Patent Application
20070174896
1. Technical Field
The present invention relates to a technology for assigning a security policy to a digital document.
2. Related Art
As the network environment develops in recent years, the digitizing of documents for a paperless-office is progressing. For example, when transmitting information in an office, a digital document is created on a PC (personal computer) and distributed.
However, offices even now have large quantities of paper documents that have not been digitized as well as digital documents that have not been assigned a security policy.
According to an aspect of the invention, a security policy assignment apparatus includes an acquisition unit that acquires key data from a set field in a digital document or associated data thereto and an assignment unit that assigns a security policy, which has been set with a set value corresponding to the acquired key data, to the digital document by referencing correspondence information that maps the key data and the set value of the security policy.
Embodiments of the present invention will be described in detail based on the following figures, wherein:
The image input device 12 generates a digital document (typically a digital image created in a raster format) from a paper document and is constructed, for example, from a scanner or a multifunction device (equipped with scanner, printer, and facsimile functions). The image input device 12 generates a digital document from a paper document and transmits the digital document to the digital document manager 14. In the stage where the digital document is generated, the digital document is not usually set with a security policy.
The digital document manager 14 is the core of the policy assignment system 10 and is equipped with functions, such as a function for assigning a security policy and a function for managing digital documents according to the security policy. Functions provided in the digital document manager 14 for assigning a security policy include a function for acquiring policy information from within a digital document to be a keyword for setting the security policy, a function for determining a security policy on the basis of information to map policy information and a security policy set value, and a function for encrypting the digital document on the basis of the determined security policy. Furthermore, as a management function based on the security policy, a function is included to judge whether to allow access by issuing an inquiry to the policy management server 20 with regard to a user's operating privilege on the basis of the security policy when there is an access request to a digital document. To implement this function, the digital document manager 14 is constructed from a computer that includes hardware with arithmetic and control functions and software for defining their operations, such as a PC (personal computer) and a multifunction device that may or may not be identical to the image input device 12. The digital document manager 14 is connected to the image input device 12 and inputs digital documents and user commands from the image input device 12. Furthermore, the digital document manager 14 is also connected to the user terminal 16 and inputs user commands via the user terminal 16.
On the basis of user operations, the user terminal 16 issues commands to the digital document manager 14 for the generation, storage, and printing of digital documents. The user can issue a command via the user terminal 16 to set a security policy for a digital document that has already been stored in the repository 18 and not been set with a security policy. The user terminal 16 can be constructed from various devices on a network, such as a PC or a multifunction device.
The repository 18 is a device for storing digital documents before or after the digital document manager 14 has assigned a security policy. A digital document that has been assigned a security policy may be encrypted so as not to be manipulated by a third party. The repository 18 can be constructed by using a storage area that is accessible from the digital document manager 14. Specific examples of a storage area include a file server connected to the digital document manager 14, a local storage of the image input device 12, a local storage of the user terminal 16, a file server on the Internet, a P2P (Peer to Peer) shared file area, and so forth.
The policy management server 20 is positioned to be accessible from the digital document manager 14 and manages the security policy that has been assigned to a digital document. A security policy determines the limits of various operating privileges with respect to a digital document, such as display, editing, copying, and printing, and can be set for every digital document and for every user. The security policy that is set by the policy management server 20 includes storage location and identification information of each digital document as well as information on user operating privileges for each type of operation. Furthermore, as necessary, also included is information specifying the operation that was performed to protect a digital document, such as encryption information for the digital document.
The user authentication server 22 is positioned to be accessible from the policy management server 20 and authenticates a user who is logging in or performing an operation with respect to the policy assignment system 10. If the policy assignment system 10 forms a distributed system, user authentication at each device or component can be performed in a batch process by using the user authentication server 22.
Next, an operation of the policy assignment system of
The user next places the paper document on the image input device 12 and performs scanning. At this time, a command to assign a security policy to the generated digital document is also issued due to a standard setting or user command. At the image input device 12, the paper document is scanned and a digital document is created (S14) and transmitted to the digital document manager 14.
At the digital document manager 14, policy information and document information are acquired (S16) from the acquired digital document. The policy information includes data to be keywords for setting the security policy and its acquisition can be performed from characters or images forming the digital document, metadata of the digital document, characters or images forming another digital document generated from scanning and mapping the digital document with prior and subsequent digital documents, and so forth. The policy information is normally taken from a predetermined part of such a digital document in accordance with a rule set in advance. Furthermore, the document information includes information necessary for the storage of the digital document, such as storage destination and storage document name. Although the document information is typically acquired on the basis of a user command that is input from the image input device 12, it can, for example, also be read from the digital document in the same manner as the policy information.
The digital document manager 14 determines (S18) the setting for the security policy to be assigned from the acquired policy information in accordance with the correspondence relation that has been set in advance. Then, a command is issued (S20) with respect to the policy management server 20 to set the determined security policy to the digital document. At the policy management server 20, the security policy is stored with the document information of the digital document and a report thereof is issued to the digital document manager 14. Furthermore, the digital document manager 14 encrypts the digital document as necessary, and then stores the digital document into the repository 18 in accordance with the document information.
In this manner, the conversion of a paper document into a digital document and the setting of a security policy for the digital document are performed. In this mode, once a rule for security setting has been determined, the user can create a large quantity of digital documents that have been set with a security policy without having to be particularly conscious about setting a security policy. Therefore, for example, a large quantity of paper documents in an office can be easily quickly and easily converted into digital documents.
Next, a modification of the example shown in
In this example, the user operates the user terminal 16 and attempts to log in to the digital document manager 14. The digital document manager 14 sends a request (S30) for user authentication to the user authentication server 22 via the policy management server 20 and the user authentication result is transmitted (S32) to the user terminal 16 via the digital document manager 14.
A digital document to be set with a security policy is specified (S34) from the user terminal 16 for the digital document manager 14. The digital document manager 14 sends an inquiry to the policy management server 20 to confirm that a security policy has not been assigned (S36) after which this digital document is acquired (S38) from the repository 18. Although it is possible to reset the security policy if it has already been set, this must at least be performed so as not to contradict the security policy that has already been set.
The digital document manager 14 acquires policy information from the entered digital document (S40), and after determining (S42) the security policy corresponding to the policy information, issues a request for security policy assignment to the policy management server 20. The policy management server 20 then sets the security policy and notifies the digital document manager 14 of this. The digital document manager 14 encrypts the digital document that is stored in the repository 18 as necessary.
Several modes for setting policy information will be described next using
When a paper document is scanned,
The setup sheet 32 is provided with fields to be filled predetermined entries. More specifically, the setup sheet 32 has a keyword field 36 with a value 38 of “for internal use only”, a storage location field 40 with a value 42 of “ABC”, and a document name field 44 with a value 46 of “XYZ”. The setup sheet 32 is usually created using a word processor in a standardized form. However, if the fields are filled so as not to interfere with scanning, such as if the field entries are clear and properly positioned, the values 38, 42, 46 and the fields 36, 40, 44 may be handwritten instead.
The setup sheet 32 is scanned together with the underlying paper document 34. After being converted to a digital document, the digital document manager 14 performs matching with setup sheet data that was set in advance. As a result, it can be seen from the setup sheet 32 that the created digital document is included and further that the digital document is a setup sheet for the digital document created that was from the paper document 34. Then, repository information is read from the value 38 of the keyword field 36 and document information is read from the value 42 of the storage location field 40 and the value 46 of the document name field 44. In this process, pattern matching technology is employed, such as optical character recognition (OCR) or pattern recognition.
The title field 62, the contract date field 64, and the contractor 66 are fields usually provided on a contract and are filled in at approximately fixed positions using a standardized form. Thus, these fields are easily scanned and can be expected to always yield the same type of entries. In this example, the entry for the title field 62 is set with a keyword (policy information) to assign a security policy, the entry for the contract date field 64 is set with storage location information for the digital document to be sorted by year, and the contractor field 66 is set with document name information to be added to the digital document. As a result, information identical to that in the examples shown in
In a line indicated by a code 90, a security policy set value is displayed for the case where “confidential” has been set in the keyword field 72. More specifically, a security policy has been set to permit the execution of display operations only by “user A” and “user B” and to prohibit the execution of editing, copying, and printing operations by all users. Similarly, according to a line indicated by a code 92, in the case where “for internal use only” has been set for the policy information, a security policy has been set to permit the execution of display operations by all users, to permit the execution of editing operations only by “user A” and “group A” and to prohibit the execution of copying and printing operations by all users. Furthermore, according to a line indicated by a code 94, in the case where “XXX Contract” has been set for the policy information, a security policy has been set to permit the execution of display operations by “group A” and to prohibit the execution of editing, copying, and printing operations by all users.
The digital document manager 14 is set in advance with the correspondence table 70. Then, when setting the security policy, the digital document manager 14 searches the keyword field 72 of the correspondence table 70 for the acquired policy information as the keyword and reads the corresponding value. The creation of the correspondence table 70 is usually performed on the basis of user command. However, to lighten the burden on the user, for example, the provision of an automatic creation function can be considered to be effective, where the set mode of the digital document that has already been set with a security policy is analyzed to yield a setting rule which is proposed to the user.
Finally, the flow of processing in the setting of a security policy will be described using the flowcharts in
As a result of the scan, the resulting digital document is sent to the digital document manager 14 and the digital document manager 14 analyzes (S106) the top page to acquire policy information and document information. As a result, if policy information and document information are not indicated on the setup sheet, the processing stops, and if they are indicated, the correspondence table is searched (S110) with the policy information as the keyword. Next, the digital document manager 14 creates a security policy, which has an obtained set value, maps it to the digital document, and registers it into the policy management server 20 (S112). Then, the digital document is encrypted with a public key of a user having operating privileges and a unique document ID and information of the policy management server 20 are assigned to the digital document after which the digital document is stored into the repository 18. The storage location is selected on the basis of the document information that was acquired in step S106.
Next, using
In this mode, the processing from the scanning of the paper document until the generation of the digital document (S100 to S104) is performed in the same manner as in
Next, using
In this processing, after user authentication is performed (S100, S102), the digital document to be processed is selected. Then, acquisition of a corresponding security policy from the policy management server 20 is attempted (S130) and its presence or absence is judged (S132). As a result, if a security policy has already been set, the processing ends, and if it has not been set, the digital document is acquired (S134) from the repository 18. Thereafter, policy information and document information are acquired from the acquired digital document and the processing for setting the security policy is fundamentally identical to the examples shown in
The aforementioned examples showed modes where a security policy is set for one paper document or digital document. However, a security policy can also be set for multiple paper documents or digital documents in the same manner. In this case, it is not necessary for the user to perform the setting for each paper document or digital document and the various security policy settings can be performed in a batch process so as to substantially decrease the burden on the user.
Various embodiments are summarized hereinafter. Some embodiments may overlap with the aforementioned descriptions.
The security policy assignment apparatus can be constructed using hardware with arithmetic functions and software for defining their operations. The security policy assignment apparatus may be constructed as an apparatus formed from a single chassis or as an apparatus formed from multiple chassis capable of communications.
The acquisition unit acquires key data from a set field that is set in a digital document or from a set field that is set in data associated with the digital document. The digital document refers to electronically generated data and to an expression of a document formed from characters or figures or photographs. The digital document may be formed from one sheet page or multiple sheet pages in a print image. If the digital document is formed from multiple sheets, all the pages are usually gathered into one file. Furthermore, the data associated with the digital document refers to the data besides the digital document and to data mapped to the digital document, such as an attached digital document that is handled together with the digital document. The set field that is set in the digital document or the associated data refers to an area or entry that has been defined to acquire key data, such as by a user preset. The location and size (in the print image) of the set field may be fixed or variable. Key data refers to one or multiple data to be extracted from the set field and used as a key to set a security policy.
The assignment unit sets a security policy to a digital document. During the setting process, correspondence information prepared in advance is referenced. The correspondence information maps key data and the set value of the security policy. The security policy here refers to management information defining the operating privileges for a digital document. Furthermore, the operating privileges refer to the operations that can be performed with respect to a digital document, such as reading, writing, printing, transmitting, and so forth. The security policy can be set for every digital document or can be set for every user or user group. Thus, when setting the security policy, it is generally necessary to permit or prohibit multiple privileges for multiple users. These specific values are referred to here as the set values of the security policy. The key data is mapped in the correspondence information to one or multiple set values. The assignment unit sets the set value that is determined by the key data as the security policy and assigns it to the digital document. The assignment of the security policy is performed so as to ensure the effectiveness of the operating privileges in accordance with the security policy. This can be set in various ways. For example, modes can be illustrated where only those with privileges can perform encryption that can be decrypted or only those with privileges can provide a passable gate.
According to this mode, provided the user defines the set field in advance as necessary and sets the correspondence information, the security policy for a digital document (or its original paper document) can be set without the user necessarily performing any subsequent special operation (although an operation, such as confirmation, can be performed as necessary). In particular, when setting the security policy for large quantities of digital documents, the task burden is reduced. The security policy assignment apparatus usually performs processing for digital documents that have not been assigned with a security policy. However, for example, the apparatus may be designed to reset the security policy for digital documents that have already been assigned.
In one mode of the security policy assignment apparatus of the present invention, a scanning unit is included to scan a paper document and generate a digital document. The digital document relating to the acquisition unit is a digital document generated by the scanning unit. Typically, the scanning unit is implemented by a scanner. The scanner itself may occupy a single chassis or form a part of a multifunction device or a copying machine. In the latter case, integrating the acquisition unit or the assignment unit into the multifunction device or the copying machine is also effective.
In one mode of the security policy assignment apparatus of the present invention, the scanning unit generates associated data by scanning another paper document mapped to the paper document and including a standardized entry and the scanning unit acquires the key data from the set field that is set for the standardized entry in the associated data. The standardized entry refers to an entry having a predictable or recognizable rule. More specifically, a mode in which the same entry fields are always prepared or a mode in which a selection is always made from multiple choices can be illustrated. According to this configuration, besides the paper document that becomes the digital document, the paper document (or setup sheet) having information that becomes the key data in a standardized entry can be scanned by the scanning unit. These two paper documents are mapped by stacking and scanning them in sequence and assigning a common identification number.
In one mode of the security policy assignment apparatus of the present invention, the associated data includes data indicating a user who issued a scan command to the scanning unit or data indicating the time when the scanning unit generated the digital document and the scanning unit acquires the key data from the set field that includes data indicating the time or data indicating the user in the associated data. Namely, the security policy setting is performed while taking into consideration the user relating to the command and the document creation time stamp.
In one mode of the security policy assignment apparatus of the present invention, the digital document relating to the acquisition unit is a digital document that is stored without being assigned a security policy. Namely, among the digital documents that are already stored, the security policy setting is performed for those digital documents that have not been assigned a security policy.
In one mode of the security policy assignment apparatus of the present invention, the digital document includes standardized data and the acquisition unit acquires the key data from the set field that is set for standardized data in the digital document. Namely, the key data is acquired from the standardized part in the digital document itself.
In one mode of the security policy assignment apparatus of the present invention, the standardized data included in the digital document is metadata concerning the digital document. Furthermore, in one mode of the security policy assignment apparatus of the present invention, the standardized data included in the digital document is text data or image data.
The foregoing description of the exemplary embodiments of the present invention has been provided for the purposes of illustration and description. It is not intended to be exhaustive or to limit the invention to the precise forms disclosed. Obviously, many modifications and variations will be apparent to practitioners skilled in the art. The exemplary embodiments were chosen and described in order to best explain the principles of the invention and its practical applications, thereby enabling others skilled in the art to understand the invention for various embodiments and with the various modifications as are suited to the particular use contemplated. It is intended that the scope of the invention be defined by the following claims and their equivalents.
| Number | Date | Country | Kind |
|---|---|---|---|
| 2006-16188 | Jan 2006 | JP | national |
