The present invention relates to a method of encrypting and decrypting digital contents. According to the technique of the present invention, it is possible to disclose digital contents selectively to users, depending on roles of the users.
Recently, as information and communication devices develop, business processing, which has been conventionally performed on paper, is becoming computerized. Along with this, procedures (workflow) for application and approval, which are conventionally carried out on paper, are being executed electronically through a network (For example, see paragraphs 0013-0024 of Japanese Unexamined Patent Laid-Open No. 2005-135072 (hereinafter, referred to as Document 1)). Such digital content exchanged through a network usually include information (for example, private information) whose disclosure should be restricted depending on users browsing the content. Once such information leaks, immeasurable damage such as compensation for the loss or loss of credibility is caused.
Here, “content” means a record such as text, sound, picture and the like contained in a petition, an application or minutes of a meeting, or information arbitrarily combining two or more of them. When in particular these items are expressed in digital data, they are called “digital content”. However, in the following description, digital content is a simply referred to as content.
Conventionally, when content should be disclosed selectively to users depending on roles of the users, the content is managed in a centralized way by a database and access to the database is controlled such that information is not disclosed to an unauthorized user (See, the paragraphs 0013-0024 of Document 1).
On the other hand, with respect to content exchanged through a network, methods of encrypting information for safeguarding are known.
Such methods include a method in which encryption keys are generated hierarchically and used for partial encryption of content so that a content area available to a recipient having a low authorization is restricted (for example, see paragraphs 0013-0035 of Japanese Unexamined Patent Laid-Open No. 2002-366030, which is hereinafter referred to as Document 3), and a method in which a key of a specific user is used for partial encryption of private information in an electronic medical chart so that an unauthorized user cannot browse the private information (for example, see paragraphs 0009-0011 of Japanese Unexamined Patent Laid-Open No. 2003-5645, which is hereinafter referred to as Document 2).