1. Field of the Invention
The present invention relates to a document access control system, data processing apparatus, a program product and a document access control method, and more particularly to a document access control system, a data processing apparatus, a program product and a document access control method for enabling document access control to be performed even in an offline environment.
2. Description of the Related Art
An access control method according to a related art case is conducted as follows. First, a security policy defining allowance of document access (e.g. browsing, editing, printing) and conditions for access are set to a server beforehand. In a case where the client side wishes to access an encoded document file, a document application of the client queries the server for allowance of access and conditions for access. In a case where the server allows access of the client, the server sends a decoding key to the client for allowing the client to access the document file (for example, see U.S. Pat. Nos. 633,925 and 6,289,450, Japanese Laid-Open Patent Application No. 2004-152261).
With this method, a uniform security policy can be reliably applied to a wide area. However, in an offline environment where the server cannot be accessed, the access authority information of the document file and the decoding key according to the security policy cannot be obtained. Therefore, the document file could not be used in the offline environment.
In order to solve this problem and achieve document access in compliance to the security policy even in an offline environment, there is a method where necessary information is stored in the client side so that offline access can be controlled based on the information stored in the client (for example, see Japanese Laid-Open Patent Application Nos. 2003-228520 and 2005-141746).
However, with this method, the server requires that the document file be opened to trigger the storage of the information necessary for offline access. That is, the document file is to be opened at least once for allowing the necessary information to be cached in the client side. Therefore, in a case where the document file has never been opened, the document file cannot be accessed in an offline environment.
In addition, the method disclosed in Japanese Laid-Open Patent Application No. 2003-228520 does not specifically describe the timing in which the necessary information is stored in the client. This method has a decryption key included in the document file so that access can be controlled depending on whether the decryption key can be extracted from the document file. This method is significantly different from the document protecting method of the below-described document access control system according to an embodiment of the present invention which does not include the decryption key in the document file.
The same as the method disclosed in Japanese Laid-Open Patent Application No. 2003-228520, the method disclosed in Japanese Laid-Open Patent Application No. 2005-141746 also has a decryption key included in the document file so that access can be controlled depending on whether the decryption key can be extracted from the document file. This method is also significantly different from the document protecting method of the below-described document access control system according to an embodiment of the present invention.
Meanwhile, as methods according to a related art case for allowing data to be used offline on the premise that the data are used online, there are, for example, a function of locally caching the contents of a page once accessed by a Web browser of a client's PC (personal computer), a function of periodically caching the content of a pre-registered Web page, a file cache function of allowing a file in a file server to be used even in an offline mode, or a replication function of locally copying the content of a DB (Data Base) in a network.
However, these functions are merely methods of locally copying the contents that can be accessed online and are for allowing the basically same operation to be performed in an online mode and an offline mode. Thus, these functions do not serve to control access to the contents (more specifically, there is no difference in operation between the online mode and the offline mode).