JPH09293036A - Print processor - Google Patents

Abstract

PROBLEM TO BE SOLVED: To control access as against a user at each protocol by receiving a print instruction from the plural protocols. SOLUTION: When an operation concerning a print processing is indicated, the identification(ID) of a user is prepared by a user information generating means 1 and the operation is transmitted by the user name with ID. A propriety inquiry judging means 5 executes collation with the security policy of a support authentication level storage means 4, judges the necessity of propriety recognition in ID and requests the recognition to a user recognizing means 6 at the time of necessity. The user recognizing means 6 recognizes the user corresponding to an authentication level. An authenticating means 3 re-recognizes ID at the high level, user authentication by the authentication mechanism of client environment is used in the middle level and the user name used by the user is trusted in the low level. An operation control means 7 judges the permission of the operation as against the recognized user.

Description

Detailed Description of the Invention

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a print processing apparatus, and in particular, it accepts print instructions sent from various clients connected to a network by various protocols and makes them correspond to various user authentication mechanisms on the client side. In addition, the present invention relates to a print processing apparatus that controls access to various operations for a printer for each user.

[0002]

2. Description of the Related Art In a conventional multi-protocol network printing apparatus, a print operation is permitted for a user with a certain protocol but another operation is not permitted, or a cancel operation for one's own print operation is permitted.
There is a request to perform access control on a user-by-user basis such that a cancel operation for a print operation for another user is not permitted by another protocol.

[0003] Specifically, NetWare (Nov US
ell company's registered trademark (hereinafter omitted) protocol
Print operation of the user of the Ware and App
Macintosh using the protocol of leTalk (trademark of Apple Computer, Inc., USA)
The user's print operation (registered trademark of Apple Computer, Inc. in the United States, omitted hereinafter) is performed by Lpr.
UNIX (X / Open Co., Lt
d. You may want to perform access control so that users of registered trademarks in the United States and other countries licensed by J.K.

In the UNIX Lpr protocol, the UN
For IX multi-users, one user can cancel his print operation himself, but not another user's print operation. However, the administrator can control such that all print operations can be canceled.

However, the administrator can cancel anything with respect to the print job received by the multi-protocol.
It is possible to cancel even the print operation of the "ntosh" user.

[0006]

If the network printing apparatus tries to be able to receive print instructions in a plurality of protocols, the requesting user is the correct user in order to control access on a user-by-user basis. However, the authentication form of the user is different for each protocol. For example, an instruction from a protocol may contain information that can authenticate the user, or it may contain information that can only be distinguished by the client, not the user, and the username. In some cases, even if you know, it contains only information that cannot be trusted at all because there is no authentication mechanism. Therefore, in the multi-protocol print process, when controlling the access of the user, it is not possible to perform the user authentication for the print instructions from all the protocols by the same method, and there are various user authentication mechanisms. There is a problem.

The present invention has been made in view of the above circumstances, and in the case of performing access control such that print instructions from a plurality of protocols are accepted and only a certain user is permitted to use a certain printer, It is an object of the present invention to provide a print processing apparatus in which user authentication different for each client is performed by the authentication mechanism having the highest reliability for the client.

[0008]

FIG. 1 is a principle block diagram showing a print processing apparatus of the present invention. The print processing apparatus according to the present invention includes a user information creating unit 1 and an operation instructing unit 2 in each of a plurality of clients, an authenticating unit 3 in an authentication server on a network, and a support authentication level in a print server. The storage unit 4, the validity inquiry determination unit 5, the user confirmation unit 6, and the operation control unit 7 are included.

The user information creating means 1 creates an identification certificate that proves the user as the only user in the environment of the client. Here, the identification information is sent to the authentication means 3 depending on the environment of the client. If you do not have a mechanism to authenticate a user in the client's environment, or to create one by request, create one using the authentication mechanism provided by the client's operating system, or enter the user name. You will have to create a non-identification card. The security level differs depending on the method of creating the ID card. When an authentication mechanism by a third institution such as the authentication means 3 is used, the authentication level is high, and a local authentication mechanism to which the client belongs is used. , The authentication level is medium, and if there is no authentication mechanism, the authentication level is low.
The operation instructing means 2 requests the print server to perform an operation related to print processing, such as a print operation and a cancel operation, together with the user name designated by the user and the created identification card.

In the print server, the support authentication level storage means 4 stores a security policy as to whether or not it is necessary to confirm the validity of the identification certificate. The validity inquiry determining means 5 receives the operation output from the operation instructing means 2 and determines whether to inquire the validity of the identification certificate according to the security policy stored in the support authentication level storage means 4. The user confirmation unit 6 determines that the validity inquiry determination unit 5 needs to make an inquiry, and if an inquiry about the validity of the ID is made,
The user's legitimacy is confirmed in response to the inquiry.
The operation control means 7 controls the operation for the printer to the operation permitted by the user confirmed by the user confirmation means.

When the print server receives the operation output from the operation instructing means 2, the validity inquiry determining means 5 checks the validity of the identification certificate against the security policy of the support authentication level storing means 4. Determine if it is necessary.
If it is determined that the validity of the identification certificate needs to be confirmed, the validity inquiry determination means 5 passes the user name and the identification certificate to the user confirmation means 6 to request a determination as to whether the identification certificate is correct. To do. When the authentication level is a high level, the requested user confirmation means 6 inquires the authentication means 3 which issued the identification certificate when creating the user information, about the validity of the identification certificate. The authentication means 3 notifies the user confirmation means 6 of the result in response to the inquiry. The user confirmation means 6 confirms the user based on the notification from the authentication means 3. When the user confirmation means 6 determines that the authentication level is medium, the user confirmation means 6 compares the user name in the identification card with the user name designated by the user, and if the user names match, The user is confirmed as the user and the user is confirmed. If the user confirmation means 6 determines that the authentication level is low, the user confirmation means 6 believes the user name specified by the user, recognizes that the user is the user, and confirms the user. Become. In this way, when the user is confirmed by the user confirmation means 6, the operation control means 7 determines whether the requested operation is an operation permitted to the user. Here, if the requested operation is permitted to the user, the operation is requested to the printer.

Therefore, by providing the authentication level and identifying the authentication level, it is possible to recognize the user as another user even if an operation request with the same user name is made. As a result, for example, even if the cancel operation of a job received at a low authentication level without any authentication mechanism is a request for illegal use of a user name, the job cannot be canceled without permission. Further, since the authentication level is set to the medium level, it is not necessary to introduce a very strict authentication system (authentication server) as in the case of the high level, so that the print processing apparatus can be constructed at low cost. .

[0013]

BEST MODE FOR CARRYING OUT THE INVENTION Hereinafter, an embodiment of the present invention will be described as an example in which it is applied to a network printing apparatus.

FIG. 2 is a block diagram showing the outline of the network printing apparatus. In the figure, the network printing apparatus is composed of a print server 10, a plurality of clients 21, 22, ... And an authentication server 30, which are mutually connected by a network 40. Further, the print server 10 has at least one
Two printers 50 are connected.

The print server 10 is a client 2
A job acceptance unit 11 that accepts jobs from 1, 2, 22, ..., A user confirmation unit 12 that confirms the user of the accepted job, a job control unit 13, an object management unit 14, and an access control unit 15. It has an object database 16. The client 21 has a user information acquisition unit 21a, a print data generation unit 21b, and a job generation unit 21c, and the other clients 2
2, ... Have the same configuration.
The printer 50 also has a printer controller 51 and a print engine 52.

For example, in the client 21, the user information acquisition unit 21a is a part for creating a user's identification card, and the identification card is created by an authentication mechanism adopted in the environment to which the client 21 belongs. . For example, the authentication server 30 which is an authentication mechanism of a third party is requested to perform user authentication to issue an identification certificate, or an identification certificate is created from a user identifier logged in in a client environment. Depending on the client environment, there may be no authentication mechanism or the concept of a user, but in such a case, an empty identification certificate with no content will be created. From the viewpoint of security, depending on the method by which the ID card is created, it can be divided into a plurality of authentication levels corresponding to the security level. That is, when the user authentication is performed by the authentication server 30 or another name management server, the authentication level is high, the authentication level by the authentication mechanism in the client environment is medium, and the authentication level when there is no authentication mechanism is low. Is.

The print data generation unit 21b has a function of generating print data such as text, page description language, and bitmap from a document created by various application software. For example, Wi
It corresponds to a printer driver in an Windows (registered trademark of Microsoft Corporation in the United States) environment. The job generation unit 21c is a unit that generates one job including the processing method for the print data generated by the print data generation unit 21b and information indicating the attributes of the print data. Examples of processing methods for print data include designation of the number of prints, designation of single-sided / double-sided printing,
The information representing the attribute of the print data includes, for example, data representing the resolution of the created print data, data representing whether it is created in black and white or color. Here, when the job is transmitted from the job generation unit 21c to the print server 10, the job includes the user information including the user name given by the user and the identification card created by the user information acquisition unit 21a. Sent to.

In the print server 10, for example, when a job and user information including print data are sent from the client 21 together with a print instruction, the job acceptance section 11 accepts the job and the user confirmation section 12 is used from the user information. Check the user who issued the print instruction. In the user confirmation unit 12, the user information acquisition unit 2
Check if the information about the user indicated by 1a is correct. The user confirmation unit 12 determines from the user information what kind of authentication mechanism is required to confirm the user,
If necessary, the authenticity of the identification card is confirmed using the authentication server 30 or the like. When the user is confirmed, the job receiving unit 11 passes the job to the job control unit 13 in order to perform the print processing indicated by the job.

The job control unit 13 inquires of the object management unit 14 whether there is an object required for printing indicated in the job, or whether the user has the right to access the object required for printing. The printer controller 51 of the printer 50 issues a print instruction while inquiring of the access control unit 15. The object management unit 14 responds to an inquiry from the job control unit 13 or the like regarding the state or existence of an object stored in the object database 16 or the content of information. When the access control unit 15 receives an inquiry from the job control unit 13 as to whether the confirmed user has the right to access the object required for printing, the access control unit 15 responds to the inquiry.

When the printer 50 receives an instruction from the job control unit 13, the printer controller 51 generates a control code corresponding to the printer engine 52 that actually prints and sends it to the printer engine 52. Get print output.

Here, the procedure of user authentication when a user issues a print instruction to the print server 10 through an arbitrary client will be described.

First, when the authentication level is high, the client requests the authentication server to issue an identification card.
In the authentication server, if the user is authenticated,
Issue an ID card. The user requests the operation from the client to the print server with the issued ID card. The print server queries the authentication server to see if the user's identification is correct. When the authentication server determines that the ID is correct and notifies the print server, the print server recognizes the user as the user.

When the authentication level is medium, the user information acquisition unit requests the authentication mechanism used in the client environment to issue a certificate. When the user is authenticated in the authentication mechanism, the user information acquisition unit issues a new identification certificate based on the certificate used in the client environment. The user requests the operation from the client to the print server with the issued ID card. The print server compares the user name authenticated in the client environment from the user's identification card with the user name given by the user when requesting an operation. If these user names match, the print server determines that The user recognizes himself.

When the authentication level is low, the user issues a new certificate from the client to the print server, indicating that there is no user name certified in the client environment. The print server recognizes from the new certificate that the user does not have a certified user name in the client environment.

Actually, in addition to the above three security levels, no security is considered at all, that is, all operations can be performed from any client so that it can be applied to a very small network printing device. There are also levels that can be implemented. Further, except for the level at which all clients can access the print server unconditionally and the security is not considered, the user confirmation unit 12 of the print server 10 sets the above-mentioned three high levels, medium levels, and low levels in combination. be able to. In this case, higher level users will have stronger authority. For example, if a high level or a medium level is set as an authentication level of a user permitted for an operation, the operation has the authority that the high level user can execute to the medium level user. However, the success or failure of execution of the operation thereafter depends on whether or not the user can access, for example, an object necessary for processing the print operation, as judged by the access control unit 15.

Next, user authentication for performing different authentication to different networks when there are a plurality of network systems connected to the print server will be described. First, a configuration example of an authentication table provided in, for example, the user confirmation unit 12 of the print server 10 is shown below.

FIG. 3 is a diagram showing an example of the structure of the authentication table. In this figure, (A) shows the basic configuration of the authentication table, and includes a "user environment identification name" column 121, a "user identification name" column 122, and a "right" column 123 for each user. Composed of. The column 121 of "user environment identification name" describes the network name (domain name) of the user who logged in, the machine name, etc., and the column 122 of "user identification name" contains the user name of the user environment. The “right” column 123 describes whether or not the operation for the printer permits the user.

Further, (B) is a concrete description example of the authentication table and shows a setting example of two users. According to this example, as the setting of "user 1", the user environment identification name is "NETWORK1" and the user identification name is "USER."
1 ", the right is" printable, erasable ". On the other hand, as the setting of" user 2 ", the user environment identification name is" LOCALMACHINE1 "and the user identification name is" U ".
"SER1" and the right is "printable, undeleteable". Here, the user identification names, that is, the user names are the same, but since the user environment identification names are different, they are regarded as other users and the rights are also different. Therefore, in the print server, if both the user environment identifier and the user identifier do not match, the user is not confirmed and the operation is rejected.

These setting values in the authentication table are
The print server administrator can register / change directly or externally, that is, from any client. Registration / change of this authentication table can also be controlled by registering that fact in the “right” column of the authentication table.

FIG. 4 is an explanatory diagram for explaining control when an operation is requested from each client. In the illustrated example, four clients 61, 62, 63, 64,
The print server 70, two authentication servers 81 and 82, and one arbitrary server 83 are connected to the network 90. Here, the client 61
Is a stand-alone client that does not belong to any authentication server of the network system, and the logged-in machine name is "MACHINE1" and the user name is "USER1". It is assumed that the client 62 belongs to the first authentication server 81, the logged-in domain name is “NET1”, and the user name is “USER1”. The client 63 belongs to the second authentication server 82, and the domain name of the logged-in client is “NET2” and the user name is “USER1”. The client 64 belongs to the server 83, and the logged-in server name is “ServerMachine2” and the user name is “USER1”. In other words, the user names of the clients 61, 62, 63, 64 are all "USER
1 ". Authentication table 12 in print server 70
0 is user environment identification name, user identification name, and right information, which is "NET1, USER1," for the first user.
"Print / Delete" is for the second user, "NET2, U
"SER2, print / delete / priority" is for the third user, "MACHINE1, USER1, print"
However, for the fourth user, "SeverMachine2,
USER1, print "are set respectively. The first authentication server 81 has a user name authenticated by the domain name “NET1”, the second authentication server 82 has a user name authenticated by the domain name “NET2”, and It is assumed that valid user names are registered in the server 83, respectively.

Here, each client 61, 6
Access control when a user who has logged in 2, 63, 64 requests a print operation from the print server 70 will be described. When referring to the authentication table 120 of the print server 70, it is assumed that the user has been authenticated according to the authentication level.
The description of the user authentication is omitted.

First, regarding the first client 61, since the authentication table 120 of the print server 70 has data in which the machine name and the user name match, and the print right is set in the data, the machine name is set. "MA
The user name "USER" is added to the client of "CINE1".
If the user "1" is logged in, the print operation by the user is permitted and printing can be performed.

Regarding the second client 62, there is data in which the domain name and the user name match in the authentication table 120 of the print server 70, and the print right is set in this data, so the domain name "NET1".
The user having the user name “USER1” who is logged in to has the print right and can print.

In the third client 63, the domain name “NET” is displayed in the authentication table 120 of the print server 70.
User name "US" logged in to the network of "2"
Since there is no data regarding the user of "ER1", all operations by that user are not possible.

Regarding the fourth client 64, there is data in which the server name and the user name match in the authentication table 120 of the print server 70, and the print right is set in the data, so the server name "ServerMa
The user having the user name “USER1” who is logged in to the server 83 of “Chine2” has the print right and can print.

Next, the first and second clients 6
A case where the delete operation is requested from the print server 70 from the print server 1, 62 will be described. Regarding the first client 61, there is data in which the machine name and the user name match in the authentication table 120 of the print server 70, but since the delete right is not set, the delete operation from this client 61 is impossible. .

The deletion operation from the second client 61 is possible because the authentication table 120 of the print server 70 has data in which the domain name and the user name match, and the deletion right is set in the data. Is.

Next, support for authentication in the print server will be described. In the print server, there are authentication that can be interpreted by the user confirmation unit (supported) and authentication that cannot be interpreted (not supported). The job sent from the client is received by the job acceptance unit of the print server and passed to the user confirmation unit for user authentication. If the authentication information assigned to the job cannot be interpreted by the user confirmation unit, the user confirmation unit notifies the job reception unit of that fact.
Upon receiving this, the job reception unit notifies the client that an authentication error has occurred.

In the print server, the administrator of the print server sets in advance how to handle the authentication level obtained as a result of user authentication, that is, whether or not to permit the operation. You can This information is held in the user confirmation unit, for example. For example, if the print server sets the authentication level to high or medium level as the operation permission target, and if the authentication level of the requested operation is high or medium level, the print server permits the operation. Since the matching authentication level is met, the job and its authentication level are passed to the job control unit, and the printing process is continued. on the other hand,
If the authentication level of the requested operation is low, it does not match the authentication level permitted by the print server. Therefore, the client is notified of the error and the job processing is stopped.

Next, a case where the user information is actually sent from the client to the print server will be described. In the client, the user information acquisition unit creates the user's identification card. At this time, the client also simultaneously selects the type of operating system, network system,
Acquire information such as the domain name and machine name of the logged in user environment. Then, these pieces of information are encrypted together with the user name given by the user based on the encryption key preset in the print server and sent to the print server. Information on the authentication level is included in the identification card. The print server decrypts the encrypted data sent from the client and retrieves the user name and identification card.

[0041]

As described above, according to the present invention, by introducing the user name and the authentication level with the identification certificate as the information for user authentication, both the user from the client having the authentication mechanism and the authentication mechanism are introduced. A user from a client who cannot identify the user without it can also be authenticated with appropriate security. Also, by setting the medium security level, the user authentication mechanism under the environment of the client can be used as it is, and no special authentication service or name service is required.

Further, on the print server side, it is possible to set which level is supported according to the installation environment of the user, so that fine-grained access control is possible. Further, by adopting the user authentication for the operation to the printer, the security effect can be improved, and different authentication is performed for different networks without limiting the number of network systems to one. Thus, even when different network environments are mixed, it is possible to support user authentication of each network.

[Brief description of drawings]

FIG. 1 is a principle configuration diagram showing a print processing apparatus of the present invention.

FIG. 2 is a block diagram showing an outline of a network printing apparatus.

FIG. 3 is a diagram showing a configuration example of an authentication table.

FIG. 4 is an explanatory diagram for explaining control when an operation is requested from each client.

[Explanation of symbols]

 1 User Information Creating Means 2 Operation Instructing Means 3 Authentication Means 4 Support Authentication Level Storage Means 5 Validity Inquiry Judging Means 6 User Confirming Means 7 Operation Control Means 10 Print Server 11 Job Receiving Department 12 User Confirming Means 13 Job Control Means 14 Object Management Part 15 Access control part 16 Object database 21, 22, ... Multiple clients 21a User information acquisition part 21b Print data generation part 21c Job generation part 30 Authentication server 40 Network 50 Printer 51 Printer controller 52 Print engine

Continuation of front page (51) Int.Cl. ⁶ Identification number Office reference number FI Technical display location G06F 3/12 G06F 3/12 K 15/00 330 15/00 330A

Claims (4)

[Claims] 1. A print processing apparatus for processing print instructions according to a plurality of protocols, and a user information creating unit for creating an identification certificate for certifying a user as the only user in the environment of a client, together with the identification certificate. An operation instruction means for instructing an operation related to print processing, an authentication means for performing a user authentication service, a support authentication level storage means for storing a security policy as to whether or not it is necessary to confirm the validity of the identification certificate, Validity inquiry determination means for determining whether to inquire whether or not the identification certificate is in accordance with the security policy when receiving the operation output from the operation instruction means, and when it is determined that an inquiry is necessary And the above identification card User confirmation means for confirming the user's legitimacy in response to an inquiry about the legitimacy of the statement, and operation control means for limiting the operation to the printer to the operations permitted to the user confirmed by the user confirmation means. And a print processing device. 2. The user authentication means capable of confirming a user as the only user in any multi-network environment when it is necessary to inquire about the validity of an identification certificate in the security policy. High-level confirmation that uses other services and low-level confirmation that can confirm only the user who is using the conventional print protocol and cannot confirm the user at all The print processing apparatus according to claim 1, further comprising level confirmation means. 3. The user information creating means is configured to create a new identification certificate from a result obtained by an authentication mechanism used in each client for each environment of the client, and a level confirmation in the user confirming means. The means, when it is necessary to inquire about the validity of the ID card in the security policy, confirms that the new ID certificate has been legally obtained by the authentication mechanism of the client. The print processing apparatus according to claim 1, wherein the print processing apparatus is configured to perform. 4. The operation control means confirms the level at the time of confirming the validity of the identification certificate by the user confirmation means, so that the user at the low level can make a print job of the user at the high level. The print processing apparatus according to claim 1, wherein the print processing apparatus is controlled so that no operation can be issued.