-
1.发明申请Computer-readable recording medium storing access rights management program, access rights management apparatus, and access rights management method 有权存储访问权限管理程序,访问权限管理装置和访问权限管理方法的计算机可读记录介质公开(公告)号:US20080005779A1
公开(公告)日:2008-01-03
申请号:US11595626
申请日:2006-11-09
IPC分类号: H04L9/00
CPC分类号: G06F21/6218 , H04L9/3226 , H04L2209/603
摘要: A computer-readable recording medium storing an access rights management program which is capable of safely managing the use of an electronic document with ease and efficiency. An access policy-storing device stores a first access policy containing information on a first distributee to which the electronic document is distributed, and information on second distributees, which is indicative of a range within which the first distributes is permitted to distribute the electronic document, as well as information on use rights that permit the second distributees to use the electronic document with a defined scope of authority. A storage device stores a distribution target indicative of the second distributees. When a distributes specifying request for permission to grant the use rights to a specific distributes is received from the first distributee, an access policy-confirming device refers to the distribution target to confirm whether or not the specific distributes is included in the second distributees. A registration device registers a second access policy associating the specific distributes with the information on the use rights, in said access policy-storing device. A use rights-confirming device refers to the second access policy to thereby permit the specific distributes to use the electronic document using the use rights, when a use request for permission of use of the electronic document is received from the specific distributes.
摘要翻译: 一种存储访问权限管理程序的计算机可读记录介质,其能够以便利和高效地安全地管理电子文档的使用。 访问策略存储装置存储包含关于分发电子文档的第一分发者的信息的第一访问策略和指示第一分发被允许分发电子文档的范围的关于第二分发者的信息, 以及允许第二批次人员使用具有规定的权限范围的电子文件的使用权信息。 存储装置存储指示第二分发者的分发目标。 当从第一分发者接收到向特定分发者分配许可授权许可的指定请求时,访问策略确认装置参考分发目标来确认特定分发是否包括在第二分发者中。 在所述访问策略存储设备中,注册设备将关联所述特定分发的第二访问策略与所述使用权限的信息相关联。 使用权确认装置是指当从特定分发者接收到使用电子文档的使用请求时,使用权确认装置是指第二访问策略,从而允许特定分发者使用使用权利使用电子文档。
-
2.发明授权公开(公告)号:US07966644B2
公开(公告)日:2011-06-21
申请号:US11543313
申请日:2006-10-05
CPC分类号: H04L9/3236 , G06F21/6218 , G06F2221/2101 , G06F2221/2141 , H04L9/3234 , H04L9/3247 , H04L2209/608
摘要: A computer program, apparatus, and method for managing access to documents, capable of identifying the exact events of document access on the basis of given access logs even when access policies are modified in the middle of operations. Upon receipt of an access policy setup request from a first client, an access policy manager adds a new access policy to the access policy database or modifies an existing access policy in an access policy database according to the request. A policy log collector then stores the records of such a new access policy or modified existing access policy in a policy log database. Afterwards an access log collector receives an access log for the document 5 from the second client 3 and saves it in the access log database 1c. When a third client issues a log request with a specific search keyword, a log searcher retrieves relevant policy log records and access log records that match with the specified search keyword.
摘要翻译: 一种用于管理对文档的访问的计算机程序,装置和方法,其能够基于给定的访问日志识别文档访问的确切事件,即使在操作中修改访问策略时。 在接收到来自第一客户端的访问策略设置请求时,访问策略管理器将新的访问策略添加到访问策略数据库,或者根据请求修改访问策略数据库中的现有访问策略。 策略日志收集器然后将策略日志数据库中的这种新的访问策略或修改的现有访问策略的记录存储。 之后,访问日志收集器从第二客户端3接收文档5的访问日志,并将其保存在访问日志数据库1c中。 当第三个客户端发出具有特定搜索关键字的日志请求时,日志搜索器将检索相关策略日志记录并访问与指定搜索关键字匹配的日志记录。
-
3.发明授权Computer-readable recording medium storing access rights management program, access rights management apparatus, and access rights management method 有权存储访问权限管理程序,访问权限管理装置和访问权限管理方法的计算机可读记录介质公开(公告)号:US08032921B2
公开(公告)日:2011-10-04
申请号:US11595626
申请日:2006-11-09
IPC分类号: H04L9/00
CPC分类号: G06F21/6218 , H04L9/3226 , H04L2209/603
摘要: A first access policy is stored to provide information on a first distributee to which an electronic document is distributed, to which the first distributee is permitted to distribute the electronic document, and use rights that permit the second distributees to use the electronic document. Also stored is a distribution target information indicating the second distributees. When the first distributee requests permission to grant use rights to a specific distributee, the distribution target is consulted to confirm whether or not the specific distributee is included in the second distributees. A second access policy associating the specific distributee with the information on the use rights is then registered. When the specific distributee requests permission to use the electronic document, the second access policy is consulted to permit the specific distributee to use the electronic document.
摘要翻译: 存储第一访问策略以提供关于分发电子文档的第一分发者的信息,允许第一分发者分发电子文档,以及允许第二分发者使用电子文档的权限。 还存储指示第二分配者的分发目标信息。 当第一批经销商要求向特定经销商授予使用权时,请咨询经销目标,确认特定经销商是否包含在第二批次。 然后登记将具体经销商与使用权信息相关联的第二访问策略。 当具体分销商请求使用电子文档的许可时,可以查阅第二个访问策略,以允许特定的经销商使用电子文档。
-
4.发明申请公开(公告)号:US20070271592A1
公开(公告)日:2007-11-22
申请号:US11543313
申请日:2006-10-05
IPC分类号: H04L9/00
CPC分类号: H04L9/3236 , G06F21/6218 , G06F2221/2101 , G06F2221/2141 , H04L9/3234 , H04L9/3247 , H04L2209/608
摘要: A computer program, apparatus, and method for managing access to documents, capable of identifying the exact events of document access on the basis of given access logs even when access policies are modified in the middle of operations. Upon receipt of an access policy setup request from a first client, an access policy manager adds a new access policy to the access policy database or modifies an existing access policy in an access policy database according to the request. A policy log collector then stores the records of such a new access policy or modified existing access policy in a policy log database. Afterwards an access log collector receives an access log for the document 5 from the second client 3 and saves it in the access log database 1c. When a third client issues a log request with a specific search keyword, a log searcher retrieves relevant policy log records and access log records that match with the specified search keyword.
摘要翻译: 一种用于管理对文档的访问的计算机程序,装置和方法,其能够基于给定的访问日志识别文档访问的确切事件,即使在操作中修改访问策略时。 在接收到来自第一客户端的访问策略设置请求时,访问策略管理器将新的访问策略添加到访问策略数据库,或者根据请求修改访问策略数据库中的现有访问策略。 策略日志收集器然后将策略日志数据库中的这种新的访问策略或修改的现有访问策略的记录存储。 之后,访问日志收集器从第二客户端3接收文档5的访问日志,并将其保存在访问日志数据库1c中。 当第三个客户端发出具有特定搜索关键字的日志请求时,日志搜索器将检索相关策略日志记录并访问与指定搜索关键字匹配的日志记录。
-
公开(公告)号:US08205077B2
公开(公告)日:2012-06-19
申请号:US12363879
申请日:2009-02-02
IPC分类号: G06F21/00
CPC分类号: G06F21/6209 , G06F2221/2145
摘要: A management apparatus comprising memory to store owner information, dependence relationship information, and authorized user information are associated with file information identifying the secret file, an authorized user determination unit to determine whether a source user of the browse request is registered as the authorized user of the browse request file, a dependent file specifying unit to specify a dependent file having a dependence relationship with the browse request file by referring to the dependence relationship information when the source user is authorized; and a browse permission response transmitting unit to transmit the browse permission response to the source user based on whether or not the source user is registered as the authorized user of the dependent file by referring to the authorized user information.
摘要翻译: 包括存储所有者信息,依赖关系信息和授权用户信息的存储器的管理装置与识别秘密文件的文件信息相关联,授权用户确定单元确定浏览请求的源用户是否被注册为 所述浏览请求文件,依赖文件指定单元,用于通过在所述源用户被授权时参考所述依赖关系信息来指定与所述浏览请求文件具有依赖关系的依赖文件; 以及浏览许可响应发送单元,用于基于源用户是否通过参考授权的用户信息注册为依赖文件的授权用户来向源用户发送浏览许可响应。
-
公开(公告)号:US20090205029A1
公开(公告)日:2009-08-13
申请号:US12363879
申请日:2009-02-02
IPC分类号: H04L9/32
CPC分类号: G06F21/6209 , G06F2221/2145
摘要: A management apparatus comprising memory to store owner information, dependence relationship information, and authorized user information are associated with file information identifying the secret file, an authorized user determination unit to determine whether a source user of the browse request is registered as the authorized user of the browse request file, a dependent file specifying unit to specify a dependent file having a dependence relationship with the browse request file by referring to the dependence relationship information when the source user is authorized; and a browse permission response transmitting unit to transmit the browse permission response to the source user based on whether or not the source user is registered as the authorized user of the dependent file by referring to the authorized user information.
摘要翻译: 包括存储所有者信息,依赖关系信息和授权用户信息的存储器的管理装置与识别秘密文件的文件信息相关联,授权用户确定单元确定浏览请求的源用户是否被注册为 所述浏览请求文件,依赖文件指定单元,用于通过在所述源用户被授权时参考所述依赖关系信息来指定与所述浏览请求文件具有依赖关系的依赖文件; 以及浏览许可响应发送单元,用于基于源用户是否通过参考授权的用户信息注册为依赖文件的授权用户来向源用户发送浏览许可响应。
-
7.发明授权公开(公告)号:US06829592B1
公开(公告)日:2004-12-07
申请号:US09000924
申请日:1997-12-30
申请人: Takayuki Hasebe , Naoya Torii , Masahiko Takenaka , Souichi Okada , Yuji Kijima
发明人: Takayuki Hasebe , Naoya Torii , Masahiko Takenaka , Souichi Okada , Yuji Kijima
IPC分类号: G06F1721
CPC分类号: G06F21/10 , G06F21/62 , Y10S707/99945 , Y10S707/99948
摘要: When a user works data required for allowance for the use thereof, the work processing is carried out by utilizing an exclusive work processing device. Thereafter, only the data of work information indicating what kind of working has been made to the original data (for example, differential static image data indicating a difference between the original static image required for allowance for the use and the static image after having been worked) is stored, whereby the use without permission of the data is prevented.
摘要翻译: 当用户工作所需的数据用于允许使用时,通过利用排他性处理装置来执行工作处理。 此后,仅仅是指示对原始数据进行什么样的工作的工作信息的数据(例如,指示在使用中允许使用的原始静态图像与被处理后的静态图像之间的差异的差分静态图像数据 ),从而防止数据允许的使用。
-
8.发明授权Encryption apparatus having common key encryption function and embedded apparatus 有权具有公共密钥加密功能的加密装置和嵌入式装置公开(公告)号:US08369516B2
公开(公告)日:2013-02-05
申请号:US12889096
申请日:2010-09-23
申请人: Kouichi Itoh , Souichi Okada , Masahiko Takenaka
发明人: Kouichi Itoh , Souichi Okada , Masahiko Takenaka
IPC分类号: G06F21/00
CPC分类号: H04L9/0631 , H04L9/003 , H04L2209/046 , H04L2209/08 , H04L2209/122
摘要: A common key block encryption apparatus for performing a nonlinear transformation with a multiplication executed in a binary field or a composite field includes a computing unit to execute a computation other than the nonlinear transformation with fixed value masked input data obtained by XORing input data with a fixed mask value, an XOR operation circuit to transform all input data into fixed value masked input data by XORing the input data with a fixed mask value and to transform the data into random value masked input data by XORing the input data with a random mask value in the multiplication, a multiplier to execute a multiplication based on the random value masked input data output from the XOR operation circuit, and a random value mask-to-fixed mask value transformation circuit to again transform the random value masked output data into fixed value masked output data and to output the data.
摘要翻译: 用于通过在二进制字段或复合字段中执行的乘法执行非线性变换的公共密钥块加密装置包括:计算单元,用于执行非线性变换以外的计算,该固定值掩码输入数据通过将具有固定值的输入数据进行异或 掩模值,XOR运算电路,通过用固定的掩码值对输入数据进行异或,将所有输入数据变换为固定值掩码输入数据,并通过将输入数据以随机掩码值进行异或来将数据变换为随机值屏蔽输入数据 乘法,乘法器,用于根据从异或运算电路输出的随机值屏蔽输入数据执行乘法,以及随机值掩码到固定掩码值变换电路,以将随机值屏蔽输出数据再次转换为固定值掩码 输出数据并输出数据。
-
公开(公告)号:US20090003598A1
公开(公告)日:2009-01-01
申请号:US11941663
申请日:2007-11-16
申请人: Kouichi Itoh , Souichi Okada , Masahiko Takenaka
发明人: Kouichi Itoh , Souichi Okada , Masahiko Takenaka
IPC分类号: H04L9/20
CPC分类号: H04L9/003 , H04L9/0631 , H04L2209/046 , H04L2209/12
摘要: The first route selection device re-arrays a plurality of extended key mask values at random according to the value of a random number generated by a random number generation device. An extended key operation device generates an exclusive logical OR of a plurality of the re-arrayed extended key mask values, a data string representing extended key and an input data string. The second route selection device re-arrays the data string of the exclusive logical OR by performing a re-array conversely with the first route selection device according to the value of the random number. A non-linear conversion device applies non-linear conversion to the re-arrayed data string and outputs a data string masked by a plurality of non-linear conversion mask values. The third route selection device re-arrays the masked data string by performing the same re-array as the first route selection device according to the value of the random number.
摘要翻译: 第一路由选择装置根据由随机数生成装置生成的随机数的值,随机地重新排列多个扩展密钥掩码值。 扩展密钥操作装置生成多个重新排列的扩展密钥掩码值的异或逻辑,表示扩展密钥的数据串和输入数据串。 第二路由选择装置通过根据随机数的值与第一路由选择装置相反地执行重排阵列来重新排列异或逻辑OR的数据串。 非线性转换装置对重新排列的数据串应用非线性转换,并输出由多个非线性转换掩码值掩蔽的数据串。 第三路由选择装置通过根据随机数的值执行与第一路由选择装置相同的重新阵列来重新排列被掩蔽的数据串。
-
公开(公告)号:US08218762B2
公开(公告)日:2012-07-10
申请号:US11941663
申请日:2007-11-16
申请人: Kouichi Itoh , Souichi Okada , Masahiko Takenaka
发明人: Kouichi Itoh , Souichi Okada , Masahiko Takenaka
CPC分类号: H04L9/003 , H04L9/0631 , H04L2209/046 , H04L2209/12
摘要: The first route selection device re-arrays a plurality of extended key mask values at random according to the value of a random number generated by a random number generation device. An extended key operation device generates an exclusive logical OR of a plurality of the re-arrayed extended key mask values, a data string representing extended key and an input data string. The second route selection device re-arrays the data string of the exclusive logical OR by performing a re-array conversely with the first route selection device according to the value of the random number. A non-linear conversion device applies non-linear conversion to the re-arrayed data string and outputs a data string masked by a plurality of non-linear conversion mask values. The third route selection device re-arrays the masked data string by performing the same re-array as the first route selection device according to the value of the random number.
摘要翻译: 第一路由选择装置根据由随机数生成装置生成的随机数的值,随机地重新排列多个扩展密钥掩码值。 扩展密钥操作装置生成多个重新排列的扩展密钥掩码值的异或逻辑,表示扩展密钥的数据串和输入数据串。 第二路由选择装置通过根据随机数的值与第一路由选择装置相反地执行重排阵列来重新排列异或逻辑OR的数据串。 非线性转换装置对重新排列的数据串应用非线性转换,并输出由多个非线性转换掩码值掩蔽的数据串。 第三路由选择装置通过根据随机数的值执行与第一路由选择装置相同的重新阵列来重新排列被掩蔽的数据串。
-
-
-
-
-
-
-
-
-
搜索结果
101 条记录 (耗时 0.023 秒)