WO2019202888A1 - 排他制御システム及び排他制御方法 - Google Patents
排他制御システム及び排他制御方法 Download PDFInfo
- Publication number
- WO2019202888A1 WO2019202888A1 PCT/JP2019/010654 JP2019010654W WO2019202888A1 WO 2019202888 A1 WO2019202888 A1 WO 2019202888A1 JP 2019010654 W JP2019010654 W JP 2019010654W WO 2019202888 A1 WO2019202888 A1 WO 2019202888A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- access
- file
- period
- terminal
- server
- Prior art date
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6209—Protecting access to data via a platform, e.g. using keys or access control rules to a single file or object, e.g. in a secure envelope, encrypted and accessed using a key, or with access control rules appended to the object itself
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/60—Software deployment
- G06F8/65—Updates
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/46—Multiprogramming arrangements
- G06F9/52—Program synchronisation; Mutual exclusion, e.g. by means of semaphores
- G06F9/526—Mutual exclusion algorithms
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2141—Access rights, e.g. capability lists, access control lists, access tables, access matrices
Definitions
- the present invention relates to an exclusive control system and an exclusive control method.
- Patent Document 1 describes a configuration that realizes exclusive control by monitoring whether or not a terminal is connected to a file on the server side.
- Patent Document 1 requires server-side operation (monitoring) for exclusive control of specific files, but there are cases where a program for operating the server in such a manner cannot be applied to the server.
- the present invention has an object to provide an exclusive control system and an exclusive control method capable of realizing exclusive control that is completed exclusively by the operation on the terminal side.
- the present invention includes an exclusive control system that includes a plurality of terminals and a server having predetermined data that can be accessed by each of the plurality of terminals, and that restricts simultaneous access to the predetermined data by the plurality of terminals.
- Each of the terminals can access the predetermined data and set an access right for determining an exclusive period for restricting access by other terminals to the server, and perform an update process for updating the exclusive period before the exclusive period elapses. It is determined that access to the predetermined data is restricted within the exclusion period determined by the processing execution unit and other terminals, and access to the prescribed data is not restricted outside the exclusion period A determination unit.
- the process execution unit when accessing the predetermined data, creates an authentication file having an effective period that is an exclusive period in the server, updates the authentication file before the effective period elapses, and the determination unit If the authentication file created on the server is within the validity period, it is determined that access to the predetermined data is restricted, and if the authentication file created by another terminal is not on the server or When the validity period of the created authentication file has passed, it may be determined that access to the predetermined data is not restricted.
- the server may have a file in which map data indicating a track for transporting an article by a transport vehicle and a delivery destination of the article is recorded as the predetermined data.
- the present invention is an exclusive control method comprising a plurality of terminals and a server having predetermined data accessible to each of the plurality of terminals, and restricting simultaneous access to the predetermined data by the plurality of terminals,
- Each of the plurality of terminals can access the predetermined data and set an access right for determining an exclusive period for restricting access by other terminals to the server, and update process for updating the exclusive period has passed the exclusive period. It is determined that access to the predetermined data is restricted within the exclusion period determined by other terminals, and access to the prescribed data is not restricted outside the exclusion period. And including.
- the access right that determines the exclusive period during which the own terminal can access the predetermined data and restricts the access by the other terminal by the processing execution unit provided in each of the plurality of terminals.
- the update process for updating the exclusion period is executed before the exclusion period elapses, while the determination unit restricts access to predetermined data within the exclusion period determined by other terminals. Since it is determined that access to the predetermined data is not restricted outside the exclusion period, exclusive control that is completed exclusively by the operation on the terminal side can be realized. Further, a program for exclusive control is not required for the server, and the load on the server can be reduced.
- the process execution unit accesses the predetermined data, it creates an authentication file having a valid period that is an exclusive period in the server, updates the authentication file before the valid period elapses, and the determination unit If the authentication file created on the server is within the validity period, it is determined that access to the predetermined data is restricted, and if the authentication file created by another terminal is not on the server or In the form where it is determined that access to the predetermined data is not restricted when the validity period of the created authentication file has passed, the predetermined data by a large number of terminals with a simple configuration such as creation and update of the authentication file You can restrict simultaneous access to
- the server has a file in which map data indicating a trajectory for transporting an article by a transport vehicle and map data indicating a delivery destination of the article is stored as the predetermined data
- map data indicating a trajectory for transporting an article by a transport vehicle and map data indicating a delivery destination of the article is stored as the predetermined data
- FIG. 1 shows an example of the exclusive control system 100.
- the exclusive control system 100 is accessible to a plurality of terminals (clients) 110A and 110B (hereinafter also referred to as terminals 110 and terminals A and B) and a plurality of terminals 110, respectively.
- a server 130 having a specific file (predetermined data) SF.
- the predetermined data may be a database provided in the server 130 or application software.
- the exclusive control system 100 is a system that restricts simultaneous access to a specific file SF by a plurality of terminals 110.
- simultaneous access restriction means that editing of a specific file SF is prohibited but acquisition and browsing are permitted, editing and acquisition of the specific file SF are prohibited, but browsing is permitted, This means that editing, acquisition, browsing is prohibited.
- Each of the plurality of terminals 110 is communicatively connected to the server 130 via the line N.
- the line N includes a computer network such as the Internet, a core network of a communication carrier, and various local networks.
- the plurality of terminals 110 may be desktop or notebook personal computers, or may be portable terminals such as tablets or smartphones.
- the server 130 can be connected to a plurality of terminals 110, and may be a single device or a plurality of devices.
- a specific file SF is stored in a part of the storage area of the server 130.
- the plurality of terminals 110 can access the specific file SF after connecting to the server 130.
- the specific file SF has, for example, a file in which map data used in the transport vehicle system is recorded.
- the transport vehicle system is, for example, an article transport system installed in a semiconductor device manufacturing factory, and processes FOUPs (Front-Opening Unified Pods) or reticles that contain semiconductor wafers used for manufacturing semiconductor devices.
- a container such as a reticle pod containing a member for use is conveyed as an article.
- the map data used in such a transport vehicle system is data indicating a track for transporting an article by the transport vehicle and a delivery destination of the article.
- FIG. 2 shows an example of a functional block configuration of the terminal 110.
- the terminal 110 includes a process execution unit 111, a determination unit 112, and a specific file processing unit 113.
- the process execution unit 111 enables access to the specific file SF by the own terminal during a predetermined exclusion period S, and allows the other terminal to access the specific file SF that is accessed (or accessible) by the own terminal.
- An access right that defines an exclusive period S to be restricted is set in the server 130, and an update process for updating the exclusive period S is executed before the exclusive period S elapses.
- the process execution unit 111 creates an authentication file AF having a validity period on the server 130 when accessing the specific file SF of the server 130.
- the creation of the authentication file AF corresponds to setting an access right for determining the exclusion period S in the server 130. That is, the state where the terminal 110 has the access right means a state where the authentication file AF valid (within the valid period) by the terminal 110 exists on the server 130.
- identification information for example, IP address
- the start time of the effective period and the effective period (time) from the start time are determined.
- the authentication file AF is valid during the valid period.
- the exclusion period S is set according to the validity period of the authentication file AF.
- the authentication file AF is a file in which data necessary for enabling access to the specific file SF by the own terminal within the effective period and for restricting access to the specific file SF by another terminal within the effective period is recorded. It is.
- the valid period of the specific file SF corresponds to a predetermined exclusion period S.
- the process execution unit 111 accesses the specific file SF of the server 130 (or is accessible) by the terminal 110 so that the authentication file AF on the server 130 is stored before the validity period of the authentication file AF elapses. Update.
- the word “update” is used to mean that a new authentication file AF is created and overwritten.
- the process execution unit 111 deletes the authentication file AF on the server 130 when releasing access to the specific file SF.
- Data may be updated.
- the time data may be data that can specify the start time of the updated effective period, may be data in which the updated start time is clearly indicated, or by indicating the time elapsed from a certain reference time, It may be data that makes it possible to specify the start time updated by calculation.
- the process execution unit 111 may update the period data related to the valid period (exclusive period S) among the data recorded in the authentication file AF.
- the period data may be data that can specify the updated effective period.
- the period data may be data in which the effective period is specified, or it is calculated by indicating how many times it is a certain reference period. The data may make it possible to specify the exclusion period S.
- the determination unit 112 is an authentication file AF created by another terminal 110 on the server 130 (an authentication file AF in which identification information of the other terminal 110 is defined), and is a valid authentication file AF (authentication within the valid period). If there is a file AF), it is determined that access to the specific file SF is restricted (not accessed). In addition, when the authentication file AF created by the other terminal 110 is not in the server 130 or when the authentication file AF created by the other terminal 110 in the server 130 is not valid (the validity period has passed), the specific file It is determined that access to the SF is not restricted (access is possible).
- the determination unit 112 determines whether or not access to the specific file SF is possible depending on whether or not there is a valid authentication file AF created by another terminal 110 on the server 130. If another terminal 110 that has accessed the server 130 is abnormally terminated, the authentication file AF becomes invalid after the validity period has passed, and thereafter, the authentication file AF whose validity period has passed is stored on the server 130. Even if it remains (even on the server 130), it is possible to access the specific file SF.
- the determination unit 112 may determine whether or not it is within the valid period based on the start time data of the valid period in the authentication file AF.
- the determination unit 112 may calculate an effective period from the start time data and determine whether or not the current time is within the effective period. Further, the determination unit 112 may determine whether or not the authentication file AF is within the valid period based on the updated period data (for example, one hour).
- the determination unit 112 may determine that browsing of the specific file SF is restricted when any of the other terminals is accessing the specific file SF (or when it is accessible).
- the determination unit 112 may determine that acquisition of the specific file SF is restricted when any of the other terminals is accessing the specific file SF (or when it is accessible). The determination unit 112 may determine that editing of the specific file SF is restricted when any of the other terminals is accessing the specific file SF (or accessible).
- the specific file processing unit 113 accesses the specific file SF based on a user input instructing access to the specific file SF.
- the specific file processing unit 113 performs a browsing process of the specific file SF based on a user input instructing browsing of the specific file SF.
- the specific file processing unit 113 performs acquisition processing of the specific file SF based on a user input instructing acquisition of the specific file SF.
- the specific file processing unit 113 performs an editing process on the specific file SF based on a user input instructing editing of the specific file SF.
- each terminal 110 can access the specific file SF.
- the authentication file AF created (updated) by the process execution unit 111 is present on the server 130.
- the determination unit 112 of the other terminal 110 is prevented from accessing the specific file SF.
- the exclusive control for the specific file SF is completed by the processing on the terminal 110 side, and it is sufficient that the server 130 has an area for storing the authentication file AF, and it is necessary to install a program for exclusive control. There is no. Accordingly, even a server or the like that cannot be equipped with a program for exclusive control can perform exclusive control on the specific file SF.
- FIGS. 3 to 5 show an example of the operation flow of the terminal 110.
- FIG. First the operation when the terminal 110 starts access to the specific file SF will be described with reference to the operation flow shown in FIG. In the description of this operation flow, reference is made to FIGS. Further, in describing the operation flow of FIGS. 3 to 5, the operation sequence shown in FIGS. 6 to 9 is referred to.
- the specific file processing unit 113 of the terminal 110 When the specific file processing unit 113 of the terminal 110 receives an input from the user instructing to start access to the specific file SF, the specific file processing unit 113 sends data to that effect to the determination unit 112.
- the determination unit 112 of the terminal 110 determines whether the authentication file AF is stored in a predetermined storage area in the storage device of the server 130 (step S101). For example, the determination unit 112 may determine whether the authentication file AF is stored by accessing a predetermined storage area in the storage device of the server 130 and confirming whether the authentication file AF is stored.
- the determination unit 112 sends data to that effect to the process execution unit 111.
- the process execution unit 111 of the terminal 110 terminal A in FIG. 6
- the process execution unit 111 receives the data sent from the determination unit 112, it authenticates to a predetermined storage area in the storage device of the server 130 as shown in the operation sequence of FIG. A file AF is created (step S102). That is, the process execution unit 111 sets an access right for determining a valid period (exclusive period S) in the server 130.
- the process execution unit 111 includes, as the authentication file AF, address data indicating an IP (Internet Protocol) address of its own terminal, time data related to the time when the authentication file AF is created (the start time of the authentication file AF), A file in which the period data related to the validity period of the authentication file AF (that is, the exclusion period S) is recorded is created.
- the process execution unit 111 sends data notifying that the authentication file AF has been created to the specific file processing unit 113.
- the specific file processing unit 113 When the specific file processing unit 113 receives the data sent from the process execution unit 111, the specific file processing unit 113 starts access to the specific file SF (step S103). As described above, when starting the access to the specific file SF, the terminal 110 starts the access to the specific file SF if the authentication file AF is not stored in the predetermined storage area in the storage device of the server 130. be able to.
- such a situation is a situation after the access to the specific file SF by another terminal (terminal B or the like in FIG. 6) is normally terminated when viewed from the own terminal (terminal A in FIG. 6)
- the situation in which the authentication file AF is deleted after accessing the SF), or the validity period (exclusion period S) of the authentication file AF has elapsed after the access to the specific file SF by another terminal (terminal B in FIG. 6) has ended abnormally This is the situation.
- the authentication file AF remains on the server 130, but another terminal 110 can newly create the authentication file AF in the server 130.
- the server 130 may delete the invalid authentication file AF after a lapse of a predetermined time. It may be deleted.
- another terminal can start accessing the specific file SF as described above.
- step S104 the determination unit 112 determines whether the authentication file AF is an authentication file for the own terminal. For example, the determination unit 112 refers to the address data recorded in the authentication file AF to check whether the authentication file AF is the authentication file AF for the own terminal by confirming whether the IP address of the own terminal is used. Can be determined.
- the determination unit 112 sends data to that effect to the process execution unit 111.
- the process execution unit 111 receives the data sent from the determination unit 112 and updates the authentication file AF stored in a predetermined storage area in the storage device of the server 130 ( Step S105).
- the process execution unit 111 may create a new authentication file AF and overwrite the previous authentication file AF as an update of the authentication file AF. Further, the process execution unit 111 updates the start time data recorded in the authentication file AF to a new start time.
- the process execution unit 111 updates the period data recorded in the authentication file AF.
- the process execution unit 111 may update the period data when there is a change in the validity period (exclusive period S) of the authentication file AF due to the period data recorded in the authentication file AF.
- the process execution unit 111 sends data notifying that the authentication file AF has been updated to the specific file processing unit 113. Subsequently, when receiving the data sent from the process execution unit 111, the specific file processing unit 113 starts access to the specific file SF (step S103).
- the access to the specific file SF is started, if the authentication file AF for the own terminal (terminal A in FIG. 7) is stored in a predetermined storage area in the storage device of the server 130, the specific file Access to the SF can be started.
- the process ended abnormally during the process for the specific file SF by the own terminal (terminal A in FIG. 7), and the authentication file AF remained. Thereafter, there is a situation in which there is no access to the specific file SF by another terminal (for example, terminal B in FIG. 6) after the validity period elapses.
- step S104 when the authentication file AF is not the authentication file AF for the terminal itself (step S104; No), the determination unit 112 determines whether the authentication file AF is valid (within the exclusion period S) (Ste S106).
- the determination unit 112 refers to the start time data and the period data recorded in the authentication file AF, and confirms the effective period that can be specified by the start time data or the effective period that can be specified by the period data. It is determined whether the authentication file AF is valid (within the exclusion period S).
- the determination unit 112 determines that the authentication file AF is valid (within the exclusion period S) (step S106; Yes)
- the determination unit 112 sends data to that effect to the specific file processing unit 113. send.
- the specific file processing unit 113 receives the data sent from the determination unit 112, the specific file processing unit 113 determines that access to the specific file SF is restricted, and ends the process without starting access to the specific file SF ( Terminal B in FIG. 8). At that time, the specific file processing unit 113 notifies the user of the terminal (such as terminal B in FIG. 8) that the specific file SF is not accessed (or access to the specific file SF is restricted). May be.
- the authentication file AF created by another terminal is stored in a predetermined storage area in the storage device of the server 130, and the authentication is performed. If it is specified that the file AF is valid (within the exclusion period S), the own terminal (terminal B or the like in FIG. 8) determines that access to the specific file SF is restricted. In the operation sequence of FIG. 8, access to the specific file SF by another terminal (terminal A in FIG. 8) continues, and access to the specific file SF by the own terminal (terminal B in FIG. 8) is restricted. Shows the case.
- step S106 when it is not the exclusion period S, that is, when there is no valid authentication file AF by the other terminal 110 (step S106; No), the determination unit 112 sends data to that effect to the process execution unit 111. .
- the process execution unit 111 receives the data transmitted from the determination unit 112, the process execution unit 111 deletes the authentication file AF stored in a predetermined storage area in the storage device of the server 130 (step S107), and the operation sequence of FIG. As shown, a new authentication file AF is created in the storage area (step S102). That is, the process execution unit 111 sets an access right for determining a valid period (exclusive period S) in the server 130.
- process execution unit 111 may overwrite or update the new authentication file AF on the previous authentication file AF in step S107. Further, the process execution unit 111 may create a new authentication file AF in step S102 while leaving the invalid authentication file AF in step S107. Subsequently, the process execution unit 111 sends data notifying that the authentication file AF has been created to the specific file processing unit 113. When the specific file processing unit 113 receives the data sent from the process execution unit 111, the specific file processing unit 113 starts access to the specific file SF (step S103).
- terminal 110 when the terminal 110 (terminal B in FIG. 9) starts access to the specific file SF, another terminal (terminal A in FIG. 9) created in a predetermined storage area in the storage device of the server 130. Even if the authentication file AF is stored, if it is specified that the authentication file AF is invalid (not within the exclusion period S), it is determined that access to the specific file SF is not restricted, and the specific file Access to the SF can be started. Note that such a situation is a situation after the processing of the specific file SF by another terminal (terminal A in FIG. 9) has ended abnormally as shown in FIG.
- FIGS. 1 to 3 are referred to.
- FIGS. 6 to 9 are referred to. Whether the processing execution unit 111 of the terminal 110 should update the authentication file AF after creating the authentication file AF or updating the authentication file AF, as shown in the operation sequence of FIGS. Is determined (step S201).
- the specific file processing unit 113 of the terminal 110 receives the data for notifying that the authentication file AF has been created or the data for notifying that the authentication file AF has been updated from the processing execution unit 111, and then sets a predetermined authentication. If the specific file SF is being accessed before the valid period of the file AF elapses, data notifying that is sent to the process execution unit 111. For example, the specific file processing unit 113 normally continues the browsing process of the specific file SF, or normally continues the acquisition process of the specific file SF from the server 130, or edits the specific file SF. What is necessary is just to determine with accessing the specific file SF when the process is continued normally.
- the timing at which the authentication file AF should be updated may be immediately before the validity period of the authentication file AF elapses or may be a timing before a predetermined period from when the validity period elapses. This predetermined period can be set arbitrarily and may be set in advance.
- the specific file processing unit 113 updates the authentication file AF every time an update period shorter than the valid period of the authentication file AF elapses.
- the process execution unit 111 determines that it is the update timing of the authentication file AF.
- step S201 If it is the update timing of the authentication file AF (step S201; Yes), the process execution unit 111 updates the authentication file AF stored in a predetermined storage area in the storage device of the server 130 (step S202). In step S202, a new authentication file AF may be overwritten as an update of the authentication file AF. Subsequently, the process execution unit 111 sends data notifying that the authentication file AF has been updated to the specific file processing unit 113. When the specific file processing unit 113 receives the data transmitted from the process execution unit 111, the specific file processing unit 113 continues to access the specific file SF (step S103).
- the terminal 110 when the terminal 110 is accessing the specific file SF, the terminal 110 can update (overwrite) the authentication file AF and continue to access the specific file SF.
- the other terminal 110 updates the authentication file AF by itself and continues the authentication file AF as valid (exclusion period S is extended), so that access to the specific file SF is restricted. Is continued.
- step S201 when it is determined that it is not the update timing of the authentication file (step S201; No), the process execution unit 111 stores in a predetermined storage area in the storage device of the server 130 as shown in the operation sequence of FIG. The processing ends without updating the authentication file AF that has been set.
- the process execution unit 111 when it is determined that it is not the update timing of the authentication file AF, it is determined that it is not the update timing because it is not the actual update timing, and to the specific file SF that is actually the update timing.
- the process execution unit 111 cannot receive the data notifying that the specific file SF is being accessed from the specific file processing unit 113, and therefore determines that it is not the update timing of the authentication file. End up.
- the terminal 110 cannot update the authentication file AF if the connection ends abnormally during the connection to the server 130 or if the process ends abnormally during the processing for the specific file SF.
- the authentication file AF since the authentication file AF is not updated (overwritten), the other terminal 110 does not become valid after the valid period elapses (by the exclusion period S elapses), thereby specifying the specific file SF. You will be able to start accessing.
- the specific file processing unit 113 of the terminal 110 determines whether access to the specific file SF has been completed (step S301).
- the specific file processing unit 113 normally ends the process of browsing the specific file SF, or normally ends the acquisition process of the specific file SF from the server 130, or normally ends the editing process of the specific file SF. In this case, it is determined that access to the specific file SF has ended.
- the specific file processing unit 113 sends data to that effect to the process execution unit 111.
- the processing execution unit 111 of the terminal 110 receives the data sent from the specific file processing unit 113, the authentication file stored in a predetermined storage area in the storage device of the server 130, as shown in the operation sequence of FIG. AF is deleted (step S302), and the process is terminated.
- the terminal 110 self terminal, terminal A in FIG. 6
- the terminal 110 deletes the authentication file AF.
- other terminals can start accessing the specific file SF as shown in the operation sequence of FIG.
- step S301 when access to the specific file SF has not ended (step S301; No), the specific file processing unit 113 ends the process without sending data to that effect to the process execution unit 111. .
- the terminal 110 does not delete the authentication file AF when the access to the specific file SF has not ended.
- the other terminal 110 determines that access to the specific file SF is restricted until the valid period elapses (until the exclusive period S elapses). The access to the specific file SF is not started (see the operation sequence of FIG. 8 or FIG. 9).
- the terminal when the terminal is accessing the specific file SF (or accessible), before the valid period elapses (before the exclusive period S elapses).
- exclusive control is realized by preventing other terminals from accessing the specific file SF.
- the validity period of the authentication file AF elapses (exclusion period S elapses).
- the determination unit 112 of each terminal 110 determines whether the access to the specific file SF is possible by checking whether the authentication file AF by the other terminal 110 is valid.
- the exclusive control can be completed by the processing on the terminal 110 side. Therefore, it is not necessary to install a program for exclusive control on the server 130 side.
- the processing execution unit 111 of the terminal 110 updates the authentication file AF
- the period data related to the valid period (exclusive period S) is updated among the data recorded in the authentication file AF.
- the processing execution unit 111 may overwrite the authentication file AF at regular intervals as the update of the authentication file AF.
- the process execution unit 111 of the terminal 110 repeatedly transmits a special packet to the server 130 as an update process to indicate that the specific file SF is accessed (or accessible). Also good.
- the determination unit 112 of the terminal 110 refers to the communication history (log etc.) of the server 130 and the exclusive period S set in advance after the server 130 receives a special packet from the other terminal 110. If it has not elapsed, it is determined that access to the specific file SF is restricted, and if the exclusive period S has elapsed since the server 130 received a special packet from another terminal 110, It may be determined that access to the file SF is not restricted. In the case of such a form, the exclusive period S is set in advance as a common period in the exclusive control system 100.
- the process execution unit 111 of the terminal 110 repeatedly updates the property of the specific file SF as an update process in order to indicate that the specific file SF is accessed (or accessible). Also good.
- the determination unit 112 of the terminal 110 updates the property of the specific file SF to the specific file SF when the preset exclusion period S has not elapsed since the other terminal 110 last updated the property of the specific file SF.
- the access to the specific file SF is not restricted. What is necessary is just to judge.
- the process execution unit 111 updates the attribute value of the time related to the updated time among the properties of the specific file SF, and the determination unit 112 determines the attribute of the updated time What is necessary is just to determine whether the exclusion period S has passed based on the value. Further, for example, when updating the property of the specific file SF, the process execution unit 111 updates the attribute value of the period related to the exclusion period S included in the property of the specific file SF, and the determination unit 112 updates the property What is necessary is just to determine whether the exclusion period S has passed based on the attribute value of the set period.
- the processing execution unit 111, the determination unit 112, and the specific file processing unit 113 of the terminal 110 are specific means in which software and hardware resources cooperate with each other by reading a program into a computer. It may be realized.
- the contents of Japanese Patent Application No. 2018-080698, which is a Japanese patent application, and all the references cited in this specification are incorporated herein by reference.
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- General Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computer Security & Cryptography (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Bioethics (AREA)
- Databases & Information Systems (AREA)
- Storage Device Security (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
- Selective Calling Equipment (AREA)
Abstract
Description
110、110A、110B・・・端末
111・・・処理実行部
112・・・判定部
113・・・特定ファイル処理部
130・・・サーバ
N・・・回線
S・・・排他期間
AF・・・認証ファイル
SF・・・特定ファイル(所定データ)
Claims (4)
- 複数の端末と、前記複数の端末のそれぞれがアクセス可能な所定データを有するサーバと、を備え、前記複数の端末による前記所定データへの同時アクセスを制限する排他制御システムであって、
前記複数の端末のそれぞれは、
自端末が前記所定データにアクセス可能であり且つ他端末によるアクセスを制限する排他期間を定めるアクセス権を前記サーバに設定し、前記排他期間を更新する更新処理を、前記排他期間が経過する前に実行する処理実行部と、
他端末により定められた前記排他期間内においては前記所定データへのアクセスが制限されていると判定し、前記排他期間外においては前記所定データへのアクセスが制限されていないと判定する判定部と、を備える、排他制御システム。 - 前記処理実行部は、前記所定データにアクセスした際に、前記排他期間である有効期間を有する認証ファイルを前記サーバに作成し、前記有効期間が経過する前に前記認証ファイルを更新し、
前記判定部は、他端末により前記サーバに作成された前記認証ファイルが前記有効期間内である場合には前記所定データへのアクセスが制限されていると判定し、他端末により作成された前記認証ファイルが前記サーバにない場合又は他端末により前記サーバに作成された前記認証ファイルの前記有効期間が経過している場合には前記所定データへのアクセスが制限されていないと判定する、請求項1に記載の排他制御システム。 - 前記サーバは、前記所定データとして、搬送車により物品を搬送するための軌道、及び物品の受け渡し先を示すマップデータが記録されたファイルを有する、請求項1又は請求項2に記載の排他制御システム。
- 複数の端末と、前記複数の端末のそれぞれがアクセス可能な所定データを有するサーバと、を備え、前記複数の端末による前記所定データへの同時アクセスを制限する排他制御方法であって、
前記複数の端末のそれぞれは、
自端末が前記所定データにアクセス可能であり且つ他端末によるアクセスを制限する排他期間を定めるアクセス権を前記サーバに設定し、前記排他期間を更新する更新処理を、前記排他期間が経過する前に実行することと、
他端末により定められた前記排他期間内においては前記所定データへのアクセスが制限されていると判定し、前記排他期間外においては前記所定データへのアクセスが制限されていないと判定することと、を含む、排他制御方法。
Priority Applications (4)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
EP19787950.5A EP3783495B1 (en) | 2018-04-19 | 2019-03-14 | Exclusive control system and exclusive control method |
US17/047,719 US12019774B2 (en) | 2018-04-19 | 2019-03-14 | Exclusive control system and exclusive control method |
CN201980026232.5A CN112055849B (zh) | 2018-04-19 | 2019-03-14 | 排他控制系统以及排他控制方法 |
JP2020514018A JP6969676B2 (ja) | 2018-04-19 | 2019-03-14 | 排他制御システム及び排他制御方法 |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP2018080698 | 2018-04-19 | ||
JP2018-080698 | 2018-04-19 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2019202888A1 true WO2019202888A1 (ja) | 2019-10-24 |
Family
ID=68240385
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/JP2019/010654 WO2019202888A1 (ja) | 2018-04-19 | 2019-03-14 | 排他制御システム及び排他制御方法 |
Country Status (6)
Country | Link |
---|---|
US (1) | US12019774B2 (ja) |
EP (1) | EP3783495B1 (ja) |
JP (1) | JP6969676B2 (ja) |
CN (1) | CN112055849B (ja) |
TW (1) | TWI795551B (ja) |
WO (1) | WO2019202888A1 (ja) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111698279A (zh) * | 2020-04-17 | 2020-09-22 | 普联国际有限公司 | 通信设备控制方法和装置 |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JPH06103142A (ja) | 1992-09-22 | 1994-04-15 | Hokkaido Nippon Denki Software Kk | 分散データベース制御方式 |
JPH07325747A (ja) * | 1994-05-31 | 1995-12-12 | Mitsubishi Electric Corp | 分散データベースの管理方法 |
JP2004094850A (ja) * | 2002-09-04 | 2004-03-25 | Nec Corp | 排他制御装置および排他制御方法 |
JP2012058960A (ja) * | 2010-09-08 | 2012-03-22 | Yamatake Corp | 共有ファイル管理システム、その制御方法、およびプログラム |
JP2018080698A (ja) | 2016-11-14 | 2018-05-24 | マン・ディーゼル・アンド・ターボ・エスイー | 内燃機関のためのガス交換弁、及び内燃機関 |
Family Cites Families (78)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JPH07105060A (ja) * | 1993-09-30 | 1995-04-21 | Hitachi Ltd | データベース管理システムのレコードアクセス管理方式 |
US5867655A (en) * | 1993-12-08 | 1999-02-02 | Packard Bell Nec | Method to store privileged data within the primary CPU memory space |
JP3335801B2 (ja) * | 1995-07-05 | 2002-10-21 | 株式会社日立製作所 | 異種ファイルへのアクセスを可能とする情報処理システム及びその制御方法 |
JP3526688B2 (ja) * | 1996-03-29 | 2004-05-17 | 富士通株式会社 | コネクションレスな通信における従量制課金システムおよび方法 |
US5892904A (en) * | 1996-12-06 | 1999-04-06 | Microsoft Corporation | Code certification for network transmission |
JPH10224874A (ja) * | 1997-02-10 | 1998-08-21 | Matsushita Electric Ind Co Ltd | リモコンシステム |
US6122631A (en) * | 1997-03-28 | 2000-09-19 | International Business Machines Corporation | Dynamic server-managed access control for a distributed file system |
US6311255B1 (en) * | 1999-04-29 | 2001-10-30 | International Business Machines Corporation | System and method for selectively restricting access to memory for bus attached unit IDs |
US7155524B1 (en) * | 2000-12-04 | 2006-12-26 | Lucent Technologies Inc. | Backoff protocols and methods for distributed mutual exclusion and ordering |
JP3970524B2 (ja) * | 2001-01-24 | 2007-09-05 | 日立ソフトウエアエンジニアリング株式会社 | 複数オペレーション間の排他制御方法 |
US7103663B2 (en) * | 2001-06-11 | 2006-09-05 | Matsushita Electric Industrial Co., Ltd. | License management server, license management system and usage restriction method |
EP1400085B1 (en) * | 2001-06-21 | 2008-09-17 | Telefonaktiebolaget LM Ericsson (publ) | Method for secure file transfer to multiple destinations with integrity check |
US7260555B2 (en) * | 2001-12-12 | 2007-08-21 | Guardian Data Storage, Llc | Method and architecture for providing pervasive security to digital assets |
US20030112977A1 (en) * | 2001-12-18 | 2003-06-19 | Dipankar Ray | Communicating data securely within a mobile communications network |
JP2003233519A (ja) * | 2002-02-07 | 2003-08-22 | Fujitsu Ltd | ネットワーク上のファイル資源のためのファイル制御装置 |
US7107285B2 (en) * | 2002-03-16 | 2006-09-12 | Questerra Corporation | Method, system, and program for an improved enterprise spatial system |
JP2003316522A (ja) * | 2002-04-26 | 2003-11-07 | Hitachi Ltd | 計算機システムおよび計算機システムの制御方法 |
US20040210532A1 (en) * | 2003-04-16 | 2004-10-21 | Tomoyoshi Nagawa | Access control apparatus |
WO2004109443A2 (en) * | 2003-06-02 | 2004-12-16 | Liquid Machines, Inc. | Managing data objects in dynamic, distributed and collaborative contexts |
JP2005100207A (ja) | 2003-09-26 | 2005-04-14 | Dainippon Printing Co Ltd | 共有データファイル排他制御方法 |
JP3690685B1 (ja) * | 2004-06-17 | 2005-08-31 | クオリティ株式会社 | 電子ファイル管理システムおよび電子ファイル管理プログラム |
JP4069905B2 (ja) * | 2004-06-28 | 2008-04-02 | コニカミノルタビジネステクノロジーズ株式会社 | 共有ファイル管理システムおよびサーバー |
JP2006171915A (ja) * | 2004-12-13 | 2006-06-29 | Matsushita Electric Ind Co Ltd | 排他制御装置 |
JP2006172067A (ja) * | 2004-12-15 | 2006-06-29 | Hitachi Ltd | データベース管理方法、システム及びプログラム |
US7502946B2 (en) * | 2005-01-20 | 2009-03-10 | Panasonic Corporation | Using hardware to secure areas of long term storage in CE devices |
US20080281716A1 (en) * | 2005-02-18 | 2008-11-13 | Duaxes Corporation | Communication Control Device |
US7324905B2 (en) * | 2005-05-11 | 2008-01-29 | Robert James Droubie | Apparatus, system and method for automating an interactive inspection process |
JP4741292B2 (ja) * | 2005-06-09 | 2011-08-03 | 株式会社日立製作所 | デバイス管理システム |
JP2007115192A (ja) * | 2005-10-24 | 2007-05-10 | Chial & Associates:Kk | ファイル管理システム、情報処理装置、認証システム、およびファイル利用権限設定システム |
TWI416901B (zh) * | 2005-11-30 | 2013-11-21 | Ibm | 故障容忍之異動處理系統 |
JP4832994B2 (ja) * | 2006-08-07 | 2011-12-07 | 富士通株式会社 | 文書管理プログラム、文書管理システムおよびアクセス権設定方法 |
JP4770650B2 (ja) * | 2006-09-09 | 2011-09-14 | ソニー株式会社 | 情報処理装置および情報処理方法並びにコンピュータ・プログラム |
JP2008242826A (ja) * | 2007-03-27 | 2008-10-09 | Hitachi Ltd | 情報処理システム、情報処理システムの制御方法及びプログラム |
JP5046863B2 (ja) * | 2007-11-01 | 2012-10-10 | 株式会社日立製作所 | 情報処理システム及びデータ管理方法 |
JP2009157880A (ja) * | 2007-12-28 | 2009-07-16 | Hitachi Ltd | サーバ装置及びファイルシステム |
US20090198704A1 (en) * | 2008-01-25 | 2009-08-06 | Klavs Landberg | Method for automated network file and directory virtualization |
JP5072632B2 (ja) * | 2008-02-07 | 2012-11-14 | キヤノン株式会社 | アクセス権管理システム |
US8387122B2 (en) * | 2008-05-16 | 2013-02-26 | University Of Washington | Access control by testing for shared knowledge |
JP5274114B2 (ja) * | 2008-06-06 | 2013-08-28 | キヤノン株式会社 | ドキュメント管理装置およびドキュメント管理方法並びにドキュメント管理システム |
US8214193B2 (en) * | 2008-10-01 | 2012-07-03 | At&T Intellectual Property I, Lp | Virtualized policy tester |
US8966374B1 (en) * | 2009-03-30 | 2015-02-24 | Glance Networks, Inc. | Method and apparatus for enabling participants to assume control over a presentation in a remote viewing session |
CN101944168B (zh) * | 2009-07-09 | 2013-01-09 | 精品科技股份有限公司 | 电子文件权限控管系统 |
DE102009042128A1 (de) * | 2009-09-18 | 2011-03-24 | Siemens Aktiengesellschaft | Verfahren und System zur Verwendung von temporären exklusiven Sperren für parallele Betriebsmittelzugrife |
JP2011107754A (ja) * | 2009-11-12 | 2011-06-02 | Mitsubishi Electric Corp | プラント監視制御システム |
US8266176B2 (en) * | 2010-03-12 | 2012-09-11 | Hitachi, Ltd. | Storage system and file access determination method of the same |
US20120324544A1 (en) * | 2010-03-19 | 2012-12-20 | Dai Kanetomo | Information processing apparatus, terminal apparatus and information processing method |
JP4951092B2 (ja) * | 2010-06-03 | 2012-06-13 | 株式会社東芝 | アクセス制御プログラム及び装置 |
WO2012035574A1 (en) * | 2010-09-14 | 2012-03-22 | Hitachi, Ltd. | Server apparatus and control method of the same for migrating file based on user quota and file quota |
JP4957853B1 (ja) * | 2011-03-15 | 2012-06-20 | オムロン株式会社 | Plcのcpuユニット、plc用のシステムプログラムおよびplc用のシステムプログラムを格納した記録媒体 |
JP5725162B2 (ja) * | 2011-03-31 | 2015-05-27 | 富士通株式会社 | 排他制御方法、および排他制御プログラム |
JP5814639B2 (ja) * | 2011-06-09 | 2015-11-17 | キヤノン株式会社 | クラウドシステム、クラウドサービスのライセンス管理方法、およびプログラム |
JP5930847B2 (ja) * | 2011-06-29 | 2016-06-08 | キヤノン株式会社 | サーバーシステムおよび制御方法およびプログラム |
US9002890B2 (en) * | 2012-03-14 | 2015-04-07 | International Business Machines Corporation | Rule-based access control list management |
JP6052571B2 (ja) * | 2012-03-24 | 2016-12-27 | 日本電気株式会社 | 情報処理システム、情報処理方法、情報処理装置およびその制御方法と制御プログラム |
KR101274617B1 (ko) * | 2012-04-30 | 2013-06-13 | 에스케이플래닛 주식회사 | 보안 통제 시스템 및 방법 |
WO2014006949A1 (ja) * | 2012-07-04 | 2014-01-09 | ソフトバンクモバイル株式会社 | 端末及びその接続方法 |
US10585969B2 (en) * | 2012-07-07 | 2020-03-10 | Jianqing Wu | System and method for extending database functions by a web application and computer readable media |
JP5982343B2 (ja) * | 2012-10-17 | 2016-08-31 | ボックス インコーポレイテッドBox, Inc. | クラウドベース環境におけるリモートキー管理 |
US9264480B1 (en) * | 2012-11-13 | 2016-02-16 | Microstrategy Incorporated | File access |
US20150248565A1 (en) * | 2012-11-20 | 2015-09-03 | Hitachi, Ltd. | Information system, control program for management server, and control program for mobile device |
JP6029437B2 (ja) * | 2012-11-30 | 2016-11-24 | ルネサスエレクトロニクス株式会社 | 半導体装置及びアクセス制限方法 |
JP2014215896A (ja) * | 2013-04-26 | 2014-11-17 | 株式会社東芝 | アクセス制御装置、アクセス制御方法、及びアクセス制御プログラム |
US9325463B2 (en) * | 2013-11-19 | 2016-04-26 | Intel IP Corporation | High-efficiency WLAN (HEW) master station and methods to increase information bits for HEW communication |
US9667625B2 (en) * | 2014-07-10 | 2017-05-30 | Ricoh Company, Ltd. | Access control method, authentication method, and authentication device |
JP6298389B2 (ja) * | 2014-09-16 | 2018-03-20 | 株式会社東芝 | 中継装置、通信システム、及び中継方法 |
GB2532205B (en) * | 2014-11-06 | 2021-10-20 | Metaswitch Networks Ltd | Controlling enablement of resources |
WO2016092630A1 (ja) * | 2014-12-09 | 2016-06-16 | キヤノン株式会社 | 情報処理装置、情報処理装置の制御方法、情報処理システム、およびコンピュータプログラム |
JP5956623B1 (ja) * | 2015-01-30 | 2016-07-27 | 株式会社Pfu | システム |
US9942922B2 (en) * | 2015-05-01 | 2018-04-10 | Intel IP Corporation | Restricting enhanced distributed coordination access (EDCA) in a high efficiency wireless local-area network |
JP6895719B2 (ja) * | 2016-06-24 | 2021-06-30 | 日立Astemo株式会社 | 車両制御装置 |
JP6415499B2 (ja) * | 2016-08-24 | 2018-10-31 | キヤノン株式会社 | 情報処理装置及び情報処理方法、コンピュータプログラム |
US10924931B2 (en) * | 2017-05-24 | 2021-02-16 | Microsoft Technology Licensing, Llc | External sharing with improved security |
US10944752B2 (en) * | 2017-05-24 | 2021-03-09 | Microsoft Technology Licensing, Llc | Transfer of secure external sharing link |
US11588872B2 (en) * | 2017-06-12 | 2023-02-21 | C-Hear, Inc. | System and method for codec for combining disparate content |
US11138344B2 (en) * | 2019-07-03 | 2021-10-05 | Ooma, Inc. | Securing access to user data stored in a cloud computing environment |
WO2021039795A1 (ja) * | 2019-08-28 | 2021-03-04 | 株式会社デンソー | 車両用電子制御システム、車両用マスタ装置、コンフィグ情報の書戻しによる書換え指示方法及びコンフィグ情報の書戻しによる書換え指示プログラム |
US11558423B2 (en) * | 2019-09-27 | 2023-01-17 | Stealthpath, Inc. | Methods for zero trust security with high quality of service |
US11550942B2 (en) * | 2020-10-27 | 2023-01-10 | Bull Sas | Universal file access control system and method |
-
2019
- 2019-03-14 JP JP2020514018A patent/JP6969676B2/ja active Active
- 2019-03-14 US US17/047,719 patent/US12019774B2/en active Active
- 2019-03-14 WO PCT/JP2019/010654 patent/WO2019202888A1/ja active Application Filing
- 2019-03-14 CN CN201980026232.5A patent/CN112055849B/zh active Active
- 2019-03-14 EP EP19787950.5A patent/EP3783495B1/en active Active
- 2019-04-09 TW TW108112290A patent/TWI795551B/zh active
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JPH06103142A (ja) | 1992-09-22 | 1994-04-15 | Hokkaido Nippon Denki Software Kk | 分散データベース制御方式 |
JPH07325747A (ja) * | 1994-05-31 | 1995-12-12 | Mitsubishi Electric Corp | 分散データベースの管理方法 |
JP2004094850A (ja) * | 2002-09-04 | 2004-03-25 | Nec Corp | 排他制御装置および排他制御方法 |
JP2012058960A (ja) * | 2010-09-08 | 2012-03-22 | Yamatake Corp | 共有ファイル管理システム、その制御方法、およびプログラム |
JP2018080698A (ja) | 2016-11-14 | 2018-05-24 | マン・ディーゼル・アンド・ターボ・エスイー | 内燃機関のためのガス交換弁、及び内燃機関 |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111698279A (zh) * | 2020-04-17 | 2020-09-22 | 普联国际有限公司 | 通信设备控制方法和装置 |
Also Published As
Publication number | Publication date |
---|---|
CN112055849B (zh) | 2024-01-16 |
EP3783495A1 (en) | 2021-02-24 |
US12019774B2 (en) | 2024-06-25 |
TW201944263A (zh) | 2019-11-16 |
JP6969676B2 (ja) | 2021-11-24 |
CN112055849A (zh) | 2020-12-08 |
EP3783495A4 (en) | 2022-01-05 |
JPWO2019202888A1 (ja) | 2021-06-24 |
EP3783495B1 (en) | 2023-10-18 |
US20210110053A1 (en) | 2021-04-15 |
TWI795551B (zh) | 2023-03-11 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US8621574B2 (en) | Opaque quarantine and device discovery | |
KR101186392B1 (ko) | 분산형 메시 네트워크 | |
CN110944046B (zh) | 一种共识机制的控制方法及相关设备 | |
US9883386B2 (en) | Method and a server for managing profiles | |
US10956383B2 (en) | Device backup and wipe | |
CN107797859B (zh) | 一种定时任务的调度方法及一种调度服务器 | |
CN110569085A (zh) | 配置文件加载方法及系统 | |
CN110535776B (zh) | 网关限流方法、装置、网关、系统及存储介质 | |
CN110543335A (zh) | 应用程序配置管理方法及系统 | |
US11500812B2 (en) | Intermediate file processing method, client, server, and system | |
CN111654399A (zh) | 基于sd-wan的组网方法、装置、设备及存储介质 | |
US9692745B2 (en) | Single sign-on without a broker application | |
WO2019202888A1 (ja) | 排他制御システム及び排他制御方法 | |
CN110324384B (zh) | 数据推送的方法和装置 | |
CN104104701A (zh) | 在线服务的配置更新的方法和系统 | |
CN109150921B (zh) | 一种多节点集群的登录方法、装置、设备以及存储介质 | |
CN113094089A (zh) | 一种代码审查服务同步方法、装置及计算机设备 | |
CN110572442A (zh) | 配置文件路径的方法及系统 | |
WO2015127758A1 (zh) | 备份文件的数据重传方法及装置、系统 | |
JP6149416B2 (ja) | サービスバス装置、サービスバス装置の制御方法、メッセージ送受信システム、及びプログラム | |
WO2024001213A1 (zh) | 消息处理方法、发布端、订阅端及计算机可读存储介质 | |
JP2023166686A (ja) | 情報処理装置、情報処理システム、情報処理方法及び情報処理プログラム | |
CN116708550A (zh) | 一种消息推送方法、装置、设备及存储介质 | |
CN115835147A (zh) | 一种短信相关信息处理方法及装置 | |
CN117271666A (zh) | 数据同步方法、分布式系统、存储介质和电子设备 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 19787950 Country of ref document: EP Kind code of ref document: A1 |
|
ENP | Entry into the national phase |
Ref document number: 2020514018 Country of ref document: JP Kind code of ref document: A |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2019787950 Country of ref document: EP |
|
ENP | Entry into the national phase |
Ref document number: 2019787950 Country of ref document: EP Effective date: 20201119 |