端25,供使用者端於網頁瀏覽器程式250上操作。As shown in FIG. 2, in conjunction with FIG. 1, a system for implementing a protected file access method for implementing the method of the present invention includes: a first person terminal 21, transmitting the protected file 210 to a network server 23, and retrieving the The location 232 of the protected file is used to notify the user terminal 25 of the location 232 by a network; the user terminal 25 opens a web browser program 250 to connect to the network via the network. The network server 23, in response to the protected file 210 selected by the user terminal 25, provides a virtual application service 230 via the network, and the virtual application service 230 is activated to read the protected An application of the file, and the protected file 210 is opened, and the opened file image is transmitted to the user terminal 25 for the user to operate on the web browser program 250.
其中,所在位置232對應一鏈結訊息(link),所在位置是由第一人端21將鏈結訊息藉由該網路通知該使用者端25。The location 232 corresponds to a link message, where the first person terminal 21 notifies the user terminal 25 of the link message through the network.
利用此方式,使用者就不需要安裝任何新的軟體,便可以閱讀受保護的文件,而且文件本身也同樣受到網路伺服器上版權權限管理程式的保護。In this way, the user can read the protected file without installing any new software, and the file itself is also protected by the copyright authority on the web server.
如圖4搭配圖3所示,實施本發明第二實施例方法的一種執行受保護文件存取方法的系統包含:一網路服務器23,提供一虛擬應用服務230;一使用者端25,開啟一網頁瀏覽器程式250經由所述網路連結至所述網路服務器23,且將一受保護文件210送至所述網路服務器23;其中,所述網路服務器的虛擬應用服務250,因應使用者端所送達的受保護文件210,啟動用以閱讀所述受保護文件的一應用程式,並開啟所述受保護文件210,將開啟的文件影像傳輸到使用者端25,供使用者端於網頁瀏覽器程式230上操作。所述受保護文件210可以以任意方式到達該使用者端25,例如由一第一人端傳送所述受保護文件210至使用者端25。As shown in FIG. 4, a system for executing a protected file access method for implementing the method of the second embodiment of the present invention includes: a network server 23 providing a virtual application service 230; and a user terminal 25, a web browser program 250 is coupled to the web server 23 via the network, and sends a protected file 210 to the web server 23; wherein the web application's virtual application service 250 responds The protected file 210 sent by the user end starts an application for reading the protected file, and opens the protected file 210, and transmits the opened file image to the user terminal 25 for the user end. Operate on the web browser program 230. The protected file 210 can arrive at the user terminal 25 in any manner, such as by the first person transmitting the protected file 210 to the user terminal 25.
應了解的是,先前之說明是用於說明之用,而非用於限制本發明之範圍,本發明之範圍只由後附申請專利範圍所界定。其他實施例是涵蓋於後附申請專利範圍之範圍內。It is to be understood that the foregoing description is for the purpose of illustration and description Other embodiments are intended to be included within the scope of the appended claims.
(a),(b),(c),(d)...步驟方塊(a), (b), (c), (d). . . Step block
21...第一人端twenty one. . . First person
23...網路服務器twenty three. . . Web server
25...使用者端25. . . User side
210...受保護文件210. . . Protected file
230...虛擬應用服務230. . . Virtual application service
232...所在位置232. . . location
250...網頁瀏覽器程式250. . . Web browser program
第1圖揭露一實施例的流程;Figure 1 discloses a flow of an embodiment;
第2圖揭露實施例的一系統;Figure 2 discloses a system of an embodiment;
第3圖揭露另一實施例的流程;Figure 3 discloses a flow of another embodiment;
第4圖揭露實施例的另一系統。Figure 4 discloses another system of the embodiment.
21...第一人端twenty one. . . First person
23...網路服務器twenty three. . . Web server
230...虛擬應用服務230. . . Virtual application service
25...使用者端25. . . User side
210...受保護文件210. . . Protected file
232...所在位置232. . . location
250...網頁瀏覽器程式250. . . Web browser program
Claims (12)
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
TW101102066A TW201331783A (en) | 2012-01-19 | 2012-01-19 | Method for accessing protected digital document and system thereof |
CN201310018639.8A CN103116727B (en) | 2012-01-19 | 2013-01-18 | Protected file access method and system of installation-free file security control and management software |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
TW101102066A TW201331783A (en) | 2012-01-19 | 2012-01-19 | Method for accessing protected digital document and system thereof |
Publications (1)
Publication Number | Publication Date |
---|---|
TW201331783A true TW201331783A (en) | 2013-08-01 |
Family
ID=48415100
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
TW101102066A TW201331783A (en) | 2012-01-19 | 2012-01-19 | Method for accessing protected digital document and system thereof |
Country Status (2)
Country | Link |
---|---|
CN (1) | CN103116727B (en) |
TW (1) | TW201331783A (en) |
Families Citing this family (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109684791B (en) * | 2018-12-26 | 2020-09-15 | 飞天诚信科技股份有限公司 | Software protection method and device |
Family Cites Families (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2003316913A (en) * | 2002-04-23 | 2003-11-07 | Canon Inc | Service providing method, information processing system, control program thereof and recording medium |
TW200412109A (en) * | 2002-12-24 | 2004-07-01 | Inventec Appliances Corp | Method for protecting copyright of an electronic document in a wireless communication system |
US20080313545A1 (en) * | 2007-06-13 | 2008-12-18 | Microsoft Corporation | Systems and methods for providing desktop or application remoting to a web browser |
TW200945845A (en) * | 2008-04-17 | 2009-11-01 | Borg Technology Corp | Confidential content protecting system, device and method |
CN101996194B (en) * | 2009-08-14 | 2012-08-29 | 北京大学 | On-line browsing method and system of electronic file |
-
2012
- 2012-01-19 TW TW101102066A patent/TW201331783A/en unknown
-
2013
- 2013-01-18 CN CN201310018639.8A patent/CN103116727B/en not_active Expired - Fee Related
Also Published As
Publication number | Publication date |
---|---|
CN103116727B (en) | 2016-12-28 |
CN103116727A (en) | 2013-05-22 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
JP4742682B2 (en) | Content protection device and content protection release device | |
WO2017101865A1 (en) | Data processing method and device | |
US20040039932A1 (en) | Apparatus, system and method for securing digital documents in a digital appliance | |
US8775815B2 (en) | Enterprise-specific functionality watermarking and management | |
US8887290B1 (en) | Method and system for content protection for a browser based content viewer | |
JP2007072639A (en) | Content management server | |
KR100440037B1 (en) | Document security system | |
KR100739474B1 (en) | Method and Apparatus for presenting contents service using DRM | |
CN101398764A (en) | Portable usb device that boots a computer as a server with security measure | |
US9665723B2 (en) | Watermarking detection and management | |
KR101748627B1 (en) | Web-based electronic document service apparatus capable of authenticating a document and operating method thereof | |
JP5393556B2 (en) | Internal / external document protection system | |
TW201331783A (en) | Method for accessing protected digital document and system thereof | |
US7607176B2 (en) | Trainable rule-based computer file usage auditing system | |
JP2011076609A (en) | Digital content management system, management program and management method | |
KR101561771B1 (en) | The software license authentication apparatus and the method of using the portable terminal | |
CN106650492A (en) | Multi-device file protection method and device based on security catalog | |
JP2020160503A (en) | Information processing system | |
US20140123297A1 (en) | Terminal apparatus with drm decoding function and drm decoding method in terminal apparatus | |
KR20080103621A (en) | Method for user created content service using digital rights management | |
KR20150053277A (en) | Method And Apparatus for Controlling Software execution | |
JP4698403B2 (en) | Information sharing system, information device, information sharing method, and information sharing program | |
US20150271211A1 (en) | Rights management policies with nontraditional rights control | |
KR101861015B1 (en) | A method for providing digital right management function in user terminal based on cloud service | |
TWI645345B (en) | System, device and method for executing certificate operation on basis of token |