Data management apparatus, data management method and program thereof

US 20050055583A1
Filed: 09/02/2004
Published: 03/10/2005
Est. Priority Date: 09/05/2003
Status: Abandoned Application

First Claim

Patent Images

1. A data-management apparatus that determines whether or not authorization has been given to access data in response to an access request to the data from a user, the apparatus comprising:

an access-authorization-memory unit operable to correlate and store data identifiers that are capable of identifying the data, and access-authorized-user identifiers that are capable of identifying users that can access the data;

an access-analysis unit operable to obtain a user identifier for a user performing an access request and a data identifier for data that is a target of that access from the access request;

an access-authorized-user-acquisition unit operable to obtain an access-authorized-user identifier that correlate to the data identifier obtained by the access-analysis unit within the access-authorization-memory unit;

an access-authorization-judgment unit operable to compare the user identifier obtained by the access-analysis unit with the access-authorized-user identifier obtained by the access-authorized-user-acquisition unit; and

a user-information-provider unit operable to provide information about other users that are authorized to access the data for which the user performed an access request when it was determined by the access-authorization-judgment unit that access of the data is not authorized.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

This invention is a data-management apparatus, data-management method and program thereof that improve convenience for a user that does not have authorization to access data without sacrificing the security of the data. This invention is a data-management apparatus, data-management method and program thereof that comprises a user-information-provider unit that provides information to the user about other users that are authorized to access data when the user is not authorized to access data.

Citations

13 Claims

1. A data-management apparatus that determines whether or not authorization has been given to access data in response to an access request to the data from a user, the apparatus comprising:
- an access-authorization-memory unit operable to correlate and store data identifiers that are capable of identifying the data, and access-authorized-user identifiers that are capable of identifying users that can access the data;
  
  an access-analysis unit operable to obtain a user identifier for a user performing an access request and a data identifier for data that is a target of that access from the access request;
  
  an access-authorized-user-acquisition unit operable to obtain an access-authorized-user identifier that correlate to the data identifier obtained by the access-analysis unit within the access-authorization-memory unit;
  
  an access-authorization-judgment unit operable to compare the user identifier obtained by the access-analysis unit with the access-authorized-user identifier obtained by the access-authorized-user-acquisition unit; and
  
  a user-information-provider unit operable to provide information about other users that are authorized to access the data for which the user performed an access request when it was determined by the access-authorization-judgment unit that access of the data is not authorized.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The data-management apparatus of claim 1, and wherein the user-information-provider unit further provides information about another user that is authorized to access data at least whether or not that other user is authorized to change an access authorization for the data, or whether or not that other user is authorized to perform a process in a work flow in place of the user.
  - 3. The data-management apparatus of claim 2 further comprising an access-authorization-change-request unit operable to, based on information about another user selected by the user, notify said another user corresponding to that information of a request to change the access authorization.
  - 4. The data-management apparatus of claim 3 wherein the access-authorization-change-request unit changes the access authorization for accessing data based on processing by the other user in response to the request notification.
  - 5. The data-management apparatus of claim 2 further comprising a substitute-processing-request unit operable to, based on information about another user selected by the user, send a request to another user corresponding to that information to perform a process in the work flow in the place of the user that is supposed to perform the process.
  - 6. The data-management apparatus of claim 1 further comprising:
    - a work-flow-control unit operable to control a work flow; and
      
      a work-flow-user-memory unit operable to store the work-flow users that are able to use the work flow; and
      
      wherein the work-flow-control unit determines whether or not the work flow can be used independently of whether or not data can be accessed based on the work-flow-user-memory unit.
  - 7. The data-management apparatus of claim 6 wherein, the user-information-provider unit provides information about another user that is authorized to access data at least whether or not that other user is authorized to change an access authorization for the data, or whether or not that other user is authorized to perform a process in the work flow in place of the user.
  - 8. The data-management apparatus of claim 7 further comprising an access-authorization-change-request unit operable to, based on information about another user selected by the user, notify another user corresponding to that information of a request to change the access authorization.
  - 9. The data-management apparatus of claim 8 wherein the access-authorization-change-request unit changes the access authorization for accessing data based on processing by the other user in response to the request notification.
  - 10. The data-management apparatus of claim 7 further comprising a substitute-processing-request unit operable to, based on information about another user selected by the user, send a request to another user corresponding to that information to perform a process in the work flow in the place of the user that is supposed to perform the process.

11. A data-management method that determines whether or not authorization has been given to access data in response to an access request to the data from a user, the method comprising:
- an access-analysis step of obtaining a user identifier for a user performing an access request and a data identifier for data that is a target of that access from the access request;
  
  an access-authorized-user-acquisition step that, based on a data identifier obtained by the access-analysis step, obtains a corresponding access-authorized-user identifier within an access-authorization-memory unit that correlates and stores data identifiers that are capable of identifying the data, and access-authorized-user identifiers that are capable of identifying users that can access the data;
  
  an access-authorization-judgment step that compares the user identifier obtained by the access-analysis step with the access-authorized-user identifier obtained by the access-authorized-user-acquisition step; and
  
  a user-information-provision step that provides information about other users that are authorized to access the data for which the user performed an access request when it was determined by the access-authorization-judgment step that access of the data is not authorized.

12. A program that determines whether or not authorization has been given to access data in response to an access request to the data from a user, and causes a computer to execute:
- an access-analysis step of obtaining a user identifier for a user performing an access request and a data identifier for data that is the target of that access according to the access request;
  
  an access-authorized-user-acquisition step that, based on a data identifier obtained by the access-analysis step, obtains a corresponding access-authorized-user identifier within an access-authorization-memory unit that correlates and stores data identifiers that are capable of identifying the data, and access-authorized-user identifiers that are capable of identifying users;
  
  an access-authorization-judgment step that compares the user identifier obtained by the access-analysis step with the access-authorized-user identifier obtained by the access-authorized-user-acquisition step; and
  
  a user-information-provision step that provides information about other users that are authorized to access the data for which the user performed an access request when it was determined by the access-authorization-judgment step that access of the data is not authorized.

13. A computer-readable storage medium for storing program that determines whether or not authorization has been given to access data in response to an access request to the data from a user, and causes a computer to execute:
- an access-analysis step of obtaining a user identifier for a user performing an access request and a data identifier for data that is the target of that access according to the access request;
  
  an access-authorized-user-acquisition step that, based on a data identifier obtained by the access-analysis step, obtains a corresponding access-authorized-user identifier within an access-authorization-memory unit that correlates and stores data identifiers that are capable of identifying the data, and access-authorized-user identifiers that are capable of identifying users;
  
  an access-authorization-judgment step that compares the user identifier obtained by the access-analysis step with the access-authorized-user identifier obtained by the access-authorized-user-acquisition step; and
  
  a user-information-provision step that provides information about other users that are authorized to access the data for which the user performed an access request when it was determined by the access-authorization-judgment step that access of the data is not authorized.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Panasonic Corporation (Panasonic Holdings Corporation)
Original Assignee
Matsushita Electric Industrial Company Limited (Panasonic Holdings Corporation)
Inventors
Tanaka, Mitsuru, Inagaki, Yuichi

Application Number

US10/932,106
Publication Number

US 20050055583A1
Time in Patent Office

Days
Field of Search
US Class Current

726/19
CPC Class Codes

G06Q 10/10 Office automation; Time man...

Data management apparatus, data management method and program thereof

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

13 Claims

Specification

Solutions

Use Cases

Quick Links

Data management apparatus, data management method and program thereof

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

13 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links