1. Field of the Invention
The present invention relates to a file editing system for realizing asynchronous editing of a shared file by a plurality of users and a file content reading protection in a computer based shared file system or database system.
2. Description of the Background Art
In a computer system, in order to manage the accesses from a plurality of users with respect to a resource within the system, it has been pointed out that it is necessary to provide an authentication mechanism for confirming whether a user issuing an access request is a proper user who has an access right with respect to that resource or not. In particular, under an environment of a large scale system in which an access from a remote user is permitted, such an authentication mechanism becomes very important. A representative conventional system for realizing such an authentication mechanism is the Kerberos.
A typical conventional system which requires such an authentication mechanism is the CSCW (Computer Supported Cooperative Work). The CSCW is a generic name for computer systems which assist the cooperative work of a plurality of users, and the shared file system is its most basic and typical example. In the shared file system, a plurality of users have access rights such as xe2x80x9creadxe2x80x9d and xe2x80x9cwritexe2x80x9d with respect to the identical file, and the system can realize the editing work without causing any contradiction while allowing the accesses by these users with respect to the identical file simultaneously.
Conventionally, a general format for realizing such a shared file system has been the client server type in which the client as a subject which makes accesses to the files and the server which manages the files are separated, and the authentication system for carrying out the authentication of the accesses from the client is implemented therein. That is, the server authenticates the proper access right of the client, and if necessary, the server also carries out the enciphering of the data to be transmitted between the client, while the client authenticates the connected server. Conventionally known examples of such a shared file system include the Lotus Notes. There is also a system called CFS (Cryptographic File System) which is known as an example of a file system in which the enciphering of the file contents can be carried out by the.
As this type of a shared file system becomes more wide ranging in its service, it can be expected that there arises a need for a service format in which only a file server is required at a certain site. Namely, it is a format in which the file management and the access management are provided, but the file contents cannot be read out at the server itself. However, this type of service cannot be realized by using the conventional security system because the conventional security system only protects the communication data and the file contents at the server are managed in forms of plain texts.
Also, in the conventional mechanism for realizing the simultaneous editing on the shared file, while one user is carrying out the editing which uses the writing with respect to a certain file, what the other users can do with respect to the same file is restricted to the reading at best. Thus, this is not a real simultaneous editing strictly speaking, and it is merely realizing a synchronous editing in which the synchronization is made by utilizing the locking mechanism so as to avoid the contradiction among the accesses from a plurality of users. Namely, while the first access requesting user makes an access, the locking mechanism is activated such that the file access request for writing from the other user is not permitted, and the other user is forced to suspend the file access temporarily, await for the release of the lock, and try the file access again after the lock is released.
In this regard, a more flexible system can be realized if it is possible to allow one user to carry out the editing which uses the writing with respect to a certain file even when the other user is carrying out the editing which uses the writing with respect to the same file. In the following, this type of operation will be referred as asynchronous editing in a sense that there is no need to make the synchronization among the accesses which are randomly generated by a plurality of users.
On the other hand, another technique related to the shared file system is the version management technique. The conventionally known version management schemes include the SCCS (Source Code Control System) and the RCS (Revision Control System). Such a version management scheme achieves the compression of the file size by maintaining only a difference between different versions instead of maintaining the files at a given moment entirely, in a circumstance such as that of a program development by a plurality of programmers. However, despite of its advantage regarding the reduced file size, its incorporation into the shared file system has been limited so far to a case of the synchronous editing using the locking mechanism.
It is therefore an object of the present invention to provide a file editing system capable of realizing a higher level of secrecy such that the file contents cannot be read from the file server.
It is another object of the present invention to provide a shared file editing system which supports the file version management, which is capable of realizing the asynchronous editing.
It is another object of the present invention to provide a shared file editing system which supports the file version management, which is capable of realizing the asynchronous editing while keeping the file contents secret from the file server.
The objects of the present invention are also achieved by providing a file editing system having a file management server device for managing files and a client device for editing the files. The client device includes an editor for editing a target version of a desired file and an editing procedure generation means that generates editing procedure data indicative of the editing to the target version of the desired file. The file management server includes an editing procedure conversion means that converts the editing procedure data to generate a converted editing procedure data that corresponds to a latest version of the desired file.