This invention relates to an information processing method and, more particularly, to a method of checking reliability/credibility of objects existing on a network, searching/retrieving those objects of higher credibility and using the same.
In the field of highly secured information processing, such as an accounting calculation or an electronic commerce, it has been strongly desired to provide an assurance of credibility of rule sets and data that are embedded into business objects (or classes) for use in such information processing.
In particular, for those business objects referring to rule sets (e.g., logic for calculating various taxes and logic for calculating various financial evaluation indices) and data that are frequently changed to reflect day-to-day transactions, including currency exchange rates and accounting rules, as well as revisions of the related laws, it is required that the referenced rule sets and data are created/provided by credible creators/providers and yet they are still valid at the reference time.
For example, if a user of a business object refers to an obsolete currency exchange rate, or uses an older accounting rule that is already illegal, this may cause the user""s business to be detrimentally affected. On the other hand, even if a user""s business is damaged by an erroneous reference to an obsolete business object provided from a credible provider, or another object with the same name provided from an incredible provider, the said credible provider may be claimed to be liable for his/her provided business object.
Such a business object has been normally referred to by its name alone. That is, object retrieval is performed by determining whether or not there exists any object with the same name on a predetermined object retrieval path. Thus, if multiple objects with the same name exist on the retrieval path, one of the objects first located along the retrieval path in accordance with its defined retrieval order may be used/referred to without checking credibility thereof. Namely, there has been no checking as to whether or not the latter object were updated, who created the latter object, and the like.
To address such a problem of credibility, a prior approach enables an object provider to centrally control objects in such a way that the newest objects are dynamically downloaded from a server of the provider via a network. However, this approach is not an effective solution to the aforesaid problem. This is because, in a case where another object with the same name provided from another provider is entered into the retrieval path in an intermixed manner, or where data caching or data replication is performed via the network without concurrently purging an older object stored therein, the newest object intentionally provided from the former provider for use by a user may not be necessarily referred to by the user.
In particular, if an object in transit is massaged/corrupted by a malicious third party, or the corrupted object is erroneously referred to, a user may be unable to find such a corruption. As a result, the user may refer to an unintended object with the same name but with a completely different content, or another object changed to contain a malicious numerical value.
Also, there is an additional case where contents of currently valid objects are to be invalidated as of a certain fixed date (e.g., as a result of enforcement of a new law from a prescribed date, calculation logic for taxes has to be timely changed). To cope with such a case, there has been a need for an object provider to prevent older objects from being continually used by their current users after such an enforcement date and to cause the newest objects to be used by the users instead.
In such a case, a provider has normally informed current users of switching to the newest objects and of an associated switching method, whereas each user has performed switching to the newest objects (including changing of a path and replacement of the involved objects) in accordance with the informed procedure. Thus, each user has been required to perform change work for making reference to the newest objects, which has resulted in a significant burden to each user.
A prior invention disclosed in Japanese Patent Publication (PUPA) H8-6784, entitled xe2x80x9cSystem and Processing Method for Preventing Usage of Unauthorized Copy of Software/Copyright Workxe2x80x9d, is directed to a technique for preventing unauthorized use of licensed software by a user and for enabling a license granted to a rightful user alone to be automatically extended. However, this prior technique is quite apart from this invention in that it does not intend to check security of software on a user""s side, nor does it intend to automatically correct a security problem. Thus, its configuration and technical advantages are significantly different from those of this invention as briefed below.
In this invention, various storage means distributed across a network are prioritized in such a way that a given object to be used may be flexibly determined no matter where the object exists and that such prioritization may be easily changed. Also, since object management information (e.g., term""s validity information) is embedded into an object, whenever the object is used at an user""s side, it is possible to determine whether or not the term of this object has been expired.
In one aspect of this invention, for each object, a signature and a certificate of its provider are embedded therein, so that its security may be checked at its user""s side. In the above identified prior invention, however, there is no such certificate or signature of a provider. Rather, term""s validity information is solely used for authorizing a rightful user to use the licensed software until the expiration date and, thus, the prior invention cannot ensure that the licensed software is the newest one and yet it is still valid.
In the prior invention, it is essential to download a key (or a portion of the licensed software) from a host to a terminal that is uniquely associated with the key. On the contrary, this invention is arranged to have information on retrieval paths, since it takes account of a function for retrieving an object on a network and a distributed environment that does not accompany downloading. Thus, this invention may be applied to such software that comprises a set of small components written in xe2x80x9cJavaxe2x80x9d (trademark of Sun Microsystems), and to distributed object software as well that does not require any execution software existing on a local system.
The following problems are solved by the present invention.
It is therefore an object of this invention solve the following problems. It is an object to provide an information processing system that enables a user to always use a business object in the assurance of its credibility.
It is another object of this invention to provide an information processing system that is secure against usage of a business object corrupted by a malicious third party.
It is another object of this invention to provide an information processing system that enables to flexibly change a site which should obtain an object to be used.
It is another object of this invention to reduce an amount of user""s work required for changing an object to be used.
It is another object of this invention to provide a computer system that does not depend on a platform of a local system.
It is another object of this invention to reduce an amount of communication data in an information processing system.
It is another object of this invention to provide an information processing system that enables to flexibly provide an object which should have a content requested by an application.
It is another object of this invention to provide, as a framework of a business object, a common mechanism for assuring security of an object transferred in a network environment.
It is another object of this invention to provide an assurance of credibility even in an environment provided with a weak security mechanism such as a Java environment.
It is another object of this invention to provide a system that enables to maintain credibility of such information with a fixed time limit (e.g., a rule set, including a currency exchange rate, an accounting rule, a tax law or the like) and to make a reference thereto on a real-time basis.