JP2005310096A - Information processing system, information processing method, and computer program - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To suitably manage information resources used in a presentation of a meeting such as documents, and other various media. <P>SOLUTION: After specifying an individual by holding over an IC card, and logging into the system via an information processing terminal, information that is presently necessary is fetched from an information group (namely, an information asset) belonging to the individual, and displayed. Specified information can also be added to the information asset. As a matter of course, an information asset added in such manner can be displayed on another information processing terminal via personal identification, and information transfer to another participant can be carried out also. <P>COPYRIGHT: (C)2006,JPO&NCIPI

Description

  The present invention relates to an information processing system, information processing method, and computer program for realizing collaborative work by a plurality of people via a network, and more particularly, to a document and other various media composed of a plurality of participants. The present invention relates to an information processing system, an information processing method, and a computer program that realize a smooth operation of a conference in which a used presentation is developed.

  More particularly, the present invention relates to an information processing system and information processing method for managing information assets used for presentations in meetings, such as documents and various other media, and a computer program. The present invention relates to an information processing system, information processing method, and computer program for realizing storage, use, sharing, distribution / transfer of information assets used by a person.

  With the recent development of computing technology, computers have penetrated deeply into offices and general households. Coupled with this, various applications can now receive computer support.

  For example, conferences are frequently held in industrial activities and various other daily lives in a company. By incorporating a computer into a conference room, the operation of the conference can be supported.

  As an example of the conference support system, a remote conference system can be taken up. According to the remote conference system, in a plurality of remotely located conference rooms, an image / audio input device such as a camera or a microphone, an image / audio output device such as a monitor or a speaker is installed, and a communication line is used. Events such as remarks and questions and answers held in each conference room can be shared, and proceedings can be synchronized between remote locations.

  For example, there is an interactive system control method as a conference system in which a plurality of users can interact by network connection of terminal devices (see, for example, Patent Document 1). According to this method, each terminal device processes the participation in the dialogue and the withdrawal of the participant, thereby enabling free participation and withdrawal and performing a dialogue corresponding to the conference.

  In addition, as the conference progresses, not only the video of the participants in the conference, the audio of the participants' entire contents, but also the whiteboard used in the conference, slides and other presentation materials are relevant to the conference. Various materials can be shared and stored between conference rooms.

  Proposals have been made on a conference system that can easily prepare and store shared materials used in a conference (for example, see Patent Document 2). In this case, a first process of providing a TV teleconference service by an information providing apparatus that operates a conference support website on the Internet, and a conference participant (user) uses a communication terminal and passes through this information providing apparatus. The second step of conducting a meeting in real time using shared materials, making it easy to prepare and store shared materials used for the conference, and to write on materials on the spot It can also solve problems caused by differences in application software and versions.

  In addition, the conference system digitizes and stores various data generated during the conference, such as video and audio, and various media data related to the conference, such as whiteboards, slides, and other presentation materials. Can be stored in synchronism with video and audio, that is, the progress of the conference. By storing the data related to the conference in this way, these can be reused in the next conference (for example, see Non-Patent Document 1).

  Meetings are held almost every day at multiple meetings. For this reason, the amount of conference data captured and accumulated for each conference is enormous, and the number thereof increases day by day. The conference data mentioned here refers to presentation materials composed of documents and various other media, as well as minutes, etc., and can be stored in a computer database by digitizing.

  Here, each participant who listened to the presentation, including the presenter, may want to reuse the conference data for various purposes such as reviewing the decisions made at the conference or using them for the next presentation.

  The meeting itself is a collaborative work by multiple members. Therefore, information resources such as documents used in presentations and meeting minutes are one product of collaborative work, or a shared asset, and members should enjoy the benefits of each other. It is a habit that originally has. However, conventionally, in this type of conference-based system, information asset movement, information sharing, and distribution have not been sufficiently realized. For example, the presenter must carry a disk or device on which presentation material is written. In addition, the audience attending the presentation must request the presenter to distribute materials as necessary. The presenter must respond to this request individually and manually distribute the information, such as copying a disk or sending an attached mail.

  On the other hand, “Ubiquitous” has been proposed as a future direction of computers and networks. For example, it is desired to extract all knowledge regardless of location and time.

  The term “ubiquitous” or “ubiquitous computing” stems from the proposal by the late Mark Weiser of Palo Alto Research Laboratories at Xerox Corporation. It refers to an “environment in which the capabilities of computers with similar performance can be used. Regardless of “computing”, regardless of whether you have computer equipment such as a PC or PDA when accessing information, computers are installed in unison with everyday work spaces, and information is collected. -Computational capabilities such as management, information analysis and other arithmetic processing, information display, and information distribution are provided without the user's consciousness.

  By applying this ubiquitous technology to the conference system, not only formal information such as computer files but also individual implicit knowledge, that is, the flexibility of the work space is increased, and offices, companies, nationalities, etc. We believe that collaboration beyond the framework will be realized and business possibilities will expand. For example, it can be expected that information assets such as documents used in presentations and meeting minutes will be used almost transparently among contractors participating in the meeting.

  For example, regarding file sharing, a network system that can share files held by each mobile computer on a temporarily configured network is proposed (for example, see Patent Document 3). ) In this case, message communication between mobile computers is performed by designating a source address and a destination address, and is achieved by address conversion between a fixed address on the network and an address of the mobile computer connected to the network. . However, it is necessary to determine in advance the mechanism for interconnecting the address translator and the mobile computer and whether or not file sharing is possible. Conscious pre-procedures are required for file sharing, and unformatted information cannot be shared.

  In addition, a conference system that can easily prepare and store shared materials used in a conference has been proposed (see, for example, Patent Document 4). In this case, a video teleconference service is provided through an Internet portal site, and conference participants conduct a conference in real time using shared materials through the Internet portal site using a communication terminal. However, it is necessary to download the application beforehand to the conference participant's terminal.

Japanese Patent Laid-Open No. 3-192845 JP 2002-41429 A JP-A-8-70300 JP 2002-41429 A Japanese Patent Application No. 2003-201673 Specification

  An object of the present invention is to provide an excellent information processing system and information capable of suitably realizing a smooth operation of a conference composed of a plurality of participants and presenting a presentation using documents and various other media. A processing method and a computer program are provided.

  A further object of the present invention is to provide an excellent information processing system, information processing method, and computer program capable of suitably managing information assets used for presentations at meetings, such as documents and various other media. There is to do.

  A further object of the present invention is to provide an excellent information processing system, information processing method, and computer program capable of suitably realizing storage, use, sharing, distribution and transfer of information assets used by each participant in a meeting. Is to provide.

  The present invention has been made in consideration of the above problems, and a first aspect of the present invention is an information processing system for managing information assets of a plurality of users, each of which includes a plurality of information processing apparatuses each including a user authentication device. A terminal and an information asset holding device that holds a document / workset owned by each user as a user's information asset, and the user can use the information processing terminal that can be used through personal authentication by the user authentication device. Information processing characterized in that access to the document work set in the information asset holding device is permitted and access to the document work set from another information processing terminal that has undergone personal authentication by the user authentication device is permitted. System. The user authentication device referred to here can be constituted by, for example, an IC card reader that reads an IC card carrying user authentication information.

  The information processing system according to the present invention is implemented by a network computing environment connected to a network. The present invention can be applied to a remote conference system, for example. In this case, a distributed conference room in which a plurality of information processing terminals and participants exist can be configured as a conference system.

  In this type of distributed conference room, it is essential to appropriately manage information resources used for presentations at meetings, such as documents and various other media. For example, it is preferable that information exchange of materials used for presentations is performed smoothly between participants.

  According to the present invention, for example, an authentication medium such as an IC card is introduced to authenticate each participant in the conference. Then, after identifying the individual by holding the IC card and logging in to the system via the information processing terminal, the information (document / work set) required this time is extracted from the information group owned by the individual, that is, the information asset, and displayed. . Further, the identified information can be further added to the information asset. Each user's information asset is stored or managed in a document archive as an information asset holding device, and access to the information asset is restricted by personal authentication of the owner user. Of course, the information asset stored in the document archive in this way can be displayed on another information processing terminal through personal authentication, or can be transferred to other participants.

  In a conventional distributed conference room, copying information between participants is complicated. On the other hand, according to the present invention, each participant holds an IC card for identifying an individual, and through his / her authentication process by reading the card at the nearest information processing terminal, his / her information (document / work set) is obtained. The terminal for display output can be easily changed, and information can be transferred between participants by a simple operation.

  Here, the user creates or edits a document work set using a document stored in a predetermined document archive via an information processing terminal that can be used through personal authentication by a user authentication device. can do. The document archive mentioned here may be a private data server that stores documents and various media data as unique assets in the conference system, or is constructed on a wide area network such as the Internet. The entity may be a vast information providing space such as WWW (World Wide Web). In the latter case, a document work set can be created or edited using a document or media data that has been released or licensed in the information providing space.

  Further, the document work set is configured as a collection of actual document data, and may be configured only with reference information to the document archive for each document.

  According to the information processing system of the present invention, for example, after a user creates or edits a document / workset on the first information processing terminal that can be used through personal authentication by the first user authentication device. The document / workset can be taken out from the second information processing terminal that has been moved and moved through personal authentication by the second user authentication processing device.

  In addition, the second user creates a document / workset created or edited on the first information processing terminal that can be used by the first user through personal authentication by the first user authentication device. It can be accessed from the second information processing terminal that can be used through personal authentication by the authentication processing device.

  For example, the first information processing terminal includes a transmitter that transmits the authentication information of the first user, the second information processing terminal includes a receiver, and the second information processing terminal receives The document workset may be accessed using the first user authentication information.

  Alternatively, the first information processing terminal includes a transmitter that transmits the document workset, and the second information processing terminal includes a receiver that receives the document workset, and can be used after authentication processing. The document work set itself may be directly transmitted between the information processing terminals in the state.

  Alternatively, the second information processing terminal includes a transmitter that transmits a request signal for requesting access to the document workset, the first information processing terminal includes a receiver, and the first information The processing terminal may allow access to the document workset in response to receiving the request signal.

  Further, in the second information processing terminal, instead of operating the original document / workset to which access is permitted, a copy thereof may be taken and the copied document / workset may be operated.

  In addition, transmitters and receivers used for sending and receiving authentication information, documents and work sets, or request signals apply communication using infrared or other highly directional electromagnetic waves in order to avoid interception by unauthorized users. It is preferable.

  As described above, by introducing an IC card as an authentication medium, authentication processing of individual users such as conference participants can be performed safely and efficiently. When the user carries only the IC card, the user cannot rewrite the stored contents in the IC card. On the other hand, when the IC card function is built in a portable device such as a cellular phone or PDA (Personal Digital Assistant), the stored contents in the IC card are stored using the calculation function or user interface on the portable device side. Since the user can directly rewrite on the spot, the access procedure to the document work set using the authentication as described above can be operated more flexibly.

  For example, it is assumed that the user holds a mobile phone with a built-in IC card function. In this case, reference information such as a URL (Uniform Resource Locator) indicating the location of the document workset owned by the user is written to the IC card together with user authentication information necessary for accessing the document workset. Since writing to the IC card is performed using the user interface of the mobile phone, operability is good. For example, it is possible to visit a document archive site on a mobile phone, obtain the URL of a desired document work set, and directly instruct writing to an IC card.

  Then, the user holds the mobile phone over the user authentication device of the information processing terminal, that is, the IC card reader. The information processing terminal can read reference information and user authentication information from the IC card. Then, personal authentication is performed on the document archive using the user authentication information, and then the read / out of the reference information is used to access the document workset owned by the user (or specified by the user). Can do.

  In such a usage mode, the IC card in the mobile terminal has authentication information that regularly permits access to a document / workset owned by the user, or temporary or temporary authentication information that temporarily permits access. An IC card can be written. Further, it is possible to write only a part of the reference information, not the entire document / workset owned by the user, into the IC card as a target to which access is permitted. On the information processing terminal side, when the reference information and the temporary user authentication information are read from the IC card, the personal authentication can be performed on the document archive regularly, temporarily, or temporarily, and the reference information is used. Access to the document workset in the information asset holding device, or a portion of which access is permitted, is possible.

  In addition, when issuing regular, temporary or temporary user authentication information for accessing a document / workset, as information for generating authentication information, for example, the URL of the information processing terminal or the information processing terminal itself You can use the certificate. In this case, the information processing terminal can pass raw information to the user's mobile terminal by writing its own URL or certificate in the IC card. Then, on the mobile terminal side, authentication information for the information processing terminal is generated based on such raw information, and reference information for a document / workset or a part thereof that permits access to the information processing terminal is created. Is written in the IC card together with the authentication information.

  Then, the user holds the mobile phone over the user authentication device of the information processing terminal, that is, the IC card reader. When the information processing terminal reads the reference information and the user authentication information from the IC card, the information processing terminal performs personal authentication using the user authentication information for the document archive, and uses the document information in the information asset holding device using the reference information. Access to some of them.

  Further, when the user passes authentication information necessary for access to his / her document / workset to the information processing terminal, an authentication procedure may be performed between the user's portable terminal and the information processing terminal. For example, authentication can be performed between the portable terminal and the information processing terminal by a procedure based on the challenge response. In this case, the mobile terminal generates authentication information for the information processing terminal through a challenge response with the information processing terminal, and reference information for a document / workset or a part thereof that permits access to the information processing terminal Is written in the IC card together with the authentication information. Then, when the information processing terminal reads the reference information and the user authentication information from the IC card, it performs personal authentication using the user authentication information for the document archive, and then uses the reference information for the document workset or Access to some of them.

  Further, in the above case, the portable terminal can write the document information by the information processing terminal to the document archive before writing the authentication information for the information processing terminal and the reference information for the document workset or a part thereof to the IC card. A procedure for requesting access permission for the workset may be added.

  The mobile terminal may request the document archive in advance for permission to access the document work set by the information processing terminal. Then, permission information indicating permission and reference information for accessing the document work set or a part of the permission are written in the IC card. In this case, when the information processing terminal reads the permission information and the reference information from the IC card, the information processing terminal can access the document work set or a part of which access is permitted using the permission information and the reference information. .

  According to a second aspect of the present invention, there is provided a computer program written in a computer-readable format so that processing for managing information assets of a plurality of users is executed on a computer system. Managing the owned document workset as a user's information asset, accessing the user's own document workset through an information processing terminal that has been made available through personal authentication, and And a step of permitting access to a document / workset from another information processing terminal that has undergone authentication.

  The computer program according to the second aspect of the present invention defines a computer program described in a computer-readable format so as to realize predetermined processing on a computer system. In other words, by installing the computer program according to the second aspect of the present invention in the computer system, a cooperative action is exhibited on the computer system, and the information processing according to the first aspect of the present invention is performed. The same effect as the system can be obtained.

  Advantageous Effects of Invention According to the present invention, an excellent information processing system and information that can suitably realize a smooth operation of a conference composed of a plurality of participants and presenting a presentation using documents and various other media. A processing method and a computer program can be provided.

  Further, according to the present invention, an excellent information processing system, information processing method, and computer program capable of suitably managing information assets used for presentations in meetings, such as documents and various other media, are provided. Can be provided.

  In addition, according to the present invention, it is possible to suitably realize storage, use, sharing, distribution / transfer of information assets used by each participant in a meeting, and an excellent information processing system, information processing method, and computer A program can be provided.

  When the present invention is applied to a conference system to form a distributed conference room in which a plurality of information processing terminals and participants exist, information assets can be exchanged smoothly between participants. For example, an individual is specified by holding an IC card, information necessary this time is extracted from an information group owned by the individual, that is, an information asset, and displayed. Further, the identified information can be further added to the information asset. Of course, the information asset added in this way can also be displayed on another information processing terminal via personal authentication, or information can be transferred to other participants.

  In addition, when an IC card is introduced as an authentication medium that carries authentication information indicating the authority to access a document / workset, a mobile device such as a mobile phone or a PDA has a built-in IC card function, so that the computation on the mobile device side can be performed. Since the user can directly rewrite the contents stored in the IC card on the spot using the function and the user interface, the access procedure to the document work set can be operated more flexibly.

  Other objects, features, and advantages of the present invention will become apparent from more detailed description based on embodiments of the present invention described later and the accompanying drawings.

  Hereinafter, embodiments of the present invention will be described in detail with reference to the drawings.

  FIG. 1 schematically shows a configuration of a remote conference system 1 according to an embodiment of the present invention. As shown in the figure, the remote conference system 1 has a configuration in which a plurality (two in the illustrated example) of base systems 10 and 20 are interconnected by a shared workspace server 30. In the example shown in the figure, the shared workspace server 30 is drawn to connect two bases (that is, a conference system) for the sake of simplicity of the drawing, but is limited to one-to-one connection. Instead, it should be understood that three or more locations can be interconnected.

  The shared workspace server 30 is different from a multipoint connection device that is positioned as the center of a star connection using a circuit switching system communication path such as a telephone line between systems. As will be described later, the shared workspace server 30 includes a session for managing connections between conference systems, files used during the conference and generated as conference records, reference information for resources related to the conference, conference It is configured to manage history information on access to files and the like performed by participants.

  The base systems 10 and 20 correspond to a conference system that operates independently, and a conference is operated for each base. These base systems can be configured based on a conventional video conference system. For example, video / audio servers 11 and 21 are equipped, and input / output of images and sounds from cameras, microphones, monitors, speakers, etc., and encoding / decoding of images and sounds, and transmission / reception with other base systems. In addition, participants can share their actions and behaviors at each site.

  Also, the electronic blackboards 12 and 22 are prepared in both conference rooms, and writing is performed at each base. In addition, the application is shared between the base systems. In the present embodiment, a graphical user interface (GUI) provided by the shared workspace is presented on the electronic blackboards 12 and 22, and the participants of the conference operate to operate the multimedia communication conference system. And access information such as files related to the conference (described later).

  Participants of the conference at each site are users of the remote conference system 1. The conference participants call the individual multimedia communication conference system by operating the graphical user interface provided by the shared workspace, so that the user can recognize the multimedia communication conference system without being aware of the address. And information such as files related to the conference can be easily accessed from the conference system.

  Each base system 10 and 20 is equipped with an authentication device for authenticating a conference participant. In the present embodiment, each participant carries an IC card as a personal authentication medium, and the base systems 10 and 20 are equipped with card readers 13 and 23 for accessing the IC card to perform authentication processing and authority. Can be confirmed. The personal authentication medium carried by the user is not limited to a single IC card, and may be a portable terminal such as a cellular phone or a PDA (Personal Digital Assistant) with a built-in IC card function.

  The shared work space type remote conference system 1 as shown in FIG. 1 can support the collaborative work between remote locations by realizing the following matters.

(1) Immediately connect with collaborators.
(2) Take out documents necessary for collaboration immediately.
(3) Immediately link the results of collaboration to the next process.

  In the remote conference system 1 according to the present embodiment, a modality and a combination of modalities necessary for collaborative work can be provided to each base. For example, files such as audio and presentation materials, electronic blackboards, facial video distribution and remote collaborative editing can be packaged and used.

  Further, in the remote conference system 1, by presenting documents related to the collaborative work and automatically connecting to the members participating in the collaborative work, the space for performing the collaborative work is individually assigned to each group work (base). Adapt.

  In the remote conference system 1, real-time collaboration and non-real-time collaboration are performed. In other words, real-time collaboration is recorded (for example, an electronic blackboard or used presentation material is stored) and linked to non-real-time collaboration, or a document is linked to real-time collaboration and non-real-time collaboration is linked.

  A schematic operation procedure of the shared work space type remote conference system 1 according to the present embodiment will be described below.

(1) When the user uses the conference system, the user selects a shared workspace (login to the workspace or access with recognition).
For example, an ID is input to the system using an IC card corresponding to the shared workspace on a one-to-one basis. Alternatively, an individual logs in and selects a workspace by a GUI operation.
(2) Opening a shared workspace recognizes who is currently sharing the workspace and who is communicating on the conference system.
(3) When “Conference” is selected in the shared workspace, it is possible to participate in the remote conference from the base (multiple conferences such as general conference and individual-specific conference may be held in the shared workspace. ).
(4) A document can also be placed in the shared workspace, and the document can be referred to during the meeting or an image on the electronic blackboard of the meeting can be saved.
(5) The shared workspace is hierarchized, and mutual links are made by hyperlinks.
(6) The sub-workspace can be referred to while participating in the shared workspace.
(7) Manipulate the sub-workspace to disclose information to the shared workspace (drag and drop from the personal workspace).

  The user can log in to the system through a predetermined authentication process by holding the IC card over the base system 10 where the user is located. After login, the base system 10 presents a list of workspaces (authorized) related to the user. The workspace here is equivalent to one meeting. In addition, when another user continuously holds the IC card and requests login to the same base system 10, if login is permitted through the same authentication process, a workspace common to the user who has logged in first A list of Here, when a specific workspace is selected, a list of shared documents (files) linked to the workspace is presented. On the other hand, when the same work space is selected in the remote base system, the connection of the work space is established between these base systems, and the same operation as the local base system is performed. Then, a history of operations such as file opening, editing and the like for the shared document in the workspace is held and used later as a search key. There is no distinction between local and remote activity within the workspace.

  FIG. 2 schematically shows a functional configuration of the base server 100 for managing a conference (such as a video conference) in the base system 10. Although not shown, it should be understood that the base servers 200 in the other base systems 20 have the same configuration.

  The site server 100 is a sub-module that manages an authentication module that executes a part of the authentication steps at the site and a network address of a subsystem that constitutes the site system such as an electronic blackboard or a video / audio server installed at the site. A system management module and a base server manager for managing them are provided.

  The base server 100 communicates with the shared workspace server 30 based on the authentication information and authority information read from the IC card held by the conference participant using the connected card reader 13, and Realize usage.

  Each workspace is done by a session that manages connections between locations, or conference systems, files that are used during conferences or generated as conference records, reference information for conference-related resources, and conference participants History information on access to files and resources is managed.

  A graphical user interface is provided in the base system 10. By using this user interface, the conference participants can specify the same session provided in the workspace and perform collaboration call setting and information sharing. The resource related to the conference may exist in the base system 10, for example, or may be stored in another storage location in the base or a server outside the base, for example, URL (Uniform Resource). Locator (resource identifier) format. The access history is composed of information such as the location where the access occurred, the user (person) who accessed it, and the time of access.

  An access control list (ACL) is assigned to each session, file, reference information, and access history information in the workspace. Therefore, the workspace manager 31 can manage or restrict the use in units of workspaces, and also performs access control with fine granularity such as session units, file units, reference information units, or access history information units in the workspace. Can be performed.

  The base server 100 is realized, for example, by starting a predetermined server application on a general computer system such as a personal computer (PC) or a workstation (WS) connected to a network.

  FIG. 3 shows an implementation example of the base system 10. The base system 10 shown in the figure includes a web interface 1001 for users such as conference participants to access via a user interface (not shown) of an information terminal, a directory service 1002 for managing personal data, An IC card authenticating unit 1003 that performs authentication processing at the time of distributing a shared document, a document archive 1004 that stores a shared document in the site, an access history for the shared document, and other operations performed by the logged-in user in the site A metadata manager 1005 for acquiring and managing the action history as metadata and a presentation controller 1006.

  The web interface 1001 provides an entry for a user such as a conference participant to access via a user interface (not shown) of the information terminal.

  The directory service 1002 manages personal data about users (conference participants) in the base.

  The IC card authentication unit 1003 performs authentication processing at the time of user login, shared document distribution, and the like using an ultra-short-distance communication technology using an IC card and a tamper-resistant authentication technology (well known).

  The document archive 1004 stores a shared document in the base such as a presentation file used in the conference.

  The metadata manager 1005 obtains, in the background of the workspace, information such as the access history to the shared document, other action history performed by the logged-in user in the site, and distribution (take-away) of the shared document. , Manage as metadata.

  The presentation controller 1006 provides an interface for realizing collaboration between users (that is, conference participants) on a workspace such as a conference. There are various methods for configuring the presentation controller 1006. For example, a general computer user interface such as a display, a keyboard, a mouse, and a tablet may be installed in the conference room as it is. Alternatively, a user interface is configured by combining a projection screen onto a wall by a projector, a camera that captures a user operation on the projection screen, and a whiteboard. In addition, application operation buttons such as printing, displaying, and displaying a list of shared documents are arranged on the wall (described later). Of course, you may make it arrange | position the probe which detects a user command in a meeting room unconsciously of a user.

  Depending on the configuration of the presentation controller 1006, it does not matter whether a computer device such as a PC or PDA is possessed when accessing information. FIG. 4 shows an overview of a conference room according to an embodiment of the present invention. In the illustrated work space, a computer is installed in unison with the conference room, and the computing functions such as information collection and management, information analysis and other arithmetic processing, information display, and information distribution are provided without the user's consciousness. Has been. In other words, not only formal information such as computer files, but also individual implicit knowledge, that is, the flexibility of the work space is increased, collaboration beyond the framework of offices, companies, nationalities is realized, and business The possibilities expand.

  As already described with reference to FIG. 1, the base systems 10 and 20 are interconnected by the shared workspace server 30. FIG. 5 schematically shows the functional configuration of the shared workspace server 30.

  The shared work space server 30 is arranged to share a work space, which is an object for managing and using a task, which is a unit of collaboration, between the bases.

  The workspace manager 31 manages the workspace generated at each site in the remote conference system 1.

  An access control list (ACL) is provided for each workspace, and the workspace manager 31 spans a plurality of sites based on authentication information and authority information read from the IC card held by the conference participant. Manage or restrict the use of

  Each workspace is done by a session that manages connections between locations, or conference systems, files that are used during conferences or generated as conference records, reference information for conference-related resources, and conference participants History information on access to files and resources is managed.

  An access control list (ACL) is assigned to each session, file, reference information, and access history information in the workspace. Therefore, the workspace manager 31 can manage or restrict the use in units of workspaces, and can also set the bases with fine granularity such as session units, file units, reference information units, or access history information units in the workspace. It is also possible to perform access control.

  The shared workspace server 30 is realized, for example, by starting a predetermined server application on a general computer system such as a personal computer (PC) or a workstation (WS) connected to a network.

  For the mechanism itself of such a remote conference system, see, for example, Japanese Patent Application No. 2003-316473 already assigned to the present applicant.

  Next, a description will be given of a mechanism for a user as a conference participant to create a presentation material used by himself / herself in a meeting.

  Presentation materials are composed of documents and various other media. Here, a data unit in which a user handles documents, media, and the like is referred to as a “document / workset”. For example, in one presentation, one document work set is taken out and displayed on a screen or distributed to participants.

  Each user can have one or more document worksets. A collection of documents and work sets owned by one user is referred to as an “information asset” in this specification. Also, information asset entities for the entire system user (ie, all conference participants) are stored in a document archive 1004.

  The document workset may be an actual file formed by binding a document (data entity) edited by the user, or a reference to each document (data entity) stored in the document archive 1004. It may be a set of (URL). Alternatively, a document workset can be composed of a combination of documents and references. Of course, the document archive 1004 does not have to be a repository for entities of files and contents, but only records reference information for files and contents scattered in a vast information space such as the Web. Also good.

  A mechanism by which a user creates a document / workset will be described with reference to FIG.

  For example, a document workset manager 1010 for editing a document workset is provided for each site system 10.

  One or more information processing terminals 1020 are installed in the base system 10. The information processing terminal 1020 is connected to the document / workset manager 1010 via a LAN or the like, and is also locally connected to an IC card reader 1021 that performs an IC card reading operation.

  A user as a conference participant owns an IC card carrying his / her authentication information, and personal authentication is performed by holding the IC card over the IC card reader 1021, and the user logs in to the system 10 through such authentication processing. can do. A user who has successfully logged in is permitted to use an input device such as a keyboard and mouse and an output device such as a display monitor of the information processing terminal 1020, and the document / workset manager 1010 via these user input / output devices. Can create and edit documents and work sets.

  Document workset manager 1010 can create a document workset using the documents stored in document archive 1004. The document archive 1004 is, for example, a private data server that stores documents as various assets of the remote conference system and various media data. Alternatively, a vast information provision space such as WWW (World Wide Web) constructed on a wide area network such as the Internet may be the entity of the document archive 1004. In the latter case, the document workset manager 1010 can use a document or media data that is disclosed or licensed in the information providing space.

  The document workset manager 1010 accumulates the created document workset of each user locally. Each user can have one or more document worksets. A collection of documents and work sets owned by one user is called an “information asset”. Also, information asset entities for the entire system user (ie, all conference participants) are stored in a document archive 1004.

  The created document workset may be a real file formed by binding a document (data entity) edited by the user, or each document (data entity) stored in the document archive 1004. It may be a set of references (URLs). Alternatively, a document workset can be composed of a combination of documents and references.

  FIG. 7 shows a configuration example of a user interface screen for operating the document archive 1004. In the illustrated example, a worksheet for browsing a document archive for each individual user and share is prepared, and the user can open the worksheet by selecting a corresponding tab. In addition, operation buttons such as “wall control”, “switch user”, and “end conference” are prepared on the screen.

  FIG. 8 shows a screen configuration example of a user interface for operating a document / workset. In the screen shown in the figure, documents and work sets owned by the user are listed. The documents / worksets owned by the user include those obtained by exchanging information with other users in addition to the documents / worksets created / edited by the user himself / herself. In the same screen, operation buttons such as “First”, “Last”, “Previous Page”, “Next Page”, “Save Screen”, “Screen Print”, “File Print”, “Close”, etc. are prepared. ing.

  Next, an operation procedure for moving information assets in the conference system according to the present embodiment will be described. Here, the conference participants create presentation materials on a certain information processing terminal and store it in the system as a document work set. When their turn arrives, the information processing terminal on the podium It is assumed that a desired document / workset is taken out and displayed and projected onto a screen or the like.

  FIG. 9 illustrates the user behavior in this case. However, it is assumed that the information processing terminal 1020 and the information processing terminal 1030 are installed in the base system 10 and the IC card readers 1021 and 1031 for personal authentication are connected locally. It is assumed that each information processing terminal 1020 and information processing terminal 1030 can access the document archive 1004 and the document work set of the authenticated user.

  First, the user performs personal authentication by holding his IC card over the IC card reader 1021 of the information processing terminal 1020. If the authentication process is successful, the information processing terminal 1020 can be used, and the user can access his / her document archive and document workset via the user interface.

  Then, the user creates a document work set # 1 by selecting a necessary file from the document archive and arranging it in the document work set.

  Further, the user can edit the arrangement of files on the document workset by operating the document workset.

  When the creation or editing of the document / workset is completed, the user logs out of the information processing terminal 1020 by pulling his / her IC card away from the IC card reader 1021 or through a predetermined logout procedure. As a result, the used user interface is closed.

  Thereafter, the user moves to the information processing terminal 1030 (for example, the podium) and holds his IC card over the IC card reader 1031 to perform personal authentication. If the authentication process is successful, the information processing terminal 1030 can be used, and the user can access his / her document archive and document workset via the user interface. In the illustrated example, since the user already owns the document work set # 1, the document work set # 1 is shared between the information processing terminals 1020 and 1030. Alternatively, the information processing terminal 1030 creates a document work set # 3, which is a copy of the document work set # 1, and operates it.

  Then, the user refers to the document work set # 3 via the user interface of the information processing terminal 1030, thereby accessing the document archive that is the reference destination and displaying and outputting the target document. Can do.

  Conventionally, in a distributed conference room where a plurality of terminals and participants exist, operations such as changing a terminal for displaying information and copying or moving information between participants have been complicated. On the other hand, according to the system as shown in FIG. 9, each participant reads the IC card for identifying an individual to change the display terminal of the document / workset or the information between the participants. Transfer can be performed with simple procedures.

  In the above description, the user who logs in to the information processing terminal 1030 is not only the user who created the document / workset # 1, but also another user who has obtained use permission from the user who owns the document / workset. There may be.

  FIG. 10 illustrates an operation procedure for moving the information asset as described above.

  The user performs personal authentication by holding his / her IC card over the IC card reader 1021 of the information processing terminal 1020, and his / her own document archive and document workset are provided via the user interface of the information processing terminal 1020. Can be accessed.

  Then, the user creates a document work set # 1 by selecting a necessary file from the document archive and arranging it in the document work set.

  Thereafter, the user leaves the information processing terminal 1020, moves to the information processing terminal 1030 (for example, a podium), and holds the user's IC card over the IC card reader 1031 to perform personal authentication.

  Then, the user can access his / her document archive and document workset via the user interface of the information processing terminal 1030. Here, a document work set # 3, which is a copy of the document work set # 1, is created and operated.

  Next, an operation procedure for exchanging information assets between participants in the conference system according to the present embodiment will be described. Here, a conference participant creates a presentation material on a certain information processing terminal, stores it in the system as a document workset, and transfers the document workset to the desired participant after the presentation is finished. It is assumed that the scene is.

  FIG. 11 illustrates the user behavior in this case. However, it is assumed that the information processing terminal 1020 and the information processing terminal 1040 are installed in the base system 10 and the IC card readers 1021 and 1041 for personal authentication are connected locally. It is assumed that each information processing terminal 1020 and information processing terminal 1040 can access the document archive 1004 and the document work set of the authenticated user.

  First, the user performs personal authentication by holding his IC card over the IC card reader 1021 of the information processing terminal 1020. If the authentication process is successful, the information processing terminal 1020 can be used, and the user can access his / her document archive and document workset via the user interface.

  Then, the user creates a document work set # 1 by selecting a necessary file from the document archive and arranging it in the document work set. Further, the user can edit the arrangement of files on the document workset by operating the document workset.

  Here, the user having the ownership of the document work set # 1 gives information for specifying a user who is permitted to exchange information, for example, to the document work set manager.

  The user who is the information exchange destination moves to the information processing terminal 1040 and holds his IC card over the IC card reader 1041 to perform personal authentication. If the authentication process is successful, the information processing terminal 1030 can be used, and the document archive and information exchanged document work set # 1 can be accessed via the user interface. Alternatively, the information processing terminal 1040 creates a document work set # 4, which is a copy of the document work set # 1, and operates it.

  Then, the user who is the information exchange partner accesses the document archive that is the reference destination by referring to the document work set # 4 via the user interface of the information processing terminal 1040, and becomes a target. Documents can be displayed and output.

  FIG. 12 illustrates an operation procedure for exchanging information assets as described above.

  The user performs personal authentication by holding his / her IC card over the IC card reader 1021 of the information processing terminal 1020, and his / her own document archive and document workset are provided via the user interface of the information processing terminal 1020. Can be accessed.

  Then, the user creates a document work set # 1 by selecting a necessary file from the document archive and arranging it in the document work set.

  Thereafter, a user who wishes to exchange a document / workset by listening to a presentation or the like moves to the information processing terminal 1040 and holds his / her IC card over the IC card reader 1041 to perform personal authentication. .

  Then, the user can access the document archive # 1 and the document work set # 1 whose information has been exchanged via the user interface of the information processing terminal 1040. Here, a document work set # 4, which is a copy of the document work set # 1, is created and operated.

  In the above-described example, the user who has ownership of the document workset # 1 has given information for identifying the user who is allowed to exchange information to, for example, the document workset manager. The information exchange destination can be specified according to the form. For example, a user having ownership of the document / workset # 1 may transmit authentication information indicating the use permission to a user who is an information exchange destination.

  In the example shown in FIG. 13, the behavior for realizing information exchange is illustrated by transmitting and receiving authentication information representing permission of use of a document / workset between users.

  A user having the ownership of the document / workset # 1 operates the information processing terminal 1020 including the transmitter 1022 that transmits the authentication information indicating the use permission. In addition, another user who is an information exchange partner operates the information processing terminal 1050 provided with the receiver 1052 that receives the authentication information.

  Here, it is assumed that authentication information is exchanged between the transmitter 1022 and the receiver 1052 by, for example, wireless communication using electromagnetic waves as a medium. However, in order to avoid unauthorized users from acquiring authentication information due to eavesdropping or the like, it is preferable to apply communication using infrared rays or other highly directional electromagnetic waves.

  First, the user performs personal authentication by holding his IC card over the IC card reader 1021 of the information processing terminal 1020. If the authentication process is successful, the information processing terminal 1020 can be used, and the user can access his / her document archive and document workset via the user interface.

  Then, the user creates a document work set # 1 by selecting a necessary file from the document archive and arranging it in the document work set. Further, the user can edit the arrangement of files on the document workset by operating the document workset.

  Here, the user having the ownership of the document / workset # 1 sends information indicating permission to use the document / workset # 1 to the receiver 1052 of the information processing terminal 1050 that is an information exchange partner. To do. The information indicating the use permission may be IC card authentication information or reference information (URL or the like) for extracting a document work set from a document archive. Alternatively, the serialized data itself of the document workset may be transmitted.

  Then, the user who is the information exchange destination moves to the information processing terminal 1050 and holds his IC card over the IC card reader 1051 to perform personal authentication. If the authentication process is successful, the information processing terminal 1050 can be used, and the document archive and information exchanged document work set # 1 can be accessed via the user interface. Alternatively, the information processing terminal 1050 creates a document work set # 5, which is a copy of the document work set # 1, and operates it.

  Then, a user who is an information exchange partner accesses the document archive as a reference destination by referring to the document work set # 5 via the user interface of the information processing terminal 1050, and becomes a target. Documents can be displayed and output.

  FIG. 14 illustrates an operation procedure for exchanging information assets as described above.

  The user performs personal authentication by holding his / her IC card over the IC card reader 1021 of the information processing terminal 1020, and his / her own document archive and document workset are provided via the user interface of the information processing terminal 1020. Can be accessed.

  Then, the user creates a document work set # 1 by selecting a necessary file from the document archive and arranging it in the document work set.

  Here, the user having the ownership of the document / workset # 1 sends information indicating permission to use the document / workset # 1 to the receiver 1052 of the information processing terminal 1050 that is an information exchange partner. To do. The information indicating the use permission may be IC card authentication information or reference information (URL or the like) for extracting a document work set from a document archive. Alternatively, the serialized data itself of the document workset may be transmitted.

  Thereafter, a user who wishes to exchange a document / workset by listening to a presentation moves to the information processing terminal 1050 and holds his / her IC card over the IC card reader 1051 to perform personal authentication. .

  Then, the user can access the document archive and information exchanged document work set # 1 via the user interface of the information processing terminal 1050. Here, a document work set # 5, which is a copy of the document work set # 1, is created and operated.

  In the above-described example, the user having the ownership of the document work set # 1 designates the information exchange destination by transmitting authentication information indicating the use permission to the user as the information exchange destination. On the contrary, the information exchange destination may request the information exchange, and the authentication information may be transmitted in response thereto.

  FIG. 15 illustrates a behavior for realizing document / workset information exchange between users in this case.

  It is assumed that the user having the ownership of the document / workset # 1 operates the information processing terminal 1020, and the other user who exchanges information operates the information processing terminal 1060. Here, the information processing terminal 1060 includes a transmitter 1063 that transmits a signal requesting a document / workset, while the information processing terminal 1020 includes a receiver 1023 that receives the request signal.

  It is assumed that authentication information is exchanged between the transmitter 1063 and the receiver 1023 by, for example, wireless communication using an electromagnetic wave as a medium. However, in order to prevent unauthorized users from acquiring authentication information due to eavesdropping or the like, it is preferable to apply communication using infrared rays or other highly oriented electromagnetic waves.

  First, the user performs personal authentication by holding his IC card over the IC card reader 1021 of the information processing terminal 1020. If the authentication process is successful, the information processing terminal 1020 can be used, and the user can access his / her document archive and document workset via the user interface.

  Then, the user creates a document work set # 1 by selecting a necessary file from the document archive and arranging it in the document work set. Further, the user can edit the arrangement of files on the document workset by operating the document workset.

  On the other hand, the user who is the information exchange destination moves to the information processing terminal 1050 and holds his IC card over the IC card reader 1051 to perform personal authentication. If the authentication process is successful, the information processing terminal 1060 can be used.

  Then, the user as the information exchange destination transmits a signal requesting the document work set from the transmitter 1063. This request signal is received by the receiver 1023 on the information processing terminal 1020 side.

  In response to this request signal, access from the information processing terminal 1060 to the document / workset # 1 is permitted. The information exchange destination user is permitted to use the information processing terminal 1060 and can access the document archive and the exchanged document work set # 1 via the user interface. it can. Alternatively, the information processing terminal 1060 creates a document work set # 6, which is a copy of the document work set # 1, and operates it.

  Then, a user who is an information exchange partner accesses the document archive as a reference destination by referring to the document work set # 6 via the user interface of the information processing terminal 1060, and becomes a target. Documents can be displayed and output.

  FIG. 16 illustrates an operation procedure for exchanging information assets as described above.

  The user performs personal authentication by holding his / her IC card over the IC card reader 1021 of the information processing terminal 1020, and his / her own document archive and document workset are provided via the user interface of the information processing terminal 1020. Can be accessed.

  Then, the user creates a document work set # 1 by selecting a necessary file from the document archive and arranging it in the document work set.

  On the other hand, the user who is the information exchange destination moves to the information processing terminal 1050 and holds his IC card over the IC card reader 1051 to perform personal authentication. If the authentication process is successful, the information processing terminal 1060 can be used. Then, the user as the information exchange destination transmits a signal requesting the document work set from the transmitter 1063. This request signal is received by the receiver 1023 on the information processing terminal 1020 side.

  In response to this request signal, access from the information processing terminal 1060 to the document / workset # 1 is permitted. The information exchange destination user is permitted to use the information processing terminal 1060 and can access the document archive and the exchanged document work set # 1 via the user interface. it can. Alternatively, the information processing terminal 1060 creates a document work set # 6, which is a copy of the document work set # 1, and operates it.

  As described above, by introducing an IC card as an authentication medium, authentication processing of individual users such as conference participants can be performed safely and efficiently. When the user carries only the IC card, the user cannot rewrite the stored contents in the IC card. On the other hand, when an IC card function is built in a mobile device such as a mobile phone or a PDA, the user can use the calculation function and user interface on the mobile device side to store the contents stored in the IC card on the spot. Since it can be directly rewritten, the access procedure to the document / workset using the authentication as described above can be operated more flexibly. Hereinafter, some embodiments in such a case will be described with reference to the drawings. However, in each of the following embodiments, it is assumed that the user behaves as shown in FIG.

  FIG. 17 illustrates an example of an operation procedure for moving an information asset by performing an authentication process via an IC card built in a portable terminal.

  It is assumed that the user has finished creating or editing a document / workset on an arbitrary information processing terminal. After that, it is assumed that the user wants to move to the information processing terminal 1030 (for example, a podium) and use a document / workset owned by the user.

  A user holds a mobile phone with a built-in IC card function. In this case, reference information such as a URL indicating the location of the document workset owned by the user is written to the IC card together with user authentication information necessary for accessing the document workset.

  Since writing to the IC card is performed using the user interface of the mobile phone, operability is good. It is also possible to visit a document archive site on a mobile phone, obtain the URL of a desired document work set, and directly instruct writing to an IC card.

  Here, the connection between the mobile phone and the built-in IC card may be performed via a non-contact IC card interface, or the mobile phone may be connected via a wired interface other than the IC card interface. May be. In any case, since communication between the mobile phone and the built-in IC card is performed according to a secure IC card protocol, data read / write operations are tamper resistant (the same applies hereinafter).

  Then, the user moves to the information processing terminal 1030 that uses the document / workset, and holds his / her mobile phone over the IC card reader 1031. The information processing terminal 1030 can read reference information and user authentication information from the IC card.

  Next, the information processing terminal 1030 performs personal authentication with the document / workset manager 1010 using the acquired user authentication information. If the authentication process is successful, the reference information acquired from the IC card is used to access the document work set owned by the user (or designated by the user) in the document archive 1004.

  As a modification of the embodiment as shown in FIG. 17, the IC card in the portable terminal has temporary or temporary authentication information for temporarily permitting access to the document / workset owned by the user. An IC card can be written. Further, it is possible to write only a part of the reference information, not the entire document / workset owned by the user, into the IC card as a target to which access is permitted. FIG. 18 illustrates an operation procedure for moving the information asset in this case.

  It is assumed that the user has finished creating or editing a document / workset on an arbitrary information processing terminal. After that, it is assumed that the user wants to move to the information processing terminal 1030 (for example, a podium) and use a document / workset owned by the user.

  A user holds a mobile phone with a built-in IC card function. On this cellular phone, temporary or temporary authentication information for temporarily permitting access to a document / workset owned by the user is generated. Then, the temporary or temporary authentication information is written to the IC card together with a URL indicating the location of the portion of the document work set that is permitted to be accessed.

  Since writing to the IC card is performed using the user interface of the mobile phone, operability is good. It is also possible to visit a document archive site on a mobile phone, obtain the URL of a desired document work set, and directly instruct writing to an IC card. Here, since communication between the mobile phone and the built-in IC card is performed in accordance with a secure IC card protocol, data read / write operations are tamper resistant (same as above).

  Then, the user moves to the information processing terminal 1030 that uses the document / workset, and holds his / her mobile phone over the IC card reader 1031. The information processing terminal 1030 can read reference information and user authentication information from the IC card.

  On the information processing terminal side, when the reference information and temporary user authentication information are read from the IC card, personal authentication is temporarily or temporarily performed on the document / workset manager 1010. If the authentication process is successful, the corresponding document workset in the document archive 1004 can be accessed using the acquired reference information.

  In addition, when issuing temporary or temporary user authentication information for accessing a document / workset, as information for generating authentication information, for example, the URL of the information processing terminal or the certificate of the information processing terminal itself Can be used. FIG. 19 illustrates an operation procedure for moving the information asset in this case.

  The information processing terminal 1030 side that intends to use the user's document / workset issues its own certificate. When the user's mobile phone is held over the IC card reader 1031, the user's own URL and certificate are written in the built-in IC card.

  On the portable terminal side, authentication information for the information processing terminal is generated based on the certificate of the information processing terminal 1030. Then, the created authentication information is written in the IC card together with reference information for a document / workset that permits access to the information processing terminal or a part thereof.

  In contrast, when the information processing terminal 1030 reads the reference information and the user authentication information from the IC card, the information processing terminal 1030 performs personal authentication to the document / workset manager 1010 using the user authentication information read from the IC card. If the personal authentication is successful, the corresponding document workset or a part thereof in the document archive 1004 is accessed using the reference information read from the IC card.

  Further, when the user passes authentication information necessary for access to his / her document / workset to the information processing terminal, an authentication procedure may be performed between the user's portable terminal and the information processing terminal. For example, authentication can be performed between the portable terminal and the information processing terminal by a procedure based on the challenge response. FIG. 20 illustrates an operation procedure for moving information assets in this case.

  In this case, when the user holds the portable terminal over the IC card reader 1031 of the information processing terminal 1030, authentication information for the information processing terminal is generated through a challenge response. Then, the reference information for the document / workset or a part thereof permitting access to the information processing terminal 1030 is written in the IC card together with the generated authentication information.

  When the information processing terminal 1030 reads the reference information and the user authentication information from the IC card, the information processing terminal 1030 performs personal authentication using the user authentication information for the document / workset manager 1010. When the personal authentication is successful, the information processing terminal 1030 accesses the corresponding document work set or a part thereof from the document archive 1004 using the reference information read from the IC card.

  In the operation procedure shown in FIG. 19 and FIG. 20, the portable terminal performs authentication on the document archive before writing the authentication information for the information processing terminal and the reference information for the document workset or a part thereof to the IC card. A procedure of requesting access permission for the document workset by the information processing terminal may be added. FIG. 21 illustrates an operation procedure for moving information assets in this case.

  The information processing terminal 1030 side that intends to use the user's document / workset issues its own certificate. When the user's mobile phone is held over the IC card reader 1031, the user's own URL and certificate are written in the built-in IC card.

  On the portable terminal side, an access permission request for the information processing terminal 1030 is issued to the document / workset manager 1010 based on the certificate of the information processing terminal 1030. Then, the document workset manager 1010 returns a permission confirmation for the information processing terminal 1030.

  Next, the mobile terminal generates authentication information based on the permission confirmation acquired from the document workset manager 1010. Then, the created authentication information is written in the IC card together with reference information for a document / workset that permits access to the information processing terminal or a part thereof.

  In contrast, when the information processing terminal 1030 reads the reference information and the user authentication information from the IC card, the information processing terminal 1030 performs personal authentication to the document workset manager 1031 using the user authentication information read from the IC card. If the personal authentication is successful, the corresponding document workset or a part thereof in the document archive 1004 is accessed using the reference information read from the IC card.

  The mobile terminal may request the document archive in advance for permission to access the document work set by the information processing terminal. FIG. 21 illustrates an operation procedure for moving information assets in this case.

  The portable terminal issues an access permission request for the information processing terminal 1030 to the document workset manager 1010. Then, the document workset manager 1010 returns a permission confirmation for the information processing terminal 1030.

  Next, the portable terminal writes the permission confirmation acquired from the document / workset manager 1010 to the IC card together with the reference information for the document / workset that permits access to the information processing terminal or a part thereof.

  When the information processing terminal reads the permission information and the reference information from the IC card, the information processing terminal can access the document work set or a part of which access is permitted using the permission information and the reference information.

  The present invention has been described in detail above with reference to specific embodiments. However, it is obvious that those skilled in the art can make modifications and substitutions of the embodiment without departing from the gist of the present invention.

  In the present specification, the embodiment of the present invention has been described by taking as an example a case where an operation such as movement or sharing of a user's information asset is performed in a remote conference system, but the gist of the present invention is not limited thereto. Without. The present invention is similarly applied to the aspect of moving and sharing information assets based on personal authentication even in other forms of systems in which each user owns information assets and is stored in a document archive. In addition, the effects can be achieved.

  In short, the present invention has been disclosed in the form of exemplification, and the description of the present specification should not be interpreted in a limited manner. In order to determine the gist of the present invention, the claims should be taken into consideration.

FIG. 1 is a diagram schematically showing a configuration of a remote conference system 1 according to an embodiment of the present invention. FIG. 2 is a diagram schematically illustrating a functional configuration of the base server 100 for managing a conference (such as a video conference) in the base system 10. FIG. 3 is a diagram illustrating an implementation example of the base system 10. FIG. 4 is a diagram showing an overview of a conference room according to an embodiment of the present invention. FIG. 5 is a diagram schematically illustrating a functional configuration of the shared workspace server 30. FIG. 6 is a diagram for explaining a mechanism by which a user creates a document / workset. FIG. 7 is a diagram showing a configuration example of a user interface screen for operating the document archive 1004. FIG. 8 is a diagram showing a screen configuration example of a user interface for operating a document workset. FIG. 9 is a diagram for explaining the behavior of the user moving the information asset. FIG. 10 is a sequence diagram showing an operation procedure for moving an information asset. FIG. 11 is a diagram for explaining the behavior of users exchanging information assets. FIG. 12 is a sequence diagram showing an operation procedure for exchanging information assets. FIG. 13 is a diagram for explaining the behavior in which the user exchanges information by specifying a partner with whom information assets are exchanged. FIG. 14 is a sequence diagram showing an operation procedure for a user to exchange information by designating a partner to exchange information assets. FIG. 15 is a diagram for explaining a behavior in which a user exchanges information by specifying a partner with whom information assets are exchanged. FIG. 16 is a sequence diagram showing an operation procedure for exchanging information by designating a partner with whom information assets are exchanged. FIG. 17 is a diagram for explaining an operation procedure for moving an information asset by performing an authentication process via an IC card built in a portable terminal. FIG. 18 is a diagram for explaining an operation procedure for moving an information asset by performing an authentication process via an IC card built in a portable terminal. FIG. 19 is a diagram for explaining an operation procedure for transferring information assets by performing an authentication process via an IC card built in a portable terminal. FIG. 20 is a diagram for explaining an operation procedure for moving an information asset by performing an authentication process via an IC card built in a portable terminal. FIG. 21 is a diagram for explaining an operation procedure for transferring information assets by performing an authentication process via an IC card built in a portable terminal. FIG. 22 is a diagram for explaining an operation procedure for moving an information asset by performing an authentication process via an IC card built in a portable terminal.

Explanation of symbols

DESCRIPTION OF SYMBOLS 1 ... Remote conference system 10, 20 ... Base system 11, 21 ... Video | audio server 12, 22 ... Electronic blackboard 13, 23 ... Card reader 100, 200 ... Base server 101 ... Workspace manager 1001 ... Web interface 1002 ... Directory service 1003 IC card authentication unit 1004 Document archive 1005 Metadata manager 1006 Presentation controller

Claims (30)

An information processing system for managing information assets of a plurality of users,
A plurality of information processing terminals each equipped with a user authentication device;
An information asset holding device that holds a document / workset owned by each user as a user's information asset;
The user accesses his / her own document / workset in the information asset holding device via the information processing terminal which can be used through personal authentication by the user authentication device, and other users who have received personal authentication by the user authentication device. Permit access to documents and work sets from information processing terminals.
An information processing system characterized by this. A user creates or edits a document workset using documents stored in a predetermined document archive via an information processing terminal that can be used through personal authentication by a user authentication device,
The information asset holding device holds a document workset composed of actual data, or a document workset composed of reference information to a document archive for each document.
The information processing system according to claim 1. A user can create or edit a document / workset on the first information processing terminal that can be used through personal authentication by the first user authentication device, and can be used after personal authentication by the second user authentication device. The document work set is taken out from the second information processing terminal.
The information processing system according to claim 1. Creating or editing a document / workset on the first information processing terminal that has become available for use by the first user through personal authentication by the first user authentication device;
A second user accesses the document workset from a second information processing terminal that has been made available through personal authentication by a second user authentication device;
The information processing system according to claim 1. The first information processing terminal includes a transmitter that transmits the authentication information of the first user, and the second information processing terminal includes a receiver.
The second information processing terminal accesses the document workset using the received first user authentication information.
The information processing system according to claim 4. The first information processing terminal includes a transmitter that transmits the document workset, and the second information processing terminal includes a receiver that receives the document workset.
The information processing system according to claim 4. The second information processing terminal includes a transmitter that transmits a request signal for requesting access to the document workset, and the first information processing terminal includes a receiver.
The first information processing terminal permits access to the document workset in response to receiving the request signal;
The information processing system according to claim 4. The second information processing terminal takes a copy of the original document / workset and operates the copy.
The information processing system according to claim 4. The user holds an authentication medium and a portable terminal having a writing function for the authentication medium, and accesses reference information to the document work set owned by the user and the document work set owned by the user in the information asset holding device. Writing user authentication information to the authentication medium from the portable terminal,
The information processing terminal reads the reference information and the user authentication information from the authentication medium, undergoes personal authentication using the user authentication information for the information asset holding device, and uses the document information in the information asset holding device using the reference information. Access the workset,
The information processing system according to claim 1. The mobile terminal incorporates the authentication medium, and can securely write authentication information from the mobile terminal to the authentication medium.
The information processing system according to claim 9. The mobile terminal obtains temporary user authentication information for accessing a document workset owned by the user or a part thereof from the information asset holding device, and writes the information to the authentication medium.
The information processing terminal reads reference information and temporary user authentication information from the authentication medium, undergoes personal authentication using temporary user authentication information for the information asset holding device, and uses the information asset to reference the information asset. Access the document workset in the holding device or any part of which access is permitted;
The information processing system according to claim 9. The information processing terminal writes raw information for generating authentication information to the authentication medium,
The mobile terminal generates authentication information for the information processing terminal based on the raw information, and provides reference information for a document work set or a part thereof permitting access to the information processing terminal. Along with the authentication medium,
The information processing terminal reads the reference information and the user authentication information from the authentication medium, undergoes personal authentication using the user authentication information for the information asset holding device, and uses the document information in the information asset holding device using the reference information. Access the workset or part of it,
The information processing system according to claim 9. The portable terminal generates authentication information for the information processing terminal through a challenge response with the information processing terminal, and reference information for a document work set or a part thereof permitting access to the information processing terminal To the authentication medium together with the authentication information,
The information processing terminal reads the reference information and the user authentication information from the authentication medium, undergoes personal authentication using the user authentication information for the information asset holding device, and uses the document information in the information asset holding device using the reference information. Access the workset or part of it,
The information processing system according to claim 9. The portable terminal holds the information asset before writing the authentication information for the information processing terminal and the reference information for the document work set or a part thereof permitting access to the information processing terminal to the authentication medium. Requesting the device to grant access to the document workset by the information processing terminal;
The information processing system according to claim 12 or 13, characterized by the above. The portable terminal requests the information asset holding device for permission to access the document work set by the information processing terminal, and permission information indicating permission and a document work set from which permission has been obtained or one of them. And write reference information for accessing the authentication section to the authentication medium,
The information processing terminal reads permission information and reference information from the authentication medium, and uses the permission information and reference information to a document work set in the information asset holding device or a part of which access is permitted. to access,
The information processing system according to claim 9. An information processing method for managing information assets of a plurality of users,
Managing the document workset owned by each user as the user's information assets;
Accessing a user's own document / workset through an information processing terminal that can be used through personal authentication;
Allowing a user to access a document / workset from another information processing terminal that has undergone personal authentication;
An information processing method comprising: The user further includes a step of creating or editing a document workset using documents stored in a predetermined document archive via an information processing terminal that can be used through personal authentication,
In the step of managing the information asset, a document workset consisting of actual data or a reference information to a document archive for each document is maintained.
The information processing method according to claim 16. The user creates or edits a document work set on the first information processing terminal that can be used through personal authentication by the first user authentication device; and
A user takes out the document work set from the second information processing terminal that has been made available through personal authentication by the second user authentication device;
The information processing method according to claim 16, further comprising: Creating or editing a document workset on a first information processing terminal that has become available for use by a first user through personal authentication by a first user authentication device;
A second user accessing the document workset from a second information processing terminal that has been made available through personal authentication by a second user authentication processing device;
The information processing method according to claim 16, further comprising: The first information processing terminal includes a transmitter that transmits the authentication information of the first user, and the second information processing terminal includes a receiver.
The second information processing terminal includes a step of accessing the document workset using the received first user authentication information.
The information processing method according to claim 19. The first information processing terminal includes a transmitter that transmits the document workset, and the second information processing terminal includes a receiver that receives the document workset.
Further comprising the step of transferring a document / workset from the first information processing terminal to the second information processing terminal;
The information processing method according to claim 19. The second information processing terminal includes a transmitter that transmits a request signal for requesting access to the document workset, and the first information processing terminal includes a receiver.
The first information processing terminal further comprising: permitting access to the document workset in response to receiving the request signal;
The information processing method according to claim 19. The second information processing terminal further includes a step of making a copy of the original document workset, and the second user operates the copied document workset.
The information processing method according to claim 19. The user holds an authentication medium and a portable terminal having a writing function for the authentication medium,
Writing reference information to the document workset owned by the user and user authentication information for accessing the document workset owned by the user in the information asset holding device from the portable terminal to the authentication medium Further comprising
In the step of permitting access to the document workset, reference information and user authentication information are read from the authentication medium from the information processing terminal, and personal authentication using user authentication information for the information asset holding device is performed. Accessing the document workset in the information asset holding device using reference information;
The information processing method according to claim 16. In the step of writing to the authentication medium, the mobile terminal obtains temporary user authentication information for accessing a document workset owned by a user or a part thereof from the information asset holding device, and the authentication medium Write on the
In the step of permitting access to the document workset, the information processing terminal reads reference information and temporary user authentication information from the authentication medium, and stores temporary user authentication information for the information asset holding device. After using the personal authentication used, the reference work is used to access the document workset in the information asset holding device or a part to which access is permitted.
25. The information processing method according to claim 24. In the step of writing to the authentication medium, the portable terminal generates authentication information for the information processing terminal based on the raw information written by the information processing terminal to the authentication medium, and accesses the information processing terminal. Write to the authentication medium, together with the authentication information, reference information for a document workset or a part thereof that permits
In the step of permitting access to the document workset, the information processing terminal reads reference information and user authentication information from the authentication medium, and performs personal authentication using the user authentication information for the information asset holding device. Accessing the document workset or part thereof in the information asset holding device using reference information;
25. The information processing method according to claim 24. In the step of writing to the authentication medium, the mobile terminal generates authentication information for the information processing terminal through a challenge response with the information processing terminal, and permits access to the information processing terminal. Write reference information for the workset or a part thereof to the authentication medium together with the authentication information,
In the step of permitting access to the document workset, the information processing terminal reads reference information and user authentication information from the authentication medium, and performs personal authentication using the user authentication information for the information asset holding device. Accessing the document workset or part thereof in the information asset holding device using reference information;
25. The information processing method according to claim 24. The portable terminal further comprises a step of requesting the information asset holding device to grant access to the document workset by the information processing terminal.
The information processing method according to claim 26 or 27, wherein In the step of writing to the authentication medium, the portable terminal requests the information asset holding device for permission to access the document work set by the information processing terminal, and obtains permission information and permission indicating permission. Writing to the authentication medium reference information for accessing a designated document workset or part thereof,
In the step of permitting access to the document workset, the information processing terminal reads permission information and reference information from the authentication medium, and uses the permission information and reference information to read the document / document in the information asset holding device. Access the workset or any part of it that is allowed access;
25. The information processing method according to claim 24. A computer program written in a computer readable format to execute processing for managing information assets of a plurality of users on a computer system,
Managing the document workset owned by each user as the user's information assets;
Accessing a user's own document / workset through an information processing terminal that can be used through personal authentication;
Allowing a user to access a document / workset from another information processing terminal that has undergone personal authentication;
A computer program comprising:

Images