JP5065876B2 - Information processing apparatus, information processing system, and program executed by information processing apparatus - Google Patents

Description

  The present invention relates to an information processing apparatus, an information processing system, and a program executed by the information processing apparatus.

  In recent years, a technology for connecting devices to each other by wireless communication such as Bluetooth (R) standard and transmitting / receiving data has become common. The connection of devices using such wireless communication is highly convenient because a user can freely connect devices to be connected by carrying the device and transmit / receive data. However, when printing data, the data is transmitted to the printing apparatus without being encrypted. Therefore, if an unauthorized third party can access the network between the information processing apparatus that has transmitted the electronic document and the printing apparatus, it can acquire the unencrypted electronic document. In particular, when an electronic document is transmitted to a printing apparatus by wireless communication, an eavesdropper can illegally acquire the electronic document without physically accessing a wired network.

  As a solution to such a problem, a secure printing apparatus for electronic documents using portable media has been disclosed (see Patent Document 1). In such a printing apparatus, an encrypted electronic document is stored and carried in a portable medium. When printing an electronic document, the portable medium is connected to the printing apparatus, and a password is input from the operation panel of the portable medium or the printing apparatus. By decrypting and printing the encrypted electronic document, secure printing of the electronic document is realized.

JP 2006-341600 A

  However, in the technique described in Patent Document 1, when printing an electronic document, the portable medium must be connected to a printing apparatus and a password for decrypting the encrypted electronic document must be input. The operation was complicated.

  The present invention has been made in view of the above, and provides an information processing apparatus, an information processing system, and a program executed by the information processing apparatus that can decrypt encrypted data with a simple operation. Objective.

In order to solve the above-described problems and achieve the object, the invention according to claim 1 is an encryption that establishes wireless communication with a mobile terminal device located in a predetermined communication range and encrypts data to be processed. A first communication means for receiving, from the portable terminal device, identification information for identifying decryption information used for the decryption process of the encrypted data together with the data; A second communication unit that establishes communication with the terminal device and receives the identification information from the portable terminal device together with the decryption information; the encrypted data received by the first communication unit; and the second A control unit that stores the decryption information received by the communication means in a data storage unit, the identification information received together with the encrypted data, and the identification information received together with the decryption information Decryption processing for extracting the data by performing decryption processing on the encrypted data received by the first communication means using the decryption information received by the second communication means And the first communication means receives the decrypted information by the second communication means and then receives the encrypted data from the portable terminal device, and the second communication means When the identification information received together with the encrypted data does not match the identification information received together with the decryption information, the identification information together with the decryption information is received from the portable terminal device again. When the data is extracted, the control unit discards the encrypted data and the decryption information stored in the data storage unit and uses the second communication means. After the number has passed the decoded information or a predetermined time after receiving the discards the encrypted data and the decryption information stored in the data storage unit.

The invention according to claim 2 establishes wireless communication with an information processing apparatus located in a predetermined communication range, and performs decryption processing of the encrypted data together with encrypted data obtained by encrypting data to be processed. First communication means for transmitting identification information for identifying decryption information to be used to the information processing apparatus, and establishing communication with the information processing apparatus in a communication range narrower than the predetermined communication range, together with the decryption information, A portable terminal device comprising: a second communication means for transmitting the identification information to the information processing apparatus; and establishing a wireless communication with the portable terminal apparatus located in the predetermined communication range, and the first communication means A third communication means for receiving the identification information together with the encrypted data transmitted from the communication terminal, establishing communication with the portable terminal device in a communication range narrower than the predetermined communication range, and the second communication means In an information processing system comprising: an information processing apparatus comprising: a fourth communication unit that receives the identification information together with the transmitted decryption information, the information processing apparatus receives the second communication unit A controller that stores encrypted data and the decryption information received by the fourth communication means in a data storage unit; the identification information received together with the encrypted data; and the identification information received together with the decryption information; And the third communication means extracts the data by performing a decryption process on the encrypted data using the decryption information, and the third communication means includes the second communication After receiving the decryption information by means, the encrypted data is received from the portable terminal device, and the fourth communication means is received before receiving the encrypted data together with the encrypted data. When the identification information and the identification information received together with the decryption information do not match, the identification information is received from the portable terminal device together with the decryption information again. When extracted, the encrypted data and the decryption information stored in the data storage unit are discarded and the decryption information is received a predetermined number of times by the fourth communication means or after a predetermined time has elapsed. The encrypted data and the decryption information stored in the data storage unit are discarded.

The invention according to claim 3 establishes wireless communication with a portable terminal device located in a predetermined communication range, and performs decryption processing of the encrypted data together with encrypted data obtained by encrypting data to be processed. Establishing communication with a first communication means for receiving identification information for identifying decoding information to be used from the portable terminal device, and the portable terminal device located in a communication range narrower than the predetermined communication range; And a second communication means for receiving the identification information from the portable terminal device, wherein the first communication means receives the decryption information by the second communication means and then the portable terminal. In a program executed by an information processing apparatus that receives the encrypted data from a device, the encrypted data received by the first communication means and the second communication means When the storage step of storing the decryption information in the data storage unit matches the identification information received together with the encrypted data and the identification information received together with the decryption information, the second communication means A decryption step for extracting the data by performing a decryption process on the encrypted data received by the first communication means using the received decryption information; and the identification information received together with the encrypted data If the identification information received together with the decryption information does not match, the reception step of receiving the identification information together with the decryption information from the mobile terminal device, and the data extracted, The encrypted data and the decryption information stored in the data storage unit are discarded, and the second communication means performs predetermined times. After a lapse or a predetermined time after receiving the decoded information, to execute the disposal step of discarding the encrypted data and the decryption information stored in the data storage unit, with the information processing apparatus.

  According to the present invention, since the decryption information of the encrypted data transmitted in the second communication is transmitted by the first communication, the decryption information used for the decryption process of the encrypted data is input with a simple operation. There is an effect that it is possible.

  Exemplary embodiments of an information processing apparatus, an information processing system, and a program executed by the information processing apparatus according to the present invention are explained in detail below with reference to the accompanying drawings. The present invention is not limited to these embodiments.

  The processing of an information processing system including a multifunction peripheral and a mobile terminal device to which the present invention is applied will be briefly described. FIG. 1 is an explanatory diagram illustrating an example of processing of the information processing system according to the present embodiment. The information processing system according to the present embodiment first transmits data (hereinafter referred to as encrypted data) obtained by encrypting data to be processed by the first communication from the mobile terminal device to the multi-function peripheral. Send the password in the communication of 2. The multi-function peripheral performs decryption processing on the encrypted data using a password, extracts the data, and prints the extracted data. As a result, the user can input the password with a simple operation.

(First embodiment)
A first embodiment will be described with reference to the accompanying drawings. In this embodiment, as an example of an information processing apparatus, a copy function, a facsimile (FAX) function, a print function, a scanner function, and input image data (image data read by a scanner function or image data formed by a print function) The present invention is applied to a so-called MFP (Multi Function Peripheral) having a function of distributing image data received by the FAX function.

  First, a configuration example of an information processing system including a multifunction peripheral and a mobile terminal device to which the present invention is applied will be described. FIG. 2 is a block diagram illustrating a configuration of the information processing system according to the first embodiment. The information processing system 10 according to the present embodiment includes a multifunction device 200 and a portable information terminal device 220. The multifunction device 200 and the portable terminal device 220 can communicate with each other by two communication means. The multifunction device 200 is connected to a network 230 and is connected to another multifunction device 240, a facsimile machine, a client terminal device, and the like via the network 230.

  The MFP 200 includes an NFC communication unit 201, a Bluetooth communication unit 202, an output application 203, a scanner unit 204, a display control unit 205, a printer unit 206, a facsimile transmission / reception unit 207, a data storage unit 208, a communication And a control unit 209.

  The NFC communication unit 201 performs non-contact bidirectional communication with the mobile terminal device 220 according to a wireless communication standard including a non-contact IC called NFC (Near Field Communication). A reader / writer and / or a tag function that incorporates a communication control program that reads information from the NFC communication unit 221 in a non-contact manner. The NFC communication unit 101 transmits / receives data by non-contact wireless communication at a short distance, that is, a communication distance of 0 to 10 cm, as compared with the Bluetooth communication unit 202 which is another communication means. In the NFC standard non-contact communication by the NFC communication unit 201, the data transfer rate (100 to 400 kbps) is slower than the data transfer rate (1 to 2 Mbps) of the Bluetooth (R) standard wireless communication by the Bluetooth communication unit 202. Used for communication of relatively small volume data. Note that the NFC communication unit 201 does not need to limit the communication standard to NFC, as long as wireless communication is possible in a relatively short distance, that is, in a communication range narrower than the communication range of the Bluetooth (R) standard described later. Other communication standards such as IrDA (Infrared Data Association) may be used.

  Further, when the mobile terminal device 220 is located (exists) within the communication range of the NFC communication unit 201, the NFC communication unit 201 uses the same communication protocol as the communication control program of the NFC communication unit 221 of the mobile terminal device 220. Wireless communication with the NFC communication unit 221 of the device 200 is established, and the password transmitted from the mobile terminal device 220 is received. Here, the password is information (decryption information according to the present invention) such as an encryption algorithm and an encryption key for decrypting encrypted data received from the mobile terminal device 220. The password may be unique information assigned to the mobile terminal device 220 or information for identifying a user who owns the mobile terminal device 220. When information for identifying a user is used, information such as an employee ID may be used. In this way, by receiving the password from the mobile terminal device 220 by NFC communication by the NFC communication unit that allows easy data transmission and reception, the user can simply move the mobile terminal device 220 closer to the multifunction device 200 without performing any special operation. Since the password can be input, convenience is improved.

  Further, the NFC communication unit 201 may receive a password from the mobile terminal device 220 and a password ID. The password ID is information (identification information according to the present invention) for identifying a password used for encrypting data to be processed. The password ID may be unique information assigned to the mobile terminal device 220 or information for identifying the user who owns the mobile terminal device 220 as long as the password ID is different from the password used for data encryption. .

  The Bluetooth communication unit 202 communicates with the mobile terminal device 220 in a non-contact manner according to the Bluetooth (R) standard. The Bluetooth communication unit 202 adopting the Bluetooth (R) standard wireless communication system transmits and receives data at a large capacity and at a high speed (1 to 10 Mbps) as compared with the NFC communication unit 201 of the NFC standard non-contact communication system. In addition, the Bluetooth communication unit 202 adopting the Bluetooth (R) standard wireless communication method can be used even if there is an obstacle as long as the distance between the devices is within 10 m, and the communication range of the NFC standard communication method. The communication range is longer than

  Specifically, the Bluetooth communication unit 202 includes a Bluetooth (R) I / F (interface) such as a Bluetooth (R) standard transceiver that receives encrypted data, and a communication control unit. The Bluetooth (R) I / F is responsible for receiving encrypted data from the mobile terminal device 220 at the connection destination. The communication control unit is a communication control program for performing processing for establishing wireless communication of the Bluetooth (R) standard via the Bluetooth (R) I / F before transmitting / receiving encrypted data to / from the mobile terminal device 220. is there. As information used for establishing wireless communication, unique address information assigned to the Bluetooth (R) I / F is used.

  In the present embodiment, the Bluetooth communication unit 202 compliant with the Bluetooth (R) standard is used as wireless communication, but the present invention is not limited to this, and other standards, For example, the wireless communication can be performed by a so-called wireless LAN standard such as IEEE802.11a / IEEE802.11b / IEEE802.11n / IEEE802.11g. In this case, an IEEE802.11a / IEEE802.11b standard network board responsible for transmission / reception of encrypted data and a communication control unit (communication control program for controlling establishment of wireless communication by IEEE802.11a / IEEE802.11b and transmission / reception of encrypted data) ) To configure the wireless LAN communication unit. In addition, if the distance between devices is within 3 m in the UWB communication system, wireless communication can be performed according to the Wireless USB standard that enables communication at 480 Mbps, which is equivalent to wired USB 2.0. In this case, the Wireless USB communication unit may be configured by a UWB device as a Wireless USB standard responsible for data transmission and reception, and a communication control unit (communication control program) that controls establishment of wireless communication and transmission and reception of encrypted data.

  In addition, when the mobile terminal device 220 is within the communication range of the Bluetooth communication unit 202, the Bluetooth communication unit 202 uses the same communication protocol as the communication control program of the Bluetooth communication unit 222 of the mobile terminal device 220. Communication with the Bluetooth communication unit 222 is established, and the encrypted data and password ID transmitted from the mobile terminal device 220 are received. In this embodiment, the password ID is received together with the encrypted data. However, the present invention is not limited to this. For example, only encrypted data may be received from the mobile terminal device 220. Here, the encrypted data is image data, document data, text data, and other various types of data to be kept confidential, and is data to be processed in the printer unit 206 and the like. As described above, by receiving the encrypted data from the mobile terminal device 220 by the Bluetooth communication unit 202, even if the wireless communication between the mobile terminal device 220 and the multifunction device 200 is intercepted, the data that wants to maintain confidentiality leaks. The possibility can be reduced.

  The output application 203 includes a decryption processing unit 203a, outputs commands to the scanner unit 204, display control unit 205, printer unit 206, facsimile transmission / reception unit 207, communication control unit 209, and the like, and outputs data from the operation unit. Application that performs processing such as reception of passwords, management of passwords and encrypted data stored in the data storage unit 208, and control of output operations executed by the printer unit 206 and the like.

  The decryption processing unit 203a performs decryption processing on the encrypted data received by the Bluetooth communication unit 202 and extracts data. Specifically, the decryption processing unit 203a decrypts the encrypted data using the password received by the NFC communication unit 201. The decryption processing unit 203a may be provided in the output application 203 in advance, or may be added to the output application 203 in a plug-in format.

  Further, the decryption processing unit 203a determines whether or not the password received by the NFC communication unit 201 is a password that allows the decryption processing of the encrypted data. Specifically, when the password ID is received together with the password and the encrypted data, the decryption processing unit 203a matches the password ID received by the NFC communication unit 201 with the password ID received by the Bluetooth communication unit 202. Determine whether or not. When the password ID received by the NFC communication unit 201 matches the password ID received by the Bluetooth communication unit 202, the decryption process of the encrypted data is executed. Note that after the data extracted from the encrypted data is output, the output application 203 discards the encrypted data and the password in order to prevent information leakage from the data storage unit 208.

  On the other hand, if the password ID received by the NFC communication unit 201 and the password ID received by the Bluetooth communication unit 202 do not match, the output application 203 discards the password and encrypted data stored in the data storage unit 208. .

  If the password ID received by the NFC communication unit 201 does not match the password ID received by the Bluetooth communication unit 202, the output application 203 immediately discards the password and encrypted data stored in the data storage unit 208. However, the present invention is not limited to this. For example, when the NFC communication unit 201 receives the password and the password ID again from the mobile terminal device 220, the output application 203 does not discard the password and the encrypted data. Then, the decryption processing unit 203a determines again whether or not the password ID received by the NFC communication unit 201 matches the password ID received by the Bluetooth communication unit 202. The output application 203 discards the password and the encrypted data stored in the data storage unit 208 after the NFC communication unit 201 receives the password a predetermined number of times or after a predetermined time has elapsed.

  The display control unit 205 receives an instruction from the output application 203 and controls input / output of the operation unit. Specifically, when the password and the encrypted data stored in the data storage unit 208 are not discarded by the output application 203, a message requesting transmission of the password is displayed on the operation unit.

  The communication control unit 209 is connected to a network such as a wireless LAN, and exchanges data and the like with other devices connected to the network according to a communication protocol. Specifically, communication is established with the communication control unit 225 of the mobile terminal device 220 and, for example, a message requesting transmission of a password is transmitted.

  The scanner unit 204 reads an original with an image sensor such as a charge coupled device (CCD). The scanner unit 204 may be provided with a mechanism for performing automatic document feeding by mounting an ADF (Auto Document Feeder).

  The printer unit 206 prints data extracted by the decoding processing performed by the decoding processing unit 203a.

  The facsimile transmission / reception unit 207 transmits the data read by the scanner unit 204 or the data extracted by the decryption processing unit 203a to another multifunction device 240, a facsimile machine, a client terminal, or the like via the network 230. Further, the facsimile transmission / reception unit 207 receives data transmitted from other multifunction peripherals 240, facsimile apparatuses, and client terminals.

  The data storage unit 208 includes the password received by the NFC communication unit 201, the encrypted data received by the Bluetooth communication unit 202, the data extracted by the decryption processing unit 203a, the image data read by the scanner unit 204, and the network 230. This is a buffer memory for temporarily storing image data input from the outside.

  Next, the mobile terminal device 220 will be described. The mobile terminal device 220 includes an NFC communication unit 221, a Bluetooth communication unit 222, a data storage unit 223, a document operation application 224, a communication control unit 225, and a display control unit 226. The mobile terminal device 220 is specifically a mobile phone, a PDA (Personal Digital Assistants), a notebook PC, a portable information storage medium, or the like.

  When the portable terminal device 220 is located (exists) within the communication range of the NFC communication unit 201 of the multifunction device 200, the NFC communication unit 221 is compounded by the same communication protocol as the communication control program of the NFC communication unit 201 of the multifunction device 200. Communication with the NFC communication unit 201 of the device 200 is established, and a password and a password ID are transmitted from the mobile terminal device 220. In this embodiment, the password and the password ID are transmitted to the multi-function device 200. However, the present invention is not limited to this. For example, the NFC communication unit 221 may transmit only the password to the multifunction device 200.

  Specifically, the NFC communication unit 221 is an NFC chip that includes a tag and a communication control program that controls communication establishment and data transmission / reception, and stores the password and password ID in the tag. When the NFC communication unit 221 is close to the multifunction device 200 and the NFC communication unit 221 is located (exists) within the communication range of the multifunction device 200, communication is established and the NFC communication unit (reader / writer) 201 of the multifunction device 200 The information is transmitted by reading the information in the tag.

  In this case, an NFC chip containing a tag and a communication control program is stored in a non-contact type IC card, and a password and a password ID are stored in the multifunction device 200 independently of the main body of the mobile terminal device 220. It is good also as a structure which transmits.

  In the present embodiment, the NFC communication unit 221 of the portable terminal device 220 is provided with a tag storing passwords and password IDs, and the NFC communication unit 201 of the multifunction device 200 is configured as a reader / writer. However, the present invention is not limited to this. It is not something. The NFC communication unit 221 of the mobile terminal device 220 may be configured as a reader / writer, and the NFC communication unit 201 of the multifunction device 200 may be configured as a tag. In this case, a password and a password ID are stored in the NFC communication unit 201 of the multifunction device 200, communication is established by bringing the NFC communication unit 221 of the mobile terminal device 220 close to the NFC communication unit 201, and a document operation application 224, the password and password ID of the NFC communication unit 201 are transferred to the NFC communication unit 221, and the transferred password and password ID are processed by the document operation application 224 of the mobile terminal device 220 by the reader / writer of the NFC communication unit 221. What is necessary is just to comprise so. Further, both the NFC communication unit 221 of the mobile terminal device 220 and the NFC communication unit 201 of the multifunction device 200 may be configured to have both the tag and reader / writer functions.

  The Bluetooth communication unit 222 is temporarily stored in the data storage unit 223 when communication with the Bluetooth communication unit 202 of the multifunction device 200 is established by the same communication protocol as the communication control program of the Bluetooth communication unit 202 of the multifunction device 200. The encrypted data and the password ID that are being transmitted are transmitted to the multifunction device 200. In this embodiment, the encrypted data and the password ID are transmitted to the multi-function device 200. However, the present invention is not limited to this. For example, only encrypted data may be transmitted to the multifunction device 200.

  The document operation application 224 includes an encryption processing unit 224a, outputs commands to the communication control unit 225, the display control unit 226, etc., creates data, data to be processed, password, password ID, and encrypted data. It is assumed that the application performs storage in the storage unit 223, input of a password and password ID from an operation unit (not shown), storage of the password and password ID in the tag of the NFC communication unit 221, and the like. The encryption processing unit 224a performs encryption processing on the data stored in the data storage unit 223 by a secret key encryption method or the like using a password received from an operation unit (not shown) to obtain the encrypted data. Generate. The encrypted data generated by the encryption processing unit 224a is temporarily stored in the data storage unit 223.

  The communication control unit 225 is connected to a network such as a wireless LAN, and exchanges data and the like with other devices connected to the network according to a communication protocol. Specifically, communication is established with the communication control unit 209 of the multifunction device 200 and, for example, a message requesting transmission of a password is received. In addition, the communication control unit 225 accesses external data via a network and acquires data. The communication control unit 225 may be a replicator that synchronizes data with a wired or other client terminal.

  The display control unit 226 receives an instruction from the document operation application 224 and controls input / output of an operation unit (not shown). Specifically, when the communication control unit 225 receives a message requesting transmission of a password from the multifunction device 200, the display control unit 226 receives a command from the document operation application 224, and receives a password from an operation unit (not shown). Displays a message requesting transmission.

  The data storage unit 223 is a buffer memory that temporarily stores data to be processed, a password and password ID input from an operation unit (not shown), encrypted data generated by the encryption processing unit 224a, and the like. is there.

  Next, the encrypted data and password transmission process of the mobile terminal device 220 configured as described above will be described. FIG. 3 is a flowchart illustrating a procedure of transmission processing performed by the mobile terminal device 220.

  First, the document operation application 224 creates data according to an instruction from an operation unit (not shown) and stores the data in the data storage unit 223 (step S301). The encryption processing unit 224a performs encryption processing on the data stored in the data storage unit 223 using the password that has been accepted, generates encrypted data, and temporarily stores the encrypted data in the data storage unit 223. (Step S302).

  Next, the document operation application 224 stores the input password and password ID in the tag and data storage unit 223 of the NFC communication unit 221 (step S303). When the user moves and the portable terminal device 220 is located within the communication range of the NFC communication unit 201 of the multifunction device 200, the NFC communication unit 221 uses the password and password ID stored in the tag as the multifunction device 200. (Step S304). Next, the Bluetooth communication unit 222 transmits the encrypted data and the password ID temporarily stored in the data storage unit 223 to the multi-function device 200 (step S305).

  In the present embodiment, after the password and password ID are transmitted by the NFC communication unit 221, the encrypted data and password ID are transmitted by the Bluetooth communication unit 222. However, the present invention is not limited to this. For example, when the encrypted data and the password ID are transmitted to the MFP 200 in advance, and the user who owns the mobile terminal device 220 is located within the communication range of the NFC communication unit 201 of the MFP 200, the password and password An ID may be transmitted.

  Next, a description will be given of a process for decrypting encrypted data and outputting the encrypted data in the MFP 200 configured as described above. FIG. 4 is a flowchart illustrating a procedure of output processing performed by the multifunction device 200.

  First, the NFC communication unit 201 establishes communication with the NFC communication unit 221 of the mobile terminal device 220 and is transmitted from the mobile terminal device 220 when the mobile terminal device 220 is located within the communication range of the NFC communication unit 201. The received password and password ID are received (step S401). Next, the Bluetooth communication unit 202 receives the encrypted data and the password ID from the mobile terminal device 220 (step S402). The received password and encrypted data are stored in the data storage unit 208 by the output application 203. In this embodiment, the encrypted data and the password ID are received after receiving the password and the password ID. However, the present invention is not limited to this. For example, the password and the password ID may be received when the mobile terminal device 220 is located within the communication range of the NFC communication unit 201 after receiving the encrypted data and the password ID.

  Next, the decryption processing unit 203a determines whether or not the password ID received by the NFC communication unit 201 matches the password ID received by the Bluetooth communication unit 202 (step S403). When the password ID is not received together with the password and the encrypted data, it is determined whether the password ID received by the NFC communication unit 201 matches the password ID received by the Bluetooth communication unit 202. First, the encrypted data is decrypted using the password.

  If the password ID received by the NFC communication unit 201 and the password ID received by the Bluetooth communication unit 202 do not match (step S403: No), the output application 203 stores the password stored in the data storage unit 208 and The encrypted data is discarded (step S406).

  On the other hand, when the password ID received by the NFC communication unit 201 matches the password ID received by the Bluetooth communication unit 202, the decryption processing unit 203a uses the password received by the NFC communication unit 201 to perform the Bluetooth communication unit 202. The received encrypted data is decrypted to extract the data (step S404).

  When the data is extracted, the output application 203 instructs the printer unit 206 to output (print) the extracted data (step 405). When data is printed by the printer unit 206, the output application 203 discards the password and encrypted data stored in the data storage unit 208 (step S406).

  In this way, a password is transmitted from the mobile terminal device 220 to the multifunction device 200 by NFC communication, and the encrypted data stored in the multifunction device 200 is decrypted using the transmitted password to extract the data, Since the extracted data can be output, the password can be input to the multifunction device 200 simply by bringing the mobile terminal device 220 closer to the multifunction device 200. In addition, since data to be transmitted from the portable terminal device 220 to the multifunction device 200 is encrypted, the possibility of data leakage is reduced even if wireless communication between the portable terminal device 220 and the multifunction device 200 is intercepted. Can do.

  In the present embodiment, the print function is described as an example of the function used in the multifunction device 200. However, other functions provided in the multifunction device 200, such as a FAX function, may be used. For example, when the FAX function is used, the decrypted data may be transmitted to another multifunction device 240 or a facsimile machine.

  Next, the hardware configuration of the multifunction device 200 will be described. FIG. 5 is an explanatory diagram showing a hardware configuration of the multifunction machine according to the present embodiment. As shown in FIG. 5, the digital multi-function peripheral has a configuration in which a controller 510, a printer unit 206, and a scanner unit 204 are connected by a PCI (Peripheral Component Interconnect) bus. The controller 510 is a controller that controls the entire digital multi-function peripheral, drawing, communication, and input from the operation unit 520. The printer unit 206 or the scanner unit 204 includes an image processing part such as error diffusion for binarization and gamma conversion for gradation correction. The operation unit 520 displays an original image information and the like of a document read by the scanner unit 204 on an LCD (Liquid Crystal Display) and receives an input from the operator via a touch panel, and an operation display unit 520a from the operator. And a keyboard portion 520b that accepts key input.

  The digital multifunction peripheral 200 according to the present embodiment can switch and select a document box function, a copy function, a printer function, a scanner function, and a facsimile function by using an application switching key of the operation unit 520. The document box mode is selected when the document box function is selected, the copy mode is selected when the copy function is selected, the printer mode is selected when the printer function is selected, the scanner mode is selected when the scanner function is selected, and the facsimile mode is selected when the facsimile mode is selected.

  The controller 510 includes a CPU (Central Processing Unit) 511, a system memory (MEM-P) 512, a North Bridge (NB) 513, a South Bridge (SB) 514, and an ASIC (Application Specific Integrated). Circuit) 516, a local memory (MEM-C) 517 as a storage unit, and a hard disk drive (HDD) 518 as a storage unit, and an AGP (Accelerated Graphics Port) bus 515 is connected between the NB 513 and the ASIC 516. Connected configuration. The MEM-P 512 further includes a ROM (Read Only Memory) 512a and a RAM (Random Access Memory) 512b.

  The CPU 511 performs overall control of the digital multi-function peripheral, has a chip set including the NB 513, the MEM-P 512, and the SB 514, and is connected to other devices via this chip set.

  The NB 513 is a bridge for connecting the CPU 511 to the MEM-P 512, the SB 514, and the AGP bus 515, and includes a memory controller that controls reading and writing of the MEM-P 512, a PCI master, and an AGP target.

  The MEM-P 512 is a system memory used as a memory for storing programs and data, a memory for developing programs and data, a memory for drawing printers, and the like, and includes a ROM 512a and a RAM 512b. The ROM 512a is a read-only memory used as a memory for storing programs and data for controlling the operation of the CPU 511, and the RAM 512b is a writable and readable memory used as a program and data development memory, a printer drawing memory, and the like. It is.

  The SB 514 is a bridge for connecting the NB 513 to a PCI device and peripheral devices. The SB 514 is connected to the NB 513 via a PCI bus, and a network interface (I / F) unit 580 and the like are also connected to the PCI bus.

  The ASIC 516 is an image processing application IC (Integrated Circuit) having hardware elements for image processing, and has a role of a bridge for connecting the AGP bus 515, the PCI bus, the HDD 518, and the MEM-C 517, respectively. The ASIC 516 includes a PCI target and an AGP master, an arbiter (ARB) that is the core of the ASIC 516, a memory controller that controls the MEM-C 517, and a plurality of DMACs (Direct Memory) that perform image data rotation by hardware logic and the like Access Controller) and a PCI unit that transfers data between the printer unit 206 and the scanner unit 204 via the PCI bus. The ASIC 516 is connected to an FCU (Fax Control Unit) 530, a USB (Universal Serial Bus) 540, and an IEEE 1394 (the Institute of Electrical and Electronics Engineers 1394) interface 550 via a PCI bus.

  The MEM-C 517 is a local memory used as an image buffer for copying and a code buffer, and the HDD 518 is a storage for storing image data, storing programs for controlling the operation of the CPU 511, storing font data, and storing forms. It is.

  The AGP bus 515 is a bus interface for a graphics accelerator card proposed for speeding up graphics processing. The AGP bus 515 speeds up the graphics accelerator card by directly accessing the MEM-P 512 with high throughput. .

  Note that the program executed by the MFP 200 of the present embodiment is provided by being incorporated in advance in a ROM or the like. A program executed by the multifunction device 200 according to the present embodiment is a file in an installable format or an executable format, and is a computer such as a CD-ROM, a flexible disk (FD), a CD-R, or a DVD (Digital Versatile Disk). The information may be provided by being recorded on a recording medium that can be read by the user.

  Furthermore, the program executed by the MFP 200 according to the present embodiment may be configured to be stored by being stored on a computer connected to a network such as the Internet and downloaded via the network. Further, the program executed by the MFP 200 of the present embodiment may be configured to be provided or distributed via a network such as the Internet.

  A program executed by the MFP 200 according to the present embodiment includes a module including the above-described units (NFC communication unit, Bluetooth communication unit, output application, display control unit, facsimile transmission / reception unit, data storage unit, communication control unit, etc.). As the actual hardware, the CPU (processor) reads the program from the ROM and executes it to load the above-described units onto the main storage device, and the NFC communication unit, Bluetooth communication unit, output application, A display control unit, a facsimile transmission / reception unit, a data storage unit, a communication control unit, and the like are generated on the main storage device.

  The program executed by the mobile terminal device 220 of the present embodiment is provided by being incorporated in advance in a ROM or the like. In addition, the program executed by the mobile terminal device 220 of the present embodiment is an installable format or executable format file that can be read by a computer such as a CD-ROM, a flexible disk, a CD-R, or a DVD. You may comprise so that it may record and provide on a medium.

  Furthermore, the program executed by the mobile terminal device 220 of the present embodiment may be configured to be stored by being stored on a computer connected to a network such as the Internet and downloaded via the network. Further, the program executed by the mobile terminal device 220 of the present embodiment may be configured to be provided or distributed via a network such as the Internet.

  The program executed by the mobile terminal device 220 according to the present embodiment includes a module configuration including the above-described units (such as an NFC communication unit, a Bluetooth communication unit, a document operation application, a data storage unit, a communication control unit, and a display control unit). As actual hardware, a CPU (processor) reads out the program from the ROM and executes it, so that the above-described units are loaded onto the main storage device, and the NFC communication unit, Bluetooth communication unit, data storage unit, document An operation application, a communication control unit, a display control unit, and the like are generated on the main storage device.

  In the above-described embodiment, the multifunction device has been described as an example. However, the present invention is not limited to the multifunction device, and can be applied to various apparatuses including a copying machine, a facsimile, and a printer.

(Second Embodiment)
A second embodiment will be described with reference to the accompanying drawings. Regarding the configuration example of the multifunction peripheral, the portable terminal device, and the client terminal to which the present invention is applied, a different part from the first embodiment will be described. The other parts are the same as those in the first embodiment, so the description is omitted with reference to the above description. FIG. 6 is a block diagram illustrating a configuration of an information processing system according to the second embodiment.

  An MFP 200 according to the present embodiment includes an NFC communication unit 201, a Bluetooth communication unit 202, an output application 203, a scanner unit 204, a display control unit 205, a printer unit 206, a facsimile transmission / reception unit 207, A data storage unit 208 and a communication control unit 209 are provided. Here, the NFC communication unit 201, the Bluetooth communication unit 202, the output application 203, the scanner unit 204, the display control unit 205, the printer unit 206, the facsimile transmission / reception unit 207, the data storage unit 208, and the communication control. Since the configuration and function of the unit 209 are substantially the same as those of the first embodiment, description thereof is omitted.

  Next, the mobile terminal device 600 will be described. The portable terminal device 600 includes an NFC communication unit 601, a Bluetooth communication unit 222, a document operation application 602, a communication control unit 603, a data storage unit 223, and a display control unit 226. Here, the configurations and functions of the Bluetooth communication unit 222, the data storage unit 223, and the display control unit 226 are substantially the same as those in the first embodiment, and thus description thereof is omitted.

  When the NFC communication unit 601 is located (exists) within the communication range of the NFC communication unit 611 of the client terminal 610, the NFC communication of the client terminal 610 is performed using the same communication protocol as the communication control program of the NFC communication unit 611 of the client terminal 610. It has a reader / writer and / or tag function that incorporates a communication control program that establishes communication with the unit 611 and reads the password and password ID from the NFC communication unit 611 of the client terminal 610 in a contactless manner. In the present embodiment, the password and password ID are read, but the present invention is not limited to this. For example, only the password may be read out. The read password and password ID are stored in the data storage unit 223 by the document operation application 602.

  When the NFC communication unit 601 is located (exists) within the communication range of the NFC communication unit 201 of the multifunction device 200, the NFC communication unit 601 uses the same communication protocol as the communication control program of the NFC communication unit 201 of the multifunction device 200. Communication with the NFC communication unit 201 is established, the password and password ID are transferred to the NFC communication unit 201 by the document operation application 602, and the password and password ID transferred by the reader / writer of the NFC communication unit 601 are Transmit to 200 NFC communication unit (tag) 201 for writing.

  The document operation application 602 is different from the document operation application 602 according to the first embodiment in that it does not include an encryption processing unit. Specifically, output of commands to the communication control unit 603, the display control unit 226, etc., creation of data, storage of data to be processed, password, password ID and encrypted data in the data storage unit 223, not shown It is assumed that the application accepts input of a password and password ID from the operation unit, the communication control unit 603, or the NFC communication unit 601.

  7-10 is explanatory drawing which shows an example of the method in which the portable terminal device 600 receives the input of a password. FIG. 7 shows a case where a password is directly input from an operation unit (not shown) by a user who operates mobile terminal device 600. FIG. 8 shows a case where the communication control unit 603 receives a password by receiving mail from the client terminal 610 via the network. FIG. 9 shows a case where an NFC ID for identifying the NFC communication unit 601 included in the mobile terminal device 600 is input as a password. FIG. 10 shows a case where the password received by the NFC communication unit 601 from the NFC communication unit 611 of the client terminal 610 is input.

  The communication control unit 603 is connected to a network such as a wireless LAN, and exchanges data and the like with other devices connected to the network according to a communication protocol. Specifically, communication is established with the communication control unit 612 of the client terminal 610 and, for example, encrypted data or the like is received.

  Next, the client terminal 610 will be described. The client terminal 610 includes an NFC communication unit 611, a communication control unit 612, a data storage unit 613, and a document creation application 614.

  When the client terminal 610 is located (exists) within the communication range of the NFC communication unit 601 of the mobile terminal device 600, the NFC communication unit 611 uses the same communication protocol as the communication control program of the NFC communication unit 601 of the mobile terminal device 600. Communication with the NFC communication unit 601 of the portable terminal device 600 is established, and a password and a password ID are transmitted from the client terminal 610. In the present embodiment, the password and the password ID are transmitted to the mobile terminal device 600, but the present invention is not limited to this. For example, only the password may be transmitted to the mobile terminal device 600.

  Specifically, the NFC communication unit 611 is an NFC chip that includes a tag and a communication control program that controls communication establishment and data transmission / reception, and stores the password and password ID in the tag. When the NFC communication unit 611 is brought close to the mobile terminal device 600, communication is established, and information is transmitted by reading the information in the tag by the NFC communication unit (reader / writer) 601 of the mobile terminal device 600. .

  In this case, an NFC chip containing a tag and a communication control program is stored in a non-contact type IC card, and a password and a password ID are stored in the multifunction device 200 independently of the main body of the mobile terminal device 600. It is good also as a structure which transmits.

  In the present embodiment, the NFC communication unit 611 of the client terminal 610 is provided with a tag storing passwords and password IDs, and the NFC communication unit 601 of the mobile terminal device 600 is configured as a reader / writer. However, the present invention is not limited to this. It is not something. The NFC communication unit 611 of the client terminal 610 may be configured as a reader / writer, and the NFC communication unit 601 of the mobile terminal device 600 may be configured as a tag. In this case, a password or password ID is stored in the NFC communication unit 601 of the mobile terminal device 600, communication is established by bringing the NFC communication unit 611 of the client terminal 610 close to the NFC communication unit 601, and the document creation application 614, the password and password ID of the NFC communication unit 601 are transferred to the NFC communication unit 611, and the transferred password and password ID are processed by the document creation application 614 of the client terminal 610 by the reader / writer of the NFC communication unit 611. What is necessary is just to comprise. Further, both the tag and reader / writer functions may be provided in both the NFC communication unit 611 of the client terminal 610 and the NFC communication unit 601 of the mobile terminal device 600.

  When communication with the Bluetooth communication unit 602 of the mobile terminal device 600 is established, the Bluetooth communication unit 612 transmits the encrypted data and the password ID temporarily stored in the data storage unit 613 to the multi-function device 200. In this embodiment, the password ID is transmitted together with the encrypted data, but the present invention is not limited to this. For example, only encrypted data may be transmitted to the mobile terminal device 600.

  The document creation application 614 includes an encryption processing unit 614a, outputs commands to the communication control unit 612, etc., creates data, data to be processed, password, password ID, and encrypted data to the data storage unit 613. It is assumed that the application stores, accepts input of a password and password ID from an operation unit (not shown), stores the password and password ID in the tag of the NFC communication unit 601, and the like. The encryption processing unit 614a performs encryption processing on the data stored in the data storage unit 613 by a secret key encryption method or the like using a password received from an operation unit (not shown) to obtain the encrypted data. Generate. The encrypted data generated by the encryption processing unit 614a is temporarily stored in the data storage unit 613.

  The communication control unit 612 is connected to a network such as a wireless LAN, and exchanges data and the like with other devices connected to the network according to a communication protocol. Specifically, communication is established with the communication control unit 603 of the mobile terminal device 600 and, for example, a password and a password ID are transmitted and received. In addition, the communication control unit 612 accesses external data via a network and acquires data. The communication control unit 612 may be a replicator that synchronizes data with a wired or other client terminal.

  Upon receiving a command from the document creation application 614, the data storage unit 613 temporarily stores data to be processed, a password and password ID input from an operation unit (not shown), encrypted data generated by the encryption processing unit 614a, and the like. This is a buffer memory to be saved.

  Next, the encrypted data and password transmission process of the client terminal 610 configured as described above will be described. FIG. 11 is a flowchart illustrating a procedure of transmission processing performed by the client terminal 610.

  First, the document creation application 614 creates data according to an instruction from an operation unit (not shown), and stores the data in the data storage unit 613 (step S1101). The document creation application 614 receives a password and a password ID from an operation unit (not shown) (step S1102). The input password and password ID are stored in the data storage unit 613 by the document creation application 614. When the NFC communication unit 611 transmits a password and a password ID to the mobile terminal device 600, the password and password ID are stored in a tag of the NFC communication unit 611. Next, the encryption processing unit 614a performs encryption processing on the data stored in the data storage unit 613 using the password that has been accepted, generates encrypted data, and stores the encrypted data in the data storage unit 613. Temporarily accumulate (step S1103).

  Then, the communication control unit 612 transmits the encrypted data and the password ID temporarily stored in the data storage unit 613 to the mobile terminal device 600 (step S1104). When the user moves and the client terminal 610 is located within the communication range of the NFC communication unit 601 of the mobile terminal device 600, the NFC communication unit 611 sends the password and password ID stored in the tag to the mobile terminal device 600. Transmit (step S1105). In the present embodiment, the password and the password ID are transmitted by NFC communication, but the present invention is not limited to this. For example, the communication control unit 612 may notify the portable terminal device 600 of the password and the password ID via the network.

  Next, the encrypted data and password transmission processing of the mobile terminal device 600 configured as described above will be described. FIG. 12 is a flowchart illustrating a procedure of transmission processing performed by the mobile terminal device 600.

  First, the document operation application 602 stores the encrypted data and password ID received from the client terminal 610 in the data storage unit 223 (step S1201). Next, the Bluetooth communication unit 222 transmits the encrypted data and the password ID temporarily stored in the data storage unit 223 to the multi-function device 200 (step S1202).

  Next, the document operation application 602 stores the password and password ID received from the client terminal 610 in the data storage unit 223 (step 1203). When the user moves and the portable terminal device 600 is located within the communication range of the NFC communication unit 201 of the multifunction device 200, the NFC communication unit 601 uses the password and password ID stored in the data storage unit 223. The information is transmitted to the multifunction device 200 (step S1204).

  In this embodiment, the encrypted data and the password ID are transmitted and then the password and the password ID are transmitted. However, the present invention is not limited to this. For example, the encrypted data and the password ID may be transmitted after confirming that the password and the password ID are transmitted in advance to the multi-function device 200 and transmitted.

  Next, a description will be given of a process for decrypting encrypted data and outputting the encrypted data in the MFP 200 configured as described above. FIG. 13 is a flowchart illustrating a procedure of output processing performed by the multifunction device 200.

  First, the Bluetooth communication unit 202 receives encrypted data and a password ID from the mobile terminal device 600 (step S1301). The received encrypted data is stored in the data storage unit 208 by the output application 203. When receiving the encrypted data and the password ID from the portable terminal device 600, the display control unit 205 displays a message requesting the transmission of the password to the operation unit in response to a command from the output application 203, and from the portable terminal device 600. The system waits for reception of the password and the password ID (step S1302).

  Next, the NFC communication unit 201 establishes communication with the NFC communication unit 601 of the mobile terminal device 600 and is transmitted from the mobile terminal device 600 when the mobile terminal device 600 is located within the communication range of the NFC communication unit 201. The received password and password ID are received (step S1303). The received password and password ID are stored in the data storage unit 208 by the output application 203.

  Next, the decryption processing unit 203a determines whether or not the password ID received by the NFC communication unit 201 matches the password ID received by the Bluetooth communication unit 202 (step S1304). In this embodiment, it is determined whether or not the password ID received by the NFC communication unit 201 matches the password ID received by the Bluetooth communication unit 202, but the present invention is not limited to this. For example, when the password ID is not received together with the password and the encrypted data, it is determined whether or not the password ID received by the NFC communication unit 201 matches the password ID received by the Bluetooth communication unit 202. First, the encryption data decryption process using the password is executed.

  If the password ID received by the NFC communication unit 201 and the password ID received by the Bluetooth communication unit 202 do not match (step S1304: No), the output application 203 causes the NFC communication unit 201 to use the password and password ID. Is determined whether or not a predetermined number of times has been received (step S1308). When the NFC communication unit 201 receives the password and the password ID for a predetermined number of times (step S1308: Yes), the output application 203 discards the password and encrypted data stored in the data storage unit 208 (step S1307).

  On the other hand, when the password ID received by the NFC communication unit 201 matches the password ID received by the Bluetooth communication unit 202, the decryption processing unit 203a uses the password received by the NFC communication unit 201 to perform the Bluetooth communication unit 202. The received encrypted data is decrypted to extract the data (step S1305).

  When the data is extracted, the output application 203 instructs the printer unit 206 to output (print) the extracted data (step 1306). When the data is printed by the printer unit 206, the output application 203 discards the password and the encrypted data stored in the data storage unit 208 (step S1307).

  In this way, the data created in the client terminal 610 is stored in the portable terminal device 600 and carried, and a password is transmitted from the portable terminal device 600 to the multifunction device 200 by NFC communication, and the transmitted password is used for the multifunction device 200. Since the stored encrypted data can be decrypted and output, the data created by the client terminal 610 can be easily output from the multifunction device 200 without being intercepted by another person.

  Further, the program executed by the client terminal 610 of the present embodiment is provided by being incorporated in advance in a ROM or the like. Further, the program executed in the client terminal 610 of the present embodiment is an installable format or executable format file, and is a computer-readable recording medium such as a CD-ROM, flexible disk, CD-R, or DVD. You may comprise so that it may record and provide.

  Furthermore, the program executed in the client terminal 610 of the present embodiment may be configured to be provided by being stored on a computer connected to a network such as the Internet and downloaded via the network. Further, the program executed by the client terminal 610 of the present embodiment may be configured to be provided or distributed via a network such as the Internet.

  The program executed by the client terminal 610 of the present embodiment has a module configuration including the above-described units (NFC communication unit, Bluetooth communication unit, document creation application, data storage unit, communication control unit, etc.) As the hardware, a CPU (processor) reads the program from the ROM and executes it, so that the above-described units are loaded on the main storage device, and the NFC communication unit, Bluetooth communication unit, document creation application, data storage unit, communication control Are generated on the main storage device.

It is explanatory drawing which shows an example of a process of the information processing system concerning this Embodiment. It is a block diagram which shows the structure of the information processing system concerning 1st Embodiment. It is a flowchart which shows the procedure of the transmission process which the portable terminal device concerning 1st Embodiment performs. 3 is a flowchart illustrating a procedure of output processing performed by the multifunction peripheral according to the first embodiment. FIG. 3 is an explanatory diagram illustrating a hardware configuration of the multifunction peripheral according to the first embodiment. It is a block diagram which shows the structure of the information processing system concerning 2nd Embodiment. It is explanatory drawing which shows an example in which the password was directly input from the operation part by the user who operates a portable terminal device. It is explanatory drawing which shows an example in which the communication control part input the password by reception of mail from the client terminal via the network. It is explanatory drawing which shows an example in which NFC ID which identifies the NFC communication part with which a portable terminal device is provided was input as a password. It is explanatory drawing which shows an example in which the password which the NFC communication part received from the NFC communication part of the client terminal was input. It is a flowchart which shows the procedure of the transmission process which a client terminal performs. It is a flowchart which shows the procedure of the transmission process which a portable terminal device performs. 6 is a flowchart illustrating a procedure of output processing performed by the multifunction peripheral.

Explanation of symbols

10, 20 Information processing system 200, 240 MFP 201, 221, 601, 611 NFC communication unit 202, 222 Bluetooth communication unit 203 Output application 203a Decoding processing unit 204 Scanner unit 205, 226 Display control unit 206 Printer unit 207 Facsimile transmission / reception Unit 208, 223, 613 Data storage unit 209, 225, 603, 612 Communication control unit 220, 600 Mobile terminal device 224, 602 Document operation application 224a, 614a Encryption processing unit 230 Network 610 Client terminal 614 Document creation application

Claims (3)

Identification information for identifying the decryption information used for the decryption process of the encrypted data together with the encrypted data obtained by establishing the wireless communication with the mobile terminal device located in the predetermined communication range and encrypting the data to be processed. First communication means for receiving from the portable terminal device;
A second communication means for establishing communication with the mobile terminal device located in a communication range narrower than the predetermined communication range, and receiving the identification information from the mobile terminal device together with the decryption information;
A control unit that stores the encrypted data received by the first communication unit and the decryption information received by the second communication unit in a data storage unit;
When the identification information received together with the encrypted data matches the identification information received together with the decryption information, the first communication means using the decryption information received by the second communication means A decryption processing means for performing decryption processing on the encrypted data received by step (a) and extracting the data;
The first communication means receives the encrypted data from the portable terminal device after receiving the decryption information by the second communication means,
When the identification information received together with the encrypted data and the identification information received together with the decryption information do not match, the second communication means again sends the identification information together with the decryption information to the identification information. Received from the mobile terminal device,
When the data is extracted, the control unit discards the encrypted data and the decryption information stored in the data storage unit, and receives the decryption information a predetermined number of times by the second communication unit. An information processing apparatus that discards the encrypted data and the decrypted information stored in the data storage unit after a predetermined time has elapsed. Identification information for identifying the decryption information used for the decryption process of the encrypted data, together with the encrypted data obtained by establishing wireless communication with the information processing apparatus located in the predetermined communication range and encrypting the data to be processed Establishing communication with the information processing device within a communication range narrower than the predetermined communication range with the first communication means for transmitting to the information processing device, and transmitting the identification information together with the decryption information to the information processing device A second communication means that establishes wireless communication with the portable terminal apparatus located in the predetermined communication range, together with the encrypted data transmitted from the first communication means The third communication means that receives the identification information, establishes communication with the portable terminal device in a communication range narrower than the predetermined communication range, and shares the decryption information transmitted from the second communication means. An information processing system including an information processing apparatus and a fourth communication means for receiving the identification information,
The information processing apparatus includes:
A control unit for storing the encrypted data received by the second communication unit and the decryption information received by the fourth communication unit in a data storage unit;
When the identification information received together with the encrypted data matches the identification information received together with the decryption information, the encrypted data is decrypted using the decryption information to extract the data Decryption processing means,
The third communication means receives the encrypted data from the portable terminal device after receiving the decryption information by the second communication means,
When the identification information received together with the encrypted data and the identification information received together with the decryption information do not match, the fourth communication means again sends the identification information together with the decryption information. Receiving from the mobile terminal device;
When the data is extracted, the control unit discards the encrypted data and the decryption information stored in the data storage unit and receives the decryption information a predetermined number of times by the fourth communication unit. An information processing system that discards the encrypted data and the decrypted information stored in the data storage unit after a predetermined time has elapsed. Identification information for identifying the decryption information used for the decryption process of the encrypted data together with the encrypted data obtained by establishing the wireless communication with the mobile terminal device located in the predetermined communication range and encrypting the data to be processed. Communication is established between the first communication means received from the portable terminal device and the portable terminal device located in a communication range narrower than the predetermined communication range, and the identification information is transmitted together with the decryption information to the portable terminal device. Information received from the portable terminal device after receiving the decryption information by the second communication means. In a program executed by a processing device,
Storing the encrypted data received by the first communication unit and the decryption information received by the second communication unit in a data storage unit;
When the identification information received together with the encrypted data matches the identification information received together with the decryption information, the first communication means using the decryption information received by the second communication means A decryption processing step of performing decryption processing on the encrypted data received by the step of extracting the data;
When the identification information received together with the encrypted data and the identification information received together with the decryption information do not match, the reception step of receiving the identification information together with the decryption information from the portable terminal device again. When,
When the data is extracted, the encrypted data and the decryption information stored in the data storage unit are discarded, and the decryption information is received a predetermined number of times by the second communication means or for a predetermined time After the elapse, a discarding step of discarding the encrypted data and the decryption information stored in the data storage unit;
Is executed by the information processing apparatus.

Images