1. Field of the Invention
The present invention relates to an information processing apparatus for adding a signature to an electronic file and method thereof.
2. Description of the Related Art
Electronic signature techniques are utilized to certify the creator of an electronic file and to assure that the electronic file has not been altered. For example, an electronic file or a digest thereof is encrypted and the encrypted value is added to the original electronic file to achieve the addition of an electronic signature. When an electronic signature is verified, the encrypted electronic file or digest value is decrypted. If the original electronic file or its digest and the decrypted value are the same, this assures that alteration has not taken place. Although it is possible with this electronic signature technique to verify whether or not alteration has taken place with regard to the entire document, it is not possible to specify which portion of an electronic file has been altered if alteration has taken place.
In order to solve this problem in an XML or other structured document, the specification of Japanese Patent Application Laid-Open No. 2002-229448 describes a technique for generating a signature from each of the structural elements that constitute the structured document and combining the generated signatures (codes) into a single signature that corresponds to the structure.
Further, consider a case where the information of a structured document is stored in a database or the like and utilized by a back-end system, etc. In this case, information such as spaces and tabs at the beginning and end of content in a structured document is treated as invalid data and the structured-document information is stored in a database after this invalid data is deleted by a technique such as trimming. As a consequence, when the original structured document is reconstructed from the information stored in the database, a situation in which the space and tab information, etc., is missing is conceivable. When the signature of a signed structured document stored in the database is verified in such case, the document will be determined to have been altered owing to the missing spaces and tabs, etc.
As a method of solving this problem, the specification of Japanese Patent Application Laid-Open No. 2005-333233 describes a signature technique whereby a signature is applied to a structured document upon extracting valid signature-target data obtained by deleting space and tab data, etc., which was originally included in order to facilitate readability, from the signature-target data. The application also describes a technique for verifying a signature upon extracting valid signature-target data obtained by deleting space and tab data, etc., from signature-target data.
There are also occasions where a structured document contains data unrelated to printing. Examples which can be mentioned are meta information such as creation date and time and creator name, and structural elements that have not actually been linked. In addition, XPS (XML Paper Specification) is one example of a structured document format. XPS is a structured document format developed by Microsoft Corporation and is composed of XML, which holds information such as document structure, rendering information and print settings (print ticket), and various parts referred to as binary resources such as bitmaps and fonts. In such a structured document, even a change in print settings will result in a determination that the document has been altered if a signature has been applied to the entire electronic document. Since it is easy to add an electronic signature to every structural element of a document because of the specifications of XPS, it is believed that applications and systems that apply a signature to every structural element will become more widespread in the future.
There are cases where it is desired to change dynamically, depending upon the location (storage location) of an electronic document, the scope of guarantee afforded to the document by an electronic signature. For example, consider a case where a document, the creation of which is in progress, is stored in a shared server (or folder) that does not have a high level of security, and then the document is moved to a high-security folder upon completion. In such a case, meta information and print settings, etc., contained in the electronic document need not be guaranteed when in the shared folder not having the high level of security. However, if the electronic document exists in the server (or folder) having the high level of security, it is preferred that the entire electronic document be covered by the scope of the guarantee. That is, there is demand for a system in which the scope of a guarantee (verification) is changed dynamically depending upon the document location (URL, IP address, folder, etc.) when the document is stored and moved.
However, in order to change the scope of a guarantee dynamically in accordance with the storage destination of a document as mentioned above, the following problem arises in the prior art: Specifically, in Japanese Patent Application Laid-Open No. 2002-229448, the addition and verification of an electronic signature in relation to a structured document is carried out in accordance with the depth level of each structural element in a tree. As a consequence, depending upon the depth level of a tree, such as print settings, a structural element for which a decision as to whether the element is necessary or not cannot be made one to which the guarantee does not apply. Further, when a signature is attached, it is necessary to decide the scope of verification and the scope of the guarantee cannot be changed dynamically. Further, according to Japanese Patent Application Laid-Open No. 2005-333233, the application of a signature to a structured document is carried out upon extracting effective signature-target data (e.g., data from which spaces and tabs, etc., have been deleted) in line with a predetermined rule. In addition, at the time of verification as well, the effective signature data is verified upon being extracted in line with the rule used when the signature was attached. As a result, it is necessary to decide the scope of verification when the signature is attached and scope of the guarantee cannot be changed dynamically.