The present invention relates to document management to conduct an access control operation in which a document to be outputted as a retrieval result under a retrieval condition specified by a retriever and/or a document to be similarly displayed are/is restricted or controlled in accordance with an authorized of the retriever. In relation to these application fields, the present invention relates in particular to a document management method and a document management apparatus for supplying a large amount of document information of an electronic library system and the like to users via a wide area network such as Internet and Intranet.
With recent rapid development and popularization of Internet, there can be seen a trend of supplying document information via a network to users. Particularly, in a large-sized document information system such as an electronic library system, there appears a need to provide a large volume of document information to users through a wide area network such as Internet and Intranet.
In such a situation, World Wide Web (WWW) using a protocol called Hyper-Text Transfer Protocol (HTTP) capable of delivering document information to any place in the world is increasingly employed in document management systems for various uses thanks to development of high-performance retrieval functions.
Furthermore, on the other hand, with increase in the amount of document information to be supplied to users, to provide a highly-developed service such as management of document information including secret information and management of charging operation, there is required an access control function in which a result of document retrieval and document to be displayed for a user are restricted in accordance with an authorized access level of the user.
In the prior art, there has been adopted a method of implementing the access control operation in which when a user accesses a document management system, authentication of the user is carried out to conduct an access control operation for each database registered to the system.
That is, when accessing a database in this method, the user inputs a user name and a password to the document management system. The system then achieves an operation to authenticate the user on the basis of the inputted user name and password. The system allows the user completely authenticated to access databases for which access authentication has been already established, thereby conducting the access control operation.
However, in the method above of accomplishing the access control operation for each database through the user authentication, there arises the following problem. Namely, it is difficult to carry out an access control operation in a plurality of levels corresponding to groups to which users belong. This problem becomes remarkable especially when the system includes a large-sized document database.
For example, in a case in which documents to be opened to users belonging to universities and public institutions are required to be discriminated from those to be opened to general users including private firms and companies, it is necessary to separately register these documents in the document management system.
Namely, when users having different authorized access levels are allowed to access a document, the document is required to be registered to a plurality of databases. This accordingly increases the quantity of necessary resources such as magnetic disks and memories, which results in a problem of increase in the cost of the document management system.
Additionally, processing steps such as data registration and backup steps become complex and hence there occurs a problem of conspicuous deterioration in the operation management and system maintenance. Furthermore, when an authorized access level is desired to be altered, document databases are required to be again registered to the system, which leads to a problem of a drawback in expandability.
These problems related to the cost, operation management, maintenance, and expandability of the system appear as far more serious problems when the number of access control levels is increased, for example, in a case in which documents to be supplied to users are limited or restricted in accordance with a contract fee of each user in a document management system conducting management of charging operation.