WO2023153558A1 - Procédé de gestion de l'autorité sur des ressources incluses dans un document structuré, et appareil l'utilisant - Google Patents

Procédé de gestion de l'autorité sur des ressources incluses dans un document structuré, et appareil l'utilisant Download PDF

Info

Publication number
WO2023153558A1
WO2023153558A1 PCT/KR2022/005338 KR2022005338W WO2023153558A1 WO 2023153558 A1 WO2023153558 A1 WO 2023153558A1 KR 2022005338 W KR2022005338 W KR 2022005338W WO 2023153558 A1 WO2023153558 A1 WO 2023153558A1
Authority
WO
WIPO (PCT)
Prior art keywords
resource
specific
structured document
tag
user
Prior art date
Application number
PCT/KR2022/005338
Other languages
English (en)
Korean (ko)
Inventor
하상영
Original Assignee
(주) 바우디움
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by (주) 바우디움 filed Critical (주) 바우디움
Publication of WO2023153558A1 publication Critical patent/WO2023153558A1/fr

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F40/00Handling natural language data
    • G06F40/10Text processing
    • G06F40/103Formatting, i.e. changing of presentation of documents
    • G06F40/117Tagging; Marking up; Designating a block; Setting of attributes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F40/00Handling natural language data
    • G06F40/10Text processing
    • G06F40/12Use of codes for handling textual entities
    • G06F40/131Fragmentation of text files, e.g. creating reusable text-blocks; Linking to fragments, e.g. using XInclude; Namespaces
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F40/00Handling natural language data
    • G06F40/10Text processing
    • G06F40/12Use of codes for handling textual entities
    • G06F40/137Hierarchical processing, e.g. outlines
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/451Execution arrangements for user interfaces

Definitions

  • Disclosed in the present disclosure is a method for managing users' rights to resources, which are items included in a structured document, and a computing device using the same.
  • an owner tag corresponding to the top-level element document is created, and the new resource is created according to a request
  • a policy tag corresponding to the first specific resource or the permission tag is generated, the permission of the specific user for the first specific action on the second specific resource is returned according to the request, and the third obtained according to the request is returned.
  • a method for executing or not executing a second specific action of a user according to a user's authority for a second specific action for a specific resource and a computing device using the same are provided.
  • U.S. Patent Publication No. 9,323,850 discloses a method and system for estimating the viral score of a content item from a publisher.
  • the permission setting function which is a function that enables others to set whether or not each document created by a user can be viewed, reproduced, and used, is generalized with respect to the file system of an operating system (OS) running on a computing device.
  • OS operating system
  • OS operating system
  • the invention of the present disclosure aims to overcome the limitations of the prior art as follows.
  • the present invention deals with a structured document, which is a document structured by dividing a single document into several parts, by reducing the load incurred in reading or writing the entire document as the size of the single document increases, but resources corresponding to a part thereof. Its purpose is to provide a method for flexible and efficient authority management for
  • the present invention is a document that is not typically handled in the file system of the operating system, against read/write access, use, etc. of multiple users by enabling permission setting for actions such as sharing (ie, redistribution) and contribution Its purpose is to be able to maintain the integrity and recyclability of each part.
  • the characteristic configuration of the present invention for achieving the object of the present invention as described above and realizing the characteristic effects of the present invention described later is as follows.
  • a method for managing authority on resources included in a structured document as tags wherein the structured document has at least a depth of 0. including one top-level element document, and optionally further including at least one element document having a depth of 1 or more, each of all element documents included in the structured document including at least one record as content; , the resources include the structured document, all the element documents included in the structured document, and all the records, each of the resources including a correction round as the number of times modified, having a depth greater than or equal to 1
  • the structured document indicates that all element documents having a depth n of 1 or more in the structured document are each subordinate to one element document having a depth of n-1.
  • each dependent relationship to indicate, wherein users of individual resources belonging to the resources include a general user, at least one owner of the individual resource, and at least one specific user for the individual resource, wherein the Each of the tags includes an owner tag for authorizing actions on the individual resource to the at least one owner of the individual resource, and an owner tag for authorizing or prohibiting actions on the individual resource for the general user.
  • the method comprising a request from a user to create the structured document:
  • the computing device performs a process of generating the structured document and the top-level element document included in the structured document, and a process of generating the owner tag corresponding to the top-level element document;
  • a resource creation request which is a request from a user, to create a new resource in the structured document
  • the computing device creates the new resource;
  • a permission addition request which is a request from a user, to add a permission for a first specific resource in the structured document, the computing device generates the policy tag or the permission tag corresponding to the first specific resource.
  • an authority confirmation request which is a request for verifying authority of a specific user with respect to a first specific action for a second specific resource in the structured document
  • the computing device determines the first specific action for the second specific resource. returning the specific user's permission for an action
  • an action execution request which is a request from a user, for executing a second specific action for a third specific resource in the structured document
  • the computing device the second specific action for the third specific resource of the user. Acquiring the user's authority for the second specific action for the third specific resource through an authority confirmation request for an action, and executing or not executing the second specific action according to the acquired authority .
  • the structured document and the resources and (ii) the tags are held and managed in a repository as different units of information.
  • the actions related to the individual resource include a request for contribution and a reflection of the contribution for the individual resource, and the request for contribution includes a content modified from the individual resource, and
  • a user permitted to reflect the contribution to the individual resource is an action for determining whether to replace the individual resource by the new resource through the first user interface, and the reflection of the contribution is performed by the computing device according to whether the individual resource is replaced by the new resource.
  • the actions for the individual resource include reading the individual resource, the second specific action is copying of the structured document, and the copying of the structured document causes the computing device to: A document duplication step of creating a new structured document by duplicating target resources, which are structured documents or resources to which the user has been granted read permission, among all resources included in the structured document, and the computing device, using the copy target resources
  • This action includes a tag inheritance step of duplicating all tags corresponding to and applying them to the new structured document.
  • the actions related to the individual resource include reading of the individual resource and sharing of the individual resource, and the sharing of the individual resource causes the computing device to set a user designated as the target of the sharing.
  • Provide a second user interface accessible by a receiver but if the acceptor's acceptance of the individual resource determined through the second user interface is true, the structured document or all information included in the structured document
  • a new structured document is created by duplicating replication target resources, which are resources to which the recipient has read permission, among resources, and the new structured document is created so that the recipient is included in at least one owner of the top-level element document of the new structured document.
  • returning the right of the specific user with respect to the first specific action on the second specific resource may cause the first specific resource among the second specific resource and an ancestor resource of the second specific resource to be returned.
  • searching for a specific tag which is a tag of a resource closest to the second specific resource, as a tag applied to the specific user with respect to an action; and determining and returning the authority of the specific user with respect to the first specific action for the second specific resource according to the specific tag obtained according to the search.
  • the search is performed under a first condition that the specific tag is an owner tag and that the specific user belongs to the at least one owner corresponding to the specific tag, the specific tag a policy tag, and a second condition in which permission is granted or prohibited with respect to the first specific action by the specific tag, the specific tag is an authorization tag, and the specific user with respect to the first specific action by the specific tag.
  • the third condition in which permission is granted or prohibited, or the fourth condition in which the tag of the nearest resource that satisfies the first condition, the second condition, and the third condition does not exist is set as an end condition. For the 4 conditions, the third condition is applied first, the second condition is applied first to the third condition, and the first condition is applied first to the second condition.
  • a computer program comprising instructions implemented to perform the methods according to the present invention is also provided.
  • a computer program may be stored on a machine-readable non-transitory recording medium.
  • a computing device that manages authority for resources included in a structured document as tags, wherein the structured document has a depth of 0. It includes at least one top-level element document, and optionally further includes at least one element document having a depth of 1 or more, and each of all element documents included in the structured document includes at least one record as content. and the resources include the structured document, all of the element documents included in the structured document, and all of the records, each of the resources including a correction round as the number of times modified, wherein the depth is equal to or greater than 1.
  • the structured document When the at least one element document having a depth of 1 or more is included in the structured document, in the structured document, all element documents having a depth n of 1 or more depend on one element document having a depth of n-1. Further including each dependency relationship indicating that the resources are, wherein users of individual resources belonging to the resources include a general user, at least one owner of the individual resource, and at least one specific user of the individual resource, Each of the tags includes an owner tag for authorizing actions on the individual resource for the at least one owner of the individual resource, and authorization or prohibiting actions on the individual resource for the general user.
  • the computing device comprising: (i) a user for generating the structured document; A structured document creation request, which is a request from a user, (ii) a resource creation request, which is a request from a user, to create a new resource in the structured document, (iii) a permission for a first specific resource in the structured document.
  • Authorization addition request which is a request from a user
  • Authorization confirmation request which is a request to confirm the authorization of a specific user with respect to a first specific action on a second specific resource in the structured document
  • the structured document a communication unit for obtaining an action execution request, which is a request from a user, for executing a second specific action for my third specific resource; and a sub-process for generating the structured document and the top-level element document included in the structured document, and a sub-process for generating the owner tag corresponding to the top-level element document, in response to the structured document generation request.
  • a processor that obtains the user's authority for the second specific action for the third specific resource through an authority confirmation request, and performs a process of executing or not executing the second specific action according to the acquired authority include
  • management of creation, reading, modification, deletion, sharing, contribution, etc. of the contents of each part belonging to a document in particular, it is easy to set rights, and in particular, against read/write access and use of multiple users, corresponding It has the advantage of being able to effectively maintain the integrity and recyclability of each part of the document.
  • FIG. 1 is a conceptual diagram schematically illustrating an exemplary configuration of a computing device that performs a method for managing rights for resources included in a structured document (hereinafter referred to as a "method for managing structured document rights") according to the present disclosure. .
  • FIG. 2 is a block diagram exemplarily illustrating a structured document dealt with in the present disclosure.
  • FIG. 3 is a block diagram exemplarily showing tags corresponding to each of resources, including structured documents, element documents included in the structured document, and records included in the element document covered by the present disclosure.
  • FIG. 4 is an exemplary block diagram illustrating hardware or software components of a computing device performing a structured document rights management method according to the present disclosure.
  • FIG. 5 is a flowchart illustrating an embodiment of a structured document rights management method according to the present disclosure.
  • FIG. 6 is a sequence diagram illustrating a process of generating a structured document and generating an owner tag corresponding to the structured document according to the structured document rights management method of the present disclosure.
  • FIG. 7 is a sequence diagram illustrating a process of generating a policy tag or permission tag corresponding to a specific resource according to the structured document management method of the present disclosure.
  • FIG. 8 is a flowchart illustrating a process of searching for tags according to the structured document management method of the present disclosure.
  • FIG. 9 is a block diagram showing an example of a result of searching for tags according to the structured document management method of the present disclosure.
  • FIG. 10 is a sequence diagram illustrating a process of acquiring a user's authority and executing or not executing the second specific action according to the acquired authority according to the structured document management method of the present disclosure.
  • first or second may be used to describe various components, but such terms are to be interpreted solely for the purpose of distinguishing one component from another, and no order is implied. because it doesn't For example, a first element may be termed a second element, and similarly, a second element may be termed a first element.
  • a "structured document” is a concept that refers to a document bundle including one or more individual element documents connected to each other in a one-to-one or one-to-many (1:Many) dependency relationship (or equivalent inclusive relationship, etc.). Structured documents, element documents, and records, which are the contents of element documents, can each be encompassed by the higher concept of 'resource', and the dependency relationship or inclusion relationship between element documents can be generalized as a dependency relationship between resources.
  • resource A when a resource A depends on another resource B, resource A may be referred to as a "parent resource” of resource B, and resource B may be referred to as a "child resource” of resource A.
  • parent resources, parent resources of parent resources, parent resources of parent resources of parent resources, etc. are referred to as "ancestral resources", and child resources, child resources of child resources, child resources of child resources of child resources, etc. It may be referred to as a "descendant resource".
  • authorizedity or “authority information” refers to a value that sets whether a user can take an action (action) with respect to a resource or not, a Boolean value, It can have a form such as an enumeration value or an integer value.
  • action action
  • Boolean value a value that sets whether a user can take an action (action) with respect to a resource or not
  • Boolean value It can have a form such as an enumeration value or an integer value.
  • the expression “permission granted” may mean that the permission has a true value
  • the expression “permission prohibited” may mean that the permission has a false value. there is.
  • the authority information in the form of an integer value can express the authority of a user for various actions on a resource in a single value by bit expression, and the bit operation of a computing device is faster than a branch by a logical operation. Since it is extremely fast, the usefulness of expressing authority in integer form is well known to those skilled in the art.
  • the present invention covers all possible combinations of the embodiments presented in this disclosure. It should be understood that the various embodiments of the present invention are different, but need not be mutually exclusive. For example, specific shapes, structures, and characteristics described herein may be implemented in one embodiment in another embodiment without departing from the spirit and scope of the invention. Additionally, it should be understood that the location or arrangement of individual components within each disclosed embodiment may be changed without departing from the spirit and scope of the invention. Accordingly, the detailed description that follows is not intended to be taken in a limiting sense.
  • FIG. 1 is a conceptual diagram schematically illustrating an exemplary configuration of a computing device that performs a method for managing structured document rights according to the present disclosure.
  • a computing device 100 includes a communication unit 110 and a processor 120, and communicates with an external computing device (not shown) through the communication unit 110. You can communicate directly or indirectly.
  • the computing device 100 may include typical computer hardware (eg, a computer, processor, memory, storage, input and output devices, and other components of conventional computing devices; a router; electronic communication devices, such as switches, switches, etc.; electronic information storage systems, such as network-attached storage (NAS) and storage area network (SAN)) and computer software (i.e., enabling computing devices to It may be to achieve the desired system performance by using a combination of instructions).
  • the storage may include a storage device such as a hard disk or a universal serial bus (USB) memory as well as a storage device based on a network connection such as a cloud server.
  • USB universal serial bus
  • the communication unit 110 of such a computing device may transmit and receive requests and responses between other computing devices that are interlocked, for example, a dedicated storage, for example, a database server, and the like.
  • requests and responses are the same TCP ( It may be performed by a Transmission Control Protocol (Session) session, but is not limited thereto, and may be transmitted and received as a User Datagram Protocol (UDP) datagram, for example.
  • TCP Transmission Control Protocol
  • UDP User Datagram Protocol
  • the communication unit 110 may be implemented in the form of a communication module including a communication interface.
  • communication interfaces include Wireless LAN (WLAN), Wireless Fidelity (WiFi) Direct, Digital Living Network Alliance (DLNA), Wireless Broadband (WiBro), World interoperability for Microwave access (WiMax), High Speed Downlink Packet Access (HSDPA), etc.
  • DLNA Digital Living Network Alliance
  • WiBro Wireless Broadband
  • WiMax World interoperability for Microwave access
  • HSDPA High Speed Downlink Packet Access
  • BluetoothTM BluetoothTM
  • RFID Radio Frequency IDentification
  • IrDA Infrared Data Association
  • UWB Userltra-WideBand
  • ZigBee ZigBee
  • NFC Near Field Communication
  • the communication unit 110 may transmit/receive data from another computing device through an appropriate communication interface.
  • the communication unit 110 may include a keyboard, a mouse, other external input devices, a printing device, a display, and other external output devices for receiving commands or instructions, or may be interlocked with them.
  • the computing device 100 is provided.
  • the display unit can be embedded or interlocked with an external display device through the communication unit 110 .
  • such a display unit or display device may be a touch screen capable of touch input.
  • the processor 120 of the computing device may include one or more micro processing units (MPUs), central processing units (CPUs), and graphics processing units (GPUs) having internal memory such as cache memory and/or external memory.
  • MPUs micro processing units
  • CPUs central processing units
  • GPUs graphics processing units
  • a microprocessor such as a neural processing unit (NPU) or a tensor processing unit (TPU)
  • controller such as a microcontroller, an embedded microcontroller, a microcomputer, an arithmetic logic unit (ALU), a digital signal processor, such as , a programmable digital signal processor or other programmable device.
  • it may further include a software configuration of an operating system and an application that performs a specific purpose.
  • FIG. 2 is a block diagram exemplarily illustrating a structured document dealt with in the present disclosure.
  • a structured document 200 includes at least one top-level element document 210 having a depth of zero.
  • the depth of the element document has an integer greater than 0, that is, a non-negative integer value.
  • the structured document 200 may be referred to as a trivial structured document, and at least one element document having a depth of 1 or more (eg, 220 to 270) may be referred to as a non-trivial structured document.
  • element documents 220 and 230 of depth 1 are subordinate to element document 210 of depth 0, and element documents 240 and 250 of depth 2 are dependent on element document 220 of depth 1. ), and element documents 260 and 270 of depth 3 are subordinate to element document 240 of depth 2.
  • the structured document 200 may optionally further include element documents having a depth of 1 or more, and all element documents having a depth n of 1 or more in the structured document 200 each have a depth of n-1. It must depend on one element document.
  • the subordinate relationship between individual element documents in the structured document is included in the structured document 200 as data called 'dependency relationship'.
  • each element document included in the structured document 200 includes at least one record 212 to 276 as contents of the element document. Records may include text, figures, or pictures, but are not limited thereto, and may include data in various formats. Each of the records corresponding to the contents of a certain element document has values indicating whether to use (or display) and/or activate (or highlight) whether or not to use each of the child resources of the element document, for example, It may include Boolean values and display order values, eg, integer values, which are values indicating a display order when displaying the child resources.
  • 'resource' encompasses the structured document 200, all element documents 210 to 270 included in the structured document, as well as the records 212 to 276 of the element document 210 to 270. .
  • Each resource includes information on a revision count, which is the number of times the resource has been modified.
  • FIG. 3 is a block diagram exemplarily showing tags corresponding to each of resources, including structured documents, element documents included in the structured document, and records included in the element document covered by the present disclosure.
  • a user of an individual resource includes a general user (everybody), and at least one of the individual resources. includes an owner of, and at least one specific user for the individual resource.
  • the types of tags include an owner tag 320 for authorizing actions on the individual resource 310a for at least the owner 322 of the individual resource 310a, and an individual resource 310b for the general user. ), a policy tag 340 for authorizing or prohibiting actions on an individual resource 310c for the at least one specific user 362, a permission tag 360 for authorizing or prohibiting actions on an individual resource 310c. is included Since the general user refers to a specific user, there is a one-to-one correspondence relationship between the individual resource 310b and the policy tag 340, and a one-to-one correspondence relationship or a one-to-many correspondence between the individual resource 310a and the owner tag 320. There is a relationship.
  • a one-to-one correspondence relationship will be established between the individual resource and the owner tag, but if there are multiple owners of the individual resource 310a, a one-to-many correspondence relationship (one owner tag has only one owner). correspondence) may be established or a one-to-one correspondence relationship (when multiple owners correspond to one owner tag) may be established.
  • a one-to-one correspondence relationship or a one-to-many correspondence relationship may be established between the individual resource 310c and the permission tag 360, and a person skilled in the art may select one of them as a design proposal according to need.
  • FIG. 4 is an exemplary block diagram illustrating hardware or software components of a computing device for performing a method for managing structured document rights according to the present disclosure
  • FIG. 5 is an exemplary embodiment of a method for managing structured document rights according to the present disclosure. It is a flow chart showing
  • the structured document rights management method of the present disclosure is implemented by a computing device, for example, the server 100, in response to a structured document generation request, which is a request from a user, to create a structured document.
  • the structured document generation module 410 which generates the structured document 200 and the highest element document 210 included in the structured document 200, implemented by the server 100 or interlocked with the server 100 A process (S100a; not shown) holding in a predetermined storage 420, and an owner tag corresponding to the top-level element document 210 to generate an owner tag designating the user as an owner and holding it in a predetermined storage 420 and performing a process (S100b; not shown) (S100).
  • the structured document creation request, resource creation request, permission addition request, permission confirmation request, action execution request, etc. described in this disclosure can be obtained from another computing device used by the user, for example, the client 100'. .
  • the storage 420 among the components illustrated in FIG. 4 may be implemented in the server 100, which is the same computing device as the other modules, but may be implemented in a storage server (not shown), which is a separate computing device. .
  • FIG. 6 is a sequence diagram illustrating a process of generating a structured document and generating an owner tag corresponding to the structured document according to the structured document rights management method of the present disclosure.
  • the structured document 200 and resources including it and the tags may be held and managed in the same storage 420, but in different storages as different units of information, e.g., structured documents. and resources can be held and managed in the document repository 422 and tags in the tag repository 424.
  • Such an information unit may be, for example, a table of a SQL-based database, but is not limited thereto.
  • Generation of the top element document 210 in the process S100a may be performed by the resource creation module 430 called by the structured document creation module 410 .
  • the generation of the top-level element document 210 in the process (S100a) is performed by the resource creation module 430 as described later, since the user who requested the creation of the structured document 200 becomes the owner of the created structured document 200. Since there is no need to request permission confirmation of the same user, permission confirmation described later may be omitted.
  • the generation of the owner tag in process S100b may be performed by the tag generation module 440 called by the structured document generation module 410 . Similar to the process S100a, the generation of the owner tag in the process S100b is performed by the tag generation module 440 as described below since the user requesting the creation of the structured document becomes the owner of the created structured document 200. There is no need to request confirmation of the user's authority as such.
  • the owner tag is data indicating that the owner designated thereby has all rights to the structured document 200.
  • the owner corresponding to the owner tag is not limited to a single number and may be multiple.
  • the owner tag corresponding to the structured document is defined as the owner tag corresponding to the top-level element document, which is to ensure consistency in data handling when searching for authority by the tag described later.
  • the structured document rights management method of the present disclosure is configured to generate a new resource in the structured document 200 by the resource creation module 410 implemented by the server 100.
  • a resource creation request which is a request from a user, generating the new resource (S200).
  • the new resource may be, but is not limited to, a new element document included in the structured document 200, and may be, for example, a new record included in any element document of the structured document 200.
  • the tag generation module 440 implemented by the server 100 adds rights to a first specific resource in the structured document 200, from a user.
  • a policy tag or permission tag corresponding to the first specific resource is generated (S300).
  • the policy tag and permission tag are as described above.
  • FIG. 7 is a sequence diagram illustrating a process of generating a policy tag or permission tag corresponding to a specific resource according to the structured document management method of the present disclosure.
  • the tag generation module 440 allows the user to select the first specific resource (S340), and the type of tag for the first specific resource (policy tag, permission). tag, etc.) and its content (subject and authority of the subject) are selected by the user (S360), and a policy tag or permission tag corresponding to the first specific resource is generated and stored in a predetermined storage 420. (S380).
  • a step of providing and displaying the entire structured document through, for example, the client 100' before the selection of the first specific resource (S340) so that the user can select the first specific resource (S320) may be further included.
  • a policy tag for a general user or a permission tag for a specific user preset by the owner of the structured document corresponds to the resource as a default value. It can be created together, for this purpose, the resource creation module 410 may call the tag creation module 440.
  • the permission confirmation module 450 implemented by the server 100 is a specific user with respect to a first specific action for a second specific resource in the structured document 200.
  • the permission confirmation request which is a request for checking the permission of, returning (S400; returning or return) the permission of the specific user regarding the first specific action for the second specific resource.
  • the action execution module 460 implemented by the server 100 executes a second specific action with respect to a third specific resource in the structured document 200.
  • an action execution request which is a request from a user
  • the user related to the second specific action for the third specific resource through a permission confirmation request for the second specific action for the third specific resource of the user
  • an action for an individual resource which is the subject of authority confirmation
  • such actions may include uses and access of the resource.
  • the uses may include modification (editing), viewing, deletion, etc. of the resource, and each of these uses may be granted or prohibited.
  • this access since the access refers to displaying the resource as a search result, this access may also be granted or prohibited.
  • actions may include deleting a top-level element document, which may be the same action as deleting a corresponding structured document.
  • actions may include deletion of a resource that is not a top-level element document, and upon such deletion, all individual resources that are not a top-level element document and do not have child resources follow a chain of dependency relationships from top-level element documents.
  • child resources included in the individual resource to be deleted and their dependent relationships are also recursively recursive. Of course, it should be deleted as recursive.
  • the actions may include 'request for contribution' and 'reflection of contribution' for the individual resource.
  • 'contribution' refers to the action of a user requesting the contribution (i.e., a contributor) to modify the resources of a previously created structured document.
  • 'reflection of the contribution' corresponds to an action that changes or maintains the resources of the structured document according to the decision made by the user (ie, the contributor) who decides whether to approve the modification. do.
  • the contribution request includes, by the action execution module 460 implemented by the server 100, the content modified from the individual resource, and a correction cycle increased by 1 from the correction cycle of the individual resource.
  • the action execution module 460 implemented by the server 100
  • the content modified from the individual resource includes, by the action execution module 460 implemented by the server 100, the content modified from the individual resource, and a correction cycle increased by 1 from the correction cycle of the individual resource.
  • the reflection of the contribution is determined by the action execution module 460 implemented by the server 100, depending on whether the individual resource is replaced by the new resource, in the structured document, the new resource is the individual resource. It is an action that replaces or maintains the individual resource. If the new resource replaces the individual resource according to the selection of the contributor, the new resource has a correction cycle increased by 1 compared to the individual resource.
  • the action execution module 460 may be configured in such a way as to leave a history of, that is, a contribution record.
  • the actions may also include sharing of the individual resource.
  • a user requesting execution of an action of sharing may be referred to as a sender, and a user designated as a target of the sharing may be referred to as a receiver.
  • the action execution module 460 implemented by the server 100 provides a predetermined second user interface accessible by the receiver through the second user interface. If it is true that the acceptor accepts the determined individual resource, copying of the structured document 200 (original structured document) is performed to generate a new structured document 200' (not shown) and correspond to the new structured document. Create or modify the owner tag of the shared resources in the new structured document so that the recipient is included in at least one owner of shared resources that are resources to which the read permission of the recipient is granted among the individual resource and descendant resources of the individual resource. is an action
  • the new structured document is not the same as the original structured document.
  • the sender and receiver may be the same, so sharing to oneself can be referred to as collection.
  • the user interface providing module may also be used for providing the second user interface.
  • the actions may include duplication of the structured document, wherein the duplication of the structured document is performed by the action execution module 460 implemented by the server 100, the structured document 200 itself and A document duplication step of generating a new structured document by copying resources included in the structured document 200, that is, replication target resources, which are resources to which the user has been granted read permission, among all resources of the structured document 200, and
  • the action may include a tag inheritance step in which the action execution module 460 copies all tags corresponding to the replication target resources and applies them to the new structured document. That is, duplication of a structured document is substantially the same action as sharing of a structured document in which the sender and receiver are the same, but the difference is that the second user interface for asking whether or not the receiver accepts the sender is not provided. there is.
  • FIG. 8 exemplarily illustrating a process of searching for tags according to the structured document management method of the present disclosure.
  • the search for the second specific resource and an ancestor resource of the second specific resource to obtain the specific tag T of the nearest resource is performed from the second specific resource R to the ancestor resource ⁇ R p ⁇ ) and searches for a tag t of a resource r that satisfies a specific condition, that is, an end condition, among R ⁇ ⁇ R p ⁇ , for example, a breadth-first search (BFS). ), but is not limited thereto.
  • the tag t of resource r, which satisfies the termination condition, is the specific tag T that is the result of the search.
  • the termination condition to be satisfied is: (i) a first condition in which tag t corresponds to an owner tag and a particular user U belongs to the at least one owner corresponding to tag t; (ii) a tag (t) is a policy tag, and the second condition that the tag (t) authorizes or prohibits the first specific action (A), (iii) the tag (t) is a permission tag, and the tag (t) This is a condition that satisfies one of the third conditions in which the specific user U's authority for the first specific action A is granted or prohibited.
  • the fourth condition that no tag t that satisfies the first condition, the second condition, and the third condition does not exist is also an end condition, but if the fourth condition is satisfied, a specific tag (T) that is the result of the search ) does not exist, the authority for the first specific action (A) for the second specific resource (R) of the specific user (U) may be regarded as prohibited.
  • the third condition may be applied first to the fourth condition, and the second condition to the third condition.
  • a condition may be applied first, and the first condition may be applied first with respect to the second condition.
  • FIG. 9 is a block diagram showing an example of a result of searching for tags according to the structured document management method of the present disclosure.
  • a schematic subordinate relationship of resources 910 to 919 belonging to a structured document 900 is shown.
  • the top-level element document of the structured document 900 is a resource 910, and each resource
  • the symbol indicated in the indicated node indicates the kind of tag set to the particular user U with respect to the first particular action while corresponding to that resource.
  • "O" stands for owner tag
  • A for permission tag
  • P for policy tag.
  • Unsigned resources 914, 916, 918, and 919 indicated in the node mean that there is no tag set to correspond to each of the resources with respect to the first specific action and specific user U.
  • the closest resource that satisfies the end condition of the resource 914 to which the tag set for the specific user U with respect to the first specific action does not correspond is the resource 911 ), and since the end condition is the third condition, the tag applied to the resource 911, the first specific action, and the specific user U is also applied to the resource 914 and the resource 918.
  • the specific user's A step (S480) of determining the authority and returning it may be further included.
  • FIG. 10 shows a process of acquiring a user's authority according to the structured document management method of the present disclosure and executing or not executing the second specific action according to the acquired authority. see
  • the user from the client 100' takes the second specific action and the action including the third specific resource selected (S530) as a target of the second specific action.
  • the action execution module 460 sends an authorization confirmation request (S550) for the second specific action for the third specific resource of the user to the third specific resource.
  • the user's authority for the second specific action may be returned (S480) and obtained, and the result may be returned (S580) after executing or not executing the second specific action according to the obtained authority (S580). there is.
  • a step of providing and displaying the entire structured document through, for example, the client 100' may be further included before the selection (S530) so that the user can select the third specific resource and the second specific action. .
  • the above-described creation of a new resource also requests and obtains authority confirmation.
  • the user can perform this (S200) only when the user has authority. Since the creation of structured documents and the creation of resources can be regarded as a kind of action, respectively, the structured document creation module 410 and the resource creation module 430 that perform each of them can also be integrated into the action execution module 460. , the example shown in FIG.
  • FIG. 4 is a separate structured document creation module 410 and modules corresponding to generation of a structured document and generation of a resource, which are essential actions among actions performed by a more general-purpose action execution module 460. It may be interpreted that what is indicated by the resource generation module 430 is not passing.
  • any of the methods of the present invention can be newly created (S100) of another structured document immediately after performing an action of modifying a resource belonging to one structured document (S500). Since steps cannot necessarily precede or follow, the use of the term 'step' is intentionally avoided in this disclosure, and it will be said that a time-series logical precedence relationship exists only when absolutely necessary. Therefore, the person skilled in the art will understand that all the steps described above are interchangeable regardless of the magnitude of the expressed numerals, unless a compelling reason to do so follows.
  • the handling by multiple users of a structured document composed of several parts can be carried out efficiently and systematically, while providing sufficient variability or flexibility to the structure, and in particular, the present invention provides for the sharing of actions that are not typical.
  • the method disclosed in this disclosure may be performed not only once but also repeatedly, intermittently or continuously according to the user's request or need.
  • a person skilled in the art can perform various manipulations of the user necessary in the method of the present disclosure, particularly contents of individual resources constituting the structured document described in the present disclosure, such as text.
  • Various user interfaces required for performing actions such as receiving various types of data such as , photos, dates, and times from the user and outputting them for provision to the user can be easily assumed.
  • the hardware device may include a general-purpose computer and/or a dedicated computing device or a specific computing device or a particular aspect or component of a specific computing device.
  • the processes may be realized by a processor as described above, which is combined with a memory such as ROM/RAM or the like for storing program instructions and configured to execute instructions stored in the memory. Additionally, or alternatively, the processes may use an application specific integrated circuit (ASIC), programmable gate array, such as a field programmable gate array (FPGA), programmable logic unit (PLU) or programmable array logic (Programmable Array Logic; PAL) or any other device capable of executing and responding to other instructions, any other device or combination of devices that may be configured to process electronic signals.
  • ASIC application specific integrated circuit
  • FPGA field programmable gate array
  • PLU programmable logic unit
  • PAL programmable array logic
  • a processing device may run an operating system and one or more software applications running on the operating system.
  • a processing device may also access, store, manipulate, process, and generate data in response to execution of software.
  • the processing device includes a plurality of processing elements and/or a plurality of types of processing elements. It can be seen that it can include.
  • a processing device may include a plurality of processors or a processor and a controller. Other processing configurations are also possible, such as parallel processors.
  • the hardware device may also include a communication unit as described above capable of exchanging signals with an external device.
  • Software may include a computer program, code, instructions, or a combination of one or more of the foregoing, and may independently or collectively configure a processing device to operate as desired. ) command to the processing unit.
  • Software and/or data may be any tangible machine, component, physical device, virtual equipment, computer storage medium or device, intended to be interpreted by or provide instructions or data to a processing device. , or may be permanently or temporarily embodied in a transmitted signal wave.
  • Software may be distributed on networked computer systems and stored or executed in a distributed manner.
  • Software and data may be stored on one or more machine-readable recording media.
  • Machine-readable media may include program instructions, data files, data structures, etc. alone or in combination.
  • Program instructions recorded on a machine-readable recording medium may be specially designed and configured for the embodiment or may be known and usable to those skilled in the art of computer software.
  • Examples of machine-readable recording media include magnetic media such as hard disks, floppy disks and magnetic tapes, optical media such as CD-ROMs, DVDs, and Blu-rays, and floptical disks. ), and hardware devices specially configured to store and execute program instructions, such as ROM, RAM, flash memory, and the like.
  • Examples of program instructions include storage and compilation for execution on any one of the foregoing devices, as well as a heterogeneous combination of processors, processor architectures, or different combinations of hardware and software, or any other machine capable of executing program instructions.
  • a structured programming language such as C, an object-oriented programming language such as C++, or a high-level or low-level programming language (assembler, hardware description languages, and database programming languages and technologies) that can be interpreted.
  • C computer code
  • object-oriented programming language such as C++
  • high-level or low-level programming language assembly, hardware description languages, and database programming languages and technologies
  • the methods and combinations of methods may be implemented as executable code that performs each step.
  • the method may be implemented as systems performing the steps, the methods may be distributed in several ways across devices or all functions may be integrated into one dedicated, stand-alone device or other hardware.
  • the means for performing the steps associated with the processes described above may include any of the hardware and/or software described above. All such sequential combinations and combinations are intended to fall within the scope of this disclosure.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • General Health & Medical Sciences (AREA)
  • Computational Linguistics (AREA)
  • Audiology, Speech & Language Pathology (AREA)
  • Artificial Intelligence (AREA)
  • Health & Medical Sciences (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Human Computer Interaction (AREA)
  • Document Processing Apparatus (AREA)
  • Storage Device Security (AREA)

Abstract

La présente invention concerne un procédé pour gérer l'autorité d'utilisateurs sur des ressources, qui sont des éléments inclus dans un document structuré, et un dispositif informatique l'utilisant. En particulier, la présente invention concerne un procédé et un dispositif informatique l'utilisant, le procédé consistant à : générer une étiquette de propriétaire correspondant au document d'élément le plus haut inclus dans le document structuré en réponse à une demande tout en générant un document structuré et le document d'élément le plus haut ; générer une nouvelle ressource en réponse à une demande ; générer une étiquette de politique ou une étiquette d'autorisation correspondant à une première ressource spécifique en réponse à une demande ; renvoyer l'autorité spécifique d'un utilisateur sur une première action spécifique par rapport à une deuxième ressource spécifique en réponse à une demande ; et permettre ou ne pas permettre l'exécution de la deuxième action spécifique de l'utilisateur selon l'autorité acquise de l'utilisateur sur la deuxième action spécifique par rapport à une troisième ressource spécifique en réponse à une demande.
PCT/KR2022/005338 2022-02-11 2022-04-13 Procédé de gestion de l'autorité sur des ressources incluses dans un document structuré, et appareil l'utilisant WO2023153558A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
KR1020220018238A KR102381539B1 (ko) 2022-02-11 2022-02-11 구조화 문서에 포함된 자원들에 관한 권한을 관리하는 방법 및 이를 이용한 장치
KR10-2022-0018238 2022-02-11

Publications (1)

Publication Number Publication Date
WO2023153558A1 true WO2023153558A1 (fr) 2023-08-17

Family

ID=81183834

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/KR2022/005338 WO2023153558A1 (fr) 2022-02-11 2022-04-13 Procédé de gestion de l'autorité sur des ressources incluses dans un document structuré, et appareil l'utilisant

Country Status (2)

Country Link
KR (1) KR102381539B1 (fr)
WO (1) WO2023153558A1 (fr)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR102381539B1 (ko) * 2022-02-11 2022-04-01 (주) 바우디움 구조화 문서에 포함된 자원들에 관한 권한을 관리하는 방법 및 이를 이용한 장치
CN117807619B (zh) * 2024-03-01 2024-05-14 中国人民解放军国防科技大学 一种非结构化数据与结构化数据的统一权限控制方法

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2000155756A (ja) * 1998-06-30 2000-06-06 Toshiba Corp 構造化文書保存方法並びにデータ中継装置及びデータ送受信装置
JP2002091947A (ja) * 2000-09-14 2002-03-29 Hitachi Ltd 構造化文書動的生成装置
US7043487B2 (en) * 2002-12-28 2006-05-09 International Business Machines Corporation Method for storing XML documents in a relational database system while exploiting XML schema
US7921072B2 (en) * 2005-05-31 2011-04-05 Alcatel-Lucent Usa Inc. Methods and apparatus for mapping source schemas to a target schema using schema embedding
US20170124258A1 (en) * 2015-11-04 2017-05-04 Mmodal Ip Llc Dynamic De-Identification of Healthcare Data
KR102381539B1 (ko) * 2022-02-11 2022-04-01 (주) 바우디움 구조화 문서에 포함된 자원들에 관한 권한을 관리하는 방법 및 이를 이용한 장치

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9323850B1 (en) 2012-05-30 2016-04-26 Google Inc. Potential social recipient ranking for maximal viral content distribution

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2000155756A (ja) * 1998-06-30 2000-06-06 Toshiba Corp 構造化文書保存方法並びにデータ中継装置及びデータ送受信装置
JP2002091947A (ja) * 2000-09-14 2002-03-29 Hitachi Ltd 構造化文書動的生成装置
US7043487B2 (en) * 2002-12-28 2006-05-09 International Business Machines Corporation Method for storing XML documents in a relational database system while exploiting XML schema
US7921072B2 (en) * 2005-05-31 2011-04-05 Alcatel-Lucent Usa Inc. Methods and apparatus for mapping source schemas to a target schema using schema embedding
US20170124258A1 (en) * 2015-11-04 2017-05-04 Mmodal Ip Llc Dynamic De-Identification of Healthcare Data
KR102381539B1 (ko) * 2022-02-11 2022-04-01 (주) 바우디움 구조화 문서에 포함된 자원들에 관한 권한을 관리하는 방법 및 이를 이용한 장치

Also Published As

Publication number Publication date
KR102381539B1 (ko) 2022-04-01

Similar Documents

Publication Publication Date Title
WO2023153558A1 (fr) Procédé de gestion de l'autorité sur des ressources incluses dans un document structuré, et appareil l'utilisant
US10614233B2 (en) Managing access to documents with a file monitor
US10747893B2 (en) Device and method for determining content of access control of data
US7574745B2 (en) Information processing apparatus, information processing method, computer-readable medium having information processing program embodied therein, and resource management apparatus
US8799822B2 (en) Information processing apparatus, and display control method
US20190354705A1 (en) Multiple containers assigned to an application
US20120166442A1 (en) Categorizing data to perform access control
US20200120104A1 (en) Proxy authorization of a network device
US20170323111A1 (en) Data management for a mass storage device
JP2012022461A (ja) オブジェクト複製制御装置およびプログラム
US20200366660A1 (en) System and methods for securely storing data for efficient access by cloud-based computing instances
WO2023132422A1 (fr) Procédé de gestion de plan d'utilisateur sur la base d'un document structuré, et dispositif l'utilisant
CN104050207B (zh) 信息处理装置和文件管理系统
WO2023200060A1 (fr) Procédé de gestion de ressources pouvant être obtenues et appareil l'utilisant
JP2019016146A (ja) ジョブ共有許可装置、ジョブ共有許可方法およびジョブ共有許可プログラム
JP2007034933A (ja) 文書管理システムにおける文書更新方法
WO2023058832A1 (fr) Procédé de gestion de document de guidage, de document d'action et de document de proposition, ainsi qu'appareil l'utilisant
JP2005332049A (ja) ポリシ変換方法、ポリシ移行方法およびポリシ評価方法
WO2015183016A1 (fr) Dispositif de traitement de données et procédé de vérification de données enregistrées dans une mémoire d'un dispositif de traitement de données
WO2024101843A1 (fr) Système de gouvernance de données et procédé de gestion de données pour système de gouvernance de données
US20220067183A1 (en) Information processing apparatus and non-transitory computer readable medium
US11983580B2 (en) Real-time modification of application programming interface behavior
US11916914B2 (en) At least one information processing apparatus, information processing system, and permission granting method
WO2021131456A1 (fr) Ordinateur de gestion de données et procédé de gestion de données
WO2022075519A1 (fr) Procédé de service de distribution de contenu pour gestion de commande d'accès, et appareil informatique et système pour la réalisation de ce procédé

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 22926156

Country of ref document: EP

Kind code of ref document: A1