| 摘要 |
In a file-access control system according to an embodiment of this invention, control data in accordance with actions made is imparted, as an obligation-type policy, to a document file. Next, a policy evaluation control unit evaluates and executes the obligation-type policy imparted to the document file in accordance with the action to the document file. The execution of the obligation-type policy includes the controlling of a document application on the basis of an obligation fulfillment action. Therefore, an active control can be performed in accordance with any manipulation made to the document, and the access to the document can be changed. |
| 代理机构 |
Oblon, Spivak, McClelland, Maier & Neustadt, L.L.P. |
代理人 |
Oblon, Spivak, McClelland, Maier & Neustadt, L.L.P. |
| 主权项 |
1. A file-access control apparatus designed to control accesses to a document file, comprising:
a storage device capable of storing document contents, each including an inhibition-type policy and an obligation-type policy; an evaluation controller; a document application controller; a decryption/signature verification controller; an event controller; an authentication server; and an external service controller; wherein the decryption/signature verification controller determines whether a document content and access control policy has been encrypted or contains a digital signature, the decryption/signature verification controller decrypts the document content using key data if the content is encrypted or verify the digital signature using a verification key if it contains the digital signature; wherein the event controller send the event data and the document file to the evaluation-data acquisition device, after determining legitimacy of the document content; wherein the evaluation controller includes: an evaluation data acquisition device configured to acquire document content and executability data items from the event controller, the document application controller and the external service controller, respectively, and to hold the executability data items, the executability data items being status executability data of the document application controller and the external service controller, the evaluation data acquisition device further send a user authentication request to the authentication server to authenticate an end-user; an authentication-result acquisition device configured to acquire a result of authentication of the user and user attribute data, on the basis of a prescribed evaluation data list, upon receiving, from the document application controller, event data representing an action made by the user and a document file stored in the storage device; a sending device configured to send evaluation data composed of the executability data, the result of authentication and user attribute data, the event data, the inhibition-type policy, and the obligation-type policy on the basis of a prescribed evaluation data list, upon receiving the executability data from the executability data acquisition means; a comparing device configured to compare the authentication result, user attribute data and event data, all included in the evaluation data sent, respectively with the authentication result, user attribute data and event data, all prescribed in the inhibition-type policy, and for sending evaluation result showing the permission or inhibition prescribed in the inhibition-type policy, when the items included in the evaluation data are identical to the items included in the inhibition-type policy; an obligation-type policy evaluation control device for comparing the executability data, event data and evaluation result, all included in the valuation data, with the executability data, event data and evaluation result, all included in the obligation-type policy, and for sending control data including an obligation fulfillment subject and an obligation fulfillment action prescribed in the obligation-type policy, when the items included in the evaluation data are identical to the items included in the obligation-type policy; a control management device for sending the control data to a subject represented by the obligation fulfillment subject upon receiving the control data, on the basis of the obligation fulfillment subject included in the control data; and a document-application control device for controlling the document application controller, on the basis of the obligation fulfillment action included in the control data sent from the control management device when the represented subject is the document-application control device, and wherein the executability data indicates whether the document application controller and the external service controller can be controlled or cannot be controlled in accordance with whether the document application controller operates and the external service trait controller is in service. |
