JP2017091235A - Authentication system, electronic apparatus, authentication method, and authentication program - Google Patents

Abstract

PROBLEM TO BE SOLVED: To ensure security in remotely operating an electronic apparatus without a troublesome operation.SOLUTION: An electronic apparatus receives a first connection request from an information processing device, and receives an instruction to permit connection from the information processing device. The electronic apparatus generates, when the instruction to permit connection from the information processing device is received, connection information available for connection from the information processing device to the electronic apparatus, and returns first connection permission information including the generated connection information in response to the first connection request. The electronic apparatus receives a second connection request using the connection information, from the information processing device, and executes authentication processing on the basis of the connection information used for the second connection request. The electronic apparatus returns, when authentication succeeds by the authentication processing, second connection permission information in response to the second connection request.SELECTED DRAWING: Figure 4

Description

  The present invention relates to an authentication system, an electronic device, an authentication method, and an authentication program.

  2. Description of the Related Art Conventionally, a technique for connecting an electronic device such as an image forming apparatus to a network and using it remotely from an information processing apparatus such as a PC (Personal Computer) has been known for improving convenience. For example, in such a technique, a Web server is incorporated in an electronic device, and a remote operation of the electronic device is realized by performing a login operation on the information processing apparatus using a Web screen generated by the electronic device. Yes.

  However, the conventional technique has a problem that it is difficult to ensure security. Specifically, in the prior art, information on a user who can log in is preset in an electronic device, and anyone can log in in the initial state, so there is a possibility that a third party may log in illegally. is there.

  The present invention has been made in view of the above, and an object of the present invention is to ensure security when remotely operating an electronic device without causing troublesome operations.

  In order to solve the above-described problems and achieve the object, an authentication system according to the present invention includes a first connection request receiving unit that receives a first connection request from an information processing apparatus that operates an electronic device, and the first connection request In response to accepting a connection request, when a connection permission accepting unit that accepts an instruction to permit connection from the information processing device and an instruction that authorizes connection from the information processing device are received from the information processing device A connection information generation unit that generates connection information that can be used for connection to the electronic device, and a first connection permission information that includes the generated connection information in response to the first connection request. A response unit, a second connection request accepting unit that accepts a second connection request using the connection information from the information processing device, and an authentication process based on the connection information used in the second connection request. When the authentication processing unit rows to, the authentication by the authentication process is successful, to the second connection request, and a second response unit for responding a second connection permission information.

  According to one aspect of the present invention, there is an effect that it is possible to ensure security when remotely operating an electronic device without causing troublesome operations.

FIG. 1 is a diagram illustrating a system configuration example of an authentication system according to the first embodiment. FIG. 2 is a block diagram illustrating a hardware configuration example of the information processing apparatus according to the first embodiment. FIG. 3 is a block diagram illustrating a hardware configuration example of the electronic device according to the first embodiment. FIG. 4 is a block diagram illustrating a functional configuration example of the electronic device and the information processing apparatus according to the first embodiment. FIG. 5 is a diagram illustrating a configuration example of the operation display unit according to the first embodiment. FIG. 6 is a diagram for explaining an example of generating a connection URL according to the first embodiment. FIG. 7 is a diagram illustrating an example of a login screen according to the first embodiment. FIG. 8 is a sequence diagram illustrating an example of a flow of processing at the time of initial connection according to the first embodiment. FIG. 9 is a sequence diagram illustrating an example of a processing flow at the time of the second and subsequent connections according to the first embodiment. FIG. 10 is a block diagram illustrating a functional configuration example of the electronic device and the information processing apparatus according to the second embodiment. FIG. 11 is a sequence diagram illustrating an example of a processing flow at the time of the second and subsequent connections according to the second embodiment. FIG. 12 is a block diagram illustrating a functional configuration example of the electronic device and the information processing apparatus according to the third embodiment. FIG. 13 is a sequence diagram illustrating an example of a flow of processing at the time of initial connection according to the third embodiment. FIG. 14 is a sequence diagram illustrating an example of a processing flow at the time of the second and subsequent connections according to the third embodiment.

  Embodiments of an authentication system, an electronic device, an authentication method, and an authentication program according to the present invention will be described below with reference to the accompanying drawings. In addition, this invention is not limited by the following embodiment. It should be noted that the embodiments can be appropriately combined as long as the contents are not contradictory.

(Embodiment 1)
[System Configuration According to Embodiment 1]
The system configuration of the authentication system according to the first embodiment will be described with reference to FIG. FIG. 1 is a diagram illustrating a system configuration example of an authentication system according to the first embodiment.

  As shown in FIG. 1, the authentication system 1 includes an electronic device 100 and an information processing apparatus 200. Each device is not limited to the illustrated number, and a plurality of devices may exist. Each device can be connected to a network such as the Internet via a LAN (Local Area Network) or the like. In the present embodiment, electronic device 100 is a target device for remote operation by information processing apparatus 200. Hereinafter, a case where the electronic device 100 is an image forming apparatus such as an MFP (Multi-Function Printer) will be described as an example. The case where the information processing apparatus 200 is a remote apparatus such as a PC (Personal Computer) will be described as an example.

  In the configuration described above, the electronic device 100 is in a waiting state for accepting a login request or a connection request from the information processing apparatus 200 that is normally a remote device. In order to remotely operate the electronic device 100 using the information processing apparatus 200, the user performs an operation for a login request. The information processing apparatus 200 that has received an operation for requesting login makes an HTTPS (Hypertext Transfer Protocol Secure) connection to the electronic device 100 and requests login. The electronic device 100 that has received the login request from the information processing apparatus 200 generates a login screen, and responds to the generated login screen in response to the login request. The login screen includes an object for inputting a login name as user identification information, an arbitrary character string, or the like as login information. The information processing apparatus 200 receives the login screen and displays the received login screen on the display unit.

  The user uses the information processing apparatus 200 to input login information and performs an operation for connecting to the electronic device 100. Of the login information, it is preferable that information for identifying the individual user is input to an object for inputting an arbitrary character string. For example, the user inputs information that can identify an individual user such as an individual name and a telephone number. The information processing apparatus 200 transmits the input login information to the electronic device 100 and requests connection. Hereinafter, an initial connection request from the information processing apparatus 200 to the electronic device 100 may be referred to as a “first connection request”. Thereby, the electronic device 100 accepts the first connection request. The electronic device 100 that has received the first connection request displays a login name and an arbitrary character string included in the login information on the display unit.

  When the administrator of the electronic device 100 confirms the login name and an arbitrary character string and determines that the user is a valid user, the administrator performs an operation for permitting connection from the corresponding information processing apparatus 200. For example, the administrator performs an operation for permitting the connection after directly confirming with the user himself / herself based on information that can identify the individual user. Thereby, impersonation by a third party can be prevented. The electronic device 100 receives an instruction to permit connection from the information processing apparatus 200 by the connection permission operation by the administrator. When the electronic device 100 receives an instruction to permit connection from the information processing device 200, the electronic device 100 generates connection information that can be used for subsequent connections from the information processing device 200 to the electronic device 100. For example, the connection information is a connection URL (Uniform Resource locator) used when connecting from the information processing apparatus 200 to the electronic device 100.

  Next, the electronic device 100 responds to the first connection request from the information processing apparatus 200 with connection permission information including the generated connection URL. Further, the electronic device 100 stores the connection URL for authentication processing at the time of subsequent connection by the information processing apparatus 200. Hereinafter, the first connection permission information that is returned from the electronic device 100 to the information processing apparatus 200 may be referred to as “first connection permission information”. Thereby, the information processing apparatus 200 that has received the first connection permission information can remotely operate the electronic device 100. In addition, the information processing apparatus 200 stores the connection URL included in the first connection permission information for use in subsequent connections.

  After the remote operation enabled by receiving the first connection permission information, the user performs an operation for login in order to remotely operate the electronic device 100 again using the information processing apparatus 200. Do. As a result, the information processing apparatus 200 requests connection to the electronic device 100 using the stored connection URL. Here, since the information processing apparatus 200 uses the connection URL included in the first connection permission information for the second and subsequent connections to the electronic device 100, the user does not have to input login information such as a login name. good. Hereinafter, the second and subsequent connection requests from the information processing apparatus 200 to the electronic device 100 may be referred to as “second connection requests”. When the electronic device 100 receives the second connection request, the electronic device 100 executes an authentication process based on the connection URL used in the second connection request.

  For example, the electronic device 100 executes the authentication process by collating the saved connection URL with the connection URL used in the second connection request. Here, the electronic device 100 responds to the second connection request from the information processing apparatus 200 with connection permission information when the authentication is successful due to the matching of the connection URLs. Hereinafter, the second and subsequent connection permission information returned from the electronic device 100 to the information processing apparatus 200 may be referred to as “second connection permission information”. As a result, the information processing apparatus 200 that has received the second connection permission information can remotely operate the electronic device 100.

  In other words, the authentication system 1 notifies the information processing apparatus 200 that has permitted the connection of connection information that can be used in subsequent connections, and the connection from the information processing apparatus 200 that uses the connection information is based on the connection information. Execute authentication process. As a result, the authentication system 1 can ensure security when the electronic device 100 is remotely operated without causing troublesome operations.

[Hardware Configuration of Information Processing Apparatus According to Embodiment 1]
Next, the hardware configuration of the information processing apparatus 200 according to Embodiment 1 will be described with reference to FIG. FIG. 2 is a block diagram illustrating a hardware configuration example of the information processing apparatus 200 according to the first embodiment.

  As shown in FIG. 2, the information processing apparatus 200 includes a CPU (Central Processing Unit) 202, a RAM (Random Access Memory) 203, a ROM (Read Only Memory) 204, a communication I / F 205, and a display I / F 206. And an operation I / F 207. The above units are connected to each other via a bus 201.

  The CPU 202 controls the overall operation of the information processing apparatus 200. The CPU 202 controls the overall operation of the information processing apparatus 200 by executing a program stored in the ROM 204 or the like using the RAM 203 or the like as a work area. The ROM 204 stores a program for realizing processing by the information processing apparatus 200. The RAM 203 is a work area when executing a program stored in the ROM 204 or the like. The communication I / F 205 is an interface that controls communication with the electronic device 100 or the like. A display I / F 206 is an interface that is connected to the display device and controls the display device according to control by the CPU 202. An operation I / F 207 is an interface that is connected to an operation device such as a mouse or a keyboard and controls the operation device according to control by the CPU 202.

[Hardware Configuration of Electronic Device According to Embodiment 1]
Next, the hardware configuration of the electronic device 100 according to the first embodiment will be described with reference to FIG. FIG. 3 is a block diagram illustrating a hardware configuration example of the electronic device 100 according to the first embodiment. As described above, in the present embodiment, the case where electronic device 100 is an image forming apparatus such as an MFP is taken as an example.

  As shown in FIG. 3, an electronic device 100 as an MFP has a configuration in which a controller 10 and an engine unit 60 are connected via a PCI bus. The controller 10 is a controller that controls the entire electronic device 100 and controls drawing, communication, and various inputs. The engine unit 60 is a printer engine or the like that can be connected to a PCI bus, and is, for example, a monochrome plotter, a 1-drum color plotter, a 4-drum color plotter, a scanner, or a fax unit. The engine unit 60 includes an image processing part such as error diffusion and gamma conversion in addition to a so-called engine part such as a plotter.

  The controller 10 includes a CPU 11, a north bridge (NB) 13, a system memory (MEM-P) 12, a south bridge (SB) 14, a local memory (MEM-C) 17, an ASIC 16, a hard disk drive (HDD) ) 18, and the north bridge 13 and the ASIC 16 are connected via an AGP (Accelerated Graphics Port) bus 15. The MEM-P 12 further includes a ROM 12a and a RAM 12b.

  The CPU 11 performs overall control of the electronic device 100, has a chip set including the north bridge 13, the MEM-P 12, and the south bridge 14, and is connected to other devices via the chip set. The north bridge 13 is a bridge for connecting the CPU 11, the MEM-P 12, the south bridge 14, and the AGP bus 15, and includes a memory controller, a PCI master, and an AGP target that control reading and writing to the MEM-P 12. .

  The MEM-P 12 is a system memory used as a memory for storing programs and data, a memory for developing programs and data, a drawing memory for printers, and the like, and includes a ROM 12a and a RAM 12b. The ROM 12a is a read-only memory used as a memory for storing programs and data. The RAM 12b is a writable and readable memory used as a program and data development memory, a printer drawing memory, and the like. The south bridge 14 is a bridge for connecting the north bridge 13 to a PCI device and peripheral devices. The south bridge 14 is connected to the north bridge 13 via a PCI bus, and a network interface unit and the like are also connected to the PCI bus.

  The ASIC 16 is an IC (Integrated Circuit) for image processing having hardware elements for image processing, and has a role of a bridge for connecting the AGP bus 15, the PCI bus, the HDD 18, and the MEM-C 17. The ASIC 16 includes a PCI target and an AGP master, an arbiter (ARB) that is the core of the ASIC 16, a memory controller that controls the MEM-C 17, a plurality of DMACs (Direct Memory Access Controller) and a PCI unit that performs data transfer between the engine unit 60 via the PCI bus. An FCU (Facsimile Control Unit) 30, a USB (Universal Serial Bus) 40, and an IEEE 1394 (the Institute of Electrical and Electronics Engineers 1394) interface 50 are connected to the ASIC 16 via a PCI bus. The operation display unit 20 is directly connected to the ASIC 16.

  The MEM-C 17 is a local memory used as a copy image buffer and a code buffer, and an HDD (Hard Disk Drive) 18 is a storage for storing image data, programs, font data, and forms. It is. The AGP bus 15 is a bus interface for a graphic accelerator card that has been proposed to speed up graphic processing. The AGP bus 15 directly accesses the MEM-P 12 with high throughput, thereby speeding up the graphic accelerator card.

[Functional configuration of each device according to Embodiment 1]
Next, the functional configuration of each apparatus according to Embodiment 1 will be described with reference to FIG. FIG. 4 is a block diagram illustrating a functional configuration example of the electronic device 100 and the information processing apparatus 200 according to the first embodiment.

  As shown in FIG. 4, the electronic device 100 includes a communication unit 110, a screen generation unit 111, a screen transmission control unit 112, an operation display control unit 113, a first connection request reception unit 114, and a connection permission reception. Unit 115 and connection rejection receiving unit 116. In addition, the electronic device 100 includes a connection information generation unit 117, a first response unit 118, a storage unit 119, a second connection request reception unit 120, an authentication processing unit 121, and a second response unit 122. And have. Among these, each part other than the communication part 110 and the memory | storage part 119 may be implement | achieved by software (program), and may be implement | achieved by the hardware circuit.

  The communication unit 110 controls transmission / reception of various information. The screen generation unit 111 generates a login screen for inputting login information when a login request is accepted from the information processing apparatus 200 via the communication unit 110. The screen transmission control unit 112 transmits the login screen generated by the screen generation unit 111 to the information processing apparatus 200 that has made the login request via the communication unit 110. Thus, the information processing apparatus 200 that has made the login request receives the login screen from the electronic device 100. Then, the information processing apparatus 200 displays a login screen and makes a first connection request including the login information to the electronic device 100 in response to the input of the login information. For example, the login information includes a login name and an arbitrary character string (message).

  The operation display control unit 113 controls input processing and display processing in the operation display unit 20. The first connection request accepting unit 114 includes a first connection including login information such as a login name and an arbitrary character string (message) from the information processing apparatus 200 that remotely operates the electronic device 100 via the communication unit 110. Accept the request. As a result, the operation display control unit 113 displays and outputs the login name received by the first connection request receiving unit 114 and an arbitrary character string (message) on the operation display unit 20. The connection permission receiving unit 115 receives an instruction to permit connection from the information processing apparatus 200 in response to the reception of the first connection request. More specifically, the connection permission accepting unit 115 accepts an instruction to permit connection in accordance with an operation of the administrator on the operation display unit 20. The connection rejection accepting unit 116 accepts an instruction for rejecting the connection from the information processing apparatus 200 in response to acceptance of the first connection request. More specifically, the connection refusal accepting unit 116 accepts an instruction to refuse the connection in response to an operation of the administrator on the operation display unit 20.

  FIG. 5 is a diagram illustrating a configuration example of the operation display unit 20 according to the first embodiment. For example, as shown in FIG. 5, the operation display unit 20 displays a connection permission touch key and a connection rejection touch key in addition to touch keys for initial setting of a copy, a scanner, a printer, a network, and the like. The The operation display unit 20 displays a login name, a message, and the like in response to a connection request under the control of the operation display control unit 113. When the administrator of the electronic device 100 confirms the login name and the message and determines that the connection from the information processing apparatus 200 is permitted, the administrator taps the connection permission touch key. Thereby, the connection permission reception part 115 receives the instruction | indication which permits a connection. Then, the electronic device 100 transmits connection permission information to the information processing apparatus 200 as described later. The information processing apparatus 200 that has received the connection permission information can remotely operate the electronic device 100.

  On the other hand, when the administrator of the electronic device 100 confirms the login name and the message and determines that the connection from the information processing apparatus 200 is not permitted, the administrator taps the connection rejection touch key. Thereby, the connection refusal reception part 116 receives the instruction | indication which refuses a connection. Then, the electronic device 100 transmits connection refusal information to the information processing apparatus 200 as described later. The information processing apparatus 200 that has received the connection refusal information cannot perform the remote operation of the electronic device 100. The determination of connection permission or connection refusal by the administrator may be made based on information such as a login name or information that can identify an individual user displayed in the message. For example, the administrator can make a connection permission or connection refusal determination by directly confirming with the user himself / herself based on the personal name or telephone number for identifying the individual user.

  The connection information generation unit 117 generates connection information that can be used for subsequent connections from the information processing apparatus 200 to the electronic device 100 when an instruction to permit connection is received. More specifically, when the connection permission receiving unit 115 receives an instruction for permitting a connection from the information processing device 200, the connection information generating unit 117 performs subsequent processing for the electronic device 100 from the information processing device 200. A connection URL that can be used for connection is generated. FIG. 6 is a diagram for explaining an example of generating a connection URL according to the first embodiment. As illustrated in FIG. 6, the connection information generation unit 117 calculates a hash value from a character string that combines a unique secret key and a login name (user identification information) of login information included in the first connection request. Then, a connection URL including the calculated hash value is generated. The electronic device 100 is assumed to hold a unique secret key in advance.

  In general, it is difficult to estimate an original character string from a hash value. Therefore, even if a third party recognizes the login name of another person, the URL is not estimated if it is a connection URL including a hash value calculated from a character string including a unique secret key. Accordingly, in the subsequent connection, the connection URL including the hash value is used to connect to the electronic device 100, and this connection URL can be used for authentication processing at that time. FIG. 6 shows an example in which SHA-1, which is a hash function that outputs a 160-bit numeric value, is employed. The hash function to be used is not limited to this.

  For example, the connection information generation unit 117 generates a character string “secretSoum01” by combining the secret key “secret” and the login name “Somu01”. Then, the connection information generation unit 117 calculates a hash value “d932276c9f8b8806910a944cacd10e952a089e58” using the SHA-1 from the generated character string “secretSoum01”. The hash value calculated by the connection information generation unit 117 is notified to the information processing apparatus 200 that is permitted to connect as a connection URL that is connection information that can be used in subsequent connections. In addition, the connection information generation unit 117 stores the generated connection URL in the storage unit 119.

  The first response unit 118 responds to the first connection request with the first connection permission information including the generated connection information. More specifically, the first response unit 118 includes a connection URL generated by the connection information generation unit 117 in response to the first connection request received by the first connection request reception unit 114. First connection permission information that is permission information is returned to the information processing apparatus 200 via the communication unit 110. Further, when the connection rejection receiving unit 116 receives an instruction to reject the connection, the first response unit 118 connects to the first connection request received by the first connection request receiving unit 114. The rejection information is returned to the information processing device 200 via the communication unit 110.

  The second connection request accepting unit 120 accepts a second connection request using the connection URL from the information processing apparatus 200 that remotely operates the electronic device 100 via the communication unit 110. In the present embodiment, unlike the first connection request, the second connection request may not include login information such as a login name and an arbitrary character string (message).

  The authentication processing unit 121 executes authentication processing based on the connection URL used in the second connection request. More specifically, the authentication processing unit 121 generates and stores the connection URL used when the second connection request is received by the second connection request reception unit 120 and the connection information generation unit 117. The authentication process is executed by checking the connection URL stored in the unit 119. If there is a matching connection URL by the verification of the connection URL, the authentication succeeds, and if there is no matching connection URL, the authentication fails. Then, the authentication processing unit 121 outputs an authentication result to the second response unit 122. Note that the authentication process may be realized by executing an authentication process program for checking the connection URL.

  The second response unit 122 responds with the second connection permission information in response to the second connection request when the authentication is successful. More specifically, the second response unit 122 permits connection with respect to the second connection request received by the second connection request receiving unit 120 when the authentication processing by the authentication processing unit 121 is successful. The second connection permission information, which is information, is returned to the information processing apparatus 200 via the communication unit 110. In addition, when the authentication processing by the authentication processing unit 121 fails, the second response unit 122 communicates connection refusal information to the second connection request received by the second connection request receiving unit 120. It responds to the information processing apparatus 200 via the unit 110.

  As illustrated in FIG. 4, the information processing apparatus 200 includes an operation reception unit 210, a display control unit 211, a storage unit 212, a transmission control unit 213, a communication unit 214, and a reception control unit 215. . Among these, each part other than the memory | storage part 212 and the communication part 214 may be implement | achieved by software (program), and may be implement | achieved by the hardware circuit.

  The operation reception unit 210 receives various operations using a mouse, a keyboard, and the like via the operation I / F 207. For example, the operation reception unit 210 transmits various information such as an operation for a login request / connection request to the electronic device 100, an input operation of login information to the login screen, information related to the connection request, and login information to the electronic device 100. To accept an operation or the like. The display control unit 211 performs control for displaying various screens on the display device via the display I / F 206. For example, the display control unit 211 controls display of a login screen, display according to input of login information, display of information related to permission or denial of connection to the electronic device 100, and the like.

  The transmission control unit 213 controls transmission of various information to the electronic device 100. For example, the transmission control unit 213 transmits information related to the login request to the electronic device 100 via the communication unit 214 when the operation reception unit 210 receives an operation for a login request. Also, the transmission control unit 213 includes a first unit that includes login information for the electronic device 100 via the communication unit 214 when the operation reception unit 210 receives an input of login information or an operation for transmission. Send information about connection requests. In addition, when the operation accepting unit 210 accepts an operation for a connection request using the connection URL, the transmission control unit 213 sends a second connection request to the electronic device 100 via the communication unit 214. Send information about.

  The reception control unit 215 controls reception of various information from the electronic device 100. For example, the reception control unit 215 receives the login screen via the communication unit 214 as a response from the electronic device 100 to the transmission of information related to the login request by the transmission control unit 213. The received login screen is displayed on the display device by the display control unit 211. The reception control unit 215 also receives first connection permission information including a connection URL via the communication unit 214 as a response from the electronic device 100 to the transmission of information related to the first connection request by the transmission control unit 213. Alternatively, connection refusal information is received.

  When the first connection permission information is received by the reception control unit 215, the display control unit 211 displays on the display device that the connection to the electronic device 100 is permitted. When the connection refusal information is received by the reception control unit 215, the display control unit 211 displays on the display device that the connection to the electronic device 100 has been rejected. Note that the connection URL is stored in the storage unit 212 by a method such as a bookmark, and a connection request to the electronic device 100 can be realized by specifying the connection URL for the next and subsequent connections.

  Also, the reception control unit 215 receives the second connection permission information via the communication unit 214 as a response from the electronic device 100 to the transmission of information related to the second connection request using the connection URL by the transmission control unit 213. Or, connection refusal information is received. When the second connection permission information is received by the reception control unit 215, the display control unit 211 displays and outputs on the display device that the connection to the electronic device 100 is permitted. When the connection refusal information is received by the reception control unit 215, the display control unit 211 displays on the display device that the connection to the electronic device 100 has been rejected.

  FIG. 7 is a diagram illustrating an example of a login screen according to the first embodiment. As shown in FIG. 7, the login screen includes a UI for inputting a message that is a login name or an arbitrary character string, a login button for transmitting login information to the electronic device 100, and a login operation. A cancel button for canceling is displayed. Further, the URL of the electronic device 100 as a connection destination (for example, “https://192.168.10.20/login”) is displayed on the login screen. When a login screen is displayed after making a login request, the user inputs a login name and a message, and presses a login button. Thereby, the transmission control part 213 makes the 1st connection request containing login information. As described above, when the second connection request is made, a connection URL (for example, “https://192.168.10.20/d9322762c9f8b88069910a944cacc10e952a089e58”) is used.

[Processing sequence at the time of connection according to Embodiment 1]
Next, the flow of processing at the time of connection according to the first embodiment will be described with reference to FIGS. FIG. 8 is a sequence diagram illustrating an example of a flow of processing at the time of initial connection according to the first embodiment. FIG. 9 is a sequence diagram illustrating an example of a processing flow at the time of the second and subsequent connections according to the first embodiment.

  As illustrated in FIG. 8, the information processing apparatus 200 issues a login request to the electronic device 100 when an operation for a login request to the electronic device 100 is received (step S <b> 101). For example, the URL used at the time of a login request is “https://192.168.10.20/login”. The electronic device 100 that has received the login request from the information processing apparatus 200 generates a login screen in which a login name or an arbitrary character string (message) can be input (step S102). Then, electronic device 100 transmits the generated login screen to information processing device 200 (step S103).

  The information processing apparatus 200 that has received the login screen displays the login screen, and makes a first connection request including the login information to the electronic device 100 in response to input of the login information (step S104). For example, the login name is “Somu01”, and the message is “General Affairs Tanaka”. The electronic device 100 that has received the first connection request including the login information displays and outputs the login information such as a login name and a message on the operation display unit 20 (step S105). Then, electronic device 100 accepts an instruction to permit connection from information processing device 200 by an operation by the administrator (step S106).

  Subsequently, when an instruction to permit connection is received, the electronic device 100 generates a connection URL that can be used for subsequent connections from the information processing apparatus 200 to the electronic device 100 (step S107). For example, the hash value “d932276c9f8b8806910a944cacc10e952a089e58” calculated from a character string that combines the unique secret key “secret” and the login name “Somu01” of the login information included in the first connection request is used for the connection URL. Is done. Thereafter, the electronic device 100 responds to the information processing apparatus 200 with first connection permission information that is connection permission information including the generated connection URL (step S108). As a result, the information processing apparatus 200 can perform remote operation of the electronic device 100.

  As illustrated in FIG. 9, the information processing apparatus 200 makes a second connection request using the connection URL to the electronic device 100 in response to an operation or the like for requesting a connection to the electronic device 100 ( Step S201). The electronic device 100 that has received the second connection request using the connection URL authenticates the used connection URL with the connection URL generated at the first connection from the information processing apparatus 200. Processing is executed (step S202). Then, when the authentication process is successful, the electronic device 100 responds to the information processing apparatus 200 with second connection permission information that is connection permission information (step S203). As a result, the information processing apparatus 200 can perform remote operation of the electronic device 100.

  As described above, the authentication system 1 generates connection information that can be used by the information processing apparatus 200 that is permitted to connect to the electronic device 100 for subsequent connections, and connects from the information processing apparatus 200 using the connection information. In response to the request, an authentication process is executed based on the connection information. As a result, as an effect of the first embodiment, it is possible to ensure security when the electronic device 100 is remotely operated without causing troublesome operations.

(Embodiment 2)
In the first embodiment, the case has been described in which the authentication process for comparing the connection URL generated at the first connection request with the connection URL used at the second and subsequent connection requests is executed. In the second embodiment, in the authentication process at the time of the second and subsequent connection requests, the connection URL is regenerated, and the authentication process for verifying the regenerated connection URL and the connection URL used in the connection request is performed. The case of executing will be described.

  In the second embodiment, detailed description of the same description as in the first embodiment may be omitted. For example, the system configuration of the authentication system according to Embodiment 2 is the same as the system configuration shown in FIG. The hardware configuration of the information processing apparatus 200a according to Embodiment 2 is the same as the hardware configuration shown in FIG. The hardware configuration of the electronic device 100a according to the second embodiment is the same as the hardware configuration illustrated in FIG.

[Functional configuration of each apparatus according to Embodiment 2]
The functional configuration of each device according to the second embodiment will be described with reference to FIG. FIG. 10 is a block diagram illustrating a functional configuration example of the electronic device 100a and the information processing apparatus 200a according to the second embodiment. In the second embodiment, the same reference numerals are given to the same configurations as the functional configurations of the devices according to the first embodiment, and the detailed description thereof may be omitted. Specifically, functions, configurations, and processes other than the connection information generation unit 117a, the second connection request reception unit 120a, the authentication processing unit 121a, the operation reception unit 210a, and the transmission control unit 213a described below are described in the first embodiment. It is the same.

  As illustrated in FIG. 10, the electronic device 100a includes a communication unit 110, a screen generation unit 111, a screen transmission control unit 112, an operation display control unit 113, a first connection request reception unit 114, and a connection permission reception. Unit 115 and connection rejection receiving unit 116. In addition, the electronic device 100a includes a connection information generation unit 117a, a first response unit 118, a storage unit 119, a second connection request reception unit 120a, an authentication processing unit 121a, and a second response unit 122. And have. Among these, each part other than the communication part 110 and the memory | storage part 119 may be implement | achieved by software (program), and may be implement | achieved by the hardware circuit.

  The second connection request receiving unit 120a receives a second connection request including a login name as user identification information from the information processing apparatus 200a that remotely operates the electronic device 100a via the communication unit 110. That is, in the present embodiment, the second connection request includes a login name that is user identification information. Similar to the first embodiment, the information processing apparatus 200a uses the connection URL received at the first connection to the electronic device 100a in the second and subsequent connection requests to the electronic device 100a.

  After receiving the second connection request, the connection information generation unit 117a regenerates connection information including a hash value for each connection from the information processing apparatus 200a to the electronic device 100a. More specifically, the connection information generation unit 117a receives the second connection request including the login name from the information processing apparatus 200a using the connection URL by the second connection request reception unit 120a. Then, a hash value is calculated from a character string obtained by combining the unique secret key and the login name, and a connection URL including the calculated hash value is regenerated. In the present embodiment, the connection information generation unit 117a may not store the connection URL generated at the first connection from the information processing apparatus 200a to the electronic device 100a in the storage unit 119.

  The authentication processing unit 121a executes an authentication process for collating the connection information used in the second connection request with the regenerated connection information. More specifically, the authentication processing unit 121a is regenerated by the connection information generation unit 117a and the connection URL used when the second connection request reception unit 120a receives the second connection request. The authentication process is executed by checking the connection URL. That is, the electronic device 100a regenerates the connection URL in the second and subsequent connection requests, and uses the regenerated connection URL for authentication processing, so that the connection URL is leaked. If the login name is not leaked, unauthorized connection by a third party can be prevented.

  As illustrated in FIG. 10, the information processing apparatus 200 a includes an operation reception unit 210 a, a display control unit 211, a storage unit 212, a transmission control unit 213 a, a communication unit 214, and a reception control unit 215. . Among these, each part other than the memory | storage part 212 and the communication part 214 may be implement | achieved by software (program), and may be implement | achieved by the hardware circuit.

  The operation reception unit 210a receives an operation for a connection request to the electronic device 100a, as in the first embodiment. In the second embodiment, the operation accepting unit 210a accepts an input of a login name that is user identification information when performing an operation for a connection request using the connection URL. Such a connection request refers to a second connection request.

  The transmission control unit 213a controls transmission of various types of information to the electronic device 100a as in the first embodiment. In the second embodiment, when the operation accepting unit 210a accepts an operation for a second connection request using the connection URL, the transmission control unit 213a receives the electronic device 100a via the communication unit 214. Transmits information related to the second connection request including the login name. As a result, the electronic device 100a regenerates the connection URL from the login name and the secret key included in the second connection request, and the regenerated connection URL and the connection used in the second connection request. The authentication process is executed based on the URL for use.

[Processing sequence at the time of connection according to Embodiment 2]
Next, the flow of processing at the time of connection according to Embodiment 2 will be described using FIG. FIG. 11 is a sequence diagram illustrating an example of a processing flow at the time of the second and subsequent connections according to the second embodiment. Note that the processing flow at the time of the initial connection according to the second embodiment is the same as that of the first embodiment.

  As illustrated in FIG. 11, the information processing apparatus 200 a uses the connection URL to the electronic device 100 a in response to an operation for requesting connection to the electronic device 100 a and the like, and includes a login name. A connection request is made (step S301). The electronic device 100a that has received the second connection request calculates a hash value from a character string that combines the login name included in the second connection request and the unique secret key, and regenerates the connection URL ( Step S302). Then, the electronic device 100a executes the authentication process by comparing the regenerated connection URL with the connection URL used in the second connection request (step S303). Subsequently, when the authentication process is successful, the electronic device 100a responds to the information processing apparatus 200a with second connection permission information that is connection permission information (step S304). As a result, the information processing apparatus 200a can remotely operate the electronic device 100a.

  The authentication system 1 regenerates a connection URL from a login name and a secret key when a connection request is made from the information processing apparatus 200a, and performs an authentication process for verifying the regenerated connection URL and the used connection URL Execute. As a result, as an effect of the second embodiment, even if the connection URL leaks to a third party, unauthorized connection by the third party can be prevented.

(Embodiment 3)
In the first embodiment, the case has been described in which the authentication process for comparing the connection URL generated at the first connection request with the connection URL used at the second and subsequent connection requests is executed. In the third embodiment, a case is described in which identification information for identifying the information processing apparatus 200b is generated at the time of the first connection request, and authentication processing is further executed based on the identification information in the authentication processing at the time of the second and subsequent connection requests. To do.

  In the third embodiment, a detailed description of the description overlapping that of the first embodiment may be omitted. For example, the system configuration of the authentication system according to Embodiment 3 is the same as the system configuration shown in FIG. Further, the hardware configuration of the information processing apparatus 200b according to Embodiment 3 is the same as the hardware configuration shown in FIG. Further, the hardware configuration of electronic device 100b according to Embodiment 3 is the same as the hardware configuration shown in FIG.

[Functional configuration of each device according to Embodiment 3]
The functional configuration of each device according to Embodiment 3 will be described with reference to FIG. FIG. 12 is a block diagram illustrating a functional configuration example of the electronic device 100b and the information processing device 200b according to the third embodiment. In the third embodiment, the same reference numerals are given to the same configurations as the functional configurations of the respective devices according to the first embodiment, and the detailed description thereof may be omitted. Specifically, functions and configurations other than the first response unit 118b, the second connection request reception unit 120b, the authentication processing unit 121b, the identification information generation unit 123b, the transmission control unit 213b, and the reception control unit 215b described below. The processing is the same as in the first embodiment.

  As illustrated in FIG. 12, the electronic device 100b includes a communication unit 110, a screen generation unit 111, a screen transmission control unit 112, an operation display control unit 113, a first connection request reception unit 114, and a connection permission reception. Unit 115 and connection rejection receiving unit 116. In addition, the electronic device 100b includes a connection information generation unit 117, a first response unit 118b, a storage unit 119, a second connection request reception unit 120b, an authentication processing unit 121b, and a second response unit 122. And an identification information generation unit 123b. Among these, each part other than the communication part 110 and the memory | storage part 119 may be implement | achieved by software (program), and may be implement | achieved by the hardware circuit.

  The identification information generation unit 123b generates identification information for identifying the information processing device 200b when an instruction to permit connection from the information processing device 200b is received. More specifically, the identification information generating unit 123b identifies information for identifying the information processing device 200b when the connection permission receiving unit 115 receives an instruction to permit connection from the information processing device 200b. (For example, HTTP cookie). Also, the identification information generation unit 123b stores the generated HTTP cookie in the storage unit 119.

  The first response unit 118b responds to the first connection request with the first connection permission information further including the generated identification information. More specifically, the first response unit 118b further includes an HTTP cookie generated by the identification information generation unit 123b in response to the first connection request received by the first connection request reception unit 114. The first connection permission information, which is permission information, is returned to the information processing apparatus 200b via the communication unit 110. That is, in the present embodiment, the first connection permission information includes the HTTP cookie generated by the identification information generation unit 123b in addition to the connection URL generated by the connection information generation unit 117.

  The second connection request accepting unit 120b accepts a second connection request including HTTP cookie as identification information from the information processing apparatus 200b that remotely operates the electronic device 100b via the communication unit 110. In the present embodiment, the second connection request may not include login information such as a login name or an arbitrary character string (message). The information processing device 200b makes a second connection request using the connection URL.

  The authentication processing unit 121b performs an authentication process based on HTTP cookie that is identification information included in the second connection request. More specifically, the authentication processing unit 121b, when the second connection request is received by the second connection request receiving unit 120b, the HTTP cookie included in the second connection request and the identification information generating unit 123b. The authentication process is executed by collating the HTTP cookie generated by the above and stored in the storage unit 119.

  Similarly to the first embodiment, the authentication processing unit 121b uses the connection URL used when the second connection request is received by the second connection request reception unit 120b and the connection information generation unit 117. An authentication process for collating the connection URL generated and stored in the storage unit 119 is also executed. That is, in this embodiment, in addition to the verification of the connection URL, the verification of the HTTP cookie is also performed. By matching these pieces of information, if they match, authentication succeeds, and if they do not match, authentication fails. Then, the authentication processing unit 121b outputs the authentication result to the second response unit 122.

  As illustrated in FIG. 12, the information processing apparatus 200b includes an operation reception unit 210, a display control unit 211, a storage unit 212, a transmission control unit 213b, a communication unit 214, and a reception control unit 215b. . Among these, each part other than the memory | storage part 212 and the communication part 214 may be implement | achieved by software (program), and may be implement | achieved by the hardware circuit.

  The reception control unit 215b controls the reception of various types of information from the electronic device 100b as in the first embodiment. In the third embodiment, the reception control unit 215b includes a connection URL and an HTTP cookie via the communication unit 214 as a response from the electronic device 100b to the transmission of information related to the first connection request by the transmission control unit 213b. First connection permission information or connection refusal information is received. Note that the connection URL and HTTP cookie are stored in the storage unit 212 and are used in subsequent connections.

  The transmission control unit 213b controls transmission of various types of information to the electronic device 100b as in the first embodiment. In the third embodiment, when the operation accepting unit 210 accepts an operation for a connection request using the connection URL, the transmission control unit 213b sends an HTTP to the electronic device 100b via the communication unit 214. Information related to the second connection request including cookie is transmitted. Thereby, in the electronic device 100b, the authentication process is executed based on the connection URL and the HTTP cookie.

[Processing sequence upon connection according to Embodiment 3]
Next, a processing flow at the time of connection according to Embodiment 3 will be described with reference to FIGS. 13 and 14. FIG. 13 is a sequence diagram illustrating an example of a flow of processing at the time of initial connection according to the third embodiment. FIG. 14 is a sequence diagram illustrating an example of a processing flow at the time of the second and subsequent connections according to the third embodiment.

  As illustrated in FIG. 13, when the information processing apparatus 200b receives an operation for a login request to the electronic device 100b, the information processing device 200b makes a login request to the electronic device 100b (step S401). For example, the URL used at the time of a login request is “https://192.168.10.20/login”. The electronic device 100b that has received the login request from the information processing apparatus 200b generates a login screen in which a login name and an arbitrary character string (message) can be input (step S402). Then, the electronic device 100b transmits the generated login screen to the information processing apparatus 200b (Step S403).

  The information processing apparatus 200b that has received the login screen displays the login screen, and makes a first connection request including the login information to the electronic device 100b in response to input of the login information (step S404). For example, the login name is “Somu01”, and the message is “General Affairs Tanaka”. The electronic device 100b that has received the first connection request including the login information displays and outputs the login information such as the login name and the message on the operation display unit 20 (step S405). Then, the electronic device 100b receives an instruction to permit connection from the information processing apparatus 200b by an operation by the administrator (step S406).

  Subsequently, when an instruction to permit connection is received, the electronic device 100b generates a connection URL that can be used for subsequent connections to the electronic device 100b from the information processing device 200b (step S407). For example, the hash value “d932276c9f8b8806910a944cacc10e952a089e58” calculated from a character string that combines the unique secret key “secret” and the login name “Somu01” of the login information included in the first connection request is used for the connection URL. Is done. In addition, when an instruction to permit connection is received, the electronic device 100b generates an HTTP cookie that is identification information for identifying the information processing apparatus 200b (step S408). For example, HTTP cookie is “remote12345”. Thereafter, the electronic device 100b responds to the information processing apparatus 200b with first connection permission information that is connection permission information including the generated connection URL and HTTP cookie (step S409). Thus, the information processing apparatus 200b can perform a remote operation of the electronic device 100b.

  As illustrated in FIG. 14, the information processing apparatus 200b uses a connection URL for the electronic device 100b in response to an operation for requesting a connection to the electronic device 100b, and includes a second cookie including an HTTP cookie. A connection request is made (step S501). The electronic device 100b, which uses the connection URL and receives the second connection request including the HTTP cookie, executes the authentication process by comparing the connection URL and the HTTP cookie (step S502). . Then, when the authentication process is successful, the electronic device 100b responds to the information processing apparatus 200b with second connection permission information that is connection permission information (step S503). Thus, the information processing apparatus 200b can perform a remote operation of the electronic device 100b.

  The authentication system 1 generates identification information that the information processing apparatus 200b that is permitted to connect transmits in the subsequent connection to the electronic device 100b, and in response to a connection request that includes the identification information from the information processing apparatus 200b, Based on the authentication process. As a result, as an effect of the third embodiment, even when the connection URL leaks to a third party, unauthorized connection can be prevented and the reliability of the authentication process can be improved.

(Embodiment 4)
Now, although the embodiment of the authentication system 1 according to the present invention has been described so far, it may be implemented in various different forms other than the above-described embodiment. Therefore, different embodiments of (1) configuration and (2) program will be described.

(1) Configuration Information including processing procedures, control procedures, specific names, various data, parameters, and the like shown in the above documents and drawings can be arbitrarily changed unless otherwise specified. Each component of the illustrated apparatus is functionally conceptual and does not necessarily need to be physically configured as illustrated. That is, the specific form of the distribution or integration of the devices is not limited to the illustrated one, and all or a part of the distribution or integration is functionally or physically distributed or arbitrarily in any unit according to various burdens or usage conditions. Can be integrated.

  In the above embodiment, the case where electronic device 100 is an image forming apparatus such as an MFP has been described as an example. The image forming apparatus is not limited to the MFP, and may be an LP (laser printer), a facsimile, a scanner, or the like. The electronic device 100 may be an electronic device other than an image forming apparatus such as a projector, a video conference system, or a digital camera. Similarly, the information processing apparatus 200 is not limited to a PC, and may be a tablet terminal, a smartphone, or the like.

(2) Program The program executed by the electronic device 100 or the information processing apparatus 200 is, as one form, a file in an installable format or an executable format, a CD-ROM, a flexible disk (FD), a CD- The program is recorded on a computer-readable recording medium such as R and DVD (Digital Versatile Disk). Further, the program executed by the electronic device 100 or the information processing apparatus 200 may be provided by being stored on a computer connected to a network such as the Internet and downloaded via the network. Further, the program executed by the electronic device 100 or the information processing apparatus 200 may be provided or distributed via a network such as the Internet. In addition, a program executed by the electronic device 100 or the information processing apparatus 200 may be provided by being incorporated in advance in a ROM or the like.

  The program executed by the electronic device 100 includes the above-described units (the first connection request reception unit 114, the connection permission reception unit 115, the connection information generation unit 117, the first response unit 118, and the second connection request reception unit 120. , An authentication processing unit 121, and a second response unit 122). As actual hardware, the CPU reads a program from a storage medium and executes the program so that the above-described units are placed on the main storage device. The first connection request reception unit 114, the connection permission reception unit 115, the connection information generation unit 117, the first response unit 118, the second connection request reception unit 120, the authentication processing unit 121, and the second response unit are loaded. 122 is generated on the main memory.

  The program executed by the information processing apparatus 200 has a module configuration including the above-described units (the operation receiving unit 210, the display control unit 211, the transmission control unit 213, and the reception control unit 215). As the CPU reads the program from the storage medium and executes it, the above-described units are loaded onto the main storage device, and the operation receiving unit 210, the display control unit 211, the transmission control unit 213, and the reception control unit 215 are included in the main storage device. It is supposed to be generated above.

DESCRIPTION OF SYMBOLS 1 Authentication system 100 Electronic device 110 Communication part 111 Screen generation part 112 Screen transmission control part 113 Operation display control part 114 1st connection request reception part 115 Connection permission reception part 116 Connection rejection reception part 117 Connection information generation part 118 1st Response unit 119 Storage unit 120 Second connection request reception unit 121 Authentication processing unit 122 Second response unit 200 Information processing device 210 Operation reception unit 211 Display control unit 212 Storage unit 213 Transmission control unit 214 Communication unit 215 Reception control unit

JP 2002-281195 A Japanese Patent No. 4625346 Japanese Patent No. 4965767

Claims (7)

A first connection request receiving unit that receives a first connection request from an information processing apparatus that operates an electronic device;
A connection permission receiving unit that receives an instruction to permit connection from the information processing apparatus in response to reception of the first connection request;
A connection information generating unit that generates connection information that can be used for connection from the information processing apparatus to the electronic device when an instruction to permit connection from the information processing apparatus is received;
A first response unit for responding to the first connection request with first connection permission information including the generated connection information;
A second connection request receiving unit that receives a second connection request using the connection information from the information processing apparatus;
An authentication processing unit that executes an authentication process based on the connection information used in the second connection request;
An authentication system comprising: a second response unit that responds to the second connection request with second connection permission information when authentication is successful by the authentication process. The first connection request accepting unit accepts the first connection request including login information,
The connection information generation unit calculates a hash value from a character string obtained by combining user identification information included in the login information and a secret key held in advance, and generates the connection information including the calculated hash value The authentication system according to claim 1, wherein: The second connection request accepting unit accepts the second connection request including the user identification information;
The connection information generation unit regenerates connection information including the hash value for each connection from the information processing apparatus to the electronic device after the second connection request is received,
3. The authentication system according to claim 2, wherein the authentication processing unit executes the authentication process for comparing the connection information used in the second connection request with the regenerated connection information. An identification information generating unit that generates identification information for identifying the information processing apparatus when an instruction to permit connection from the information processing apparatus is received;
The first response unit responds to the first connection permission information including the generated identification information,
The second connection request accepting unit accepts the second connection request including the identification information,
The authentication system according to claim 1, wherein the authentication processing unit executes the authentication process based on the identification information. Electronic equipment,
A first connection request accepting unit that accepts a first connection request from an information processing apparatus that operates the electronic device;
A connection permission receiving unit that receives an instruction to permit connection from the information processing apparatus in response to reception of the first connection request;
A connection information generating unit that generates connection information that can be used for connection from the information processing apparatus to the electronic device when an instruction to permit connection from the information processing apparatus is received;
A first response unit for responding to the first connection request with first connection permission information including the generated connection information;
A second connection request receiving unit that receives a second connection request using the connection information from the information processing apparatus;
An authentication processing unit that executes an authentication process based on the connection information used in the second connection request;
An electronic apparatus comprising: a second response unit that responds to the second connection request with second connection permission information when authentication is successful by the authentication process. Receiving a first connection request from an information processing apparatus operating the electronic device;
Accepting an instruction to permit connection from the information processing apparatus in response to accepting the first connection request;
When an instruction to permit connection from the information processing apparatus is received, generating connection information usable for connection to the electronic device from the information processing apparatus;
Responding to the first connection request with first connection permission information including the generated connection information;
Receiving a second connection request using the connection information from the information processing apparatus;
Executing an authentication process based on the connection information used in the second connection request;
Responding to the second connection request with second connection permission information when authentication is successful by the authentication process. Receiving a first connection request from an information processing apparatus operating the electronic device;
Accepting an instruction to permit connection from the information processing apparatus in response to accepting the first connection request;
When an instruction to permit connection from the information processing apparatus is received, generating connection information usable for connection to the electronic device from the information processing apparatus;
Responding to the first connection request with first connection permission information including the generated connection information;
Receiving a second connection request using the connection information from the information processing apparatus;
Executing an authentication process based on the connection information used in the second connection request;
An authentication program for causing a computer to execute a step of responding to the second connection request with second connection permission information when authentication is successful by the authentication process.

Images