JP4910313B2 - Authentication server and authentication program - Google Patents

Description

  The present invention relates to an authentication server and an authentication program, and more particularly to an authentication server and an authentication program for authenticating a user in a plurality of image processing apparatuses connected to a network.

  In recent years, a form in which an image processing apparatus such as a scanner, a printer, or a facsimile is used connected to a network has become common. In this usage pattern, in order for a user to use a plurality of image processing apparatuses, the user who uses the image processing apparatus is authenticated. For this reason, it is necessary to store authentication information for authenticating the user in each of the plurality of image processing apparatuses.

  Japanese Patent Application Laid-Open No. 9-81518 (patent document) discloses a receiving process in which an application server on a network receives authentication data from the user in an authentication method in which the application user is authenticated. And a sending step for sending the authentication data received in the receiving step together with the user identification data to the matching server; and the matching server sends the sent authentication data to the sent identification data. A verification process for verifying whether the authentication data is a user authentication data, a verification result return process in which the verification server returns a verification result to the application server, and a verification result returned in the verification result return process. On the basis of whether the user is a valid user or not. Authentication method on the network, characterized in that it comprises an authentication step, the to is described.

  However, in the authentication method described in Japanese Patent Application Laid-Open No. 9-81518, the verification that has been performed by the application server so far is directly executed by the verification server. For this reason, in a collation server, it collates without relation between a plurality of application servers. For example, when the same user uses two application servers, the authentication server collates the authentication data of the same user twice. For this reason, a load increases when processing is executed repeatedly.

In addition, since verification is performed without relation between a plurality of application servers, one user can be authenticated by a plurality of application servers, and thus authentication cannot be restricted.
JP-A-9-81518

  The present invention has been made to solve the above-described problems, and one of the objects of the present invention is an authentication server and an authentication program that reduce the load of authentication processing when a user attempts to log in to a plurality of devices. Is to provide.

  Another object of the present invention is to provide an authentication server and an authentication program capable of limiting, for each user, devices that can log in among a plurality of devices.

  Still another object of the present invention is to provide an authentication server and an authentication program that can easily use a restricted device even when a user restricts a usable device.

In order to achieve the above-described object, according to one aspect of the present invention, an authentication server is an authentication server that is connected to a network and can communicate with a plurality of devices connected to the network. the registered user information storage means for storing in advance at least includes the registered user information and device identification information for identifying a device log of the users are permitted by the first authority of the plurality of devices, log out of the plurality of devices Receiving and storing use reservation information for permitting the use of another device whose login is not permitted by the first authority from a second authority that is restricted by the first authority from any one of which is permitted . The use reservation information storage means and the use reservation information include at least device identification information of a device permitted to be used and user identification information for identifying a user, A device that has transmitted authentication information on condition that registered user information including authentication information received from any one of a number of devices and device identification information of the device that has transmitted the authentication information is stored The first authentication means for permitting login to the user with the first authority, and when the login is not permitted by the first authentication means, the user identification information specified by the received authentication information and the authentication information have been transmitted Second authentication means for permitting login with the second authority to the device that has transmitted the authentication information on condition that use reservation information including device identification information of the device is stored.

According to the present invention, registered user information that includes at least user authentication information and device identification information for identifying a device that is permitted to log in by the first authority among a plurality of devices is stored in advance. . Therefore, a device that can be authenticated by the user is specified. When authentication information is received from any one of a plurality of devices, authentication is performed on the condition that the received authentication information and registered user information including the device identification information of the device that has transmitted the authentication information are stored. The first authority is allowed to log in to the device that sent the information. Further, use reservation information for permitting the second authority to use another apparatus that is not permitted to log in by the first authority from any one of the plurality of apparatuses that is permitted to log in is received and stored. . When the authentication information is received from any one of the plurality of devices, the use reservation information including the received authentication information and the device identification information of the device that has transmitted the authentication information is stored. The login to the device that has transmitted the authentication information is permitted with the second authority . For this reason, even if the device is not permitted to be used in advance, the user is authenticated with authority restricted by making a use reservation. As a result, it is possible to provide an authentication server that can easily use a restricted device even when a user restricts a device that can be used.

Preferably, the use reservation information further includes time information indicating a period during which the use is permitted, and a determination unit that determines whether or not a period specified by the time information is outside, and the determination unit determines that the period is out of the period . further comprising a logout instruction transmitting means for transmitting the logout instruction including the user identification information identified by the authentication information included in the use reservation information to the device of the device identification information included in said use reservation information.

According to the present invention, when it is outside the period for permitting use included in the use reservation information, the use reservation information includes a logout instruction including user identification information specified by the authentication information included in the use reservation information. It is transmitted to the device having the device identification information. For this reason, since the use of a device whose use is restricted is never allowed, security can be improved.

According to another aspect of the present invention, an authentication program is connected to a network and is executed by an authentication server that can communicate with a plurality of devices connected to the network. any login of the user of the equipment is a step of storing in advance at least includes the registered user information and device identification information for identifying each device that will be allowed in the first permission, the log of the plurality of devices are permitted Receiving and storing use reservation information for permitting the use of another device that is not permitted to be logged in by the first authority from the first authority using the second authority that is more restricted than the first authority; The information includes at least device identification information of a device permitted to be used and user identification information for identifying a user. Login to a device that has transmitted authentication information on condition that a set of authentication information received from one and device identification information of the device that has transmitted the authentication information is stored in the registered user information storage means The user identification information specified by the received authentication information and the device identification information of the device that has transmitted the authentication information when login is not permitted by the first authorization step A step of permitting the second authority to log in to the device that has transmitted the authentication information on condition that the use reservation information including the set is stored.

According to the present invention, it is possible to provide an authentication program that can easily use a restricted device even when a user restricts a usable device.
Preferably, the use reservation information further includes time information indicating a period during which the use is permitted, and the step of determining whether or not the period specified by the time information is out of the period and the step of determining are determined to be out of the period. sending a logout instruction including the user identification information identified by the authentication information included in the use reservation information to the device of the device identification information included in said use reservation information, Ru further execute the authentication server.

  Hereinafter, embodiments of the present invention will be described with reference to the drawings. In the following description, the same parts are denoted by the same reference numerals. Their names and functions are also the same. Therefore, detailed description thereof will not be repeated.

  <First Embodiment>

  FIG. 1 is a diagram showing an overall outline of an image processing system according to a first embodiment of the present invention. Referring to FIG. 1, an image processing system 1 includes a multifunction peripheral (hereinafter referred to as “MFP”) 100, personal computers (hereinafter referred to as “PCs”) 200A, 200B, and 200C connected to a network 2 and authentication. Server 300. Since the configurations and functions of the PCs 200A, 200B, and 200C are well known, description thereof will not be repeated here.

  An MFP (Multi Function Peripheral) 100 includes a scanner for reading an original, an image forming unit for forming an image on a recording medium such as paper based on image data, and a facsimile, and includes an image reading function, a copying function, and facsimile transmission / reception. It has a function.

  The network 2 is a local area network (LAN), and the connection form may be wired or wireless. The network 2 is not limited to a LAN, and may be a wide area network (WAN) such as the Internet, a network using a general public line, or the like.

FIG. 2 is a block diagram illustrating a hardware configuration of the authentication server according to the first embodiment. Referring to FIG. 2, authentication server 300 includes a central processing unit (CPU) 301 connected to bus 320 and a ROM (Read) that stores a program to be executed by CPU 301.
(Only Memory) 303, RAM (Random Access Memory) 305 for loading a program to be executed and for storing data during program execution, and a hard disk drive (HDD) for storing data in a nonvolatile manner 307, a card interface (I / F) 309 to which the flash ROM 308 is mounted, an input unit 311 and a display unit 313 that serve as an interface with the user, and a communication I / F 315 for connecting the authentication server 300 to the network 2. Including.

  The CPU 301 loads the authentication program recorded in the flash ROM 308 attached to the card I / F 309 to the RAM 305 and executes it. Note that the program executed by the CPU 301 is not limited to the authentication program recorded in the flash ROM 308, and may be downloaded from the PCs 200A, 200B, and 200C connected to the network 2 and executed. The program here includes not only a program directly executable by the CPU 301 but also a program in a source program format, a compressed program, an encrypted program, and the like.

  The input unit 311 is an input device such as a keyboard or a mouse. The display unit 313 is a liquid crystal display device or a cathode ray tube (CRT). The communication I / F 315 is a communication interface for connecting the authentication server 300 to the network 2. As a result, authentication server 300 can communicate with other MFP 100 and PCs 200A, 200B, and 200C. Although the example in which the authentication server 300 is connected to the other MFPs 100 and the PCs 200A, 200B, and 200C via the network 2 is shown, they may be directly connected using a serial interface or a parallel interface. Communication I / F 315 uses an interface according to the connection form between authentication server 300 and other MFPs 100 and PCs 200A, 200B, and 200C.

  The HDD 307 stores a registered user list including registered user information including predetermined user authentication information. FIG. 3A is a diagram illustrating an example of a format of registered user information. Referring to FIG. 3A, the registered user information includes user identification information for identifying the user and a password. Authentication information is composed of the user identification information and the password. FIG. 3B is a diagram showing another example of the format of registered user information. Referring to FIG. 3B, the registered user information includes biometric data. This registered user information is used when the authentication in the authentication server 300 is biometric authentication. The biometric data is, for example, a fingerprint, a voice print, an iris, a vein pattern, a face image, or the like. Since biometric data can identify a user by itself, biometric data is user identification information. Thus, the registered user information includes at least user authentication information. Here, a case where the registered user information shown in FIG. 3A is used will be described. The registered user information may include other information related to the user, such as a name, a department to which the user belongs, an e-mail address, and the like.

  FIG. 4 is a block diagram illustrating a hardware configuration of the MFP according to the first embodiment. Referring to FIG. 4, MFP 100 includes a system controller 101 that controls MFP 100 as a whole, an imaging unit 103, a scanner control unit 105 that controls imaging unit 103, and an image that processes image data output by imaging unit 103. A processing unit 107, an image processing control unit 109 for controlling the image processing unit 107, a memory 111 for storing data, a communication unit 113, an image forming unit 115, and an operation unit serving as an interface with a user 117 and an external storage device 119 that can access the recording medium 119A.

The system controller 101 is a CD-ROM (Compact
A program recorded on the recording medium 119A such as Disc-Read Only Memory is loaded and executed. The program executed by the system controller 101 is not limited to the program recorded on the CD-ROM 119A, but an EEPROM (electrically connected separately to the system controller 101).
A program stored in an erasable / programmable read only memory may be loaded and executed. If the EEPROM is used, the program can be rewritten or additionally written. For this reason, another PC 200A, 200B, 200C connected to the network 2 or the authentication server 300 may rewrite the program stored in the EEPROM of the MPP 100, or may write a new program in addition. Further, MFP 100 may download a program from another PC 200A, 200B, 200C or authentication server 300 connected to network 2, and store the program in the EEPROM.

  The program here includes not only a program that can be directly executed by the system controller 101 but also a program in a source program format, a compressed program, an encrypted program, and the like.

  The memory 111 is connected to the system controller 101 so as to be accessible therefrom. The memory 111 is a non-volatile memory such as a magnetic disk, for example. Note that a volatile memory such as a RAM (Random Access Memory) may be used as the memory 111.

  The imaging unit 103 includes a photoelectric conversion device such as a CCD (Charge Coupled Device), optically reads a document, and outputs image data as electronic data. The imaging unit 103 is controlled by a scanner control unit 105 connected to the system controller 101.

  The image processing unit 107 performs image processing such as noise removal, smoothing, edge enhancement, and color conversion on the image data output from the imaging unit 103 and stores the processed image data in the memory 111. The image processing unit 107 is controlled by an image processing control unit 109 connected to the system controller 101.

  The image forming unit 115 is a laser printer, an inkjet printer, or the like, and is controlled by the system controller 101 to visualize image data on a recording medium such as paper. Communication unit 113 connects MFP 100 to network 2 and a public telephone line. Communication unit 113 is an interface (I / F) for communicating MFP 100 with other MFPs 100 </ b> A, 100 </ b> B, 100 </ b> C and PC 200, and is an I / F for MFP 100 performing facsimile communication.

  The operation unit 117 includes an input unit 117A and a display unit 117B. Input unit 117 </ b> A is an input device such as a touch panel, a keyboard, or a mouse for accepting an operation input by a user of MFP 100. The display unit 117B is a liquid crystal display device or an organic EL (electro-luminescence) display panel. When a touch panel made of a transparent member is used as the input unit 117A, the instruction of the button displayed on the display unit 117B can be detected by placing the touch panel on the display unit 117B. Thereby, various operations can be input.

  In image processing system 1 according to the present embodiment, login is permitted in MFP 100 and PCs 200A, 200B, and 200C on condition that a user who intends to use the MFP 100 and PCs 200A, 200B, and 200C is authenticated by an authentication server. Therefore, MFP 100 displays a login screen on display unit 117B, prompts the user to input authentication information, and accepts the authentication information input by the user. Similarly to MFP 100, PCs 200A, 200B, and 200C also display a login screen on a display included in PC 200A, 200B, and 200C, prompt the user to input authentication information, and accept the authentication information input by the user. Each of MFP 100 and PCs 200A, 200B, and 200C transmits a login request including the input authentication information to authentication server 300, and permits a user to log in on the condition that a login permission signal is received from authentication server 300. To do. A program for executing this series of processing is stored in advance in each of MFP 100 and PC 200A, 200B, and 200C. In MFP 100, by executing the program with system controller 101, PC 200A, 200B, and 200C are also stored. Then, the above-described series of processing is executed by being executed by the CPU provided therein.

  FIG. 5 is a functional block diagram illustrating an outline of functions of the CPU of the authentication server in the first embodiment. Referring to FIG. 5, CPU 301 generates first, second, and third authentication units 361, 365, and 367 and login data that generates user data of users authenticated by first authentication unit 361 and adds them to the user list. A user list generation unit 363.

  User authentication information transmitted from MFP 100 is input to first authentication unit 361. The first authentication unit 361 collates the input authentication information with the authentication information of the registered user information stored in the HDD 307. More specifically, the registered user information included in the registered user list 350 stored in the HDD 307 is sequentially read, and the input authentication information is collated with the authentication information of the read registered user information. As a result of the collation, if there is registered user information in which both match, authentication is successful, and if such registered user information does not exist, authentication fails. Then, if the verification result is a successful authentication, a signal for permitting the user's login is transmitted to MFP 100, and if the authentication is unsuccessful, a signal for not permitting the user's login is transmitted.

  The login user list generation unit 363 generates user data of the user who has been successfully authenticated by the first authentication unit 361 and adds the user data to the login user list 351 stored in the HDD 307. The user data includes at least user authentication information. Here, the user data is data including user identification information and a password. Accordingly, the login user list 351 includes user data of users who are permitted to log in to the MFP 100, and thus includes user data equal to or less than the number of registered user information included in the registered user list 350.

  Second authentication unit 365 receives user authentication information transmitted from any of PCs 200 </ b> A, 200 </ b> B, and 200 </ b> C other than MFP 100. The second authentication unit 365 collates the input authentication information with user data stored in the HDD 307. More specifically, user data included in the login user list 351 stored in the HDD 307 is sequentially read, and the input authentication information is collated with the authentication information of the read user data. As a result of the collation, if there is user data that matches both, authentication is successful. In other words, if the login user list 351 includes user data including authentication information that matches the input authentication information, the authentication is successful. If the authentication is successful, a login permission signal that permits the user to log in is transmitted to the PC 200A, 200B, or 200C that has transmitted the authentication information. If the authentication is not successful, the third authentication unit 367 is authenticated. Output information.

  The third authentication unit 367 collates the authentication information input from the second authentication unit 365 with the authentication information of the registered user information stored in the HDD 307. More specifically, the registered user information included in the registered user list 350 stored in the HDD 307 is sequentially read, and the input authentication information is collated with the authentication information of the read registered user information. As a result of the verification, if the two match, authentication is successful, and if they do not match, authentication fails. Then, a login permission signal for permitting the user's login is transmitted to the one that has transmitted the authentication information among the PCs 200A, 200B, and 200C, and the login for not permitting the user's login in the case of the authentication failure. Send a disallow signal.

  When user authentication information is received from any of the PCs 200A, 200B, and 200C, first, user authentication is performed using the login user list 351. Since the number of user data constituting the login user list 351 is often smaller than the number of registered user information constituting the registered user list 350, the authentication information is collated as compared with the case of collating using the registered user list 350. The number of times to do can be reduced.

  FIG. 6 is a flowchart showing a flow of authentication processing executed by the authentication server in the first embodiment. Referring to FIG. 6, in the authentication process, a standby state is entered until an authentication request is input from any of MFP 100, PC 200A, 200B, and 200C (NO in S01). That is, the authentication process is a process executed on condition that an authentication request is input from any one of MFP 100 and PCs 200A, 200B, and 200C. When the authentication request is input, the process proceeds to step S02. The authentication request includes authentication information.

  In step S02, it is determined whether authentication information is input to MFP 100 or not. If the authentication information received in step S01 is received from the MFP 100, the process proceeds to step S03, and if received from any of the PCs 200A, 200B, 200C, the process proceeds to step S09. First, processing after step S03 performed when authentication information is received from MFP 100 will be described.

  In step S03, the authentication information input in step S01 is collated using a registered user list 350 stored in the HDD 307. Specifically, the registered user information included in the registered user list 350 stored in the HDD 307 is sequentially read, and the input authentication information is collated with the authentication information of the read registered user information. The registered user information is sequentially read out until the registered user information matching the two is detected. Then, when registered user information matching the two is detected, the process proceeds to step S04. On the other hand, if there is no registered user information that matches the two, all the registered user information is read from the registered user list 350 and collated, and the process proceeds to step S04.

  In step S04, it is determined whether or not the result of collation is authentication success. If it is determined that authentication is successful, the process proceeds to step S05. If authentication fails, the process proceeds to step S08. It is determined that the authentication is successful when registered user information including authentication information that matches the input authentication information is detected by the collation in step S03. In step S08, a login disapproval signal is transmitted to MFP 100 in order to prevent MFP 100 from permitting the user to log in.

  In step S05, user data including the authentication information received from MFP 100 in step S01 is generated. Then, the generated user data is added to the login user list 351. As a result, user data is stored in the HDD 307. When the process proceeds to step S05, the authentication information received in step S01 has been authenticated by the collation in step S03. Therefore, the number of user data included in the login user list 351 is equal to or less than the number of registered user information constituting the registered user list 350. In step S07, a login permission signal is transmitted to MFP 100 to allow MFP 100 to permit the user to log in.

  Next, processing after step S09 performed when authentication information is received from any of PCs 200A, 200B, and 200C will be described. In step S09, the authentication information input in step S01 is collated using the login user list 351 stored in the HDD 307. Specifically, user data included in the login user list 351 stored in the HDD 307 is sequentially read, and the input authentication information is collated with the authentication information of the read user data. User data is read in order until user data matching the two is detected. When user data matching the two is detected, the process proceeds to step S10 at that time. On the other hand, if there is no user data matching the two in the login user list, all the user data is read from the login user list 351 and collated, and the process proceeds to step S10.

  In step S10, it is determined whether or not the collation result is authentication success. If it is determined that authentication is successful, the process proceeds to step S13. If authentication fails, the process proceeds to step S11. It is determined that the authentication is successful when user data including authentication information that matches the input authentication information is detected by collation in step S09.

  In step S <b> 11, the authentication information input in step S <b> 01 is collated using the registered user list 350 stored in the HDD 307. Since this process is the same as the process of step S03, description thereof will not be repeated here. In step S12, it is determined whether or not the collation result in step S10 is an authentication success. If it is determined that the authentication is successful, the process proceeds to step S13. If the authentication fails, the process proceeds to step S14. It is determined that the authentication is successful when registered user information including authentication information that matches the input authentication information is detected by the collation in step S10. In step S13, a login permission signal is transmitted to one of the PCs 200A, 200B, and 200C that has transmitted the authentication information in order to permit the user to log in. In step S14, in order not to permit the login of the user, a login non-permission signal is transmitted to one of the PCs 200A, 200B, and 200C that has transmitted the authentication information.

  As described above, when user authentication information is received from any of the PCs 200A, 200B, and 200C, the authentication server 300 first performs user authentication processing using the login user list 351. Since the login user list 351 includes user data including authentication information of a user who is permitted to log in to the MFP 100, the number of user data constituting the login user list 351 is the number of registered user information constituting the registered user list 350. Often less than number. For this reason, since the frequency | count of collating authentication information can be decreased compared with the case where it collates using the registered user list 350, the load of the authentication process in the authentication server 300 can be reduced.

  In the present embodiment, an example in which authentication processing is executed by authentication server 300 has been described, but authentication processing executed by authentication server 300 may be executed by MFP 100. In this case, the authentication server 300 is not necessary.

  <Second Embodiment>

  Next, an image processing system according to the second embodiment will be described. FIG. 7 is a diagram showing a schematic configuration of an image processing system according to the second embodiment of the present invention. Referring to FIG. 7, image processing system 1 </ b> A according to the second embodiment includes MFPs 100, 100 </ b> A, 100 </ b> B, 100 </ b> C connected to network 2, and authentication server 300. Since MFPs 100, 100A, 100B, and 100C have the same configuration and function, MFP 100 will be described as an example unless otherwise specified. The hardware configurations of authentication server 300 and MFP 100 are the same as the hardware configurations shown in FIGS. 2 and 4, respectively, and therefore description thereof will not be repeated here.

  In image processing system 1A according to the second embodiment, login is permitted in MFPs 100, 100A, 100B, and 100C on condition that a user who intends to use MFP 100, 100A, 100B, and 100C is authenticated by authentication server 300. Therefore, each of MFPs 100, 100A, 100B, and 100C displays a login screen on display unit 117B, prompts the user to input authentication information, and accepts the authentication information input by the user. Each of MFPs 100, 100 A, 100 B, and 100 C transmits a login request including the input authentication information to authentication server 300, and permits login of the user on condition that a login permission signal is received from authentication server 300. To do. Further, in each of MFPs 100, 100A, 100B, and 100C, when a logout instruction is input from a user who is permitted to use MFP 100, 100A, 100B, and 100C, a logout request is transmitted to authentication server 300. Further, each of MFPs 100, 100 A, 100 B, and 100 C performs a process of logging out a user who is permitted to log in when a logout instruction is received from authentication server 300. Each of MFPs 100, 100A, 100B, and 100C stores a program for executing this series of processing in advance, and each of MFPs 100, 100A, 100B, and 100C executes the program by system controller 101. The series of processes described above are executed.

  The registered user list 350 is stored in advance in the HDD 307 of the authentication server 300 in the second embodiment. The registered user information stored in the registered user list is the same as that shown in FIG.

  FIG. 8 is a functional block diagram showing an outline of the function of the CPU of the authentication server in the second embodiment. Referring to FIG. 8, CPU 301 includes first and second user authentication units 371, 375, a device-specific user list generation unit 373, and a logout instruction unit 379.

  Second user authentication unit 375 receives user authentication information transmitted from one of MFPs 100, 100A, 100B, and 100C. The second user authentication unit 375 compares the input authentication information with the device-specific user data stored in the HDD 307. More specifically, user data included in the device-specific user list 351A stored in the HDD 307 is sequentially read, and the input authentication information is collated with the authentication information of the read user data. As a result of the collation, if there is user data that matches both, authentication is successful. In other words, if user data including authentication information that matches the input authentication information is included in the device-specific user list 351A, the authentication is successful. If the authentication is successful, (1) a login permission signal for permitting the user to log in is transmitted to the MFP 100, 100A, 100B, 100C that has transmitted the authentication information, and (2) a device-specific user list. The authentication information of the authenticated user and the device identification information for identifying the MFPs 100, 100A, 100B, 100C that transmitted the authentication information are output to the generation unit 373, and (3) the authentication information of the user authenticated to the logout instruction unit 379 And device identification information for identifying MFPs 100, 100A, 100B, and 100C that have transmitted the same. On the other hand, if the authentication is not successful, the authentication information and device identification information input to the first user authentication unit 371 are output.

  The first user authentication unit 371 collates the authentication information input from the second user authentication unit 375 with the authentication information of the registered user information stored in the HDD 307. More specifically, the registered user information included in the registered user list 350 stored in the HDD 307 is sequentially read, and the input authentication information is collated with the authentication information of the read registered user information. As a result of the verification, if the two match, authentication is successful, and if they do not match, authentication fails. If the authentication is successful, (1) a login permission signal for permitting the user to log in is transmitted to the MFP 100, 100A, 100B, 100C that has transmitted the authentication information, and (2) a device-specific user list. The authentication information of the authenticated user and device identification information for identifying MFPs 100, 100A, 100B, and 100C that transmitted the authentication information are output to generation unit 373. On the other hand, if the authentication is not successful, a login non-permission signal that does not permit the login of the user is transmitted to the MFP 100, 100A, 100B, 100C that has transmitted the authentication information.

  Authentication information and device identification information are input to the device-specific user list generation unit 373 from the first user authentication unit 371 or the second user authentication unit 375. The device-specific user list generation unit 373 generates user data including user authentication information and device identification information that have been successfully authenticated by the first user authentication unit 371 or the second user authentication unit 375, and uses the user data as the user data. The information is added to the device-specific user list 351A stored in the HDD 307.

  FIG. 9A is a diagram illustrating an example of a format of user data stored in the device-specific user list. Referring to FIG. 9A, the user data includes at least user authentication information and device identification information. Authentication information is composed of the user identification information and the password. FIG. 9B is a diagram showing another example of the format of user data. Referring to FIG. 9B, the registered user information includes biometric data and device identification information. This registered user information is used when the authentication in the authentication server 300 is biometric authentication. Here, a case where user data in the format shown in FIG. 9A is used will be described.

  Returning to FIG. 8, the logout instructing unit 379 receives from the second user authentication unit 375 the authentication information of the user authenticated thereby and the device identification information of the MFPs 100, 100A, 100B, and 100C that transmitted the authentication information. The The logout instruction unit 379 searches the device-specific user list 351A using the input authentication information, and extracts user data that includes the input authentication information and does not include the input device identification information. Then, the extracted user data is deleted from the device-specific user list 351A. At the same time, a logout instruction signal is transmitted in order to log out the user of the input authentication information to MFP 100, 100A, 100B, 100C whose extracted user data includes the device identification information.

  FIG. 10 is a flowchart illustrating a flow of authentication processing executed by the authentication server in the second embodiment. Referring to FIG. 10, authentication server 300 is in a standby state until an authentication request is input from any of MFPs 100, 100A, 100B, and 100C (NO in S21). When the authentication request is input, the process proceeds to step S22. That is, the authentication process is a process executed on condition that an authentication request is input from any of MFPs 100, 100A, 100B, and 100C.

  In step S22, the authentication information included in the authentication request received in step S21 is collated using the device-specific user list 351A stored in the HDD 307. This process is the same as the other processes except that a login user list is used in step S09 shown in FIG. 6 except that a device-specific user list is used.

  Therefore, in step S23, if user data that matches the authentication information input in step S01 is detected from the device-specific user list in step S22, the process proceeds to step S28. Otherwise, the process proceeds to step S27. In step S27, the same processing as step S11 of FIG. 6 is executed. Therefore, in step S28, it is determined whether or not the collation result in step S27 is an authentication success. If it is determined that the authentication is successful, the process proceeds to step S29. If the authentication fails, the process proceeds to step S32. In step S32, a login non-permission signal is transmitted to any of MFPs 100, 100A, 100B, and 100C that has transmitted the authentication information in order not to permit the login of the user.

  In step S24, the device-specific user list 351A is searched using the authentication information of the user authenticated in step S22, and user data including the input authentication information is extracted. Since the user data extracted here includes the authentication information received in step S21, it includes the device identification information of MFPs 100, 100A, 100B, and 100C to which the user of the authentication information has been permitted to log in. In the next step S25, for the one identified by the device identification information included in the extracted user data among the MFPs 100, 100A, 100B, and 100C, the user of the authentication information input in step S01 is logged out. Send logout instruction signal. In the next step S26, the user data extracted in step S24 is deleted from the device-specific user list 351A. As a result, only user data relating to users who are permitted to log in to MFPs 100, 100A, 100B, and 100C are stored in the device-specific user list.

  In step S29, user data including the authentication information included in the authentication request received in step S21 and the device identification information of MFPs 100, 100A, 100B, and 100C that transmitted the authentication information is generated. Then, the generated user data is added to the device-specific user list 351A (step S30).

  In step S31, a login permission signal is transmitted to the MFP 100, 1000A, 100B, 100B that has transmitted the authentication request in order to permit the user to log in. This login instruction may include authentication information for identifying a user who is permitted to log in.

  As described above, the authentication server 300 in the second embodiment first uses the device-specific user list 351A when user authentication information is received from any of the MFPs 100, 100A, 100B, and 100C. Perform user authentication. Since the device-specific user list 351A includes user data including authentication information of a user who is permitted to log in to any of the MFPs 100, 100A, 100B, and 100C, the number of user data constituting the device-specific user list 351A is as follows. In many cases, the number is less than the number of registered user information constituting the registered user list 350. For this reason, since the frequency | count of collating authentication information can be decreased compared with the case where it collates using the registered user list 350, the load of the authentication process in the authentication server 300 can be reduced.

  In addition, the authentication server in the second embodiment, when user data including authentication information of a newly authenticated user is registered in the device-specific user list, from the already registered user data, Among MFPs 10, 100 A, 100 B, and 100 C, the one that is previously permitted to be logged in by the user is specified, and a logout instruction is transmitted to the MFP. For this reason, MFPs 100, 100A, 100B, and 100C to which the user can log in can be limited to one.

  <First Modification of Authentication Server>

  Next, a modification of the authentication server in the second embodiment will be described. Hereinafter, differences from the above-described authentication server 300 will be mainly described. FIG. 11 is a functional block diagram illustrating an outline of functions of the CPU of the authentication server in the first modification. Referring to FIG. 11, the differences from FIG. 8 are stored in the device-specific user list, in that the function of first user authentication unit 371 has been changed, second user authentication unit 375 has been deleted, and so on. The user data format has been changed.

  The user data stored in the device-specific user list 351B in the first modification includes user identification information for identifying a user and device identification information. For this reason, since the device-specific user list 351B does not include user authentication information, authentication cannot be performed using only the device-specific user list 351A.

  First user authentication unit 371A receives user authentication information transmitted from one of MFPs 100, 100A, 100B, and 100C. The first user authentication unit 371A collates the input authentication information with the registered user list 350 stored in the HDD 307. If the authentication is successful, (1) a login permission signal for permitting the user to log in is transmitted to the MFP 100, 100A, 100B, 100C that has transmitted the authentication information, and (2) a device-specific user list. The authentication information of the authenticated user and the device identification information for identifying the MFPs 100, 100A, 100B, 100C that transmitted the authentication information are output to the generation unit 373, and (3) the authentication information of the user authenticated to the logout instruction unit 379 And device identification information for identifying MFPs 100, 100A, 100B, and 100C that have transmitted the same. On the other hand, if the authentication is not successful, a login non-permission signal that does not permit the login of the user is transmitted to the MFP 100, 100A, 100B, 100C that has transmitted the authentication information.

FIG. 12 is a flowchart showing a flow of authentication processing executed by the authentication server in the first modification. The difference from the authentication process shown in FIG. 10 is that step S22A is executed instead of step S22, and steps S27 and S28 are deleted.

  In step S22A, the same process as step S11 of FIG. 6 is executed. Therefore, in step S23, it is determined whether or not the collation result in step S22A is authentication success. If it is determined that authentication is successful, the process proceeds to step S24, and if authentication fails, the process proceeds to step S32.

  According to the authentication server in the first modification, MFPs 100, 100A, 100B, and 100C to which a user can log in can be limited to one.

  <Second Modification of Authentication Server>

  Next, an authentication server in the second modification will be described. Differences from the above-described authentication server 300 will be mainly described. FIG. 13 is a functional block diagram showing an outline of the function of the CPU of the authentication server in the second modification. Referring to FIG. 13, the difference from FIG. 8 is that the function of logout instruction unit 379 has been changed. Therefore, in FIG. 8, the authentication information and the device identification information are output from the first user authentication unit 371 and the second user authentication unit 375 to the logout instruction unit 379. In the second modification, they are output. Not. Accordingly, the logout instruction unit 379A does not delete the user data from the device-specific user list 351A. For this reason, in the above-described example, the MFPs 100, 100A, 100B, and 100C to which the user can log in are limited to one, but the authentication server in the second modification does not limit the number of users that can log in. . Therefore, the user is permitted to log in to a plurality of MFPs 100, 100A, 100B, and 100C.

  Authentication server 300 receives a logout request from one of MFPs 100, 100A, and 100B. The logout request includes user authentication information. Authentication information included in the logout request is input to the logout instruction unit 379A.

  The logout instruction unit 379A searches the device-specific user list 351A using the input authentication information, and extracts user data including the input authentication information. Then, the extracted user data is deleted from the device-specific user list 351A, and the user of the authentication information input to the MFP 100, 100A, 100B, 100C in which the extracted user data includes the device identification information. In order to logout, a logout instruction signal is transmitted.

  FIG. 14 is a flowchart showing a flow of authentication processing executed by the authentication server in the second modification. Referring to FIG. 14, the difference from FIG. 10 is that step S24 to step S26 are deleted and step S41 to step S45 are newly added.

  In step S21, if an authentication request is input from any of MFPs 100, 100A, 100B, and 100C, the process proceeds to step S22. If the input information is not an authentication request, the process proceeds to step S41.

  If step S24 to step S26 are deleted and the user is permitted to log in (YES in step S23), the login is not permitted even if the user is already permitted to log in with another device. The user data including the same authentication information is registered in the device-specific user list 351A. Therefore, login is permitted to a plurality selected from among MFPs 100, 100A, 100B, and 100C.

  In step S41, if a logout request is input from any of MFPs 100, 100A, 100B, and 100C, the process proceeds to step S42, and if not, the process ends. That is, the authentication process in the second modification is executed on condition that an authentication request is input in step S21 or a logout request is input in step S41. The logout request includes authentication information of a user who wants to log out.

  In step S42, the device-specific user list 351A is searched using the authentication information included in the logout request received in step S41, and user data including the input authentication information is extracted. The device identification information of the extracted user data indicates that MFP 100, 100A, 100B, 100C is permitted to log in to the user who is going to log out. In the next step S43, one of the extracted user data is selected in order, and for the one specified by the device identification information included in the selected user data among the MFPs 100, 100A, 100B, 100C, the step A logout instruction signal for logging out the user of the authentication information input in S42 is transmitted. In the next step S44, it is determined whether or not user data that has not been selected exists. If it exists, the process returns to step S43, and if not, the process proceeds to step S45. In step S45, all user data extracted in step S42 is deleted from the device-specific user list 351A. As a result, only user data relating to users who are permitted to log in to MFPs 100, 100A, 100B, and 100C are stored in the device-specific user list.

  According to the authentication server 300 in the second modification, even when a single user is permitted to log in to a plurality of MFPs 100, 100A, 100B, and 100C, all MFPs 100 that are permitted to log in by a single logout request. , 100A, 100B, 100C.

  Note that the first modification example described above can be applied to the authentication server in the second modification example. In the second embodiment, the authentication server 300 executes the authentication process. However, the authentication process executed by the authentication server 300 may be executed by any of the MFPs 100, 100A, 100B, and 100C. Good. In this case, the authentication server 300 is not necessary.

  <Third Embodiment>

  Next, an image processing system according to the third embodiment will be described. The configuration of the image processing system in the third embodiment is the same as the schematic configuration of the image processing system in the second embodiment shown in FIG. Further, the hardware configurations of authentication server 300 and MFP 100 are the same as those shown in FIGS. Therefore, description thereof will not be repeated.

  The image processing system according to the third embodiment manages user login in each of MFPs 100, 100A, 100B, and 100C, but predefines an apparatus that permits login for one user. For this reason, the user cannot normally log in to a device different from the predetermined device. Here, an example in which the number of devices that a single user can log in at a time is described as one in advance is not limited to this. Good. The image processing system according to the third embodiment enables use of a device different from a predetermined device.

  FIG. 15 is a functional block diagram showing an outline of the function of the CPU of the authentication server in the third embodiment. Referring to FIG. 15, CPU 301 includes an authentication unit 381, a reservation authentication unit 383, a use reservation information generation unit 385, and a logout instruction unit 379C.

  In the HDD 307 of the authentication server 300 in the third embodiment, a registered user list 350C is stored in advance. The registered user information stored in the registered user list includes user authentication information and device identification information. The device identification information of the registered user information is device identification information for identifying MFPs 100, 100A, 100B, and 100C that are permitted to log in in advance for the user specified by the authentication information.

  FIG. 16A is a diagram illustrating an example of a format of registered user information in the third embodiment. Referring to FIG. 16A, the registered user information includes at least user authentication information and device identification information. Authentication information is composed of the user identification information and the password. FIG. 16B is a diagram showing another example of the format of registered user information in the third embodiment. Referring to FIG. 16B, the registered user information includes biometric data and device identification information. This registered user information is used when the authentication in the authentication server 300 is biometric authentication. Here, a case where user data having the format shown in FIG. 16A is used will be described.

  Returning to FIG. 15, when a login request is received from any of MFPs 100, 100A, 100B, and 100C, authentication unit 381 receives the authentication information of the user included in the login request and MFP 100, 100A that has transmitted the login request. , 100B, and 100C are input. The authentication unit 381 compares the input authentication information and device identification information with registered user information stored in the HDD 307. More specifically, the registered user information included in the registered user list 350C stored in the HDD 307 is sequentially read, and the input authentication information and device identification information are collated with the authentication information and device identification information of the read registered user information. . As a result of the collation, if there is registered user information in which both the authentication information and the device identification information match, the authentication is successful. In other words, if the registered user information including the input authentication information and device identification information is included in the registered user list 350C, the authentication is successful. If the authentication is successful, a login permission signal for permitting the user to log in is transmitted to the MFP 100, 100A, 100B, 100C that has transmitted the login request. On the other hand, if the authentication is not successful, the authentication information input to the authentication unit 381C and the device identification information are output to the reservation authentication unit 383.

  A user who is permitted to log in can make a reservation to use another device from the permitted device. Here, for explanation, a case will be described in which user A is permitted to log in to MFP 100 and operates MFP 100 to make a reservation for use of MFP 100A. The MFP that can be reserved for use may be any of MFPs 100A, 100B, and 100C other than the logged-in MFP 100. Further, the number of units that can be reserved for use is not limited to one, and a plurality of units may be reserved.

  When user A who is permitted to log in operates MFP 100 and makes a use reservation, MFP 100 transmits a use reservation instruction to authentication server 300. The use reservation is made by inputting information specifying MFP 100A to be used and a period to be used. The use reservation instruction includes user authentication information, device identification information for identifying a device to be reserved, and period information. Here, the use reservation instruction includes user A authentication information, apparatus identification information of MFP 100A, and period information. When receiving a use reservation instruction from MFP 100, authentication server 300 inputs user identification information of user A, device identification information of MFP 100 A, and period information included in use reservation information generation unit 385.

  The use reservation information generation unit 385 generates use reservation information 353 including the input user identification information of the user A, apparatus identification information of the MFP 100 </ b> A, and period information, and stores them in the HDD 307. FIG. 17 is a diagram illustrating an example of a format of use reservation information. The use reservation information includes user authentication information, device identification information, and a validity period.

  Returning to FIG. 15, authentication information and device identification information are input from the authentication unit 381 to the reservation authentication unit 383. The authentication unit collates the input authentication information and device identification information with use reservation information 353 stored in HDD 307. More specifically, the use reservation information 353 stored in the HDD 307 is sequentially read, and the input authentication information and device identification information are compared with the authentication information and device identification information of the read use reservation information 353. As a result of the verification, if there is use reservation information 353 in which both the authentication information and the device identification information match and the current time is within the valid period, the authentication is successful. In other words, the authentication is successful on condition that the use reservation information 353 including the input authentication information and device identification information is stored and within the valid period of the use reservation information. If the authentication is successful, (1) a login permission signal for permitting the user to log in is transmitted to one of the MFPs 100A, 100A, 100B, and 100C that has transmitted the login request, and (2) reserved user data is transmitted. Register in the reserved user list 355. On the other hand, if the authentication is not successful, the authentication information input to the authentication unit 381C and the device identification information are output to the reservation authentication unit 383. The reserved user data is information indicating that the user who has reserved use has logged in to the MFP 100A that has reserved use, and user identification information for identifying the user who has logged into the use reserved device, and the device that has been reserved for use. Device identification information.

  If user A logs in to MFP 100 and makes a use reservation for MFP 100A, user A can log in during the period of time reserved for use in MFP 100A. During login, reserved user data including user identification information of user A and apparatus identification information of MFP 100A is registered in the reserved user list.

  The logout instruction unit 379C monitors the use reservation information 353 and detects the use reservation information 353 whose current time is outside the use period. Then, based on the detected use reservation information 353, it is determined by searching the reservation user list 355 whether or not there is a user who is permitted to log in. If such a user exists, (1) delete the detected use reservation information 353 and reserved user data, and (2) use the device identification information included in the detected use reservation information 353 to log out the user. A logout instruction signal is transmitted to the specified MFP.

  FIG. 18 is a flowchart showing the flow of the use reservation process executed by the authentication server in the third embodiment. Referring to FIG. 18, the process waits until a use reservation instruction is received from any of MFPs 100, 100A, 100B, and 100C (NO in step S51). In the authentication server 300, when the use reservation instruction is received, the process proceeds to step S52. That is, the use reservation process is executed on condition that a use reservation instruction is received from one of MFPs 100, 100A, 100B, and 100C.

  In step S52, use reservation information is generated from the user identification information, device identification information, and period information included in the received use reservation instruction. Then, the generated use reservation information 353 is stored in the HDD 307 (step S53).

  FIG. 19 is a flowchart illustrating a flow of authentication processing executed by the authentication server according to the third embodiment. Referring to FIG. 19, authentication server 300 is in a standby state until an authentication request is input from any of MFPs 100, 100A, 100B, and 100C (NO in S61). When the authentication request is input, the process proceeds to step S62. That is, the authentication process is a process executed on condition that an authentication request is input from any of MFPs 100, 100A, 100B, and 100C.

  In step S62, the authentication information included in the authentication request received in step S61 is verified using the registered user list 350C stored in the HDD 307. Specifically, the registered user information included in the registered user list 350C stored in the HDD 307 is sequentially read, and the input authentication information and device identification information are compared with the authentication information and device identification information of the read registered user information. . The registered user information is sequentially read until registered user information in which both the authentication information and the device identification information match is detected. When registered user information in which both authentication information and device identification information match is detected, the process proceeds to step S63 at that time. On the other hand, if there is no registered user information in which both the authentication information and the device identification information match, the process proceeds to step S63 after all the registered user information is read from the registered user list 350C and collated. In step S62, it is determined that the authentication is successful when registered user information in which both the authentication information and the device identification information match is detected.

  In step S63, it is determined whether or not the collation result is authentication success. If it is determined that authentication is successful, the process proceeds to step S68. If authentication fails, the process proceeds to step S64.

  In step S64, the authentication information included in the authentication request received in step S61 is collated using the use reservation information 353 stored in the HDD 307. Specifically, the use reservation information 353 stored in the HDD 307 is sequentially read, and the input authentication information and device identification information are compared with the authentication information and device identification information of the read use reservation information 353. The use reservation information 353 is read in order until the use reservation information 353 in which the authentication information and the device identification information match is detected. When the use reservation information 353 in which the authentication information and the device identification information match is detected, the process proceeds to step S65 at that time. On the other hand, when there is no use reservation information 353 in which both the authentication information and the device identification information match, the process proceeds to step S65 after all the use reservation information 353 is read and collated.

  In step S65, it is determined whether or not the collation result is authentication success. If it is determined that authentication is successful, the process proceeds to step S66. If authentication fails, the process proceeds to step S69. In step S64, when the use reservation information 353 in which both the authentication information and the device identification information match is detected, it is determined that the authentication is successful.

  In step S66, reservation user data including user identification information for identifying a user who has logged in to the device reserved for use and device identification information of the device reserved for use is generated. The generated reserved user data is registered in the reserved user list 355 (step S67).

  In step S68, a login permission signal is transmitted to the MFP that has transmitted the authentication request in order to permit the login of the user to the MFP that has transmitted the authentication request. On the other hand, in step S69, a login non-permission signal is transmitted to the MFP that has transmitted the authentication request.

  FIG. 20 is a flowchart illustrating a flow of logout processing executed by the authentication server according to the third embodiment. This logout process is executed in the authentication server 300, for example, at a predetermined interval or at a predetermined time. Referring to FIG. 20, authentication server 300 reads use reservation information 353 stored in HDD 307 (step S71). Then, it is determined whether there is any expired usage reservation information in the read usage reservation information (step S72). The expiration date included in the usage summary information is compared with the current date and time to determine whether the current date and time are within the expiration date. If there is an expired one, the process proceeds to step S73, and if not, the process is terminated.

  In step S73, it is determined whether or not there is a user who is permitted to log in based on the use reservation information 353 that has been expired. When such a user exists, it progresses to step S74, and when it does not exist, it progresses to step S76. This determination is performed by searching the reserved user list 355. In step S74, a logout instruction signal is transmitted to the MFP 100, 100A, 100B, 100C identified by the device identification information included in the use reservation information 353 in order to log out the user. In step S75, the reserved user data detected in step S73 is deleted from the reserved user list 355, and in step S75, the use reservation information 353 detected in step S72 is deleted.

  As described above, the authentication server 300 according to the third embodiment stores the registered user list 350C, and the registered user list includes the user authentication information and the device identification information of the MFP to which the user can log in. Contains associated registered user information. Therefore, it is possible to limit MFPs 100, 100A, 100B, and 100C to which the user can log in. Further, authentication server 300 stores use reservation information for permitting the use of a device other than MFP 100, 100A, 100B, and 100C that can log in. For this reason, even if the MFP 100, 100B, 100C, 100C is not permitted to log in in advance, the user is permitted to log in by making a use reservation. For this reason, even if it is a case where the apparatus which a user can use restrict | limits, the apparatus with which use was restricted can be used.

  The use reservation information includes a valid period, and when the use reservation information is outside the valid period, the logged-in user is logged out based on the use reservation information. For this reason, use of a device whose use is restricted is not permitted forever, and security can be improved.

  In the third embodiment, an example in which the authentication process is executed by the authentication server 300 is shown, but the authentication process executed by the authentication server 300 may be executed by any of the MFPs 100, 100A, 100B, and 100C. Good. In this case, the authentication server 300 is not necessary.

  The embodiment disclosed this time should be considered as illustrative in all points and not restrictive. The scope of the present invention is defined by the terms of the claims, rather than the description above, and is intended to include any modifications within the scope and meaning equivalent to the terms of the claims.

1 is a diagram showing an overall outline of an image processing system according to a first embodiment of the present invention. It is a block diagram which shows the hardware constitutions of the authentication server in 1st Embodiment. It is a figure which shows an example of registered user information. 2 is a block diagram illustrating a hardware configuration of the MFP according to the first embodiment. FIG. It is a functional block diagram which shows the outline of the function of CPU of the authentication server in 1st Embodiment. It is a flowchart which shows the flow of the authentication process performed with the authentication server in 1st Embodiment. It is a figure which shows schematic structure of the image processing system in the 2nd Embodiment of this invention. It is a functional block diagram which shows the outline of the function of CPU of the authentication server in 2nd Embodiment. It is a figure which shows an example of the format of user data. It is a flowchart which shows the flow of the authentication process performed with the authentication server in 2nd Embodiment. It is a functional block diagram which shows the outline of the function of CPU of the authentication server in a 1st modification. It is a flowchart which shows the flow of the authentication process performed with the authentication server in a 1st modification. It is a functional block diagram which shows the outline of the function of CPU of the authentication server in a 2nd modification. It is a flowchart which shows the flow of the authentication process performed with the authentication server in a 2nd modification. It is a functional block diagram which shows the outline of the function of CPU of the authentication server in 3rd Embodiment. It is a figure which shows an example of the format of the registration user information in 3rd Embodiment. It is a figure which shows an example of a format of use reservation information. It is a flowchart which shows the flow of the use reservation process performed with the authentication server in 3rd Embodiment. It is a flowchart which shows the flow of the authentication process performed with the authentication server in 3rd Embodiment. It is a flowchart which shows the flow of the logout process performed with the authentication server in 3rd Embodiment.

Explanation of symbols

  1, 1A image processing system, 300 authentication server, 311 input unit, 313 display unit, 350, 350C registered user list, 351 login user list, 351A device-specific user list, 353 use reservation information, 355 reserved user list, 361 Authentication unit, 363 Login user list generation unit, 365 Second authentication unit, 367 Third authentication unit, 371, 371A First user authentication unit, 373 Device-specific user list generation unit, 375 Second user authentication unit, 379, 379A, 279B, 379C Logout instruction unit, 381, 381C authentication unit, 383 reservation authentication unit, 385 use reservation information generation unit, 309 card I / F, 315 communication I / F.

Claims (4)

An authentication server connected to a network and capable of communicating with a plurality of devices connected to the network,
The registered user information storage unit that previously stores registered user information at least including the device identification information for identifying a device login of the user of the authentication information and the plurality of devices users are permitted in the first authority,
Use for permitting use of any one of the plurality of devices that is permitted to log in to another device that is not permitted to log in by the first privilege with a second privilege that is more restricted than the first privilege. Use reservation information storage means for receiving and storing reservation information;
The use reservation information includes at least device identification information of a device permitted to be used and user identification information for identifying a user,
The authentication information is transmitted on condition that the registered user information including authentication information received from any one of the plurality of devices and device identification information of the device that has transmitted the authentication information is stored. First authentication means for permitting login to the device with the first authority ;
When the first authentication means does not permit login, the use reservation information including user identification information specified by the received authentication information and device identification information of a device that has transmitted the authentication information is stored. An authentication server comprising: second authentication means for permitting the second authority to log in to the device that has transmitted the authentication information on the condition that the authentication information is transmitted. The use reservation information further includes time information indicating a period during which use is permitted,
Determination means for determining whether or not the period specified by the time information has been exceeded;
Logout instruction transmitting means for transmitting a logout instruction including user identification information specified by the authentication information included in the use reservation information determined to be out of the period by the determination means to a device having the device identification information included in the use reservation information; The authentication server according to claim 1, further comprising: An authentication program that is connected to a network and executed by an authentication server that can communicate with a plurality of devices connected to the network,
A step for storing in advance registered user information at least including the device identification information for identifying a device log of the users are permitted in the first authorization of the authentication information and the plurality of devices of the user,
Use for permitting use of any one of the plurality of devices that is permitted to log in to another device that is not permitted to log in by the first privilege with a second privilege that is more restricted than the first privilege. Receiving and storing reservation information;
The use reservation information includes at least device identification information of a device permitted to be used and user identification information for identifying a user,
The authentication is performed on the condition that a set of authentication information received from any one of the plurality of devices and device identification information of a device that has transmitted the authentication information is stored in the registered user information storage unit. Allowing the first authority to log in to the device that has transmitted the information;
When login is not permitted by the permitting step, the use reservation information including a set of user identification information specified by the received authentication information and device identification information of a device that has transmitted the authentication information is provided. An authentication program that executes the step of permitting the second authority to log in to a device that has transmitted the authentication information on the condition that it is stored. The use reservation information further includes time information indicating a period during which use is permitted,
Determining whether it is outside the period specified by the time information;
Transmitting a logout instruction including user identification information specified by the authentication information included in the use reservation information determined to be out of the period in the determination step to a device having the device identification information included in the use reservation information; The authentication program according to claim 3, further causing the authentication server to execute.

Images