Document management system and document management method

US 8,561,128 B2
Filed: 10/02/2007
Issued: 10/15/2013
Est. Priority Date: 10/20/2006
Status: Active Grant

First Claim

Patent Images

1. A document management system configured to manage an access to a file, the document management system comprising:

at least one micro-processor, the micro-processor being programmed to control one or more of;

a selection unit configured to select a virtual security policy, which is previously provided for each device;

an acquisition unit configured to acquire access authority information for defining an authority for accessing the file based on the virtual security policy selected by the selection unit and authentication information about a user who has set the virtual security policy;

a conversion unit configured to convert, based on the access authority information acquired by the acquisition unit, the virtual security policy into a real security policy that can be commonly interpreted by the document management system, wherein the converted real security policy corresponds to the authority of the user who has set the virtual security policy;

a management unit configured to set the real security policy converted by the conversion unit on the file to manage an access to the file, anda file storage unit configured to set the virtual security policy selected by the selection unit on the file and then to store the file according to an environmental setting representing a timing of a conversion of the security policy by the conversion unit,wherein, on the timing according to the environmental setting, the conversion unit converts the virtual security policy into the real security policy and the management unit set the real security policy on the file.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A document management system configured to manage an access to a file includes a selection unit configured to select a virtual security policy for setting on the file, which is previously provided for each device, an acquisition unit configured to acquire access authority information for defining an authority for accessing the file based on the virtual security policy selected by the selection unit and authentication information about a user who has set the virtual security policy, a conversion unit configured to convert the virtual security policy into a real security policy that can be commonly interpreted by the document management system based on the access authority information acquired by the acquisition unit, and a management unit configured to set the real security policy converted by the conversion unit on the file to manage an access to the file.

34 Citations

View as Search Results

17 Claims

1. A document management system configured to manage an access to a file, the document management system comprising:
- at least one micro-processor, the micro-processor being programmed to control one or more of;
  
  a selection unit configured to select a virtual security policy, which is previously provided for each device;
  
  an acquisition unit configured to acquire access authority information for defining an authority for accessing the file based on the virtual security policy selected by the selection unit and authentication information about a user who has set the virtual security policy;
  
  a conversion unit configured to convert, based on the access authority information acquired by the acquisition unit, the virtual security policy into a real security policy that can be commonly interpreted by the document management system, wherein the converted real security policy corresponds to the authority of the user who has set the virtual security policy;
  
  a management unit configured to set the real security policy converted by the conversion unit on the file to manage an access to the file, anda file storage unit configured to set the virtual security policy selected by the selection unit on the file and then to store the file according to an environmental setting representing a timing of a conversion of the security policy by the conversion unit,wherein, on the timing according to the environmental setting, the conversion unit converts the virtual security policy into the real security policy and the management unit set the real security policy on the file.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The document management system according to claim 1, further comprising an access authority determination unit configured to determine whether a user requesting an access to the file has an access authority for accessing the file having the real security policy based on authentication information about the user requesting the access to the file.
  - 3. The document management system according to claim 2, wherein the management unit controls an access to the file based on a result of determination by the access authority determination unit.
  - 4. The document management system according to claim 1, wherein the access authority information acquired by the acquisition unit includes information for defining a type of an access to the file and information about a user group whose access to the file is controlled.
  - 5. The document management system according to claim 4, further comprising a user group information storage unit configured to store information about the user group,wherein the acquisition unit acquires the information about the user group from the user group information storage unit based on the authentication information about the user who has set the virtual security policy, andwherein the conversion unit converts the virtual security policy into the real security policy based on the information about the user group acquired by the acquisition unit.
  - 6. The document management system according to claim 1, further comprising:
    - an access request determination unit configured to determine whether an access to the file stored in the file storage unit has been requested when the conversion of the security policy in response to the access to the file is set as the environmental setting; and
      
      wherein the conversion unit converts the virtual security policy set in the file into the real security policy based on the access authority information when the access request determination unit determines that an access to the file has been requested.
  - 7. The document management system according to claim 1, wherein the selection unit, the acquisition unit, and the conversion unit are provided on a same network device included in the document management system.
  - 8. The document management system according to claim 1, wherein the virtual security policy includes information required to be converted based on the authentication information and information about the authority, which is not required to be converted.

9. A method for a document management system configured to manage an access to a file stored in a memory, the method comprising:
- selecting a virtual security policy stored in the memory, which is previously provided for each device;
  
  acquiring access authority information for defining an authority for accessing the file from the memory based on the selected virtual security policy and authentication information about a user who has set the virtual security policy;
  
  converting, by a processor of the document management system, the virtual security policy into a real security policy that can be commonly interpreted by the document management system, wherein the converted real security policy corresponds to the authority of the user who has set the virtual security policy;
  
  setting the converted real security policy on the file to manage an access to the file, andsetting the virtual security policy selected by the selecting step, by a file storage unit, on the file and then storing the file according to an environmental setting representing a timing of a conversion of the security policy by the converting step,wherein, on the timing according to the environmental setting, the converting step converts the virtual security policy into the real security policy and the setting the converted real security policy step sets the real security policy on the file.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
- - 10. The method according to claim 9, further comprising determining whether a user requesting an access to the file has an access authority for accessing the file having the real security policy based on authentication information about the user requesting the access to the file.
  - 11. The method according to claim 10, further comprising controlling an access to the file based on a result of the determination as to whether the user accessing the file has an access authority for accessing the file having the real security policy.
  - 12. The method according to claim 9, wherein the acquired access authority information includes information for defining a type of an access to the file and information about a user group whose access to the file is controlled.
  - 13. The method according to claim 12, further comprising:
    - storing information about the user group in a user group information storage unit;
      
      acquiring the information about the user group from the user group information storage unit based on the authentication information about the user who has set the virtual security policy; and
      
      converting the virtual security policy into the real security policy based on the acquired information about the user group.
  - 14. The method according to claim 9, further comprising:
    - determining whether an access to the file stored in the file storage unit has been requested when the conversion of the security policy in response to the access to the file is set as the environmental setting; and
      
      wherein the converting step converts the virtual security policy set in the file into the real security policy based on the access authority information when the determining step determines that an access to the file has been requested.
  - 15. The method according to claim 9, wherein selecting a virtual security policy, acquiring access authority information, and converting the virtual security policy into a real security policy are performed by a same network device included in the document management system.
  - 16. The document management system according to claim 9, wherein the virtual security policy includes information required to be converted based on the authentication information and information about the authority, which is not required to be converted.

17. A non-transitory computer-readable storage medium storing instructions which, when executed by a document management system configured to manage an access to a file stored in a memory, cause the document management system to perform the method comprising:
- selecting a virtual security policy stored in the memory, which is previously provided for each device;
  
  acquiring access authority information for defining an authority for accessing the file from the memory based on the selected virtual security policy and authentication information about a user who has set the virtual security policy;
  
  converting, by a processor of the document management system, the virtual security policy into a real security policy that can be commonly interpreted by the document management system, wherein the converted real security policy corresponds to the authority of the user who has set the virtual security policy;
  
  setting the converted real security policy on the file to manage an access to the file, andsetting the virtual security policy selected by the selecting step, by a file storage unit, on the file and then storing the file according to an environmental setting representing a timing of a conversion of the security policy by the converting step,wherein, on the timing according to the environmental setting, the converting step converts the virtual security policy into the real security policy and the setting the converted real security policy step sets the real security policy on the file.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Canon Kabushiki Kaisha (Canon Inc.)
Original Assignee
Canon Kabushiki Kaisha (Canon Inc.)
Inventors
Hirahara, Akiko
Primary Examiner(s)
PYZOCHA, MICHAEL J

Application Number

US11/866,311
Publication Number

US 20080098455A1
Time in Patent Office

2,205 Days
Field of Search

726/1, 726/28, 713/193
US Class Current

726/1
CPC Class Codes

G06F 21/602   Providing cryptographic fac...

G06F 21/608   Secure printing

G06F 21/6209   to a single file or object,...

G06F 2221/2141   Access rights, e.g. capabil...

Document management system and document management method

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

34 Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

Document management system and document management method

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

34 Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links