JP4706646B2 - Data processing apparatus and data processing program - Google Patents

Description

  The present invention relates to a data processing apparatus that processes received data based on a valid input in one of a plurality of authentication means. The present invention also relates to a data processing program executed by the data processing apparatus.

Various types of data processing apparatuses of this type have been conventionally known (for example, JP 2005-149256 A, JP 2006-142503 A, JP 2006-171830 A, and JP 2006-252231 A). No., JP 2002-183093, etc.).
JP 2005-149256 A JP 2006-142503 A JP 2006-171830 A JP 2006-252231 A JP 2002-183093 A

  Japanese Patent Application Laid-Open No. 2005-149256 discloses at least one peripheral device function and a network communication function (connecting to a network and accepting the use of the peripheral device function from another terminal device via the network. And a network compatible peripheral device having a function to execute the function.

  The network compatible peripheral device is provided with a user authentication function for identifying a user. When the user authentication function performs user authentication using one of the authentication means provided in the network, if the user account to be authenticated does not exist in the authentication means, the other authentication means The user is authenticated by selecting. This makes it possible to use the peripheral device function even when a certain authentication means fails due to various circumstances such as a power failure or hardware failure.

  However, in this type of data processing apparatus, when the user can freely select the authentication means as in the background art described above, the security of the system is lowered against the intention of the user or the administrator. There was a possibility.

  For example, a specific user uses a high-security level authentication method such as IC card authentication or fingerprint authentication to protect important confidential data (such as confidential data or confidential data) that requires high security. Assume that processing is to be performed by a device. In such a case, if data processing becomes possible by password authentication with a lower security level in the peripheral device, information leakage occurs due to processing by a third party other than the specific user. There is a possibility that.

  The present invention improves usability without inadvertently lowering security in this type of data processing apparatus.

<Data processing device>
The data processing apparatus of the present invention is configured to process received data based on valid input in one of a plurality of authentication means.

  A feature of the present invention resides in that the data processing apparatus includes a security information acquisition unit and a selection unit. Here, the security information acquisition means is configured to acquire security information based on the data. The selection means is configured to select the valid authentication means from the plurality of authentication means based on the security information.

  In such a configuration, the security information acquisition unit acquires the security information based on the data. Based on this security information, the selection means selects an effective authentication means from among the plurality of authentication means (selected as effective depending on the state of the authentication means attached to the data processing apparatus). The authentication means may be one or more, and in some cases, there may be no authentication means selected as valid.) The data is then processed based on a valid input at one of the valid authentication means selected by the selection means.

  According to this configuration, the data is processed by a valid input in the authentication unit selected based on the data to be processed. Therefore, an inadvertent decrease in system security due to the use of low-security authentication means by the user can be effectively suppressed.

  Also, according to this configuration, if there are a plurality of selected authentication means, the data is processed by performing an effective authentication input using one of them. Therefore, the usability of the data processing device is improved.

  The security information acquisition unit may be configured to reference the substantial content of the data and acquire the security information based on the reference result. Here, the “substantial content” of the data refers to information that the user can visually recognize by the processing in the data processing apparatus. For example, “substantial content” may include text content (keyword, “confidential” stamp, etc.), file name, creator name, user name, IP (Internet Protocol) domain, path, and the like.

  In such a configuration, the security information acquisition means acquires the security information by referring to the substantial content of the data. Based on this security information, the selection means selects a valid authentication means. The data is then processed based on a valid input at one of the authentication means selected by the selection means.

  According to such a configuration, even when authentication information is not given to the received data in advance, security can be effectively maintained based on the substantial contents of the data.

  The data processing apparatus may further include security level storage means. The security level storage means is configured to store a security level setting state in each of the authentication means. In this case, the selection means is configured to select the valid authentication means based on the security information and the stored contents in the security level storage means.

  In such a configuration, the security information acquisition unit acquires the security information based on the data. Based on the security information and the contents stored in the security level storage means, the selection means selects a valid authentication means from the plurality of authentication means. The data is then processed based on a valid input at one of the authentication means selected by the selection means.

  The data processing apparatus may further include a minimum security level acquisition unit and a maximum security level acquisition unit. Here, the minimum security level acquisition means is configured to acquire the minimum security level based on the security information. Further, the highest security level acquisition means is configured to acquire the highest security level based on the stored contents in the security level storage means.

  In this case, the selection means is configured to validate the authentication means in which the security level corresponding to the lowest security level to the highest security level is set.

  In such a configuration, the security information acquisition unit acquires the security information based on the data. Based on this security information, the minimum security level acquisition means acquires the minimum security level.

  On the other hand, the highest security level acquisition means acquires the highest security level based on the stored contents in the security level storage means.

  Further, the selection means selects, as a valid one, a set of the security levels corresponding to the lowest security level to the highest security level from among the plurality of authentication means. The data is then processed based on a valid input at one of the authentication means selected by the selection means.

  According to this configuration, the data is processed by performing a valid authentication input using one of the authentication means in which the security level corresponding to the lowest security level to the highest security level is set. Is done. Therefore, the usability of the data processing device is improved.

  When the minimum security level is higher than the maximum security level, there is no effective one of the authentication means. In this case, the data is not processed. Therefore, it is possible to effectively suppress processing (output or the like) of highly confidential data easily. Therefore, an inadvertent decrease in system security can be effectively prevented.

  The data processing device may further comprise an authentication interface; This authentication interface is configured so that a plurality of authentication means can be mounted (detachable). Here, the “attachment” or “detachment” of the authentication means includes mechanical significance (formation / release of a mechanical connection state via a connector or the like), electrical significance (communication that can send and receive electrical signals). Not only circuit connection state creation / cancellation) but also software significance (authentication program installation / uninstallation) can be included.

  In this case, the highest security level acquisition unit may be configured to acquire the highest security level based on the stored contents and a mounting state of the authentication unit with respect to the authentication interface.

  According to such a configuration, the mounting state of the authentication unit with respect to the authentication interface can be changed according to a necessary security state. Thereby, the security state of the data processing apparatus can be appropriately set.

  The data processing device may further include storage content changing means. The stored content changing unit is configured to change the stored content in the security level storing unit.

  According to this configuration, the security state of the data processing apparatus can be appropriately set by appropriately changing the stored content in the security level storage unit according to the required security state.

  The stored content changing unit may be configured to change the stored content of the security level storing unit according to a mounting state of the authentication unit.

  In such a configuration, the authentication means is attached and / or detached according to the required security state. Then, in this case, the stored content of the security level storage means is changed by the stored content changing means.

  For example, the security level of the newly installed authentication unit is usually unknown. Therefore, the authentication means can be set to the lowest security level that minimizes the frequency of being effective. Alternatively, when it is assumed that the newly installed authentication means has the highest security level, the authentication means can be set to the highest security level.

  According to this configuration, the stored content of the security level storage unit is changed according to the wearing state of the authentication unit. Therefore, the security state of the data processing apparatus can be set appropriately.

  The stored content changing unit may be configured to change the stored content of the security level storing unit based on information unique to the authenticating unit when the authenticating unit is attached.

  For example, the security level for the authentication means may be standardized. In this case, the standardized correspondence between the authentication unit and the security level can be the stored content of the security level storage unit. Then, when the authentication unit of a specific type is first attached to the data processing device, the stored content of the security level storage unit is changed based on the security level as unique information of the authentication unit. The

  According to this configuration, the stored content of the security level storage unit is changed according to the unique information of the authentication unit. Therefore, the security state of the data processing apparatus can be set appropriately.

  The stored content changing unit may be configured to change a correspondence relationship between the authentication unit and the security level that is stored in the security level storing unit.

  In such a configuration, the correspondence relationship between the authentication unit and the security level, which is stored in the security level storage unit, is changed by the stored content changing unit.

  For example, although the newly installed authentication means has the highest security level, the security level may be set to the lowest level when the authentication means is first attached (this The reverse is also possible). In such a case, the security state of the data processing apparatus can be appropriately set by changing the correspondence between the authentication unit and the security level to a desirable one.

<Data processing program>
The data processing program of the present invention is executed by a data processing device in order to process received data based on a valid input in one of a plurality of authentication means. This data processing program realizes a predetermined function in the data processing device.

  The data processing program can be recorded on a recording medium that can be read by the data processing apparatus. That is, the present invention is also intended for the recording medium on which the data processing program is recorded.

  The data processing program of the present invention is characterized in that it implements a security information acquisition function and a selection function in the data processing apparatus. Here, the security information acquisition function is a function for acquiring security information based on the data. The selection function is a function for selecting the valid authentication means from the plurality of authentication means based on the security information.

  In this configuration, the security information is acquired based on the data by the security information acquisition function. Based on this security information, the valid authentication means is selected from the plurality of authentication means by the selection means (selecting as valid depending on the state of the authentication means attached to the data processing device). One or more authentication means may be used, and in some cases, there may be no authentication means selected as valid.) The data is then processed based on a valid input at the selected valid authentication means (one of them).

  According to this configuration, the data is processed by a valid input in the authentication unit selected based on the data to be processed. Therefore, an inadvertent decrease in system security due to the use of low-security authentication means by the user can be effectively suppressed.

  Also, according to this configuration, if there are a plurality of selected authentication means, the data is processed by performing an effective authentication input using one of them. Therefore, the usability of the data processing device is improved.

  The security information acquisition function may have a function of referring to substantial contents of the data and acquiring the security information based on the reference result. Here, the “substantial content” of the data refers to information that can be visually recognized by a user through processing in the data processing device. For example, “substantial content” may include text content (keywords, “confidential” stamps, etc.), file name, creator name, user name, IP domain, path, and the like.

  In this configuration, the actual content of the data is referred to by the security information acquisition function, and the security information is acquired based on the reference result. Based on this security information, the valid authentication means is selected by the selection function. The data is then processed based on a valid input at one of the selected authentication means.

  According to such a configuration, even when authentication information is not given to the received data in advance, security can be effectively maintained based on the substantial contents of the data.

  The selection function may be a function for selecting a valid authentication means based on the storage contents in the security level storage means for storing the setting state of the security level in each of the authentication means and the security information. .

  In this configuration, the security information is acquired based on the data by the security information acquisition function. Based on the security information and the contents stored in the security level storage means, the selection function selects the valid authentication means from among the plurality of authentication means. The data is then processed based on a valid input at one of the selected authentication means.

  The data processing program may further realize a minimum security level acquisition function and a maximum security level acquisition function in the data processing apparatus. Here, the minimum security level acquisition function is a function for acquiring the minimum security level based on the security information. The highest security level acquisition function is an ability to acquire the highest security level based on the stored contents in the security level storage means.

  In this case, the selection function has a function of validating the authentication means in which the security level corresponding to the lowest security level to the highest security level is set.

  In this configuration, the security information is acquired based on the data by the security information acquisition function. Based on this security information, the minimum security level is acquired by the minimum security level acquisition function.

  On the other hand, the highest security level is acquired by the highest security level acquisition means based on the contents stored in the security level storage means.

  Further, the selection function selects, from among a plurality of the authentication means, ones set with the security level corresponding to the lowest security level to the highest security level as effective. The data is then processed based on a valid input at one of the selected authentication means.

  According to this configuration, the data is processed by performing a valid authentication input using one of the authentication means in which the security level corresponding to the lowest security level to the highest security level is set. Is done. Therefore, the usability of the data processing device is improved.

  When the minimum security level is higher than the maximum security level, there is no effective one of the authentication means. In this case, the data is not processed. Therefore, it is possible to effectively suppress processing (output or the like) of highly confidential data easily. Therefore, an inadvertent decrease in system security can be effectively prevented.

  The maximum security level acquisition function may have a function of acquiring the maximum security level based on the stored content and a mounting state of the authentication unit with respect to an authentication interface capable of mounting a plurality of authentication units.

  Here, the “attachment” or “detachment” of the authentication means includes mechanical significance (formation / release of a mechanical connection state via a connector or the like), electrical significance (communication that can send and receive electrical signals). Not only circuit connection state creation / cancellation) but also software significance (authentication program installation / uninstallation) can be included.

  According to such a configuration, the mounting state of the authentication unit with respect to the authentication interface can be changed according to a necessary security state. Thereby, the security state of the data processing apparatus can be appropriately set.

  The data processing program may further realize a storage content changing function in the data processing device. Here, the stored content changing function is a function for changing the stored content in the security level storage means.

  According to such a configuration, the security state of the data processing apparatus can be appropriately set by appropriately changing the stored content in the security level storage unit according to the required security state.

  The stored content change function may have a function of changing the stored content of the security level storage unit in accordance with a mounting state of the authentication unit.

  In such a configuration, the authentication means is attached and / or detached according to the required security state. Then, in this case, the stored content of the security level storage means is changed by the stored content change function.

  For example, the security level of the newly installed authentication unit is usually unknown. Therefore, the authentication means can be set to the lowest security level that minimizes the frequency of being effective. Alternatively, when it is assumed that the newly installed authentication means has the highest security level, the authentication means can be set to the highest security level.

  According to this configuration, the stored content of the security level storage unit is changed according to the wearing state of the authentication unit. Therefore, the security state of the data processing apparatus can be set appropriately.

  The stored content changing function may have a function of changing the stored content of the security level storage unit based on information unique to the authentication unit when the authentication unit is mounted.

  For example, the security level for the authentication means may be standardized. In this case, the standardized correspondence between the authentication unit and the security level can be the stored content of the security level storage unit. When the authentication unit of a specific type is first attached to the data processing device, the stored content of the security level storage unit is changed based on the security level as unique information of the authentication unit. The

  According to this configuration, the stored content of the security level storage unit is changed according to the unique information of the authentication unit. Therefore, the security state of the data processing device can be set appropriately.

  The stored content changing function may have a function of changing a correspondence relationship between the authentication unit and the security level that has been stored in the security level storage unit.

  In such a configuration, the correspondence relationship between the authentication unit and the security level, which has been stored in the security level storage unit, is changed by the stored content change function.

  For example, although the newly installed authentication means has the highest security level, the security level may be set to the lowest level when the authentication means is first attached (this The reverse is also possible). In such a case, the security state of the data processing apparatus can be appropriately set by changing the correspondence between the authentication unit and the security level to a desirable one.

<Data processing system>
The data processing system of the present invention includes a data output device, a data processing device, and authentication means.

  The data output device is configured to output data to be processed by the data processing device to the data processing device. As this data output device, for example, a host computer, a user terminal, or the like may be applicable.

  The data processing device is configured to be capable of mounting a plurality of the authentication means (detachable). The data processing device is configured to process the data received from the data output device based on a valid input in one of the plurality of authentication means.

  A feature of the present invention resides in that the data processing apparatus includes a security information acquisition unit and a selection unit. Here, the security information acquisition means is configured to acquire security information based on the data. The selection means is configured to select the valid authentication means from the plurality of authentication means based on the security information.

  In such a configuration, the data output device outputs data to be processed by the data processing device to the data processing device. The data processing device receives the data output from the data output device.

  Based on the data received by the data processing device, the security information is acquired by the security information acquisition means in the data processing device. The validating means is selected from a plurality of the authenticating means based on the security information acquired by the selecting means in the data processing apparatus (of the authenticating means for the data processing apparatus). Depending on the wearing state, one or more authentication means may be selected as valid, and in some cases, there may be no authentication means selected as valid. The data processing apparatus processes the data based on a valid input in the valid authentication means (one of them) selected by the selection means.

  According to this configuration, the data is processed by a valid input in the authentication unit selected based on the data to be processed. Therefore, an inadvertent decrease in system security due to the use of low-security authentication means by the user can be effectively suppressed.

  Also, according to this configuration, if there are a plurality of selected authentication means, the data is processed by performing an effective authentication input using one of them. Therefore, the usability of the data processing device is improved.

  The security information acquisition unit may be configured to reference the substantial content of the data and acquire the security information based on the reference result. Here, the “substantial content” of the data refers to information that can be visually recognized by a user through processing in the data processing device. For example, the “substantial content” may include text content (such as a keyword or “confidential” stamp), a file name, a path, and the like.

  In this configuration, the data output device outputs the data to the data processing device. The security information acquisition unit in the data processing apparatus refers to the substantial content of the data received by the data processing apparatus. Based on this reference result, the security information is acquired. Based on this security information, the selection means in the data processing device selects the valid authentication means. The data processing apparatus processes the data based on a valid input in one of the authentication means selected by the selection means.

  According to such a configuration, even when authentication information is not given to the received data in advance, security can be effectively maintained based on the substantial contents of the data.

  The data processing system may further include security level storage means. The security level storage means is configured to store a security level setting state in each of the authentication means. In this case, the selection means is configured to select the valid authentication means based on the security information and the stored contents in the security level storage means.

  The security level storage means may be provided in the data output device or the data processing device. Alternatively, the security level storage means may be attached (detachable) to the data output device or the data processing device.

  In this configuration, the data output device outputs the data to the data processing device. The security information acquisition means in the data processing device acquires the security information based on the data received by the data processing device. Based on the security information and the contents stored in the security level storage means, the selection means in the data processing apparatus selects the valid authentication means from among the plurality of authentication means. The data processing apparatus processes the data based on a valid input in one of the authentication means selected by the selection means.

  The data processing apparatus may further include a minimum security level acquisition unit and a maximum security level acquisition unit. Here, the minimum security level acquisition means is configured to acquire the minimum security level based on the security information. Further, the highest security level acquisition means is configured to acquire the highest security level based on the stored contents in the security level storage means.

  In this case, the selection means is configured to validate the authentication means in which the security level corresponding to the lowest security level to the highest security level is set.

  In this configuration, the data output device outputs the data to the data processing device. The security information acquisition means in the data processing device acquires the security information based on the data received by the data processing device. Based on this security information, the minimum security level acquisition means in the data processing apparatus acquires the minimum security level.

  On the other hand, the highest security level acquisition means in the data processing device acquires the highest security level based on the stored contents in the security level storage means.

  Furthermore, the selection means in the data processing apparatus selects, as a valid one, a set of the security levels corresponding to the lowest security level to the highest security level from among the plurality of authentication means. The data processing apparatus processes the data based on a valid input in one of the authentication means selected by the selection means.

  According to this configuration, the data is processed by performing a valid authentication input using one of the authentication means in which the security level corresponding to the lowest security level to the highest security level is set. Is done. Therefore, the usability of the data processing device is improved.

  When the minimum security level is higher than the maximum security level, there is no effective one of the authentication means. In this case, the data is not processed. Therefore, it is possible to effectively suppress processing (output or the like) of highly confidential data easily. Therefore, an inadvertent decrease in system security can be effectively prevented.

  The data processing device may further comprise an authentication interface; This authentication interface is configured so that a plurality of authentication means can be attached. In this case, the highest security level acquisition unit is configured to acquire the highest security level based on the stored contents and the mounting state of the authentication unit with respect to the authentication interface.

  Here, the “attachment” or “detachment” of the authentication means includes mechanical significance (formation / release of a mechanical connection state via a connector or the like), electrical significance (communication that can send and receive electrical signals). Not only circuit connection state creation / cancellation) but also software significance (authentication program installation / uninstallation) can be included.

  According to such a configuration, the mounting state of the authentication unit with respect to the authentication interface can be changed according to a necessary security state. Thereby, the security state of the data processing system can be appropriately set.

  The data processing system may further include storage content changing means. The stored content changing unit is configured to change the stored content in the security level storing unit. This stored content changing means may be provided in the data output device or the data processing device.

  According to such a configuration, the security state of the data processing system can be appropriately set by appropriately changing the stored content in the security level storage unit according to the required security state.

  The data processing system may be configured to change the stored contents of the security level storage unit according to the mounting state of the authentication unit.

  In such a configuration, the authentication means is attached and / or detached according to the required security state. Then, in this case, the stored content of the security level storage means is changed by the stored content changing means.

  For example, the security level of the newly installed authentication unit is usually unknown. Therefore, the authentication means can be set to the lowest security level that minimizes the frequency of being effective. Alternatively, when it is assumed that the newly installed authentication means has the highest security level, the authentication means can be set to the highest security level.

  According to this configuration, the stored content of the security level storage unit is changed according to the wearing state of the authentication unit. Therefore, the security state of the data processing system can be set appropriately.

  The data processing system may be configured to change the stored content of the security level storage unit based on information unique to the authentication unit when the authentication unit is attached.

  For example, the security level for the authentication means may be standardized. In this case, the standardized correspondence between the authentication unit and the security level can be the stored content of the security level storage unit. Then, when the authentication unit of a specific type is first attached to the data processing device, the stored content of the security level storage unit is changed based on the security level as unique information of the authentication unit. The

  According to this configuration, the stored content of the security level storage unit is changed according to the unique information of the authentication unit. Therefore, the security state of the data processing system can be set appropriately.

  The data processing system may be configured to change a correspondence relationship between the authentication unit and the security level that is stored in the security level storage unit.

  In such a configuration, the correspondence relationship between the authentication unit and the security level, which is stored in the security level storage unit, is changed by the stored content changing unit.

  For example, although the newly installed authentication means has the highest security level, the security level may be set to the lowest level when the authentication means is first attached (this The reverse is also possible). In such a case, the security state of the data processing system can be appropriately set by changing the correspondence between the authentication unit and the security level to a desirable one.

<Image forming system>
The image forming system of the present invention includes a print data output device, an image forming device, and an authentication unit.

  The print data output device is configured to output data (print job data) to be subjected to image formation processing by the image forming device toward the image forming device. As this print data output device, for example, a host computer, a user terminal, or the like may be applicable.

  The image forming apparatus is configured such that a plurality of the authentication means can be attached (detachable). In addition, when the data received from the print data output apparatus is a so-called secure print job, the image forming apparatus performs the secure print job based on a valid input in one of the plurality of authentication units. An image forming process is performed.

  Here, the “secure print job” refers to data that requires personal authentication by the authentication unit attached to the image forming apparatus during image forming processing. Further, when a valid personal authentication input is made, image forming processing of a secure print job held in the image forming apparatus is called “secure printing”.

  That is, “secure print job” is print job data for secure printing. The “secure print job” is data that requires personal authentication by the authentication unit attached to the image forming apparatus during the image forming process.

  Whether the data received by the image forming apparatus is a “secure print job” can be determined by the print data output apparatus or the image forming apparatus by any method.

  For example, print data to which authentication information (security information) has been assigned in advance can be output from the print data output device as a “secure print job”.

  Alternatively, for example, print data to which authentication information (security information) is not given in advance is output from the print data output device. Then, the image forming apparatus on the receiving side can acquire “secure print job” based on the substantial content of the print data.

  A feature of the present invention resides in that the image forming apparatus includes a security information acquisition unit and a selection unit. Here, the security information acquisition means is configured to acquire security information based on the data. The selection means is configured to select the valid authentication means from the plurality of authentication means based on the security information.

  In such a configuration, the print data output apparatus outputs data to be subjected to image formation processing by the image forming apparatus to the image forming apparatus. The image forming apparatus receives the data output from the print data output apparatus.

  When the data received by the image forming apparatus is a “secure print job”, the security information is acquired by the security information acquisition unit in the image forming apparatus based on the data. In addition, based on the security information acquired by the selection unit in the image forming apparatus, the valid authentication unit is selected from the plurality of authentication units (of the authentication unit for the image forming apparatus). Depending on the wearing state, one or more authentication means may be selected as valid, and in some cases, there may be no authentication means selected as valid. Then, based on the valid input in the valid authentication means (one of them) selected by the selection means, the data is subjected to image forming processing (secure printing) by the image forming apparatus.

  According to this configuration, the valid authentication unit is selected based on the data to be subjected to image formation processing. Then, secure printing is performed by a valid input in the selected authentication means. Therefore, an inadvertent decrease in the security of the image forming system due to the use of a low-security authentication unit by the user can be effectively suppressed.

  Further, according to this configuration, if there are a plurality of selected authentication means, secure printing is performed by performing effective authentication input using one of them. Therefore, the usability of the image forming system is improved.

  The security information acquisition unit may be configured to reference the substantial content of the data and acquire the security information based on the reference result. Here, the “substantial content” of the data refers to information that can be visually recognized by the user by image forming processing in the image forming apparatus. For example, the “substantial content” may include text content (such as a keyword or “confidential” stamp), a file name, a path, and the like.

  In such a configuration, the print data output device outputs the data to the image forming apparatus. The security information acquisition unit in the image forming apparatus refers to the substantial content of the data received by the image forming apparatus. Based on this reference result, the security information is acquired. Based on the security information, the selection unit in the image forming apparatus selects the valid authentication unit. Then, based on a valid input in one of the authentication means selected by the selection means, the data is subjected to image forming processing in the image forming apparatus.

  According to such a configuration, even when authentication information is not given to the received data in advance, security can be effectively maintained based on the substantial contents of the data.

  The image forming system may further include a security level storage unit. The security level storage means is configured to store a security level setting state in each of the authentication means. In this case, the selection means is configured to select the valid authentication means based on the security information and the stored contents in the security level storage means.

  The security level storage means may be provided in the print data output apparatus or the image forming apparatus. Alternatively, the security level storage means may be attached (detachable) to the print data output apparatus or the image forming apparatus.

  In such a configuration, the print data output device outputs the data to the image forming apparatus. The security information acquisition unit in the image forming apparatus acquires the security information based on the data received by the image forming apparatus. Based on the security information and the contents stored in the security level storage unit, the selection unit in the image forming apparatus selects the valid authentication unit from the plurality of authentication units. Then, based on a valid input in one of the authentication means selected by the selection means, the data is subjected to image forming processing in the image forming apparatus.

  The image forming apparatus may further include a minimum security level acquisition unit and a maximum security level acquisition unit. Here, the minimum security level acquisition means is configured to acquire the minimum security level based on the security information. Further, the highest security level acquisition means is configured to acquire the highest security level based on the stored contents in the security level storage means.

  In this case, the selection means is configured to validate the authentication means in which the security level corresponding to the lowest security level to the highest security level is set.

  In such a configuration, the print data output device outputs the data to the image forming apparatus. The security information acquisition unit in the image forming apparatus acquires the security information based on the data received by the image forming apparatus. Based on the security information, the minimum security level acquisition unit in the image forming apparatus acquires the minimum security level.

  On the other hand, the highest security level acquisition unit in the image forming apparatus acquires the highest security level based on the stored contents in the security level storage unit.

  Further, the selection unit in the image forming apparatus selects, as a valid one, a set of the security levels corresponding to the lowest security level to the highest security level from among the plurality of authentication units. Then, based on a valid input in one of the authentication means selected by the selection means, the data is subjected to image forming processing in the image forming apparatus.

  According to this configuration, the data is imaged by performing a valid authentication input using one of the authentication means in which the security level corresponding to the lowest security level to the highest security level is set. Formed. Therefore, the usability of the image forming system is improved.

  When the minimum security level is higher than the maximum security level, there is no effective one of the authentication means. In this case, the data is not subjected to image formation processing. Therefore, it is possible to effectively suppress data with high confidentiality from being easily subjected to image formation processing (output). Therefore, an inadvertent decrease in security of the image forming system can be effectively prevented.

  The image forming apparatus may further include an authentication interface. This authentication interface is configured so that a plurality of authentication means can be attached. In this case, the highest security level acquisition unit is configured to acquire the highest security level based on the stored contents and the mounting state of the authentication unit with respect to the authentication interface.

  Here, the “attachment” or “detachment” of the authentication means includes mechanical significance (formation / release of a mechanical connection state via a connector or the like), electrical significance (communication that can send and receive electrical signals). Not only circuit connection state creation / cancellation) but also software significance (authentication program installation / uninstallation) can be included.

  According to such a configuration, the mounting state of the authentication unit with respect to the authentication interface can be changed according to a necessary security state. Thereby, the security state of the image forming system can be appropriately set.

  The image forming system may further include a storage content changing unit. The stored content changing unit is configured to change the stored content in the security level storing unit. This stored content changing means may be provided in the print data output device or the image forming apparatus.

  According to this configuration, the security state of the image forming system can be appropriately set by appropriately changing the stored contents in the security level storage unit according to the required security state.

  The image forming system may be configured to change the stored content of the security level storage unit in accordance with a mounting state of the authentication unit.

  In such a configuration, the authentication means is attached and / or detached according to the required security state. Then, in this case, the stored content of the security level storage means is changed by the stored content changing means.

  For example, the security level of the newly installed authentication unit is usually unknown. Therefore, the authentication means can be set to the lowest security level that minimizes the frequency of being effective. Alternatively, when it is assumed that the newly installed authentication means has the highest security level, the authentication means can be set to the highest security level.

  According to this configuration, the stored content of the security level storage unit is changed according to the wearing state of the authentication unit. Therefore, the security state of the image forming system can be set appropriately.

  The image forming system may be configured to change the stored content of the security level storage unit based on information unique to the authentication unit when the authentication unit is attached.

  For example, the security level for the authentication means may be standardized. In this case, the standardized correspondence between the authentication unit and the security level can be the stored content of the security level storage unit. Then, when the authentication unit of a specific type is first attached to the data processing device, the stored content of the security level storage unit is changed based on the security level as unique information of the authentication unit. The

  According to this configuration, the stored content of the security level storage unit is changed according to the unique information of the authentication unit. Therefore, the security state of the image forming system can be set appropriately.

  The image forming system may be configured to change a correspondence relationship between the authentication unit and the security level that is stored in the security level storage unit.

  In such a configuration, the correspondence relationship between the authentication unit and the security level, which is stored in the security level storage unit, is changed by the stored content changing unit.

  For example, although the newly installed authentication means has the highest security level, the security level may be set to the lowest level when the authentication means is first attached (this The reverse is also possible). In such a case, the security state of the image forming system can be appropriately set by changing the correspondence between the authentication unit and the security level to a desirable one.

  Hereinafter, embodiments of the present invention (embodiments that the applicant considers best at the time of filing of the present application) will be described with reference to the drawings.

<Overall configuration of image forming system>
FIG. 1 is a block diagram showing the overall configuration of an image forming system 1 as an embodiment of a data processing system of the present invention.

  Referring to FIG. 1, the image forming system 1 includes a print data output device 2, an image forming device 3, and an authentication unit 4. In the image forming system 1, a plurality of print data output devices 2 are connected to the image forming device 3 via a communication line 5.

  The print data output device 2 as the data output device of the present invention is configured to output data (print job data) to be subjected to image formation processing by the image forming device 3 toward the image forming device 3. The print data output device 2 may be, for example, a host computer, a personal computer for a user terminal, or the like.

  The image forming apparatus 3 as the data processing apparatus of the present invention is configured so that a plurality of authentication means 4 can be detachably mounted. In addition, when the data received from the print data output device 2 is a so-called secure print job, the image forming apparatus 3 executes the secure print job based on a valid input in one of the plurality of authentication units 4. An image forming process is performed.

  Here, “secure print job” refers to print job data for secure printing. “Secure print” refers to printing that requests input of predetermined authentication input information at the start of printing (image formation). That is, the “secure print job” is data that requires personal authentication by the authentication unit 4 attached to the image forming apparatus 3 during the image forming process.

<Print data output device>
The print data output device 2 includes a CPU 21, a RAM 22, a hard disk drive (HDD) 23, a display unit 24, an operation unit 25, and a communication interface 26. These are connected to each other via a bus.

  The CPU 21 is a microprocessor, and executes programs (routines) for various operations in the print data output apparatus 2.

  The RAM 22 is a readable / writable storage medium that can hold information only while the power is on. The RAM 22 can temporarily store data as necessary when the CPU 21 executes the program.

  The HDD 23 is a readable / writable storage medium configured to continue to hold information even while the power is off. The HDD 23 stores the above-described program, a table referred to when the program is executed, various data, and the like.

  The HDD 23 stores a driver D that is executed on the image forming apparatus 3 side. The driver D includes a predetermined program (data processing program of the present invention) for personal authentication performed on the image forming apparatus 3 and the authentication unit 4 side.

  The display unit 24 includes a display device (not shown). In response to an instruction from the CPU 21, the display unit 24 displays a message for notifying the user of information, an input field for allowing the user to input information, and the like on the display device.

  The operation unit 25 includes a keyboard and a mouse (not shown). The operation unit 25 is configured to send input information corresponding to each operation to the CPU 21 by operating a keyboard key or mouse according to the image displayed on the display unit 24.

  The print data output device 2 is connected to the communication line 5 via the communication interface 26.

<Image forming apparatus>
The image forming apparatus 3 includes a communication interface 31, a CPU 32, a ROM 33, a RAM 34, a display panel 35, an operation panel 36, an image forming unit 37, a flash memory 38, and a connection interface 39. . These are connected to each other via a bus.

  The image forming apparatus 3 is connected to the communication line 5 via the communication interface 31. In other words, the image forming apparatus 3 transmits information to the print data output apparatus 2 and receives information from the print data output apparatus 2 via the communication interface 31.

  The CPU 32 as a security information acquisition means, selection means, minimum security level acquisition means, maximum security level acquisition means, and stored content change means of the present invention is a microprocessor. The CPU 32 reads out a predetermined program from the ROM 33 and executes it to send various instruction information to each component of the image forming apparatus 3 and the authentication unit 4.

  In particular, the CPU 32 as the security information acquisition means of the present invention refers to the actual contents of the print job data received from the print data output apparatus 2 and temporarily stored in the RAM 34, and based on the reference result. The security information of the print job data is acquired.

  Here, the “substantial content” of the print job data is a keyword in the text and the file name in the present embodiment. That is, in the present image forming system 1, when a specific keyword is included in the print job data, the CPU 32 determines that the data is a “secure print job” and acquires the security level of the data by the CPU 32. It is configured to be.

  The RAM 34 can temporarily store data as needed when the CPU 32 executes the program.

  The display panel 35 is a liquid crystal panel. In response to an instruction from the CPU 32, the display panel 35 displays a message for notifying the user of information, an input field for allowing the user to input information, and the like.

  The operation panel 36 includes a plurality of buttons (not shown). When the above-described button on the operation panel 36 is pressed, information corresponding to the button is input. Information corresponding to each button is set in association with the display by the display panel 35.

  The image forming unit 37 is configured to execute an image forming process for forming an image on a sheet in accordance with an instruction from the CPU 32.

  The flash memory 38 constituting the security level storage means of the present invention is a readable / writable nonvolatile storage medium. That is, the flash memory 38 is configured to hold (store) and rewrite information while the power is on, and to maintain the information holding state immediately before the power is shut off while the power is off. Has been. The flash memory 38 stores a program executed by the CPU 32, a table referred to when the program is executed, and the like.

  That is, in the flash memory 38, the above-described driver D, table 1 (see FIG. 2A) for associating the keyword with the security level, and table 2 (see FIG. 2B) indicating the security level setting state in each of the authentication means 4 are stored. It is remembered.

  As shown in FIG. 2A, in the present embodiment, keywords such as “top secret” and “secret” are associated with the highest security level “4”. The second highest security level “3” is associated with keywords such as “confidential” and “personal information”. A keyword such as “internal material” is associated with the security level “2”. A keyword such as “personal” is associated with the lowest security level “1”.

  In the present embodiment, table 1 is created and edited on the image forming apparatus 3 side based on the operation of the administrator using the display panel 35 and the operation panel 36.

  Further, as shown in FIG. 2B, in the present embodiment, the lowest security level “1” is associated with the password authentication means that is the first authentication means. The security level “2” is associated with a magnetic card authentication unit that is a second authentication unit. The security level “3” is associated with the IC card authenticating means as the third authenticating means. The highest security level “4” is associated with a fingerprint authentication means which is a fourth authentication means.

  The image forming apparatus 3 according to the present embodiment is configured such that the contents of the table 2 are changed by the CPU 32 in accordance with the current attachment / detachment state of the authentication unit 4.

  The connection interface 39 is an interface for communicably connecting to an external device including the authentication unit 4. In the present embodiment, the connection interface 39 is a universal serial bus interface (USB interface).

  The connection interface 39 as an authentication interface of the present invention is configured such that a plurality of authentication means 4 can be attached and detached.

<Authentication means>
The authentication unit 4 is configured to be detachable from the image forming apparatus 3 via the connection interface 39.

  The authentication unit 4 includes an authentication input unit 41, a storage unit 42, a processing unit 43, and a connection interface 44.

  The authentication input unit 41 is configured so that predetermined authentication input information (password, fingerprint, iris pattern, etc.) can be input.

  The storage unit 42 includes a flash memory. The storage unit 42 stores authentication identification information (such as a user ID) and authentication input information in a state of being associated with each other. The storage unit 42 stores unique information (such as the type of authentication method and device ID) of the authentication unit 4.

  The processing unit 43 compares the authentication input information from the authentication input unit 41 with the authentication input information stored in the storage unit 42 and the authentication identification information corresponding to the authentication input information. It is configured to determine whether or not to allow a predetermined process in the forming apparatus 3. Further, the processing unit 43 stores data based on a predetermined operation on the print data output device 2 (operation unit 25) or the image forming apparatus 3 (operation panel 36) by an administrator, that is, a user having specific authentication identification information. The contents stored in the unit 42 can be added and changed.

  The connection interface 44 is configured to transmit the determination result by the processing unit 43 and the unique information of the authentication unit 4 to the image forming apparatus 3 via the connection interface 39. The connection interface 44 is configured to receive instruction information from the print data output apparatus 2 or the image forming apparatus 3 and information related to addition and change of storage contents in the storage unit 42 and pass the information to the processing unit 43. .

  As the authentication means 4 in the present embodiment, various authentication methods such as fingerprint authentication means, iris pattern authentication means, retinal pattern authentication means, vein pattern authentication means, IC card authentication means, magnetic card authentication means, password authentication means, etc. Can be used.

  Here, when a password authentication unit is used as the authentication unit 4, the authentication unit 4 is built in the image forming apparatus 3. In this case, the authentication input unit 41 corresponds to the operation panel 36 and / or the display panel 35, the storage unit 42 corresponds to the flash memory 38, and the processing unit 43 corresponds to the CPU 32 (in FIG. The case is also illustrated in the form of connection with the connection interface 39 for the sake of simplicity.) The “removal” of the authentication means 4 in this case corresponds to installation / uninstallation of the password authentication program to / from the flash memory 38 or resident / resident release of the password authentication program in the processing of the CPU 32.

<Outline of operation of this embodiment>
FIG. 3 is a schematic diagram for explaining the outline of the operation in the image forming system 1 of the present embodiment. Specifically, FIG. 3 is a diagram in which table 1 shown in FIG. 2A and table 2 shown in FIG. 2B are aligned side by side (in FIG. 3, “security level” is “SL”). Abbreviated.). In the following description of the operation, the reference numerals shown in FIG.

  In the present embodiment, print job data to which authentication information (security information) has not been assigned in advance is output from the print data output device 2. Then, the image forming apparatus 3 on the receiving side acquires “secure print job” based on the substantial contents of the print job data.

  Specifically, the CPU 32 of the image forming apparatus 3 performs a keyword search for print job data, thereby acquiring the minimum security level. For example, as shown in FIG. 3, when the keyword “internal material” is extracted from the current print job data and a keyword with a higher security level is not extracted, the minimum security level is “2”. (See arrow in the figure).

  In the present embodiment, the highest security level is acquired based on the contents of table2. For example, as shown in FIG. 3, when the highest security level in table 2 is “4”, the highest security level is “4”.

  Then, of the authentication means 4 set with security levels corresponding to the lowest security level to the highest security level acquired in this way, the currently installed authentication means 4 is selected by the CPU 32 as being effective. Is done.

  For example, in the above-described example, the authentication means 4 (magnetic card, IC card, fingerprint authentication) having a security level of 2 to 4 is selected as valid (see the O mark in the “Select” column in FIG. 3).

<Details of operation of this embodiment>
4A and 4B are flowcharts for explaining details of the operation of the image forming system 1 of the present embodiment. Hereinafter, the operation will be described in detail with reference to FIGS. 1, 2A, and 2B and the flowcharts of FIGS. 4A and 4B. In the following description of the flowchart, “step” is abbreviated as “S”.

  A predetermined operation for printing (image formation) is performed by the operation unit 25 of the print data output apparatus 2. Then, the print job data stored in the RAM 22 of the print data output apparatus 2 and the print instruction information are transmitted to the image forming apparatus 3 via the communication line 5. This print job data is temporarily stored in the RAM 34 of the image forming apparatus 3.

  Based on the print instruction information from the image forming apparatus 3, the CPU 32 of the image forming apparatus 3 starts the print routine 400 shown in FIGS. 4A and 4B. This print routine 400 implements functions provided in the driver D.

  When the print routine 400 is started, first, security information (SecureLevel_doc) of the print job data is acquired based on the current print job data in S401. The processing in S401 corresponds to the security information acquisition function of the present invention.

  In the present embodiment, the acquisition of SecureLevel_doc is performed based on the actual contents of the current print job data. That is, the CPU 32 performs a keyword search for print job data stored in the RAM 34. Then, SecureLevel_doc is acquired based on the search result and table1 shown in FIG. 2A. When a plurality of types of SecureLevel_doc are acquired, the highest one (the one with the largest numerical value) is set as SecureLevel_doc.

  For example, when the keyword “internal material” is extracted from the current print job data, and a keyword with a higher security level is not extracted, SecureLevel_doc is “2”.

  Next, in S402, it is determined whether or not the value of SecureLevel_doc is other than zero. If the value of SecureLevel_doc is 0 (S402 = No), the current print job data is not secure job data, so normal printing (normal image forming processing) is performed in S403, and this routine is terminated in S404. Is done.

  If the value of SecureLevel_doc is other than 0 (S402 = Yes), since the current print job data is secure job data, the process proceeds to S405 and subsequent steps.

  In S405, the minimum security level (SecureLevel_Min) is acquired based on the SecureLevel_doc acquired in S401. In the example of FIG. 3, SecureLevel_Min is “2” (see the arrow in FIG. 3). The process of S405 corresponds to the minimum security level acquisition function of the present invention.

  Next, in S406, the highest security level (SecureLevel_Max) is acquired based on table2. In the example of FIGS. 2B and 3, SecureLevel_Max is “4”. The process of S406 corresponds to the highest security level acquisition function of the present invention.

  Subsequently, in S407, it is determined whether or not SecureLevel_Max is greater than or equal to SecureLevel_Min. If SecureLevel_Max is greater than or equal to SecureLevel_Min (S407 = Yes), the appropriate authentication means 4 is attached, and the process proceeds to (C).

  If SecureLevel_Max is not equal to or higher than SecureLevel_Min (S407 = No), it means that the security level authentication means 4 corresponding to the current secure job data is not attached.

  In this case, in S408, an authentication device attachment error is displayed and a display prompting the user to attach the appropriate authentication means 4 is performed. Then, until a predetermined time elapses, a new authentication unit 4 is awaited to be mounted (S409, S410).

  When the authentication unit 4 is newly attached and table2 is rewritten (S410 = Yes), the process returns to S406. Such a series of processes corresponds to the stored content changing function of the present invention. On the other hand, if timed out (S409 = Yes), the process proceeds to (B).

  When the appropriate authentication means 4 is attached (S407 = Yes → (C)), some input in the authentication means 4 is waited until a predetermined time has elapsed (S411, S412). If time-out occurs (S412 = Yes), the process proceeds to (B). If there is any input in the authentication means 4 before the time-out (S411 = Yes), the process proceeds to S413 and thereafter.

  In S413, the security level (SecureLevel) of the authentication means 4 that has been input is acquired. Next, in S414, it is determined whether or not SecureLevel is within the range from SecureLevel_Min to SecureLevel_Max. The process of S414 corresponds to the selection function of the present invention.

  If SecureLevel is within the range from SecureLevel_Min to SecureLevel_Max (S414 = Yes), this means that the authentication means 4 input this time has an appropriate security level. In this case, authentication in the authentication unit 4 is performed in S415. In step S416, it is determined whether a valid authentication input has been performed.

  If a valid authentication input has been made (S416 = Yes), secure printing is executed in S417, and this routine ends in S499. When a valid authentication input is not performed (S416 = No), an authentication error is displayed in S418. Then, in S419, it is determined whether or not the current authentication error is the third time, and if it is less than the third time (S419 = No), the process returns to S411 and a retry is possible.

  If the SecureLevel is not within the range from SecureLevel_Min to SecureLevel_Max (S414 = No), it means that the authentication means 4 input this time is not of an appropriate security level. In this case, the process proceeds to S420, and a display indicating that the wrong authentication unit 4 has been used (authentication device selection error display) is performed.

  In the example of FIG. 3, SecureLevel_Min is “2” and SecureLevel_Max is “4”. Here, when the key operation for password authentication is started by the operation panel 36 of the image forming apparatus 3 (S411), the SecureLevel acquired in S413 becomes “1”. In this case, SecureLevel is not within the range from SecureLevel_Min to SecureLevel_Max (S414 = No). Therefore, before the key operation for password authentication is completed (when the first key operation for password authentication is performed), an authentication device selection error is displayed (S420).

  Following the authentication device selection error display (S420), the process proceeds to S421. In S421, it is determined whether or not the current authentication device selection error is the third time. If the current authentication device selection error is less than the third time (S419 = No), the process returns to S411 and a retry is possible.

  If the current authentication device selection error is the third time (S419 = Yes), the process proceeds to S422, and secure print rejection processing is performed. Then, the process proceeds to S499, and this routine ends.

  Processing is also performed in the case of an authentication device attachment error timeout (S409 = Yes → (B)), an authentication input timeout (S412 = Yes → (B)), and an authentication error for the third time (S419 = Yes). In step S422, secure print rejection processing is performed. Then, the process proceeds to S499, and this routine ends.

<Effects of Configuration of Embodiment>
According to the image forming system 1 of the present embodiment, the valid authentication unit 4 is selected based on the print job data output from the print data output device 2. Then, secure printing is performed by a valid input in the selected authentication means 4. Therefore, an inadvertent decrease in security of the image forming system 1 due to the use of the low security authentication unit 4 by the user can be effectively suppressed.

  Also, according to this configuration, if there are a plurality of selected authentication means 4, secure printing is performed by performing valid authentication input using one of them. Therefore, the usability of the image forming system 1 is improved.

  According to the image forming system 1 of the present embodiment, the substantial content of the print job data is referred to, and based on the reference result, it is determined whether or not the print job data is a secure print job. , Security information for selecting the authentication means 4 is acquired. Therefore, even when the print job data is output from the print data output device 2, even if the print job data is not previously provided with authentication information, the security is based on the substantial content of the data. Can be effectively maintained.

  According to the image forming system 1 of the present embodiment, the image forming system 1 has a security level within the range of the minimum security level (SecureLevel_Min) based on the print job data and the maximum security level (SecureLevel_Max) based on the wearing state of the authentication unit 4. Authentication means 4 is selected as valid.

  According to such a configuration, a secure print job is subjected to image formation processing by performing a valid authentication input using one of the authentication means 4 in which security levels corresponding to SecureLevel_Min to SecureLevel_Max are set. Therefore, the usability of the image forming system 1 is further improved.

  In the image forming system 1 of the present embodiment, a plurality of authentication units 4 are detachable from the image forming apparatus 3. According to such a configuration, the wearing state of the authentication unit 4 can be changed according to the required security state. Thereby, the security state of the image forming system 1 can be appropriately set.

  According to the image forming system 1 of the present embodiment, the table 2 is rewritten according to the mounting state of the authentication unit 4. Therefore, the security state of the image forming system 1 can be set more appropriately.

<Example of modification>
Note that, as described above, the above-described embodiments are merely examples of typical embodiments of the present invention that the applicant has considered to be the best at the time of filing of the present application. Therefore, the present invention is not limited to the above-described embodiment. Therefore, it goes without saying that various modifications can be made to the above-described embodiment within the scope not changing the essential part of the present invention.

  Hereinafter, some modifications will be illustrated. In the following description of modifications, members having the same configuration and function as those described in the above-described embodiment are denoted by the same reference numerals as those in the above-described embodiment. And about description of this member, the description in the above-mentioned embodiment shall be used in the range which is not technically consistent.

  Needless to say, the modifications are not limited to those listed below. In addition, a plurality of modified examples can be applied in a composite manner as appropriate within a technically consistent range.

  The present invention (especially those expressed functionally and functionally in the constituent elements constituting the means for solving the problems of the present invention) includes the above-described embodiments and the above-described and following modifications. Based on the description, it should not be interpreted in a limited manner. Such a limited interpretation is unacceptable and improper for imitators, while improperly harming the applicant's interests (rushing to file under a prior application principle).

  (1) The present invention is not limited to an image forming system.

  (2) A part or all of the communication line 5 may be a wireless communication line.

  (3) All or part of the display panel 35 may be configured such that information is input by direct contact with the user. That is, all or part of the display panel 35 can be used as the operation panel 36 as a so-called touch panel.

  (4) Print data to which authentication information (security information) has been assigned in advance may be output from the print data output device 2 as a “secure print job”.

  (5) FIG. 5 is a flowchart showing one modification of the operation flowchart shown in FIG. 4B. In the processing according to FIGS. 4A and 5, the authentication unit 4 is used in order from the highest security level.

  That is, after the affirmative process of S407 in FIG. 4A, the counter SecureLevel is set to SecureLevel_Max in S501. Next, in S502, it is determined whether or not the authentication unit 4 corresponding to the value of the counter SecureLevel is in a valid operating state (whether or not it has failed).

  When the authentication means 4 corresponding to the value of the counter SecureLevel is in a state of being operated effectively (S502 = Yes), authentication in the authentication means 4 is performed in S503. In step S504, it is determined whether a valid authentication input has been performed.

  If a valid authentication input has been made (S504 = Yes), secure printing is executed in S505, and this routine ends in S599.

  If a valid authentication input has not been made (S504 = No), an authentication error is displayed in S506. Next, the process proceeds to S507, and the value of the counter SecureLevel is decremented. Subsequently, the process proceeds to S508, and it is determined whether or not the value of the counter SecureLevel is smaller than SecureLevel_Min.

  When the value of the counter SecureLevel is smaller than SecureLevel_Min (S508 = Yes), the process proceeds to S509, and secure print non-permission processing is performed. Then, the process proceeds to S599, and this routine ends. When the value of the counter SecureLevel is equal to or greater than SecureLevel_Min (S508 = No), the process returns to S502.

  (6) As shown in FIG. 6, the minimum security level SecureLevel_Min is set in accordance with a predetermined operation by the administrator (operation in the print data output apparatus 2 logged in by the administrator or operation in the image forming apparatus 3). It may be changed (see the arrow on the right side in FIG. 6). Thereby, the security state of the image forming system 1 can be appropriately set according to the change in the security level of the place where the image forming apparatus 3 is installed.

  (7) In the table 2 shown in FIG. 2B, the contents of the table 2 are changed by the CPU 32 according to the current attachment / detachment state of the authentication unit 4 in the above-described embodiment. That is, the information related to the authentication unit 4 has been deleted from the table 2 in response to the detachment of the authentication unit 4. However, the present invention is not limited to such an embodiment.

  For example, the table 2 may be configured such that information on the authentication unit 4 is maintained even if the authentication unit 4 is detached. In this configuration, when a new type of authentication unit 4 (a type that has never been installed) is first installed in the image forming apparatus 3, information about the authentication unit 4 is added to the table 2.

  Specifically, as shown in FIG. 7A, a case where password authentication means, magnetic card authentication means, IC card authentication means, and fingerprint authentication means have been attached to the image forming apparatus 3 has been described. Assume. In this case, when the iris authentication unit is newly attached, information corresponding to the iris authentication unit is newly added to table2 as shown in FIG. 7B.

  Here, it may be assumed that the newly installed authentication means 4 has the highest security level. For example, this is a case where the person who intends to install the new authentication unit 4 is an administrator, and the administrator guarantees that the security level of the authentication unit 4 is the highest. In such a case, as shown in FIGS. 7A and 7B, the security level of the authentication unit 4 may be set to the highest level. Thereby, an appropriate security level can be set easily.

  Normally, the security level of the newly installed authentication unit 4 is unknown. Also, the authentication means 4 is not always attached / detached by the administrator. Further, in some cases, a low security level may be added later.

  Therefore, in consideration of further improving the security of the system security, as will be described later, the newly installed authentication means 4 may be set to the lowest security level at which the frequency of being effective is minimized. Is preferred.

  (8) The correspondence between the authentication means 4 and the security level in table 2 shown in FIG. 2B may be changeable.

  For example, assume that table 2 includes information on password authentication means, magnetic card authentication means, IC card authentication means, and iris authentication means, as shown in FIG. 8A. In this case, when a fingerprint authentication unit is newly attached to the image forming apparatus 3, information regarding the fingerprint authentication unit is added to table2.

  Here, the newly installed authentication means 4 usually has an unknown security level. Therefore, as shown in FIG. 8B, information related to the fingerprint authentication means can be added to correspond to the lowest security level in table2. Then, for example, there may be a request to make the security level of the fingerprint authentication unit higher than that of the IC card authentication unit and between the IC card authentication unit and the iris authentication unit.

  Therefore, as shown in FIG. 8C, the contents of table2 can be rewritten so that the security level of the fingerprint authentication unit is the next higher security level than the security level of the iris authentication unit.

  Thereby, the correspondence between the authentication means 4 and the security level is changed to a more desirable one. Therefore, the security state of the image forming system 1 can be set more appropriately.

  (9) The table 2 can be changed according to the attachment / detachment of the authentication unit 4 based on the information unique to the authentication unit 4.

  For example, the security level for the authentication unit 4 may be standardized. In this case, the standardized correspondence between the authentication unit 4 and the security level can be the contents of table2.

  Alternatively, the security level corresponding to the type of the authentication unit 4 (standardized) as information unique to the authentication unit 4 is acquired by the image forming apparatus 3 (CPU 32), and the table 2 is set according to the acquisition result. The image forming system 1 (image forming apparatus 3) and the driver D may be configured to be created / edited by the CPU 32 and stored in the flash memory 38.

  (10) The table 1 and the table 2 may be provided in at least one of the print data output device 2 (HDD 23) and the image forming device 3 (flash memory 38).

  FIG. 9 is a block diagram showing a configuration of a modified example of the image forming system 1 shown in FIG.

  For example, as shown in FIG. 9, table 1 may be stored in the HDD 23 in the print data output apparatus 2.

  That is, in the image forming system 1 according to this modification, table 1 is created / edited by the print data output device 2 and stored in the HDD 23.

  In this configuration, table 1 that is appropriately created / edited by the print data output apparatus 2 and stored in the HDD 23 is transmitted to the image forming apparatus 3 via the communication line 5, and the flash memory 38 in the image forming apparatus 3 is transmitted. Stored in

  Alternatively, the table 1 and the table 2 are images from any server (for example, the server of the manufacturer of the image forming apparatus 3) via the communication line 5 based on the operation of the administrator using the display panel 35 and the operation panel 36. It may be possible to download directly to the forming apparatus 3.

  (11) Authentication identification information (such as a user ID) and authentication input information may not be stored in the storage unit 42 of the authentication unit 4.

  For example, authentication identification information and authentication input information can be stored in an external storage device such as an authentication server. In this case, authentication identification information and authentication input information are referred to via the communication line 5.

  (12) Other illustrations and explanations are omitted, but as described above, the above-described embodiments and modifications are appropriately modified within the scope in which the essential part of the present invention is not changed. Needless to say, you get.

  In addition, what is expressed functionally and functionally in each element constituting the means for solving the problems of the present invention is the specific structure disclosed in the above-described embodiments and modifications, It includes any structure that can realize this action / function.

1 is a block diagram illustrating an overall configuration of an image forming system as an embodiment of the present invention. This table associates keywords with security levels. It is a table which shows the setting state of the security level in each of the authentication means shown by FIG. FIG. 5 is a schematic diagram for explaining an outline of an operation in the image forming system of the present embodiment. 4 is a flowchart for explaining details of an operation of the image forming system of the present embodiment. 4 is a flowchart for explaining details of an operation of the image forming system of the present embodiment. 5 is a flowchart showing one modified example of the operation flowchart shown in FIG. 4B. FIG. 10 is a schematic diagram for explaining an outline of a modification of the operation of the image forming system shown in FIG. 1. It is the schematic for demonstrating the outline | summary of the modification of the content change operation | movement of the table shown by FIG. It is the schematic for demonstrating the outline | summary of the modification of the content change operation | movement of the table shown by FIG. It is the schematic for demonstrating the outline | summary of the modification of the content change operation | movement of the table shown by FIG. It is the schematic for demonstrating the outline | summary of the modification of the content change operation | movement of the table shown by FIG. It is the schematic for demonstrating the outline | summary of the modification of the content change operation | movement of the table shown by FIG. It is a block diagram which shows the structure of the modification of the image forming system shown by FIG.

Explanation of symbols

1. Image forming system (data processing system)
2. Print data output device (data output device)
21 ... CPU
22 ... RAM
23 ... HDD
24 ... Display unit 25 ... Operation unit 26 ... Communication interface 3 ... Image forming apparatus (data processing apparatus)
31 ... Communication interface 32 ... CPU (security information acquisition means, selection means, minimum security level acquisition means, maximum security level acquisition means, storage content change means)
33 ... ROM
34 ... RAM
35 ... Display panel 36 ... Operation panel 37 ... Image forming unit 38 ... Flash memory (security level storage means)
39 ... Connection interface 4 ... Authentication means 41 ... Authentication input unit 42 ... Storage unit 43 ... Processing unit 44 ... Connection interface 5 ... Communication line D ... Driver (data processing program)

Claims (16)

In a data processing device for processing received data based on valid input in one of a plurality of authentication means,
Security information acquisition means for acquiring security information based on the data;
Security level storage means for storing a setting state of a security level in each of the authentication means;
A selection unit that selects the authentication unit within a range of a plurality of effective security levels from a plurality of the authentication units based on the security information and the content stored in the security level storage unit ;
And processing the data based on a valid input in the valid authentication means selected by the selection means . The data processing apparatus according to claim 1,
The data processing apparatus, wherein the security information acquisition means refers to the substantial content of the data and acquires the security information based on the reference result. In the data processing device according to claim 1 or 2 ,
A minimum security level acquisition means for acquiring a minimum security level based on the security information;
A maximum security level acquisition means for acquiring a maximum security level based on the stored contents in the security level storage means,
The data processing apparatus according to claim 1, wherein the selection unit validates the authentication unit in which the security level corresponding to the lowest security level to the highest security level is set. The data processing apparatus according to claim 3, wherein
An authentication interface that can be equipped with a plurality of authentication means is further provided,
The data processing apparatus according to claim 1, wherein the highest security level acquisition means acquires the highest security level based on the stored contents and a mounting state of the authentication means with respect to the authentication interface. The data processing device according to any one of claims 1 to 4 ,
A data processing apparatus, further comprising storage content changing means capable of changing the stored contents in the security level storage means. The data processing apparatus according to claim 5 , wherein
The data processing apparatus according to claim 1, wherein the storage content changing unit changes the storage content of the security level storage unit in accordance with a mounting state of the authentication unit. The data processing apparatus according to claim 6 , wherein
The data processing apparatus according to claim 1, wherein when the authentication unit is attached, the stored content changing unit changes the stored content of the security level storage unit based on information unique to the authentication unit. A data processing apparatus according to any one of claims 5 to 7 ,
The data processing apparatus according to claim 1, wherein the stored content changing unit changes a correspondence relationship between the authentication unit and the security level, which has been stored in the security level storage unit. The received territory data, for processing on the basis of in one valid input of the plurality of authentication means, the data processing program to be executed in the data processing device,
A security information acquisition function for acquiring security information based on the data;
Based on the security information and the content stored in the security level storage means for storing the setting state of the security level in each of the authentication means, a plurality of effective security level ranges from among the plurality of authentication means. A selection function for selecting the authentication means ;
A function of processing the data based on a valid input in the selected valid authentication means;
Is implemented in the data processing apparatus. A data processing program according to claim 9 , wherein
The data processing program characterized in that the security information acquisition function has a function of referring to substantial contents of the data and acquiring the security information based on the reference result. The data processing program according to claim 9 or 10 , further comprising:
A minimum security level acquisition function for acquiring a minimum security level based on the security information;
A maximum security level acquisition function for acquiring a maximum security level based on the stored contents in the security level storage means;
Is implemented in the data processing device,
The data processing program characterized in that the selection function has a function of validating the authentication means in which the security level corresponding to the lowest security level to the highest security level is set. A data processing program according to claim 11 ,
The maximum security level acquisition function has a function of acquiring the maximum security level based on the stored contents and a mounting state of the authentication unit with respect to an authentication interface capable of mounting a plurality of authentication units. A data processing program. The data processing program according to any one of claims 9 to 12 , further comprising:
A data processing program for realizing in the data processing device a storage content changing function capable of changing the stored content in the security level storage means. A data processing program according to claim 13 ,
The data processing program characterized in that the stored content changing function has a function of changing the stored content of the security level storage means in accordance with the mounting state of the authentication means. A data processing program according to claim 14 ,
The stored content changing function has a function of changing the stored content of the security level storage unit based on information unique to the authentication unit when the authentication unit is mounted. Processing program. A data processing program according to any one of claims 13 to 15 ,
The data processing program characterized in that the stored content changing function has a function of changing a correspondence relationship between the authentication means and the security level, which is stored in the security level storage means.

Images