This invention relates to an electronic document management system, and in particular to an electronic document management system that can control an access right to electronic documents covering different authorization systems.
In recent years, the prevalence of local area networks has made it possible for the users in different environments connected by networks to access each other. Normally, for electronic files (electronic documents) created in systems on the networks, an access right is set to allow reference to or update of the electronic file contents. For example, in a UNIX operating system (UNIX is a registered trademark in USA and other countries licensed by X/Open Company Ltd), which contains a UNIX file system, the access right to allow reference to or update of the electronic documents managed by the UNIX file system can be assigned to owners, groups to which the owners belong, and superusers (managers).
The operating systems such as UNIX, Windows NT (trademark of Microsoft Corporation USA), and NetWare (registered trademark of Novell Inc. USA) are available and electronic documents prepared by application software programs operating under the operating systems are distributed and copied everywhere via networks. For example, when an electronic document is copied or moved from one UNIX client computer to another, the information on the access right set in the electronic document is also copied or moved with the electronic document contents. For example, if one electronic document entered in a UNIX client computer is copied to a NetWare file server, of course, the electronic document contents are copied intact, but the access right information such as the content reference right and update right set in the UNIX client computer is not copied to the NetWare file server operating in a different manner from the UNIX operating system and the access right of the person who copies the electronic document is set.
Thus, in the network environment, the content reference right, update right, etc., of an electronic document can be set for each operating system, but the access right to the electronic document is granted in the file system of the operating system under which the electronic document is prepared.
Known as prior arts are a system wherein whether or not access is allowed is specified for each document and document field for providing security of the electronic documents (Japanese Patent Unexamined Publication No. Hei 7-191975), a document management system wherein fine reference authorization to each registered document can be granted in response to user's attributes (Japanese Patent Unexamined Publication No. Hei 7-239807), and the like.
The access right to electronic documents handled by conventional application software products (content reference right, update right, etc.,) is controlled in the file system proper to the operating system that can execute user management; it is controlled by each operating system which identifies (manages) the user accessing the electronic document. This means that the access right attendant on the electronic document can be controlled only if the electronic document exists in the file system and the user accessing the electronic document is recognized by the operating system.
However, in an environment where computers in which different operating systems are installed exist on the network, if one electronic document in one file system is moved or copied to another file system in a different operating system, setting of the access right attendant on the source file system is not transferred to the move or copy destination file system, thus a security problem arises.
Since access right control is proper to each operating system, access right control to one electronic document could not be performed for an arbitrary user of an arbitrary operating system. For example, it would be impossible to perform content reference/update access right control to one electronic document for UNIX user A and access right control of only content reference for Windows NT user B.