This paper addresses a practical problem in Document Management Systems for which no existing solution is available in the market. To store confidential documents in a Document Management System, a common approach is to keep only the encrypted version of the documents to ensure the confidentiality of the contents. However, how to share these encrypted documents and how to delegate the access rights of these documents are not straightforward while these operations are common in most companies. In this paper, we discuss the issues related to this problem and provide a practical and easy-to-implement solution for solving the problem. Our solution has been shown to be feasible by a prototype implementation. We also show how to extend our solution to take advantage of the hierarchical structure of a company to make it more scalable. As a remark, this problem was initiated by a local company based on its actual needs to fulfil a set of business objectives and requirements.
Yiu, S.M.; Yiu, S.W.; Lee, L.; Li, Eric; and Yip, Michael, "Sharing and Access Right Delegation for Confidential Documents: A Practical Solution" (2004). ACIS 2004 Proceedings. Paper 85.