JP2002082934A - History managing method and storage medium - Google Patents

Abstract

PROBLEM TO BE SOLVED: To move electronic data among plural systems while guaranteeing the originality of the electronic data. SOLUTION: The history information of an operation for an original 21 is recorded in a history managing device 30A, and when the original 21 is moved to the other system 10B, the history information is inputted to a movable certificate 40, and moved together with the original 21.

Description

DETAILED DESCRIPTION OF THE INVENTION

[0001]

[0001] 1. Field of the Invention [0002] The present invention relates to a history management method and a storage medium capable of moving electronic data between a plurality of systems while guaranteeing the originality of the electronic data.

[0002]

2. Description of the Related Art In recent years, there has been an increasing demand for saving a conventional document written on paper (hereinafter referred to as a paper document) as an electronic document with the OA of business.

However, when a paper document is stored as an electronic document, it is necessary to guarantee the originality (identity with the original) of the electronic document, as well as a falsification prevention function, a signature function of the creator, and access to the electronic document. It is said that each function such as a management function, a backup function, and a history management function is required. For this reason, there is an increasing need for an electronic data management system that safely stores and manages electronic data that constitutes an electronic document.

According to the research of the present inventor, in this type of electronic data management system, the following first technology (1) is indispensable when transferring original electronic data between a plurality of systems. The second technique is not essential but is considered important.

(1) From the viewpoint of guaranteeing originality, a technique that enables the system receiving the original to confirm the operation history of the original. (2) From the viewpoint of history management, a technology that makes it possible to clearly confirm the fact that the original has been moved, even in the case of a subsequent audit, and disallow repudiation of the fact. However, an electronic data management system having such a technique has not yet existed.

[0006]

As described above, in the electronic data management system, the importance of guaranteeing the originality of the electronic data and managing the history of the electronic data is particularly important.
Such a technique does not yet exist.

The present invention has been made in view of the above circumstances, and has as its object to provide a history management method and a storage medium capable of transferring electronic data between a plurality of systems while guaranteeing the originality of the electronic data. I do.

It is another object of the present invention to provide a history management method and a storage medium which can prevent rejection of the fact that electronic data has been moved later between systems.

[0009]

The gist of the present invention resides in a technique capable of transferring electronic data between a plurality of systems while guaranteeing the originality of the electronic data, and more preferably, in addition to this, a later disclaimer. This is a technology that can be prevented. Such technologies include history management technology to guarantee the originality of electronic data, migration technology to move electronic data between multiple systems, and prevention of later denial of the fact of migration. This is realized by a non-repudiation protocol.

For example, the history management technique is realized by recording operation history information for each operation of the original electronic data. The transfer technique is realized by sending a transfer certificate including operation history information and a hash value of the original together with the original.
The non-repudiation protocol is realized by exchanging the above-mentioned mobile certificate with a receipt certifying the receipt of the mobile certificate.

More specifically, the source system that moves the original of the electronic data issues a mobile certificate including history information, and moves the mobile certificate and the original data together. Also, the destination system that receives the mobile certificate issues a receipt certifying that the original data and the mobile certificate have been received and sends them back to the sender. Since the transfer certificate includes the hash value of the original data and the operation history for the original data,
The originality of the electronic data is also guaranteed when moving. Also,
Storing the transfer certificate and the receipt certificate with each other can prevent later denial.

On the basis of the gist of the present invention as described above, the following means are specifically taken. The present invention is a history management method for managing the history of the operation of the original of the electronic data and guaranteeing the originality of the electronic data, comprising the step of recording history information of the operation on the original, When moving to another system,
Moving the history information together with the original,
Is a history management method that includes

Thus, the electronic data can be moved between a plurality of systems while guaranteeing the originality of the electronic data.

Here, the present invention is based on a system ID for uniquely identifying a history management device that records the history information, and a system registration ID uniquely issued for the original in the history management device. The method may include a step of assigning a document ID that uniquely identifies the original.

Thus, the original can be uniquely identified among a plurality of history management apparatuses. Further, the present invention may include a step of assigning a revision number to be added for each revision of the original and uniquely distinguishing all of the latest original and past revisions. As a result, the original can be uniquely identified for each revised edition. further,
The present invention provides a history of the operation based on a system ID for uniquely identifying a history management device that records the history information and a system history ID uniquely issued in the history management device for each operation history for the original. History ID that uniquely identifies
May be assigned.

Thus, the operation history can be uniquely identified among a plurality of history management devices.

[0017] Further, the present invention also provides a step of, when the source system moves the original to the destination system, creating a transfer certificate for certifying the transfer of the original, and transferring the transfer certificate and the original to the destination system. The transfer certificate includes the document I
D, revision number, history ID for own mobile certificate creation,
It is also possible to provide a summary value of the original and the history information.

As described above, since the mobile certificate includes the history information, the originality of the electronic data can be assured even when the mobile device is moved. Since the mobile certificate includes the summary value of the original, the falsification during the transfer is also verified. can do.

Further, the present invention includes a step of receiving the mobile certificate from the source system, a step of, when receiving the mobile certificate, creating a receipt for certifying receipt of the mobile certificate, Moving the certificate to the source system, the receipt may include the document ID, the revision number, a history ID for the creation of the receipt, and the ID of the transfer certificate.

As described above, when the mobile certificate is received, the receipt certificate is sent back. Therefore, by storing the mobile certificate and the receipt certificate, it is possible to prevent the denial of the fact of the subsequent movement. Further, the present invention may include a step of, when receiving the receipt certificate moved from the destination system, recording the fact of the receipt as history information.

Furthermore, the present invention provides a step of inputting a document ID of an original and a system ID of a destination system,
A step of issuing a history ID for the mobile certificate creation by this input, and a step of recording the mobile certificate creation history as history information in association with the history ID;
The method may include a step of creating the mobile certificate based on the operation history for the original and the mobile certificate creation history, and a step of moving the mobile certificate.

[0022] Thus, in the source system on the sending side, the process from the creation of the mobile certificate to the movement can be easily and reliably executed.

The present invention also provides a step of inputting the mobile certificate, a step of issuing a history ID for the reception of the mobile certificate by the input, and a mobile certificate reception history as history information corresponding to the history ID. The method may include a step of recording, a step of creating the receipt based on the history of receipt of the travel certificate, and a step of moving the receipt.

[0024] Thus, the receiving destination system can easily and reliably execute processing from receipt of the mobile certificate and its recording to creation and movement of the received certificate.

Further, the present invention provides a step of inputting the receipt certificate, a step of issuing a history ID for receipt receipt by this input, and a step of receiving receipt history as history information in correspondence with the history ID. Recording.

Thus, the sending source system can easily and surely receive and record the receipt.

[0027] Further, the present invention provides the above mobile certificate,
An electronic signature may be attached. Further, the present invention includes a step of verifying the electronic signature of the mobile certificate when receiving the mobile certificate, wherein the receipt for certifying the receipt of the mobile certificate has an electronic signature attached. Is also good. Further, the present invention may include a step of verifying an electronic signature of the receipt upon receipt of the receipt.

As described above, since the electronic signature is attached to the mobile certificate or the receipt certificate, it is possible to prevent falsification of the receipt certificate or the receipt certificate.

Further, the present invention may include a step of matching the history information in the previous mobile certificate with the history information of the operation of the original in the own system when creating the current mobile certificate.

Thus, the operation of receiving an original and a mobile certificate from a certain system, operating the original with its own system, and then moving the original and the mobile certificate to a system different from the certain system can be easily and easily performed. It can be executed reliably.

Further, according to the present invention, when the mobile certificate is created, the operation contents, the history ID for the mobile certificate creation, the source information including the source system ID and the destination system ID, the original information including the summary value of the original. May be recorded as history information. Thus, the creation history of the mobile certificate can be easily and reliably recorded.

Further, the present invention includes a step of recording, as history information, operation contents, a history ID for the receipt of the mobile certificate, and contents of the mobile certificate when creating a receipt for certifying the receipt of the mobile certificate. You may go out. This makes it possible to easily and reliably record the creation history of the receipt.

Further, the present invention includes a step of, when receiving a receipt for certifying the receipt of the mobile certificate, recording operation contents, a history ID for receipt of the receipt, and contents of the receipt as history information. You may go out. This makes it possible to easily and reliably record the receipt history of the receipt.

Further, according to the present invention, the history information
The ML format may be used. Further, X is used as the transfer certificate.
The ML format may be used. Further, an XML format may be used as a receipt for certifying the receipt of the mobile certificate. By using the XML format in this way, interoperability and legibility can be improved.

Further, the above invention may be realized by installing a program from a computer-readable storage medium storing a program for realizing each step in a computer of the history management apparatus. Even in this case, the same operation as that described above can be achieved.

[0036]

DESCRIPTION OF THE PREFERRED EMBODIMENTS One embodiment of the present invention will be described below with reference to the drawings. The present invention relates to a history management invention for irrevocably proving the movement of the original history management and the fact of the movement when the original of the electronic data is moved from one history management device to the other history management device. Since the method of moving the original data is arbitrary, the description is omitted.

Each history management device has an independent function for history management, can be incorporated into an existing document management system, and can easily move the original while guaranteeing the originality between the systems. And

Each certificate is electronic data,
Although it can be expressed in any format as long as necessary information is included, in this specification, from the viewpoint of interoperability and legibility, XML is used.
(eXtensible Markup Language) format is shown as an example.

The details of the signature method and the verification method used for each certificate are irrelevant to the implementation of the present invention, and therefore will not be described. One example is W3C (world wide web c
onsortium) standard XML-Signature and public key authentication infrastructure (PKI) are available.

Next, an embodiment of the present invention will be described in detail. FIG. 1 is a schematic diagram showing a schematic configuration of a plurality of organizations as a plurality of electronic data management systems according to an embodiment of the present invention, and FIG. 2 is a schematic diagram showing a specific configuration of a document management system in each organization. FIG.

The organizations A and B have the same configuration and are connected to each other via the Internet 1. The organization A is a gateway GW connected to the Internet 1
The computer PCa and the document management system 10A are connected to each other via LAN. Organization B is also Organization A
Similarly to the above, the computer PCb and the document management system 10B are connected to each other via the LAN from the gateway GWb. Note that a or A at the end of the code indicates an element belonging to the organization A, and b or B at the end of the code indicates an element belonging to the organization B.

Here, the computers PCa and PCb have a function of inputting an instruction to move the original to the document management systems 10A and 10B by an operation of the operator, in addition to the functions of the normal computers, and the functions of the computer management systems 10A and 10B. It has an original display function and a confirmation function.

The gateways GWa and GWb are arranged at the exit of the LAN from the viewpoint of security, but can be omitted as appropriate. The document management systems 10A and 10B are:
As shown in FIG. 2, the system includes original storages 20A and 20B and history management devices 30A and 30B, a function of communicating between the document management systems 10A and 10B via a network, and communication with computers PCa and PCb. And a function of classifying and retrieving electronic data. The document management systems 10A and 10B and / or the history management devices 30A and 30B can be realized by installing a program for realizing the function from a storage medium into, for example, a server device.

The original storages 20A and 20B are storage devices in which originals 21 ^{* of} electronic data are stored in a readable / writable manner by the document management systems 10A and 10B.

The history management devices 30A and 30B have a function of managing histories such as new registration, check-out (revision possible state), check-in (revision impossible state), and deletion of each original. And the functions of issuing and transmitting the receipt certificate 50 described later, it is possible to guarantee the originality and manage the history between the organizations A and B.

More specifically, the history management devices 30A and 30B
Are, as shown in FIG. 3, history tables 31A, 31B,
I / F control functions 32A and 32B, mobile certificate creation function 33
A, 33B, mobile certificate registration functions 34A, 34B, receipt certificate creation functions 35A, 35B, receipt certificate registration function 36A,
36B, signature functions 37A and 37B, signature verification function 38
A, 38B.

The history tables 31A and 31B correspond to the original 21
^This is a table for recording the history of operations for ^* , and the recorded contents are represented in XML format as shown in FIG. Note that the recorded contents of the history tables 31A and 31B are XML
Not limited to the format, it may be represented in another format including similar information.

In the history tables 31A and 31B, recorded contents are represented by a set of LogItem elements each composed of individual Log elements as child elements. The no attribute of the <LogItem> tag indicates the serial number of the history in the history management devices 30A and 30B. A new history is added after the latest history every time a history is added according to the operation of the original. The Operation attribute of the <Log> tag indicates the operation of the original, and the child element of the Log element differs depending on the operation content. The Log element is L of the history list 45 described later.
Same as the og element.

The I / F control functions 32A and 32B have a function of receiving a “mobile certificate creation request”, a “mobile certificate reception request” or a “reception certificate reception request” from their own document management systems 10A and 10B, and Mobile Certificate Preparation Request '
A function for inputting to the mobile certificate creation functions 33A and 33B,
The received 'mobile certificate reception request' and the mobile certificate are stored in the mobile certificate registration functions 34A and 34B and the reception certificate creation function 35A,
35B, a function of inputting the received "reception certificate reception request" to the receipt certificate registration functions 36A and 36B, a mobile certificate 40 received from the mobile certificate creation functions 33A and 33B, or a reception certificate creation function 35A and 35B. And has a function of outputting the receipt 50 received from the other document management systems 10B and 10A.

Note that the mobile certificate creation request is issued when the mobile certificate 40 is created for the transfer of the original, by the I / F control functions 32A and 32B from the own document management systems 10A and 10B.
Is input to the

The mobile certificate reception request is input from the own document management systems 10A and 10B to the I / F control functions 32A and 32B when the mobile certificate 40 is sent from the other document management systems 10B and 10A. It is.

The receipt receipt request is issued when the receipt 50 is sent from the other document management systems 10B and 10A.
It is input to the I / F control functions 32A and 32B from the own document management systems 10A and 10B.

The mobile certificate creation functions 33A and 33B are provided with I / O
When a mobile certificate creation request is received from the F control functions 32A and 32B, a mobile certificate 40 is created with reference to the history table.
The mobile certificate 40 is signed by the signature functions 37A and 37B and output to the I / F control functions 32A and 32B.

The mobile certificate registration functions 34A and 34B are provided with I / O
After the mobile certificate 40 received from the F control functions 32A and 32B is verified by the signature verification functions 38A and 38B, the mobile certificate reception history is registered in the history tables 31A and 31B.

The receipt creation functions 35A and 35B are provided with I / O
Upon receipt of a receipt creation request from the F control functions 32A and 32B, a receipt 50 is created with reference to the history tables 31A and 31B, and signatures 37A and 3 are attached to the receipt 50.
I / F control function 32A, 32B with signature by 7B
Is output to

The receipt certificate registration function 36A, 36B
After the receipt certificate 50 received from the F control functions 32A and 32B is verified by the signature verification functions 38A and 38B, this receipt certificate reception history is registered in the history tables 31A and 31B.

The signature functions 37A and 37B are provided with a function of attaching an electronic signature to the mobile certificate created by the mobile certificate creation functions 33A and 33B and returning the mobile certificate to the mobile certificate creation functions 33A and 33B, and a function of receiving the receipt certificate 35A and 33B. It has a function of attaching an electronic signature to the receipt certificate 50 created by 35B and returning it to the receipt certificate creation functions 35A and 35B.

The signature verification functions 38A and 38B verify the signature attached to the mobile certificate 40 received from the mobile certificate registration functions 34A and 34B, and verify the verification result with the mobile certificate registration function 3
4A, 34B and receipt certificate registration function 36
A, 36B verifies the signature attached to the receipt certificate 50 and receives the result of the verification as the receipt certificate registration function 36A, 36B.
And a function for verifying the signature attached to the history list.

Here, the mobile certificate 40 includes a certificate name 41, ID information 42, movement information 43, original information 44, and a history list 45, as shown in FIG. A signature 40S is attached to the mobile certificate 40. The certificate name 41 indicates the type of certificate, and here, “mobile certificate” is described. In the ID information 42, information for identifying the certificate is described. The ID information itself is not only a certificate but also an identifier similarly attached to the operation history of the original. The ID information of the certificate is the same as the history ID at the time of issuing the certificate.

The ID information 42 is, as shown in FIGS.
And document ID 42₁, Revision number 42 ₂, History ID 4
2₃, History number 42₄, History issue date and time 42₅Consists of
Document ID 42₁Is a unique ID for the document.
It takes the same value even if it is corrected or moved.

[0061] document ID42 _1, the history management unit 30A,
In order to assign a unique ID to the original 21 among the originals 30B, the system I which is uniquely assigned to the history management devices 30A and 30B and indicates the newly registered history management device of the original.
And D42 _11, consisting of the system registration ID 42 ₁₂ that is uniquely issued when a new registration record management apparatus 30A, within 30B.

[0062] revision number 42 _2, the original of new registration is set to 0, which is a number that is added to each revision of the original. This document I
The combination of D40 and revision number 42 _2, thereby enabling assign a unique ID for all documents from the new registered version to the latest version.

[0063] The history ID42 _3, the registration of the original, check-out, check-in, move, copy issue, for each operation of the deletion, the ID given to each the history table 31A, the operation contents of the 31B is recorded, history Management device 30A, 3
A unique ID is assigned to the operation between 0B.

[0064] The history ID 42 _3, as with the document ID, the system ID 42 ₃₁ of the history management unit operation has been performed, consisting of the system history ID 42 ₃₂ issued by the history management unit. Even if one of the original is moved various document management systems, the history ID 42 _3, it is possible to check the history of the operation content for each system.

[0065] history number 42 _4, the original of new registration is set to 0, due to the operation of the original, a number that certificate is a history or is issued is added to each time it is added, the order of the time series of history Attached for clarity.

[0066] The history issue date 42 _5, the original is registered in the operation has been the history date and time are described. Next, returning to FIG. 5, other elements of the mobile certificate 40 will be described. Movement information 43, as shown in FIGS. 5 and 8, made from the source system ID 43 ₁ and the destination system ID 43 _2.

As shown in FIGS. 5 and 9, the original information 44 includes ID information 44 ₁ , original name 44 ₂ , and hash value 44 _3.
And specifies the original, which is the latest revision, and includes information indicating when and by which system the original was registered. Note that, for simplicity of description, the ID information 42 described above is used.
The element of the tag is omitted. Similarly, in the drawings in the XML format, the overlapping parts are omitted and described.

[0068] ID information 44 _1, history ID42 ₃ the latest version of the original is attached at the time of check-in, revision number ₄₂ 2,
History issue date 42 ₅ information such is described.

[0069] original name 44 ₂ is a file name or identifier, such as a URL for the latest version of the original.

[0070] a hash value 44 ₃ is a hash value obtained by the hash function from the latest version of the original (or other abstract value obtained in summary function), hash algorithm, encoding method, the information of the code values or the like is described You.

The transfer certificate 40 is attached and sent together with the original when the original is transferred between the document management systems.
Based on the hash value 44 ₃ in the original information 44, thereby enabling confirmation correspondence with the original. In the history list 45, as shown in FIGS. 5 and 10, the history of operations on the original is described in chronological order. Each history in the history list 45 includes at least three pieces of ID information, operation contents, and necessary parameters according to the operation contents.

[0072] The first line of the history list 45, is described history 45 ₁ at the time of new registration of the original, it is the last line movement certificate 4
0 describes a mobile certificate creation history 45h indicating the creation history of itself. An example in which the history list 45 is described in the XML format will be described below. The history list 45 is a set of Log elements, and the entire set is surrounded by <Logs> tags. The Operation attribute of the <Log> tag indicates an operation performed on the original, and the child element of the Log element differs depending on the operation content.

The history list 45 in FIG. 10 describes the histories of new registration, checkout, and the like. However, in the following description, only histories related to movement will be described, and other operations will be similarly described. Detailed description is omitted. There are three types of histories related to movement: "Movement certificate creation", "Movement certificate reception", and "Receipt certificate reception". Note that the mobile certificate 40 is created as shown in FIG. 11 according to the XML format.

As shown in FIG. 12 and the latter half of FIG.
5h ₁ and the above-described ID information (IDInfo element) 42, transfer information (TransferInfo element) 43, and original information 44. The operation content to 45h ₁ is described is 'movement certificate created'. Although not shown, SystemLo of the IDinfo element
The gID element contains the newly issued system history ID,
The LogIssureDate element describes the history issue date and time.

The mobile certificate reception history 46 is history tables 31B and 31A managed by the history management devices 30B and 30A on the original receiver side. As shown in FIGS. 14 and 15, the operation contents 47 and ID information 48 are provided. , Mobile certificate information 49 is included. In the operation content (Log Operation) 47, "Reception of mobile certificate" is described. ID information (IDInfo element) 48
Is the system ID of the receiver of the original, the system history ID newly issued upon receipt of the mobile certificate (SystemLogID element), the date and time (L
ogIssureDate element) is described. Transfer certificate information (Tran
The sferDocumentInfo element 49 describes the ID information 42, the movement information 43, and the original information 44 of the information in the mobile certificate 40.

On the other hand, the receipt 50 is shown in FIGS.
As shown in the figure, a certificate 50 is composed of a certificate name 51, ID information 48, and mobile certificate information 49.
S is attached. In the certificate name 51, "receipt certificate" is described. The ID information 48 and the mobile certificate information 49 correspond to the mobile certificate reception history 4 added to the history tables 31B and 31A.
6 has the same contents as the ID information 48 and the mobile certificate information 49, respectively, and indicates that the receipt certificate 50 is a certificate corresponding to the mobile certificate 40.

The receipt history 60 is shown in FIGS.
As shown in FIG. 0, an operation content 61, ID information 62, and receipt certificate information 63 are included. In the operation content 61, "receipt of receipt certificate" is described. The ID information 62 is other ID information 4
Similarly to 8, the newly issued system history ID and the date and time when the history was created are described in addition to the document ID and the revision number. The receipt certificate information 63 describes the ID information 48 of the receipt certificate among the information in the receipt certificate 50 from the viewpoint of identifying the received receipt certificate 50.

Next, the operation of the electronic data management system configured as described above will be described with reference to the flowcharts of FIGS. A case where the document management system 10A of the organization A moves the original in the original storage 20A to the document management system 10B of the organization B will be described. The reverse of the movement from the tissue B to the tissue A is the same, so that the description is omitted.

In the document management system 10A, an original is newly registered in advance. At the time of this new registration, the following steps (i) to (iii) are performed. Also,
Steps (ii) and (iii) are performed not only for new registration but also for each subsequent operation.

(I) The original is uniquely identified based on the system ID for uniquely identifying the history management device that records the history information and the system registration ID uniquely issued for the original in the history management device. Assigning a document ID.

(Ii) A step of assigning a revision number to be added for each revision of the original to uniquely distinguish all of the latest original and past revisions. In addition, the revision number becomes 0 at the time of new registration.

(Iii) Operation history based on a system ID for uniquely identifying a history management device that records history information and a system history ID uniquely issued in the history management device for each operation history for the original. History I that uniquely identifies
Assigning D. In addition, at the time of new registration,
The operation history is 'new registration'.

As a result, new registration of the original is completed, and subsequent operations on the original are managed. The original operation in FIG. 24 indicates a possible (permitted) state or an unacceptable (non-permitted) state of an original operation such as check-out, check-in, deletion, issuance of a certified copy, and the like. Care must be taken during the exchange of a mobile certificate because there is an obligation to save data (management responsibility) even if the original operation is not possible. First, the organization A manages the original and has a management responsibility.

Now, the document management system 10 A
Is held in an operable state. here,
When the document ID of the original 21 ^* and the system ID of the destination system are input by the operator's operation, the computer PCa issues a transfer certificate creation request having these document ID and destination system ID as parameters. 1
Enter 0A.

The document management system 10A inputs this mobile certificate creation request to the history management device 30A, and as shown in FIGS. 21 and 25, the I / F control function 32A receives the mobile certificate creation request (ST1). The mobile certificate creation request is input to the mobile certificate creation function 33A.

As shown in FIG. 26, the mobile certificate creation function 33A reads a list of history information relating to the document ID from the history table 31A (ST2), and reads the history list 4
Create 5.

When the original moved from another document management system 10X is moved to another document management system 10B, as shown in FIG.
A history (from new original document creation to mobile certificate creation) in the mobile certificate 50 received from the previous document management system 10X is added to the previous stage of the history in A (from the receipt of the mobile certificate to the creation of the mobile certificate) and a history list 45. Create

Next, the transfer certificate creation function 33A determines whether or not the original 21 can be moved based on the history list (ST3). If the history list 45 is checked out, deleted, or the corresponding original is unregistered, an error is output (ST4), and the process ends.

The original 21 can be moved only when the latest history is “new registration”, “check-in”, “issued copy” or “receipt of transfer certificate”. If it can be moved, a new system history ID is issued, and as shown in FIG. 13, a new mobile certificate creation history 45h is added to the end of the history table 31A (ST5).

Further, the mobile certificate creation function 33A is provided in FIG.
As shown in (5), the same history as the added mobile certificate creation history 45h is also added to the history list 45 (ST6), and <Lo
gs> Surround with tags.

Thereafter, based on the history list 45 and other information, the mobile certificate creation function 33A performs the mobile certificate 4 creation.
0 is created (ST7). The transfer certificate 40 is electronic data, and as shown in FIG. 5, a hash value of the original 21, a history of previous operations on the original 21, a source system ID, a destination system ID, and a signature are further described. The signature 40S of the history management device 30A is attached by the function 37A (ST8). In the case of XML, the mobile certificate 40 shown in FIG. 11 is created.

When the history management device 30A creates the mobile certificate, the original operation is disabled in the organization A (FIG. 24), and the organization A is the owner of the original but is on hold.

The document management system 10A stores the original
The original 21 ^{* in} OA is copied to generate the original 21 (ST9). The original 21 ^* is a backup (copy document) of the original 21.

The document management system 10A executes step ST
In step 8, the mobile certificate 40 and the original 21 are transferred to the document management system 10B via the I / F control function (ST10).

As shown in FIG. 24, when the transfer certificate is received by the history management device 30B of the organization B, the original 2
One owner becomes organization B. At the same time, the management responsibility for the original 21 is generated in the organization B, and the operation for the original 21 is enabled in the organization B.

At this point, since the completion of the receipt of the original 21 in the organization B is unknown, the organization A does not lose its management responsibility for the original 21 ^* , and prepares the backup original 21 ^* in preparation for a retransmission notification from the organization B. Must be managed.

In the document management system 10B, upon receiving the mobile certificate 40 and the original 21, the hash value of the original 11 is obtained, and it is confirmed that the hash value is the same as the hash value described in the certificate 10.

After this confirmation, the document management system 10B
Generates a mobile certificate reception request having the mobile certificate 40 as a parameter, and inputs the mobile certificate reception request to the history management device 30B.

The history management device 30B has the configuration shown in FIGS.
As shown in (1), the I / F control function 32B receives the mobile certificate reception request (ST11) and inputs the request to the mobile certificate registration function 34B.

The mobile certificate registration function 34B verifies the signature 40S of the mobile certificate 40 by the signature verification function 38B with respect to the mobile certificate reception request (ST12).

If there is a problem in this verification, the source document management system 10A is requested to retransmit the data.
If the signature is not a valid signature 40S, an error is output (ST13) and the process ends.

When the verification in step ST12 confirms that the original 21 and the mobile certificate 40 are correct originals 21 transferred from the document management system 10A, the mobile certificate registration function 34B newly adds the system history ID. And the mobile certificate reception history 46 is registered at the end of the history table 31B (ST14), and the mobile certificate 40 is stored in the history management device 30B. The mobile certificate 40 serves as evidence for later certifying that the original 21 has been received from the document management apparatus 10A. Further, the document management system 10B stores the original 21 in the original storage 20B (ST15).

The history management device 30B creates a receipt 50 stating that the original 21 has been received by the receipt creating function 35B (ST16), attaches the signature 50S by the signature function 37B, and then controls the I / F. The receipt 50 is transferred to the document management system 10A through the function 32B (ST18).

In the document management system 10A, upon receipt of the receipt 50, a receipt receipt request having the receipt 50 as a parameter is generated, and the receipt receipt request is input to the history management device 30A.

The history management device 30A has the configuration shown in FIGS.
As shown in (1), the I / F control function 32A accepts the receipt receipt request (ST19) and inputs it to the receipt registration function 36B.

The receipt registration function 36B verifies the signature 50S of the receipt 50 by the signature verification function 38A (S50).
T20).

The signature 50S is the document management system 10 of the partner.
If the signature is not a valid signature attached by B, an error is output (ST21) and the process ends. If the signature 50S is a valid signature, a new system history ID is issued, the receipt receipt history 60 is registered at the end of the history table 31A (ST22), and the receipt 50 is registered in the history management device 30A. This receipt 50 is evidence that the document management system 10B has received the original 21. In the document management system 10A, the management responsibility is lost at the time of registration of the receipt 50, and the backup original 21 ^*
It is no longer necessary to keep the original 21 ^* , so the original 21 ^* is deleted. According to the organization A policy, the original 21 ^*
May be kept without being deleted, but the originality thereafter is not guaranteed.

In the above-described original transfer model, there are two aspects, namely, the transfer of the data of the original 21 itself and the transfer of the history by the transfer certificate 40 and the receipt certificate 50. While the originality can be guaranteed by the hash value, The transfer history can be irrevocably managed by the transfer certificate 40 and the receipt certificate 50.

As described above, according to this embodiment, the history information of the operation on the original 21 is recorded in the history table 31A, and when the original 21 is moved to another system 10B, this history information (history list 45) is stored. Since the electronic document is moved together with the original 21 in the transfer certificate 40, the electronic data can be moved between a plurality of systems while guaranteeing the originality of the electronic data.

A history management device 3 for recording history information
0A and based on the system registration ID 42 ₁₂ issued uniquely against the original 21 within that uniquely identifies the system ID 42 ₁₁ and the history management unit 30A, is allocated for uniquely identifying the document ID 42 ₁ the original 21, a plurality The original can be uniquely identified between the history management devices 30A and 30B.

[0111] Further, since uniquely distinguish all originals and historical revision of the latest version by assigning revision numbers 42 ₁ to be added to each revision of the original 21, which uniquely identifies the original for each revision be able to.

[0112] Furthermore, uniquely identifying the system history management apparatus 30A for recording history information ID 42 ₃₁ and the original 21
Based on the System History ID 42 ₃₂ issued uniquely in the history management apparatus 30A for each history of operations on, is allocated for uniquely identifying the history ID 42 ₃ a history of operation, a plurality of record management apparatus 30A, inter 30B At
The operation history can be uniquely identified.

The mobile certificate 40 includes the document ID 4
2₁, Revision number 42₂, For the preparation of his mobile certificate
History ID (history number 42₄), Original summary value (hash value
44 ₃) And history information (history list 45),
In particular, since the transfer certificate has history information, even when moving
The originality of the electronic data can be guaranteed, and the transfer certificate is a summary of the original
Since it has a value, it is possible to verify tampering while moving
it can.

Further, when the mobile certificate 40 is received, the receipt
Since the certificate 50 is sent back, the mobile certificate 40 and the receipt certificate
By storing 50, you can deny the fact of later movement
Can be prevented. Also, since the destination of the original can be grasped,
It is possible to manage whether or not the original text has leaked to
Can contribute to protection. The document management system 1 on the sending side
0A, the document ID 42 of the original 21 ₁And destination
System ID 43 of system 10B₂Input
Issue a history ID for the creation of the certificate,
The mobile certificate creation history 45h is stored as history information
Operation history for the original 21 recorded in the history table 31A
And the mobile certificate 40 based on the mobile certificate creation history 45h.
Create and move the mobile certificate 40, so the mobile certificate 40
From creation to movement can be easily and reliably executed.

In the document management system 10B on the receiving side, a history ID for the receipt of the mobile certificate is issued by inputting the mobile certificate 40, and the mobile certificate reception history 46 is stored in the history table as history information in association with the history ID. 31
B, and based on the mobile certificate receipt history,
0, and the receipt 50 is moved, so that the process from receipt of the movement certificate 40 and its recording to creation and movement of the receipt 50 can be executed easily and reliably.

Furthermore, the document management system 10A on the sending side
In, by inputting the receipt certificate 50, a history ID for receiving the receipt certificate is issued, and the receipt certificate reception history 60 is recorded in the history table 31A as history information in association with the history ID. The recording can be performed easily and reliably.

Further, since the digital signatures 40S and 50S are attached to the mobile certificate 40 and the receipt certificate 50, the falsification of the receipt certificate 40 and the receipt certificate 50 can be prevented.

Further, at the time of creating the current mobile certificate 40, the history information in the previous mobile certificate 40 is matched with the history information of the operation of the original in the own system 10A. For this reason, an original and a mobile certificate are received from a certain system, and the original is operated on its own system.
Can easily and reliably be performed.

[0119] Further, when creating a movement certificate 40, the operation content 45h _1, history ID for creating mobile certificate, movement information 43 including a mobile source system ID 43 ₁ and the destination system ID 43 _2, the hash value 44 _third original Since the original information 44 is recorded as history information, the mobile certificate creation history 45h can be easily and reliably recorded.

Furthermore, when the receipt certificate 50 is created, the operation contents, the history ID for the receipt of the mobile certificate, and the contents of the mobile certificate 40 are recorded as history information, so that the receipt certificate creation history 46 can be recorded easily and reliably. Can be.

Further, when the receipt 50 is received, the operation contents 61, the history ID for the receipt receipt, and the contents of the receipt 50 are recorded as history information, so that the receipt receipt history 61 is recorded easily and reliably. be able to.

Further, by using the XML format as the history information, the mobile certificate 40 and the receipt certificate 50, interoperability and visibility can be improved.

In the present embodiment, the program is stored in a history management device 30 from a computer-readable storage medium storing a program for realizing each step.
A and 30B may be installed and realized in the computer, and even in this case, the above-described effects can be similarly obtained.

The storage medium in the present invention includes a magnetic disk, a floppy (registered trademark) disk, a hard disk, and an optical disk (CD-ROM, CD-R, DV).
D, etc.), magneto-optical disks (MO, etc.), semiconductor memories, etc.
As long as the storage medium can store the program and can be read by a computer, the storage form may be any form.

Also, an OS (Operating System) running on the computer based on instructions of a program installed in the computer from the storage medium,
MW for database management software, network software, etc.
(Middleware) or the like may execute a part of each process for realizing the present embodiment.

Further, the storage medium in the present invention is not limited to a medium independent of a computer, but also includes a storage medium in which a program transmitted through a LAN, the Internet, or the like is downloaded and stored or temporarily stored.

Further, the number of storage media is not limited to one, and the case where the processing in this embodiment is executed from a plurality of media is also included in the storage media of the present invention, and any media configuration may be used.

The computer according to the present invention executes each processing in the present embodiment based on a program stored in a storage medium. An apparatus such as a personal computer and a plurality of apparatuses are connected to a network. Any configuration such as a system described above may be used.

Further, the computer in the present invention is:
It is not limited to a personal computer, but also includes a processing device, a microcomputer, and the like included in an information processing device, and generically refers to a device and a device capable of realizing the functions of the present invention by a program.

The present invention is not limited to the above embodiments, and can be variously modified in the implementation stage without departing from the scope of the invention. In addition, the embodiments may be implemented in appropriate combinations as much as possible, in which case the combined effects can be obtained. Further, the above embodiments include inventions at various stages, and various inventions can be extracted by appropriate combinations of a plurality of disclosed configuration requirements. For example, if an invention is extracted by omitting some constituent elements from all the constituent elements described in the embodiment, when implementing the extracted invention, the omitted part is appropriately supplemented by a well-known common technique. It is something to be done.

In addition, the present invention can be variously modified and implemented without departing from the gist thereof.

[0132]

As described above, according to the present invention, electronic data can be transferred between a plurality of systems while guaranteeing the originality of the electronic data. Further, when electronic data is moved between the respective systems, it is possible to prevent repudiation of the fact of the subsequent movement.

[Brief description of the drawings]

FIG. 1 is a schematic diagram showing a schematic configuration of a plurality of organizations as a plurality of electronic data management systems according to an embodiment of the present invention.

FIG. 2 is an exemplary diagram showing a specific configuration of a document management system of each organization in the embodiment.

FIG. 3 is an exemplary block diagram showing the configuration of a history management device according to the embodiment.

FIG. 4 is an exemplary diagram showing an example of recorded contents in an XML format according to the embodiment;

FIG. 5 is an exemplary diagram showing a configuration of a mobile certificate according to the embodiment.

FIG. 6 is an exemplary diagram showing a configuration of ID information in the embodiment.

FIG. 7 is an exemplary diagram showing an example of ID information according to the embodiment in an XML format.

FIG. 8 is an exemplary diagram showing an example of movement information in an XML format according to the embodiment;

FIG. 9 is an exemplary diagram showing an example of original information in an XML format according to the embodiment;

FIG. 10 illustrates an example of a history list in the embodiment.
The schematic diagram shown in L format.

FIG. 11 shows an example of a mobile certificate according to the embodiment in XML.
FIG.

FIG. 12 is an exemplary diagram showing a configuration of a mobile certificate creation history in the embodiment.

FIG. 13 is an exemplary diagram showing an example of recorded contents including a mobile certificate creation history according to the embodiment in an XML format.

FIG. 14 is a schematic diagram showing a configuration of a mobile certificate reception history in the embodiment.

FIG. 15 is an exemplary diagram showing an example of a mobile certificate reception history according to the embodiment in an XML format.

FIG. 16 is a schematic diagram showing the configuration of a receipt in the embodiment.

FIG. 17 shows an example of a receipt in the same embodiment as XML.
FIG.

FIG. 18 is a schematic diagram showing the configuration of a receipt receipt history in the embodiment.

FIG. 19 is an exemplary diagram showing, in an XML format, the first half of an example of recorded contents including a receipt receipt history in the embodiment.

FIG. 20 is an exemplary diagram showing a second half of an example of recorded contents including a receipt receipt history in the same embodiment in an XML format.

FIG. 21 is a flowchart for explaining the operation in the embodiment.

FIG. 22 is a flowchart for explaining the operation in the embodiment.

FIG. 23 is a flowchart for explaining the operation in the embodiment.

FIG. 24 is a sequence diagram showing a state of each tissue during operation in the embodiment.

FIG. 25 is an exemplary block diagram for explaining the operation in the embodiment;

FIG. 26 shows an example of a history list in the embodiment according to XM.
The schematic diagram shown in L format.

FIG. 27 is a schematic diagram for explaining the operation in the embodiment.

FIG. 28 illustrates an example of a history list according to the embodiment as XM.
The schematic diagram shown in L format.

FIG. 29 is a block diagram for explaining the operation in the embodiment.

FIG. 30 is a block diagram for explaining the operation in the embodiment.

[Explanation of symbols]

1: Internet A, B: Organization GWa, GWb: Gateway PCa, PCb: Computer 10A, 10B: Document management system 20A, 20B: Original storage 21, 21 ^* ... Original 30A, 30B: History management device 31A, 31B: History table 32A, 32B: I / F control function 33A, 33B: Mobile certificate creation function 34A, 34B: Mobile certificate registration function 35A, 35B: Receipt certificate creation function 36A, 36B: Receipt certificate registration function 37A, 37B: Signature function 38A, 38B ... signature verification function 40 ... movement certificate 40S ... signature 41, 51 ... certificate name 42,44 _1, 48,62 ... ID information 42 1 _... document ID 42 _11, 42 ₃₁ ... system ID 42 ₁₂ ... system registration ID 42 ₂ ... revision number 42 3 _... history ID 42 ₃₂ ... system history ID 42 4 _... history number 42 5 _... History Issue Date 43 ... movement information 43 1 _... moving source system ID 43 2 _... visited system ID 44 ... original information 44 2 _... original name 44 3 _... hash value 45 ... history list 45h ... movement certificates created history 46 ... Transfer certificate reception history 47, 61 ... Operation contents 49 ... Transfer certificate information 50 ... Receipt certificate 60 ... Receipt certificate reception history 63 ... Receipt certificate information

Claims (33)

[Claims] 1. A history management method for managing a history of an operation of an original of electronic data and guaranteeing the originality of the electronic data, comprising: recording history information of an operation on the original; Moving the log information together with the original data when moving the log information to another system. 2. The history management method according to claim 1, wherein a system ID for uniquely identifying a history management device that records the history information and a system registration uniquely issued for an original in the history management device. A method of assigning a document ID for uniquely identifying the original based on the ID. 3. The history management method according to claim 2, wherein a revision number added for each revision of the original is assigned,
A history management method including a step of uniquely distinguishing all of the latest original and past revisions. 4. The history management method according to claim 1, wherein the history management apparatus records the history information, a system ID for uniquely identifying the history management device, and a history for each operation history of the original. A history management method, comprising: assigning a history ID for uniquely identifying the operation history based on a system history ID uniquely issued in the management device. 5. The history management method according to claim 3, wherein when the source system moves the original to the destination system, a step of creating a transfer certificate for certifying the transfer of the original is performed. And transferring the mobile certificate and the original to a destination system. The mobile certificate includes a document ID, a revision number, a history ID for creating the own mobile certificate, a summary value of the original, and the history. A history management method comprising information. 6. The history management method according to claim 5, further comprising: receiving the mobile certificate from the source system; and receiving a mobile certificate when the mobile certificate is received. Creating, and moving the receipt to the source system, the receipt including the document ID, revision number, history ID for the creation of the receipt, and the ID of the transfer certificate. A history management method characterized in that: 7. The history management method according to claim 6, further comprising the step of: when receiving the receipt moved from the destination system, recording the fact of the receipt as history information. Characteristic history management method. 8. The history management method according to claim 5, wherein a document ID of an original document and a system ID of a destination system are input, and the mobile certificate is input by this input. Issuing a history ID for creation, recording the mobile certificate creation history as history information in association with the history ID, and performing the mobile certificate based on the operation history for the original and the mobile certificate creation history. A history management method, comprising: a creating step; and a step of moving the mobile certificate. 9. The history management method according to claim 5, wherein the step of inputting the mobile certificate, and the step of issuing a history ID for receiving the mobile certificate by the input are performed. Recording a mobile certificate reception history as history information in association with the history ID; creating the reception certificate based on the mobile certificate reception history; and moving the reception certificate. History management method characterized by being in. 10. The history management method according to claim 9, wherein the step of inputting the receipt certificate, the step of issuing a history ID for receiving the receipt certificate based on the input, and the step of receiving the receipt certificate corresponding to the history ID Recording a receipt history as history information; and a history management method. 11. The method according to claim 5, wherein
The history management method according to any one of the preceding claims, wherein the mobile certificate is attached with an electronic signature. 12. The history management method according to claim 11, further comprising a step of verifying an electronic signature of the mobile certificate when receiving the mobile certificate, wherein the step of verifying receipt of the mobile certificate is performed. A history management method, wherein a receipt is attached with an electronic signature. 13. The history management method according to claim 12, further comprising the step of, upon receiving the receipt, verifying an electronic signature of the receipt. 14. The method according to claim 5, wherein
The history management method according to the item, further comprising a step of matching the history information in the previous mobile certificate with the history information of the operation of the original in the own system when creating the current mobile certificate. History management method. 15. The method according to claim 5, wherein:
In the history management method described in the paragraph, when creating the mobile certificate, the operation information, the history ID for the mobile certificate creation, the movement information including the source system ID and the destination system ID, the original information including the summary value of the original A history management method, comprising the step of recording a record as history information. 16. The method according to claim 5, wherein:
In the history management method described in the paragraph, when creating a receipt for certifying the receipt of the mobile certificate, a step of recording the operation content, a history ID for the receipt of the mobile certificate, and the content of the mobile certificate as history information History management method characterized by being in. 17. The method according to claim 5, wherein:
In the history management method described in the paragraph, when a receipt for certifying the receipt of the mobile certificate is received, the operation content, the history of receipt
D. A history management method comprising the step of recording the contents of a receipt as history information. 18. The method according to claim 1, wherein:
The history management method according to any one of the preceding claims, wherein the history information uses an XML format. 19. The method according to claim 5, wherein:
13. The history management method according to claim 1, wherein the mobile certificate uses an XML format. 20. Any one of claims 5 to 19
In the history management method described in the paragraph, the receipt certificate for certifying receipt of the mobile certificate is X
A history management method using an ML format. 21. A computer-readable storage medium used in a history management device in a plurality of systems for managing a history of operations on an original of electronic data to assure the originality of the electronic data, In the computer of the history management device, when the source system moves the original to the destination system, the document ID of the original, the revision number, the history ID for creating its own transfer certificate, the summary value of the original and the history information for the operation A computer-readable storage medium storing a program for realizing a function of creating a mobile certificate for certifying the transfer of the original including the function of transferring the mobile certificate and the original to a destination system. 22. A computer-readable storage medium used in a history management device in a plurality of systems for managing a history of an operation of an original of electronic data to assure the originality of the electronic data, A function of receiving a transfer certificate for certifying the transfer of the original from the transfer source system to the computer of the history management device; A computer-readable program storing a program for realizing a function of creating a receipt for certifying receipt of a mobile certificate including an ID and the ID of the mobile certificate, and a function of moving the receipt to a source system; Possible storage medium. 23. The computer-readable storage medium according to claim 22, wherein when the receipt certificate moved from the destination system is received by the computer of the history management device, the fact of the receipt is recorded in a history. A computer-readable storage medium storing a program for realizing a function of recording as information. 24. The computer-readable storage medium according to claim 21, wherein the computer of the history management apparatus inputs a document ID of an original and a system ID of a transfer destination system. A function of issuing a history ID for the mobile certificate creation; a function of recording the mobile certificate creation history as history information in association with the history ID; a movement based on the operation history for the original and the mobile certificate creation history A computer-readable storage medium storing a program for realizing a function of creating a certificate and a function of moving the mobile certificate. 25. The computer-readable storage medium according to claim 21, wherein a history ID for receiving a mobile certificate is input to the computer of the history management device by inputting the mobile certificate. A function to issue, a function to record the mobile certificate reception history as history information in association with the history ID, a function to create the reception certificate based on the mobile certificate reception history, and a function to move the reception certificate A computer-readable storage medium storing a program for causing a computer to execute the program. 26. The computer-readable storage medium according to claim 25, wherein a function of issuing a history ID for receipt receipt by inputting said receipt certificate to a computer of said history management device. And a function of recording a receipt receipt history as history information. A computer-readable storage medium storing a program for realizing the function. 27. The computer-readable storage medium according to claim 21, wherein the mobile certificate has an electronic signature attached thereto. . 28. The computer-readable storage medium according to claim 27, wherein a function of verifying an electronic signature of the mobile certificate when the mobile certificate is received is realized by the computer of the history management device. A computer-readable storage medium, wherein a program for storing the mobile certificate is stored, and a receipt for certifying receipt of the mobile certificate is attached with an electronic signature. 29. The computer-readable storage medium according to claim 28, wherein a function of verifying an electronic signature of the receipt upon receipt of the receipt is realized by the computer of the history management device. Computer-readable storage medium in which a program for storing is stored. 30. The computer-readable storage medium according to claim 21, wherein the computer of the history management apparatus stores the previous mobile certificate when creating the current mobile certificate. A computer-readable storage medium storing a program for realizing a function of matching the history information of the original with the history information of the operation of the original in the own system. 31. The computer-readable storage medium according to claim 21, wherein the computer of the history management apparatus stores the operation contents and the mobile certificate when the mobile certificate is created. Computer-readable storage medium storing a program for realizing, as history information, history information for creation, movement information including a source system ID and a destination system ID, and original information including a summary value of the original as history information. . 32. The computer-readable storage medium according to claim 21, wherein the computer of the history management device creates a receipt for certifying receipt of the mobile certificate. A computer-readable storage medium storing a program for realizing, at the time of the operation, a history ID for receiving the mobile certificate and a function of recording the content of the mobile certificate as history information. 33. The computer-readable storage medium according to claim 21, wherein a receipt certificate for certifying receipt of the mobile certificate is received by the computer of the history management device. Of the operation, history of receipt receipt
D, a function of recording the contents of the receipt as history information. A computer-readable storage medium storing a program for realizing the following.