CN102201040A - Method, system and device for processing electronic documents - Google Patents
Method, system and device for processing electronic documents Download PDFInfo
- Publication number
- CN102201040A CN102201040A CN2010101309724A CN201010130972A CN102201040A CN 102201040 A CN102201040 A CN 102201040A CN 2010101309724 A CN2010101309724 A CN 2010101309724A CN 201010130972 A CN201010130972 A CN 201010130972A CN 102201040 A CN102201040 A CN 102201040A
- Authority
- CN
- China
- Prior art keywords
- file
- data layer
- metadata
- xml file
- signature
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Storage Device Security (AREA)
Abstract
The embodiment of the invention relates to the technical field of computers, in particular to a method, system and device for processing electronic documents, which aim at solving the problem that the facticity and the validity of the electronic documents are difficultly ensued through processing the electronic documents by use of a database technique in the prior art. The method provided by the embodiment of the invention comprises the steps of: acquiring the electronic documents and the element data of the electronic documents; packaging the acquired electronic documents and the element data of the electronic documents to the currently highest data layer in an XML file, and digitally signing on the highest data layer according to at least one digital certificate. By use of the method provided by the embodiment of the invention, the facticity and the validity of the electronic documents can be ensured.
Description
Technical field
The present invention relates to field of computer technology, particularly a kind of mthods, systems and devices that e-file is handled.
Background technology
Along with informationalized development, the use of e-file is more and more universal, has replaced paper document at some field e-files.Authenticity, integrality and the validity that how to guarantee e-file is the important topic that e-file is used and popularized.
Existing information storage system adopts database technology that the metadata and the content-data of e-file are stored.When adopting database that e-file information is stored, for preventing that the malice of information is distorted, normally the authority by infosystem is provided with e-file is protected.And, then need to design the function of a cover version management, or preserve the amended a plurality of versions of e-file or preserve increment and revise data for the amendment record of a plurality of versions of recorded electronic file.For this reason, in the database information management system, except that preserving e-file relevant metadata and content-data, also need to store relative management data, comprise permissions data, edition data, use data etc.
The infosystem that depends on database also will be carried out system upgrade along with the database product upgrading, be faced with the problem that has been stored in the data migtation in the system therefrom, especially integrality, the consistency problem of migration back data.The integrity problem that also has long-term keeping with the exception of this, i.e. after past decades, whether the data in the existing database can also visit, and whether the e-file of existing form can also correctly be opened and browse.
In sum, the mode that adopts database technology that e-file is handled at present, very difficult authenticity and the validity that guarantees e-file.
Summary of the invention
The embodiment of the invention provides a kind of mthods, systems and devices that e-file is handled, in order to the mode that the employing database technology that exists in the solution prior art is handled e-file, be difficult to guarantee the authenticity of e-file and the problem of validity.
A kind of method that e-file is handled that the embodiment of the invention provides, this method comprises:
Obtain the metadata of e-file and this e-file;
The metadata of the e-file that obtains and this e-file is encapsulated in the expansion XML of the identifiable language file in the highest current data Layer, the highest data Layer is carried out digital signature according at least one digital certificate.
A kind of system that e-file is handled that the embodiment of the invention provides, this system comprises:
Receiver is used to obtain the metadata of e-file and this e-file;
Wrapper, the metadata that is used for the e-file that will obtain and this e-file is encapsulated in the expansion XML of the identifiable language file the highest current data Layer, according at least one digital certificate the highest data Layer is carried out digital signature.
A kind of server that the embodiment of the invention provides, this client comprises:
Receiver is used to obtain the metadata of e-file and this e-file;
Wrapper, the metadata that is used for the e-file that will obtain and this e-file is encapsulated in the expansion XML of the identifiable language file the highest current data Layer, according at least one digital certificate the highest data Layer is carried out digital signature.
A kind of client that the embodiment of the invention provides, this client comprises:
Editing machine is used for the modification content according to the e-file received, the modification e-file of generation, and according to the modification content of the metadata of receiving, the modification metadata of generation;
Browser is used for showing the content of encapsulation of the data Layer of the expansion XML of identifiable language file.
The embodiment of the invention is encapsulated into the metadata of the e-file that obtains and this e-file in the XML file in the highest current data Layer, according at least one digital certificate the highest data Layer is carried out digital signature.
Because the embodiment of the invention is stored in e-file in the XML file, and utilizes digital signature technology to sign, thereby can guarantee the authenticity and the validity of e-file;
The version that further can realize e-file Life cycle arbitrary period is recalled and the management data inquiry, and can not rely on any software and hardware e-file is taken care of for a long time, can also improve user experience;
Preferable, if utilize the locking signature technology that the content of the digital signature of the highest current data Layer is signed, can also guarantee the integrality of e-file.
Description of drawings
Fig. 1 is an embodiment of the invention e-file life cycle synoptic diagram;
Fig. 2 is first kind of method flow synoptic diagram that e-file is handled of the embodiment of the invention;
Fig. 3 is second kind of method flow synoptic diagram that e-file is handled of the embodiment of the invention;
The system architecture synoptic diagram that Fig. 4 handles e-file for the embodiment of the invention;
Fig. 5 is the structural representation of embodiment of the invention server;
Fig. 6 is the structural representation of embodiment of the invention client;
Fig. 7 is for only comprising the synoptic diagram of a data Layer in the embodiment of the invention XML file;
Fig. 8 is for comprising the synoptic diagram of a plurality of data Layers in the embodiment of the invention XML file;
Fig. 9 is the synoptic diagram of embodiment of the invention digital signature;
Figure 10 is the synoptic diagram of embodiment of the invention locking signature.
Embodiment
The embodiment of the invention is encapsulated into the metadata of the e-file that obtains and this e-file in the XML file in the highest current data Layer, according at least one digital certificate the highest data Layer is carried out digital signature.Because the embodiment of the invention is stored in e-file in XML (eXtensible Markup Language, the expansion identifiable language) file, and utilizes digital signature technology to sign, thereby can guarantee the authenticity and the validity of e-file.
Wherein, XML is a kind of standardized extend markup language, and man-machine equal easy to understand is widely used in exchanges data and data storage.Use XML store electrons file and metadata and management data, greatly reduced the dependence of data itself, meet the demand of long-term keeping software and hardware system.
E-file has various forms, such as word file, and file suffixes .doc.Metadata is the data of data of description, as the founder of doc file, creation-time, summary, keyword etc.
Need to prove that the e-file of the embodiment of the invention is not limited to word file, other e-files (such as the EXCEL file, video file, image file, TXT file, Graphing of Engineering file etc.) are suitable for the embodiment of the invention equally.
As shown in Figure 1, in the embodiment of the invention e-file life cycle synoptic diagram, the scheme of the embodiment of the invention can realize data verification, data edition, data encapsulation and browsing data.
Below in conjunction with Figure of description the embodiment of the invention is described in further detail.
As shown in Figure 2, first kind of method that e-file is handled of the embodiment of the invention comprises the following steps:
In the step 202, behind data Layer of encapsulation, all can carry out digital signature, specifically the highest data Layer be carried out digital signature, can set as required according to how many digital certificates to the highest data Layer.Certainly, the digital certificate of each data Layer correspondence may be different, in order to make data safer, can carry out digital signature according to all digital certificates of data Layer correspondence, and the particular content of digital signature can be referring to Fig. 9.
Further, in the step 202, the highest data Layer is carried out after the digital signature, (the locking signature just has in the highest current data Layer can also to lock signature to the content of the digital signature of data Layer correspondence the highest in the XML file according to the locking certificate, if the highest current data Layer has become, need deletion locking signature in the past also again the highest current data Layer to be locked signature).
The authenticity of digital signature principal security e-file, authentication signature people's identity, review the modification of data.Calculate the summary info of signature object with the digest algorithm of appointment in signer's certificate, form the signature result with this summary info of encrypted private key of signer, signature result and signature object are encapsulated in the file, realization is to the digital signature of e-file.During certifying digital signature, the summary info that PKI in signer's certificate could decrypt encrypted calculates the summary info of signature object then with identical digest algorithm, contrasts with the summary info of deciphering.If identical, illustrate that then e-file is real, be not modified, otherwise the explanation e-file was modified.Digital signature is an encrypted process, and digital signature authentication is the process of a deciphering.
Locking signature and digital signature comparing class are the object difference of signature seemingly, are the signatures again to some digital signature in the XML file.The particular content of locking signature can be referring to Figure 10.
In the step 201, the e-file that obtains may be an original e-document, also may be to revise e-file, below the branch situation describe.
Situation one, e-file are original e-documents, and that is to say needs initial packaging electronic file and metadata.
Concrete, for original e-document, in the step 201, the mode of obtaining the metadata of e-file and this e-file includes but not limited to a kind of in the following manner:
Directly receive, e-file and metadata are derived such as the data export interface that can utilize application system from existing application system;
Packet is copied from former storage medium, the packet here can be that manual sorting obtains, can be that system derives and to obtain, can also be that other modes obtain, wherein the form of packet determines that according to the mode that obtains (obtaining such as manual sorting, is exactly artificial selection form at that time; System derives, and is exactly the form that system derives).
If file is derived from application system, its metadata can import in the lump when file is derived and obtain.If document source is in packet, independently has been contained in the packet as metadata and then directly from packet, obtained, otherwise can read its metadata by the formatted file that reads e-file
Accordingly, in the step 202, at the e-file that obtains is original e-document, and metadata is when being the metadata of original e-document, need generate the XML file according to encapsulation format, then the metadata of the e-file that obtains and this e-file is encapsulated in the XML file in the highest current data Layer.Since have only one deck in the XML file that generates, thus the bottom that the highest current data Layer is exactly the XML file in the XML file, specifically can be referring to Fig. 7.
According at least one digital certificate the data Layer (being the highest current data Layer) of the metadata that contains original e-document and original e-document is carried out digital signature then; Can also lock signature according to locking the content of certificate to digital signature.
In specific implementation process, the extension name of the XML file that generates according to encapsulation format can be .eep, (Electronic record Encapsulation Package, electronical record wrapper).Certainly, the extension name of other XML files is suitable for the embodiment of the invention too.
In the step 202, can also management data and service data that original e-document is relevant encapsulate with original e-document.Management data is for ease of the required data of managing electronic file, as authorization data etc.; Service data is the operated data of recorded electronic file, as the related data of being consulted by certain user sometime, is convenient to utilization of electronic documents is followed the trail of and reviewed.
Situation two, the e-file that obtains are to revise e-file.
In this case, can further include before the step 201:
Step 200, according to the modification content of the e-file received, the modification e-file of generation, and according to the modification content of the metadata of receiving, the modification metadata of generation.
Wherein, the modification content of the modification content of the e-file of receiving in the step 200 and metadata is that the user makes amendment on the basis of original e-document or other e-files of having revised.
Accordingly, in the step 202, at the e-file that obtains is the modification e-file that described editing machine generates, and metadata be described editing machine generate the modification metadata time, in the XML file, increase a data Layer on the highest current data Layer newly, the metadata of the e-file that obtains and this e-file is encapsulated in the XML file in the highest current data Layer, specifically can be referring to Fig. 8.
According at least one digital certificate newly-generated data Layer (being the highest current data Layer) is carried out digital signature then; Can also lock signature according to locking the content of certificate to digital signature, but because newly-generated data Layer is not the bottom, so there is the locking signature in the lower floor at newly-generated data Layer, so need be before locking signature, existing locking signature is locking signature to newly-generated data Layer then in the deletion XML file.
In the step 202, can also encapsulate with the modification e-file revising e-file relevant management data and service data.
Because after each the modification, all can will form a sandwich construction like this generating a data Layer on the highest data Layer, the new e-file of revising is forever in the highest current data Layer.
When making amendment under the e-file, dual mode is arranged.
One, has only one deck in the XML file, revising one deck (is lowermost layer, also be original layers) time, to remove the internal layer of the original layers of locking signature as new wrapper, also deposit metadata, file content or other data that are modified in new wrapper formation second layer encapsulated content, and carry out digital signature to revising back content and internal layer, also some signatures being signed again forms the locking signature of revising wrapper.Signature, locking signature and certificate also deposit the wrapper second layer in.
Two, in the XML file multilayer is arranged, when revising in the multilayer at least the e-file of one deck, to remove top (the comprising internal layer) of locking signature internal layer, and metadata, file content or other data that are modified also be deposited in form a higher level encapsulated content in the new wrapper as new wrapper.It is similar when the processing of signature, locking signature is revised with one deck.So just form the sandwich construction of one deck bag one deck.
Wherein, can further include after in the step 202:
Step 203, at least one digital signature of at least one data Layer in the XML file is verified; And all data signatures of verifying all verify by the time, determine that the XML file is normal; Exist in all data signatures of verifying when not having to verify the digital signature of passing through, determining does not have to verify that the content that encapsulates in the data Layer of the digital signature correspondence of passing through makes a mistake.
In the step 203, after definite XML file is normal, can show that the XML file is normal; After determining do not have to verify that the content that encapsulates in the data Layer of the digital signature correspondence of passing through makes a mistake, can show that concrete which data Layer sends mistake.
Specifically which data Layer and which or which digital signature are verified, can be determined as required.
In the step 202, digital signature (digital certificate) and the digital certificate (promptly locking certificate) that is used for locking signature can also be encapsulated into the data Layer of XML file correspondence.In the step 203, can verify inner one deck arbitrarily wherein.Can list during checking that the institute of all versions and each version bears the signature in the XML file.Use a digital signature just can carry out authenticity verification to its pairing version.
Because the XML file will be preserved for a long time, certificate can continuous conversion.So every certificate that is used for file signature is also all beaten at bag, use for checking afterwards.Accordingly, in the step 203, also can differentiate certificate validity, such as with the certificate in concrete mechanism a certain period for searching object, management system search comprise same mechanism contemporaneity a plurality of XML files of certificate, and compare, list comparable situation, provide identification result.
In implementation process, before the e-file of one deck is made amendment at least, can also verify this data Layer, if the highest current data Layer can all verify digital signature and locking signature, and checking by after allow to make amendment; Whether otherwise the prompting user file is dangerous, and made amendment by user's decision.
In implementation process, after encapsulating, can also verify the XML file after the encapsulation, and pass through in checking, allow storing X ML file.
Wherein, can further include after the step 202: the content of the encapsulation in the data Layer of demonstration XML file.
Concrete, can show the data content of XML file, the e-file of demonstration can be a single-piece, also can be many and be combined into one.In the data content viewing area is the structure of many documents, and each document is all had the document label, as: main document, document 1, document 2 etc.Can pass through TAB key (or pressing of other settings is good for) and/or mouse and change the document that shows.Each document can be the structure of multipage, can carry out the demonstration of modes such as single, double, continuous, multipage.Can also there be simultaneously metadata to show subwindow, can divides type with tree structure display element data.
As shown in Figure 3, second kind of method that e-file is handled of the embodiment of the invention comprises the following steps:
Receiver in step 301, the reception server obtains the metadata of original e-document and this original e-document.
Wrapper in step 302, the reception server generates the XML file according to encapsulation format.
Wrapper in step 303, the reception server is encapsulated into the management data of the metadata of original e-document, this original e-document, this source document and service data in the XML file in the highest current data Layer.
Wrapper in step 304, the reception server carries out digital signature according at least one digital certificate to the data Layer (being the highest current data Layer) of the metadata that contains original e-document and original e-document.
Wrapper in step 305, the reception server locks signature according to the locking certificate to the content of the digital signature of the highest current data Layer.
Validator in step 306, the storage server verifies the locking signature of the highest current data Layer in the XML file, after checking is passed through, and execution in step 307; Otherwise, return step 302.
Validator in step 307, the storage server is verified all digital signature of all data Layers in the XML file, and is judged whether checking is passed through, if pass through, then execution in step 308; Otherwise, return step 302.
This XML file of memory stores in step 308, the storage server.
Step 309, need make amendment the time, transfer out the XML file in the storer of the editing machine in the client from storage server to the content in the XML file of storage the user.
Certainly, transfer out before the XML file in the storer of the editing machine in client from storage server, validator can also be verified the XML file of transferring, and if the verification passes, then allows scheduling; Otherwise prompting user rs authentication failure is because the user judges whether to continue to transfer or do not allow the user to transfer.
Editing machine in step 310, the client is according to the modification content of user to e-file, the modification e-file of generation, and according to the modification content of user to metadata, the modification metadata of generation.
Certainly, if the user does not make amendment to metadata here, then the editing machine in the client can be according to the modification of user to e-file, the modification content of generator data.
Receiver in step 311, the reception server obtains to be revised e-file and revises metadata.
Wrapper in step 312, the reception server increases by a data Layer on the XML file the highest current data Layer that client is transferred, be encapsulated in the XML file in the highest current data Layer (data Layer that promptly increases newly) revising the management data of modification metadata, this modification e-file of e-file, this modification e-file and service data.
Wrapper in step 313, the reception server carries out digital signature according to digital certificate to the data Layer (being the highest current data Layer) that increases newly.
Existing locking signature in wrapper in step 314, the reception server deletion XML file, and the content of the digital signature of the highest current data Layer is locked signature according to the locking certificate.
Validator in step 315, the storage server verifies the locking signature of the highest current data Layer in the XML file, after checking is passed through, and execution in step 316; Otherwise, return step 311.
Validator in step 316, the storage server is verified all digital signature of all data Layers in the XML file, and is judged whether checking is passed through, if pass through, then execution in step 317; Otherwise, return step 311.
Memory stores in step 317, the storage server increases the XML file of data Layer.
If the user also needs to revise the content of e-file, then continue execution in step 309~317, the number of data layers in the XML file can get more and more like this.
If the user need transfer the reading package file or can utilize when doing other and utilizing and transfer file in the storer of browser from storage server in the client and browse.Browser can clearly mark out the e-file information and the digital signature information of each version of different layers, comprises electronic file content, metadata and other management and service data.
Need to prove, be to be that example describes among Fig. 3 with reception server, client and storage server, when specific implementation, the function of reception server, client and storage server can be combined in the entity, such as a server or a client; Can also be with the function of reception server, client and storage server as in the more entity, such as the validator in the storage server is placed authentication server.
As shown in Figure 4, the embodiment of the invention system that e-file is handled comprises: receiver 10 and wrapper 20.
Further, 10 pairs of data Layers the highest of wrapper carry out after the digital signature, (the locking signature just has in the highest current data Layer can also to lock signature to the content of the digital signature of data Layer correspondence the highest in the XML file according to the locking certificate, if the highest current data Layer has become, need deletion locking signature in the past also again the highest current data Layer to be locked signature).
Locking certificate and digital certificate comparing class are the object difference of signature seemingly, and the particular content of locking signature can be referring to Figure 10.
Wherein, the e-file that receiver 10 obtains may be an original e-document, also may be to revise e-file, below the branch situation describe.
Situation one, e-file are original e-documents, and that is to say needs initial packaging electronic file and metadata.
Concrete, for original e-document, the mode that receiver 10 obtains the metadata of e-file and this e-file includes but not limited to a kind of in the following manner:
Directly receive, e-file and metadata are derived such as the data export interface that can utilize application system from existing application system;
Packet is copied from former storage medium, the packet here can be that manual sorting obtains, can be that system derives and to obtain, can also be that other modes obtain, wherein the form of packet determines that according to the mode that obtains (obtaining such as manual sorting, is exactly artificial selection form at that time; System derives, and is exactly the form that system derives).
If file is derived from application system, its metadata can import in the lump when file is derived and obtain.If document source is in packet, independently has been contained in the packet as metadata and then directly from packet, obtained, otherwise can read its metadata by the formatted file that reads e-file
Accordingly, the e-file that wrapper 20 obtains at receiver 10 is an original e-document, and metadata is when being the metadata of original e-document, need generate the XML file according to encapsulation format, the metadata of the e-file that receiver 10 is obtained and this e-file is encapsulated in the XML file in the highest current data Layer then.Since have only one deck in the XML file that generates, thus the bottom that the highest current data Layer is exactly the XML file in the XML file, specifically can be referring to Fig. 7.
In specific implementation process, wrapper 20 can be .eep according to the extension name of the XML file that encapsulation format generates.
The e-file that situation two, receiver 10 obtain is to revise e-file.
In this case, the system of the embodiment of the invention can further include: editing machine 30.
Editing machine 30 is used for the modification content according to the e-file received, the modification e-file of generation, and according to the modification content of the metadata of receiving, the modification metadata of generation.
Wherein, the modification content of the e-file received of editing machine 30 and the modification content of metadata are that the user makes amendment on the basis of original e-document or other e-files of having revised.
Editing machine 30 can be an XML document editing machine, can resolve the not electronic document data and the metadata of encapsulation of management system input, and can be written back to the information of revising in the management system; Mode by switch type increases suitable metadata and data, and metadata and data can be edited and revise; Support local in real time modification of preserving e-file, support the recovery of revising and reform.
Editing machine 30 can send to receiver 10 with modification e-file and modification metadata after generating the modification e-file and revising metadata, can also directly be obtained from editing machine 30 by receiver 10 and revise e-file and modification metadata.
Accordingly, the e-file that wrapper 20 obtains at receiver 10 is the modification e-file that described editing machine generates, and metadata be described editing machine generate the modification metadata time, in the XML file, increase a data Layer on the highest current data Layer newly, the metadata of the e-file that obtains and this e-file is encapsulated in the XML file in the highest current data Layer, specifically can be referring to Fig. 8.
Because after each the modification, all can will form a sandwich construction like this generating a data Layer on the highest data Layer, the new e-file of revising is forever in the highest current data Layer.
When making amendment under the e-file, dual mode is arranged.
One, has only one deck in the XML file, revising one deck (is lowermost layer, also be original layers) time, wrapper 20 will remove the internal layer of the original layers of locking signature as new wrapper, also deposit metadata, file content or other data that are modified in new wrapper formation second layer encapsulated content, and carry out digital signature to revising back content and internal layer, also some signatures being signed again forms the locking signature of revising wrapper.Signature, locking signature and certificate also deposit the wrapper second layer in.
Two, in the XML file multilayer is arranged, when revising in the multilayer at least the e-file of one deck, wrapper 20 will remove top (the comprising internal layer) of locking signature internal layer as new wrapper, metadata, file content or other data that are modified also be deposited in form a higher level encapsulated content in the new wrapper.It is similar when the processing of signature, locking signature is revised with one deck.So just form the sandwich construction of one deck bag one deck.
Wherein, the system of the embodiment of the invention can also comprise: validator 40.
All data signatures of verifying all verify by the time, determine that the XML file is normal;
Exist in all data signatures of verifying when not having to verify the digital signature of passing through, determining does not have to verify that the content that encapsulates in the data Layer of the digital signature correspondence of passing through makes a mistake.
Specifically which data Layer and which or which digital signature are verified, can be determined as required.
When implementing, validator 40 can be installed on the front end of file reception and reading system, and the authenticity and a validity of the e-file e-file that receives and read is verified.
Because the XML file will be preserved for a long time, certificate can continuous conversion.So every certificate that is used for file signature is also all beaten at bag, use for checking afterwards.Accordingly, validator 20 also can differentiate certificate validity, such as with the certificate in concrete mechanism a certain period for searching object, management system search comprise same mechanism contemporaneity a plurality of XML files of certificate, and compare, list comparable situation, provide identification result.
In implementation process, 30 pairs of editing machines are before the e-file of one deck is made amendment at least, validator 40 can also be verified this data Layer, all verify if the highest current data Layer can and lock signature to digital signature, and allow editing machine 30 to make amendment by the back in checking; Whether otherwise the prompting user file is dangerous, and made amendment by user's decision.
In implementation process, after wrapper 20 encapsulated, validator 40 can also be verified the XML file after the encapsulation, and pass through permission storer 50 storing X ML files in checking; Accordingly, editing machine 30 can be from storer 50 the call XML file.
Wherein, the system of the embodiment of the invention can further include: browser 60.
Concrete, when the user shows the XML file at needs, can pass through browser 60 call XML file from storer 50.
The browser 60 main data contents that show the XML file, the e-file of demonstration can be a single-piece, also can be many and be combined into one.In the data content viewing area is the structure of many documents, and each document is all had the document label, as: main document, document 1, document 2 etc.Can pass through TAB key (or pressing of other settings is good for) and/or mouse and change the document that shows.Each document can be the structure of multipage, can carry out the demonstration of modes such as single, double, continuous, multipage.Browser 60 has metadata to show subwindow simultaneously, can divide type with tree structure display element data.
In specific implementation process, receiver 10, wrapper 20, editing machine 30, validator 40, storer 50 and browser 60 can place same or different entities as required,
Can place reception server such as receiver 10 and wrapper 20, editing machine 30 and browser 60 can place client, validator 40 and storer 50 can place storage server, and storage server, reception server and client can adopt wired or wireless mode to transmit data;
Need to prove, embodiment of the invention receiver 10, wrapper 20, editing machine 30, validator 40, storer 50 and browser 60 are not limited to above-mentioned allocation scheme, as required receiver 10, wrapper 20, editing machine 30, validator 40, storer 50 and browser 60 can independent assortment in any entity.Such as receiver 10, wrapper 20, validator 40 and storer 50 are all placed a server; The function of receiver 10 also can be realized by wrapper 20, thereby not need receiver 10.
Guan Li XML file is a lot of if desired, a plurality of receivers 10, wrapper 20, editing machine 30, validator 40, storer 50 and browser 60 also can be arranged, each receiver 10, wrapper 20, editing machine 30, validator 40, storer 50 and browser 60 are managed the XML file of appointment respectively, and receiver 10 can also be distinguished corresponding different editing machine 30, validator 40 and storer 50 with wrapper 20.Receiver 10 and wrapper 20 can be in different entities, such as receiver 10 in reception server, wrapper 20 can with validator 40, storer 50 together in storage server.
Wherein, storer 50 can be the entity of a storing X ML file, and such as hard disk, internal memory etc., the server that comprises storer 50 can be used as storage server.
As shown in Figure 5, the server of the embodiment of the invention comprises: receiver 51 and wrapper 52.
The server of the embodiment of the invention can further include: validator 53; Can also comprise storer 54.
Wherein, the function of receiver 10, wrapper 20, validator 40 and storer 50 is identical among the function of receiver 51, wrapper 52, validator 53 and storer 54 and Fig. 4, does not repeat them here.
As shown in Figure 6, the client of the embodiment of the invention comprises: editing machine 61 and browser 62.
Wherein, the function of editing machine 61 and browser 62 is identical with the function of Fig. 4 inediting device 30 and browser 60, does not repeat them here.
Those skilled in the art should understand that embodiments of the invention can be provided as method, system or computer program.Therefore, the present invention can adopt complete hardware embodiment, complete software implementation example or in conjunction with the form of the embodiment of software and hardware aspect.And the present invention can adopt the form that goes up the computer program of implementing in one or more computer-usable storage medium (including but not limited to magnetic disk memory, CD-ROM, optical memory etc.) that wherein include computer usable program code.
The embodiment of the invention can be with e-file and the metadata that was stored in the data system in the past, be stored in the XML file, form a packet, utilize digital signature technology to sign, thereby can guarantee authenticity, integrality and the validity of e-file in the XML packet.
The present invention is that reference is described according to the process flow diagram and/or the block scheme of method, equipment (system) and the computer program of the embodiment of the invention.Should understand can be by the flow process in each flow process in computer program instructions realization flow figure and/or the block scheme and/or square frame and process flow diagram and/or the block scheme and/or the combination of square frame.Can provide these computer program instructions to the processor of multi-purpose computer, special purpose computer, Embedded Processor or other programmable data processing device to produce a machine, make the instruction of carrying out by the processor of computing machine or other programmable data processing device produce to be used for the device of the function that is implemented in flow process of process flow diagram or a plurality of flow process and/or square frame of block scheme or a plurality of square frame appointments.
These computer program instructions also can be stored in energy vectoring computer or the computer-readable memory of other programmable data processing device with ad hoc fashion work, make the instruction that is stored in this computer-readable memory produce the manufacture that comprises command device, this command device is implemented in the function of appointment in flow process of process flow diagram or a plurality of flow process and/or square frame of block scheme or a plurality of square frame.
These computer program instructions also can be loaded on computing machine or other programmable data processing device, make on computing machine or other programmable devices and to carry out the sequence of operations step producing computer implemented processing, thereby the instruction of carrying out on computing machine or other programmable devices is provided for being implemented in the step of the function of appointment in flow process of process flow diagram or a plurality of flow process and/or square frame of block scheme or a plurality of square frame.
Although described the preferred embodiments of the present invention, in a single day those skilled in the art get the basic creative notion of cicada, then can make other change and modification to these embodiment.So claims are intended to all changes and the modification that are interpreted as comprising preferred embodiment and fall into the scope of the invention.
From the foregoing description as can be seen: the e-file that the embodiment of the invention is obtained and the metadata of this e-file; The metadata of the e-file that obtains and this e-file is encapsulated in the expansion XML of the identifiable language file in the highest current data Layer, the highest data Layer is carried out digital signature according at least one digital certificate.
Because the embodiment of the invention is stored in e-file in the XML file, and utilizes digital signature technology to sign, thereby can guarantee the authenticity and the validity of e-file;
The version that further can realize e-file Life cycle arbitrary period is recalled and the management data inquiry, and can not rely on any software and hardware e-file is taken care of for a long time, can also improve user experience;
Preferable, if utilize the locking signature technology that the content of the digital signature of the highest current data Layer is signed, can also guarantee the integrality of e-file.
Obviously, those skilled in the art can carry out various changes and modification to the present invention and not break away from the spirit and scope of the present invention.Like this, if of the present invention these are revised and modification belongs within the scope of claim of the present invention and equivalent technologies thereof, then the present invention also is intended to comprise these changes and modification interior.
Claims (24)
1. the method that e-file is handled is characterized in that, this method comprises:
Obtain the metadata of e-file and this e-file;
The metadata of the e-file that obtains and this e-file is encapsulated in the expansion XML of the identifiable language file in the highest current data Layer, the highest data Layer is carried out digital signature according at least one digital certificate.
2. the method for claim 1 is characterized in that, described the highest data Layer is carried out also comprising after the digital signature:
Lock signature according to locking the content of certificate to the digital signature of data Layer correspondence the highest in the described XML file.
3. method as claimed in claim 2 is characterized in that, the described e-file that obtains is an original e-document, and metadata is the metadata of original e-document;
Described metadata with the e-file that obtains and this e-file also comprises before being encapsulated in the XML file in the highest current data Layer:
Generate described XML file according to encapsulation format;
Wherein, the bottom that the highest current data Layer is described XML file in the described XML file.
4. method as claimed in claim 2 is characterized in that, the described e-file that obtains is the modification content according to the e-file of receiving, the modification e-file of generation, and metadata is the modification content according to the metadata of receiving, the modification metadata of generation;
After the metadata of the described e-file that obtains and this e-file, the metadata of the e-file that obtains and this e-file be encapsulated in the XML file also comprise before the highest current data Layer:
In described XML file, increase a data Layer newly on the highest current data Layer.
5. method as claimed in claim 4 is characterized in that, the described signature that locks also comprises before:
Delete existing locking signature in the described XML file.
6. as the arbitrary described method of claim 2~5, it is characterized in that, described the highest data Layer carried out also comprising after the digital signature:
At least one digital signature at least one data Layer in the described XML file is verified;
All data signatures of verifying all verify by the time, determine that described XML file is normal;
Exist in all data signatures of verifying when not having to verify the digital signature of passing through, determining does not have to verify that the content that encapsulates in the data Layer of the digital signature correspondence of passing through makes a mistake.
7. method as claimed in claim 6 is characterized in that, described at least one digital signature at least one data Layer in the described XML file also comprises before verifying:
Locking in described XML file signature is verified; And
When the locking signature verification in the described XML file is passed through, carry out the step that at least one digital signature of at least one data Layer in the described XML file is verified.
8. the method for claim 1 is characterized in that, the metadata of e-file and this e-file is encapsulated comprise:
Determine the service data of management data He this e-file of this e-file;
The metadata of e-file, this e-file, the management data of this e-file and the service data of this e-file are encapsulated in the highest data Layer of XML file.
9. as claim 2~5,8 arbitrary described methods, it is characterized in that, described the highest data Layer carried out also comprising after the digital signature:
The content that shows the encapsulation in the data Layer of described XML file.
10. the system that e-file is handled is characterized in that, this system comprises:
Receiver is used to obtain the metadata of e-file and this e-file;
Wrapper, the metadata that is used for the e-file that will obtain and this e-file is encapsulated in the expansion XML of the identifiable language file the highest current data Layer, according at least one digital certificate the highest data Layer is carried out digital signature.
11. system as claimed in claim 10 is characterized in that, described wrapper also is used for:
The highest data Layer is carried out after the digital signature, the content of the digital signature of data Layer correspondence the highest in the described XML file is locked signature according to the locking certificate.
12. system as claimed in claim 11 is characterized in that, described wrapper also is used for:
The e-file that obtains at described receiver is an original e-document, and metadata generates described XML file according to encapsulation format when being the metadata of original e-document;
Wherein, the bottom that the highest current data Layer is described XML file in the described XML file.
13. system as claimed in claim 11 is characterized in that, described system also comprises:
Editing machine is used for the modification content according to the e-file received, the modification e-file of generation, and according to the modification content of the metadata of receiving, the modification metadata of generation;
Described wrapper specifically is used for:
The e-file that obtains at described receiver is the modification e-file that described editing machine generates, and metadata be described editing machine generate the modification metadata time, in described XML file, increase a data Layer newly on the highest current data Layer, the metadata of the e-file that obtains and this e-file is encapsulated in the XML file in the highest current data Layer.
14. system as claimed in claim 13 is characterized in that, described wrapper also is used for:
Before locking signature, delete existing locking signature in the described XML file.
15., it is characterized in that described system also comprises as the arbitrary described system of claim 11~14:
Validator is used at least one digital signature of described at least one data Layer of XML file is verified; And
All data signatures of verifying all verify by the time, determine that described XML file is normal;
Exist in all data signatures of verifying when not having to verify the digital signature of passing through, determining does not have to verify that the content that encapsulates in the data Layer of the digital signature correspondence of passing through makes a mistake.
16. system as claimed in claim 15 is characterized in that, described validator also is used for:
Before at least one digital signature of at least one data Layer in the described XML file verified, the signature of the locking in the described XML file is verified; And
When the locking signature verification in the described XML file is passed through, at least one digital signature of at least one data Layer in the described XML file is verified.
17., it is characterized in that described system also comprises as the arbitrary described method of claim 11~14:
Browser is used for showing the content of encapsulation of the data Layer of described XML file.
18. a server is characterized in that, this server comprises:
Receiver is used to obtain the metadata of e-file and this e-file;
Wrapper, the metadata that is used for the e-file that will obtain and this e-file is encapsulated in the expansion XML of the identifiable language file the highest current data Layer, according at least one digital certificate the highest data Layer is carried out digital signature.
19. server as claimed in claim 18 is characterized in that, described wrapper also is used for:
The highest data Layer is carried out after the digital signature, the content of the digital signature of data Layer correspondence the highest in the described XML file is locked signature according to the locking certificate.
20. server as claimed in claim 18 is characterized in that, described wrapper also is used for:
The e-file that obtains at described receiver is an original e-document, and metadata generates described XML file according to encapsulation format when being the metadata of original e-document;
Wherein, the bottom that the highest current data Layer is described XML file in the described XML file.
21. server as claimed in claim 18 is characterized in that, described wrapper specifically is used for:
The e-file that obtains at described receiver is the modification e-file that generates, and metadata is when being the modification metadata that generates, in described XML file, increase a data Layer newly on the highest current data Layer, the metadata of the e-file that obtains and this e-file is encapsulated in the expansion XML of the identifiable language file in the highest current data Layer.
22. server as claimed in claim 21 is characterized in that, described wrapper also is used for:
Before locking signature, delete existing locking signature in the described XML file.
23., it is characterized in that described server also comprises as the arbitrary described server of claim 18~22:
Validator is used at least one digital signature of described at least one data Layer of XML file is verified; And
All data signatures of verifying all verify by the time, determine that described XML file is normal;
Exist in all data signatures of verifying when not having to verify the digital signature of passing through, determining does not have to verify that the content that encapsulates in the data Layer of the digital signature correspondence of passing through makes a mistake.
24. server as claimed in claim 23 is characterized in that, described validator also is used for:
Before at least one digital signature of at least one data Layer in the described XML file verified, the signature of the locking in the described XML file is verified; And
When the locking signature verification in the described XML file is passed through, at least one digital signature of at least one data Layer in the described XML file is verified.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2010101309724A CN102201040A (en) | 2010-03-22 | 2010-03-22 | Method, system and device for processing electronic documents |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2010101309724A CN102201040A (en) | 2010-03-22 | 2010-03-22 | Method, system and device for processing electronic documents |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN102201040A true CN102201040A (en) | 2011-09-28 |
Family
ID=44661709
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2010101309724A Pending CN102201040A (en) | 2010-03-22 | 2010-03-22 | Method, system and device for processing electronic documents |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102201040A (en) |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103973692A (en) * | 2014-05-13 | 2014-08-06 | 浙江大学 | Automatic collecting system and method for electronic archives based on virtual printer |
| CN105740725A (en) * | 2016-01-29 | 2016-07-06 | 北京大学 | File protection method and system |
| CN106161387A (en) * | 2015-04-16 | 2016-11-23 | 北大方正集团有限公司 | E-file reading method and system |
| CN106294810A (en) * | 2016-08-16 | 2017-01-04 | 南京新模式软件集成有限公司 | A kind of system and method for enterprise product data filing |
| CN107844467A (en) * | 2016-09-21 | 2018-03-27 | 北京京东尚科信息技术有限公司 | A kind of electrical form verification method and device |
| CN112464267A (en) * | 2020-12-07 | 2021-03-09 | 中国标准化研究院 | Electronic file packaging method |
Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101997643A (en) * | 2009-08-27 | 2011-03-30 | 上海中信信息发展股份有限公司 | Method and system for packing electronic files |
-
2010
- 2010-03-22 CN CN2010101309724A patent/CN102201040A/en active Pending
Patent Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101997643A (en) * | 2009-08-27 | 2011-03-30 | 上海中信信息发展股份有限公司 | Method and system for packing electronic files |
Non-Patent Citations (1)
| Title |
|---|
| 李学香等: "《中华人民共和国档案行业标准DA/T48-2009》", 16 December 2009, article "《基于XML的电子文件封装规范》", pages: 79-162 * |
Cited By (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103973692A (en) * | 2014-05-13 | 2014-08-06 | 浙江大学 | Automatic collecting system and method for electronic archives based on virtual printer |
| CN103973692B (en) * | 2014-05-13 | 2018-09-14 | 浙江大学 | Electronic record automated collection systems based on virtual printing and acquisition method |
| CN106161387A (en) * | 2015-04-16 | 2016-11-23 | 北大方正集团有限公司 | E-file reading method and system |
| CN105740725A (en) * | 2016-01-29 | 2016-07-06 | 北京大学 | File protection method and system |
| CN105740725B (en) * | 2016-01-29 | 2018-08-28 | 北京大学 | A kind of document protection method and system |
| CN106294810A (en) * | 2016-08-16 | 2017-01-04 | 南京新模式软件集成有限公司 | A kind of system and method for enterprise product data filing |
| CN107844467A (en) * | 2016-09-21 | 2018-03-27 | 北京京东尚科信息技术有限公司 | A kind of electrical form verification method and device |
| CN112464267A (en) * | 2020-12-07 | 2021-03-09 | 中国标准化研究院 | Electronic file packaging method |
| CN112464267B (en) * | 2020-12-07 | 2024-04-02 | 中国标准化研究院 | Electronic file packaging method |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110785760B (en) | Method and system for registering digital documents | |
| CN109508563B (en) | Block chain-based electronic file authenticity guarantee method | |
| CN109409122B (en) | File storage method, electronic device and storage medium | |
| US10810004B2 (en) | System and method for managing a public software component ecosystem using a distributed ledger | |
| EP3639465B1 (en) | Improved hardware security module management | |
| JP7273053B2 (en) | Blockchain communication and ordering | |
| CA2716982C (en) | Digital signatures on composite resource documents | |
| CN110612697A (en) | Data storage layer indexing for efficient information retrieval | |
| US20200186354A1 (en) | Digital composition hashing | |
| CN112835612A (en) | Electronic document version management method and device based on block chain | |
| CN110199287A (en) | It is unsealed using the data that area is surrounded in sealing | |
| CN110199288A (en) | Crossover-platform surrounds area's seal data | |
| CN110199284A (en) | Crossover-platform surrounds area's identity | |
| CN102201040A (en) | Method, system and device for processing electronic documents | |
| CN110199286A (en) | The seal data in area is surrounded using sealing | |
| CN110214324A (en) | Key vault surrounds area | |
| CN110226167A (en) | It is abstract to surround area's identity | |
| CN110214323A (en) | Surround area's abstract model | |
| US8595256B2 (en) | Policy generation and conversion system, policy distribution system, and method and program therefor | |
| JP2023524715A (en) | Identity provisioning across networks | |
| JP2023530594A (en) | Permitted Event Processing in Distributed Databases | |
| CN115185914A (en) | Data sharing method and computing device based on uplink and downlink data cooperation | |
| Catuogno et al. | A trusted versioning file system for passive mobile storage devices | |
| CN110214321A (en) | Nesting surrounds area's identity | |
| CN112261160B (en) | Method and system for quitting cross-slice transaction in block chain system containing slices |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20110928 |
|
| RJ01 | Rejection of invention patent application after publication |