1. Field of the Invention
The present invention relates to an electronic document management program, an electronic document management system and an electronic document management method that make it possible to prove to the third party that electronic data other than non-disclosed information are unaltered and the originality of decrypted information is assured, while controlling electronic data for partial disclosures and non-disclosures.
2. Description of the Related Art
As a result of the development of IT in recent years, the mode of usage and storage of administrative documents of central and local governments and books and contracts of private enterprises are gradually shifting from paper to electrons (digital signals). More specifically, it is already currently easy to turn paper documents into electronic data as scanners are being widely and popularly used. Additionally, as the resolution of scanners is improved, electronic storage of paper documents that has not hitherto been permitted is currently accepted provided that such a form of storage meets certain security requirements.
Meanwhile, as the demand for electronic storage of documents and images increases, techniques for safely storing and managing electronic data become indispensable. It is commonly accepted that technological requirements such as “detection and prevention of falsifications”, “identification of the person who prepared a document”, “access management and access control” and “history management” have to be met for electronically storing documents that have been stored on paper, while maintaining the level of trustworthiness of paper documents. Known document management systems are functionally not satisfactory for meeting those requirements. Therefore, efforts have been and being paid for developing and marketing “originality assurance systems” that meet those technological requirements.
The security element technique that is being most popularly used for “originality assurance systems” is electronic signature. It is possible to identify the person who prepared a document (identity) by means of electronic signature and prove and confirm that the document has not been altered (unfalsifiedness) since the time of preparation of the document to the third party. A technique of time stamp is also known. It is a technique that resembles electronic signature but, with time stamp, it is possible to prove the clock time when an electronic document is finalized in addition to the functions of electronic signature. Three related known techniques will be described below.
(1) Technique of Storing Original Electronic Documents
Patent Documents 1 and 2 (Jpn. Pat. Appln. Laid-Open Publication No. 2000-285024 and Jpn. Pat. Appln. Laid-Open Publication No. 2001-117820) are known as technique for assuring the originality of an electronic document.
(2) Technique of Blotting Out Electronic Documents
A method of solving the problem of blotting out electronic documents is proposed in Non-Pat. Document 1 (Information Processing Society/Computer Security Committee (CSEC) Paper “The Problem of Blotting out Electronic Documents” (Jul. 17, 2003) (2003-CSEC-22-009). Non-Pat. Document 2 (SCIS2004 Paper “A Technique of Blotting out Electronic Documents that can Control Disclosure Conditions”).
(3) XACML (Extensible Access Control Markup Language)
This technique is authorized as standard by the OASIS (Organization for the Advancement of Structured Information Standards) and provides specifications for defining the right of accessing XML (extensible Markup Language) documents. With this technique, it is possible to describe “who” can access a resource at “what place” and by what “right”. In other words, it is possible to control accesses that require judgment on complex conditions such as “users over twenty” or “only registered users”.
The prior art originality assurance is directed to documents whose originals are stored at clearly identifiable places. In other words, the prior art is based on an idea similar to that of storing paper documents in key-locked lockers in the sense of managing the originals in a finalized format in safety. Then, in such an original storing environment, electronic signature is very effective for assuring the identify of a person and the unfalsifiedness of a document in such conditions.
However, from the viewpoint of originality assurance of documents to be subjected directly to additions, corrections, partial manipulations such as concealment and processing and circulated around such as letters of application and those of proposal, the general technique of electronic signature can make an obstacle because it does not allow any processing by natures. In other words, the prior art does not take manipulations, processing and circulations of documents into consideration and is centered at storing electronic data by means of electronic signature.
Now, the problems of the prior art of (1) through (3) listed above will be discussed below.
(1) Technique of Storing Original Electronic Documents
Pat. Documents 1 and 2 provide a technique of providing electronic information with characteristics of original paper documents when electronic data are stored and protecting electronic data against falsifications and, if falsified, detecting falsifications.
Thus, this technique is developed by paying attention on the mechanism of safely storing and managing electronic documents in the finalized format as originals whose places of storage are clearly identifiable in an organization.
In such an original storing environment, when an electronic document is corrected, if partly, the correction is recognized as “falsification”. For example, when “correcting a letter of contract written on paper”, “a character to be corrected is overwritten by double lines and sealed by the corrector, and the right character is written in a space located right above”. If the character is corrected, the original of the letter of contract remains as proper and authentic original.
As far as paper is concerned, such an action of correction is officially judged to have followed proper procedures and its validity and authenticity can be proved to the third party.
On the other hand, if the conventional technique of storing an original is applied to an electronic document, there arises a problem that it is not possible to determine if the corrected part is a falsification or a correction made by following proper procedures because current electronic signature is designed and characterized in that any alteration made on electronic data can be detected.
(2) Technique of Blotting Out Electronic Documents
The paper on “the problem of blotting out electronic documents” proposes a technique of blotting out electronic documents that can dissolve the problem that the signature put to a document cannot be verified when the document is partly hidden. Thus, by applying the technique of blotting out electronic documents according to the paper, it is possible to verify the signature of a signed electronic document even when it is blotted out and prove to the third party that the document is not altered except the blotted out part or parts “to make it possible to prove to the third party in a condition of partly concealing (blotting out) the contents”.
However, the technique of blotting out electronic documents according to the above-cited paper only assures the person who prepared an original document but cannot identify the person who blotted it out, if partly. Additionally, the paper describes a conceivable scene of utilization where the problem of blotting out electronic documents arises in an information disclosure system and an inhabitant argues with an administrative agency. In other words, the paper is written without taking a situation where a partly blotted out document is circulated among a plurality of entities and used by them into consideration.
Additionally, the technique replaces a blotted out part of an electronic document with hash information. In other words, it cannot control an electronic document for partial disclosures and non-disclosures depending on the condition and the situation of each viewer. Furthermore, the viewer cannot confirm and prove if non-disclosure part of information is prepared by the person who prepared the document and has not been altered.
(3) XACML (extensible Access Control Markup Language): Specification for Establishing the Right of Access to XML Documents
This technique makes it possible to control “who” can access a resource at “what place” and by what “right”. This known technique is realized by specifically relying on the fact that electronic documents can be controlled for partial disclosures and non-disclosures and it is possible to prove that non-disclosure part of information is not leaked to other than the entities (persons and systems) authorized for viewing. In other words, it is not possible to prove that information other than non-disclosure part thereof has not been altered (originality, integrity) and confirm or prove that non-disclosure part of information is prepared by the person who prepared the document and has not been altered.