CN100476848C - Image reading apparatus, authentication method, evaluation system, evaluation method, and computer program product - Google Patents

Image reading apparatus, authentication method, evaluation system, evaluation method, and computer program product Download PDF

Info

Publication number
CN100476848C
CN100476848C CNB2007100020664A CN200710002066A CN100476848C CN 100476848 C CN100476848 C CN 100476848C CN B2007100020664 A CNB2007100020664 A CN B2007100020664A CN 200710002066 A CN200710002066 A CN 200710002066A CN 100476848 C CN100476848 C CN 100476848C
Authority
CN
China
Prior art keywords
image
information
reading device
unit
parameter
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CNB2007100020664A
Other languages
Chinese (zh)
Other versions
CN101004773A (en
Inventor
角谷浩
小谷诚刚
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Fujitsu Ltd
Original Assignee
Fujitsu Ltd
PFU Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Fujitsu Ltd, PFU Ltd filed Critical Fujitsu Ltd
Publication of CN101004773A publication Critical patent/CN101004773A/en
Application granted granted Critical
Publication of CN100476848C publication Critical patent/CN100476848C/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Landscapes

  • Storage Device Security (AREA)

Abstract

A TPM chip installed in an image reading apparatus records an operation log, and encrypts recorded operation log with a secret key. The image reading apparatus transmits encrypted operation log to an evaluation apparatus. The evaluation apparatus receives the encrypted operation log, decrypted received operation log, and evaluates an operation performed on the image reading apparatus based on decrypted operation log.

Description

Image-reading device, verification method, evaluating system, appraisal procedure and computer program
Technical field
The present invention relates to guarantee that the reliability of information and primitiveness are to be evaluated at the technology of the operation of carrying out on the image-reading device.
Background technology
For image-reading device has been carried out checking and assessment to operation, operating process and the operating parameter of being carried out by the user.When verifying and assess, must guarantee to be used to verify and the primitiveness of credibility, reliability and the mandate of the information assessed with higher accuracy.For example, be directly connected to the personal computer of image-reading device, use predetermined driver software identification image fetch equipment, and obtain information about the operating parameter of image-reading device.
For the security enhancement function of independently initiating by each enterprise, as the industry organization that the enterprise of technology is provided for personal computer (PC) platform, the calculating group (TCG) of being trusted is devoted to develop and promote to have the novel hardware/software of higher reliability and security.Japanese Patent Application Publication publication No.2005-317026 has illustrated that TCG is used for judging the technology of standard of the console module of being trusted (TPM) of the security chip that relates to computing platform.In addition, can also carry out checking and parameter information is verified, improve security by the combination that utilizes the digital certificates that biological characteristic validation, certification authority issue based on the classification of the operation parameter of messaging device.Japanese Patent Application Publication publication No.2004-157790 has illustrated the security determination methods of safeguarding suitable security and realizing information transmission and reception stably, the technology that system and security judgment device are judged in security.
Yet according to routine techniques, because used predetermined driver software simply, the information that is used to assess may be changed by duplicity ground.Therefore, a problem is arranged: the primitiveness of credibility, reliability and the mandate of the information that can not guarantee to be used to assess with higher accuracy.
Summary of the invention
The objective of the invention is to solve at least in part existing problem in the routine techniques.
Image-reading device according to an aspect of the present invention comprises the acquiring unit and the anti-chip of altering of the user totem information that is used to obtain identifying user.Anti-alter chip and comprise storage unit, be used for storing therein: the peculiar secret keys of image-reading device, be used to identify the validated user identification information that is allowed to validated user that image-reading device is operated, the peculiar device-specific information of image-reading device and about the environment for use of image-reading device and the facility environment information of operating environment; The collector unit that is used for collecting device customizing messages and facility environment information; User authentication unit, this unit comes the user is verified by the validity based on the user totem information that obtains of validated user identification information judgment of storage; The device authentication unit, this unit comes image-reading device is verified by judge the validity of the device-specific information of collecting based on the device-specific information of storage; The environment authentication unit, this unit comes the facility environment of image-reading device is verified by judge the validity of the facility environment information of collecting based on the facility environment information of storage; And the secret keys of utilizing storage ciphering unit that information is encrypted.
Evaluating system according to another aspect of the present invention is by network image-reading device to be coupled together with the assessment apparatus of assessing the operation that image-reading device is carried out to form.Image-reading device comprises the acquiring unit and the anti-chip of altering of the user totem information that is used to obtain identifying user.Anti-alter chip and comprise storage unit, be used for storing therein: the peculiar secret keys of image-reading device, be used to identify the validated user identification information that is allowed to validated user that image-reading device is operated, the peculiar device-specific information of image-reading device and about the environment for use of image-reading device and the facility environment information of operating environment; The collector unit that is used for collecting device customizing messages and facility environment information; User authentication unit, this unit comes the user is verified by the validity based on the user totem information that obtains of validated user identification information judgment of storage; The device authentication unit, this unit comes image-reading device is verified by judge the validity of the device-specific information of collecting based on the device-specific information of storage; The environment authentication unit, this unit comes the facility environment of image-reading device is verified by judge the validity of the facility environment information of collecting based on the facility environment information of storage; The ciphering unit that the secret keys of utilization storage is encrypted information; And with the transmission unit of information transmission to assessment apparatus.Assessment apparatus comprises the receiving element that receives the facility environment information of encrypting from image-reading device; The decryption unit that the facility environment information that receives is decrypted; And based on the assessment unit of the facility environment information evaluation of deciphering to the operation of image-reading device execution.
Appraisal procedure according to a further aspect of the invention is at evaluating system, and this evaluating system is by network image-reading device to be coupled together with the assessment apparatus of assessing the operation that image-reading device is carried out to form.This appraisal procedure comprises acquisition process, comprises the user totem information that is obtained identifying user by image-reading device; Implementation, comprise by image-reading device by based on the validity that is used to identify the user totem information that the validated user identification information judgment that is allowed to validated user that image-reading device is operated obtains, come the user is verified anti-alter in chip of described validated user identification information storage in being installed in image-reading device; Collection process, when the user totem information that obtains when judgement was effective, image-reading device was collected the peculiar device-specific information of image-reading device and the environment for use of relevant image-reading device and the facility environment information of operating environment; Implementation comprises by image-reading device coming image-reading device is verified by judging the validity of the device-specific information of collecting based on being stored in the anti-device-specific information of altering in the chip; Implementation comprises by image-reading device coming facility environment is verified by judging the validity of the facility environment information of collecting based on being stored in the anti-facility environment information of altering in the chip; Ciphering process, when the facility environment information of device-specific information of judge collecting and collection was effective, the image-reading device utilization was stored in the anti-secret keys of altering in the chip facility environment information is encrypted; Transmission course comprises by image-reading device the facility environment information transmission of encrypting to assessment apparatus; Receiving course comprises by image-reading device receiving the facility environment information of encrypting from image-reading device; Decrypting process comprises by assessment apparatus the facility environment information that receives is decrypted; And evaluation process, comprise the operation of based on the facility environment information evaluation of deciphering image-reading device being carried out by assessment apparatus.
Auth method according to a further aspect of the invention comprises the user totem information that obtains the user who is used for the identification image fetch equipment; By based on the validity that is used to identify the user totem information that the validated user identification information judgment that is allowed to validated user that image-reading device is operated obtains, come the user is verified anti-alter in chip of described validated user identification information storage in being installed in image-reading device; When the user totem information that obtains when judgement is effective, collect the peculiar device-specific information of image-reading device and the environment for use of relevant image-reading device and the facility environment information of operating environment; By judging the validity of the device-specific information of collecting, come image-reading device is verified based on being stored in the anti-device-specific information of altering in the chip; By judging the validity of the facility environment information of collecting, come facility environment is verified based on being stored in the anti-facility environment information of altering in the chip; When the facility environment information of device-specific information of judge collecting and collection is effective, utilize to be stored in the anti-secret keys of altering in the chip facility environment information is encrypted; And with the facility environment information transmission of encrypting to assessment apparatus.
Computer program according to a further aspect of the invention comprises the spendable medium of computing machine, program code with the embodied on computer readable that in medium, realizes, when carrying out these program codes, computing machine is carried out: the user totem information that obtains the user who is used for the identification image fetch equipment; By based on the validity that is used to identify the user totem information that the validated user identification information judgment that is allowed to validated user that image-reading device is operated obtains, come the user is verified anti-alter in chip of described validated user identification information storage in being installed in image-reading device; When the user totem information that obtains when judgement is effective, collect the peculiar device-specific information of image-reading device and the environment for use of relevant image-reading device and the facility environment information of operating environment; By judging the validity of the device-specific information of collecting, come image-reading device is verified based on being stored in the anti-device-specific information of altering in the chip; By judging the validity of the facility environment information of collecting, come facility environment is verified based on being stored in the anti-facility environment information of altering in the chip; When the facility environment information of device-specific information of judge collecting and collection is effective, utilize to be stored in the anti-secret keys of altering in the chip facility environment information is encrypted; And with the facility environment information transmission of encrypting to assessment apparatus.
Appraisal procedure according to a further aspect of the invention comprises the facility environment information of the encryption of the environment for use that receives relevant image-reading device and operating environment; The facility environment information that receives is decrypted; And based on the operation of the facility environment information evaluation of deciphering to the image-reading device execution.
Computer program according to a further aspect of the invention comprises the spendable medium of computing machine, program code with the embodied on computer readable that in medium, realizes, when carrying out these program codes, computing machine is carried out: the facility environment information that receives the encryption of the environment for use of relevant image-reading device and operating environment; The facility environment information that receives is decrypted; And based on the operation of the facility environment information evaluation of deciphering to the image-reading device execution.
By below reading to the detailed description of presently preferred embodiment of the present invention, and with reference to the accompanying drawings, will understand the meaning of above-mentioned and other purpose of the present invention, feature, advantage and technology and industry better.
Description of drawings
Fig. 1 is the synoptic diagram that is used to illustrate universal of the present invention;
Fig. 2 is the block scheme according to image-reading device of the present invention;
Fig. 3 is the block scheme according to TPM chip of the present invention;
Fig. 4 is the block scheme according to assessment apparatus of the present invention;
Fig. 5 is the process flow diagram of the processing procedure of operations according to the instant invention; And
Fig. 6 A and 6B are the synoptic diagram that is used for illustrating the operation of being carried out by the consistency checking unit of assessment apparatus.
Embodiment
Describe one exemplary embodiment of the present invention below with reference to the accompanying drawings in detail.The present invention is not limited only to following illustrated embodiment.For example, illustrated that the TPM chip is as the anti-example of altering chip according to the present invention.Yet the present invention is not limited only to this.
Fig. 1 is the synoptic diagram that is used to illustrate universal of the present invention.System according to the present invention generally comprises following feature.System the image-reading device 100 that provides in the equipment such as scanner, printer, multifunctional product and facsimile recorder is provided and is used to assess the assessment apparatus 200 of the operation that the user by image-reading device 100 carries out.Image-reading device 100 and assessment apparatus 200 link together, so that can communicate between them.Image-reading device 100 comprises as the anti-TPM chip 10 of altering chip, be used to obtain the user's that user totem information operates image-reading device 100 with sign acquiring unit and be used to transmit the transmission of Information unit.
TPM chip 10 has memory function, collecting function, user authentication feature, device authentication function, parameter authentication function and encryption function.
Memory function is used for storage: image-reading device 100 peculiar secret keys, be used to identify to image-reading device 100 operate through the validated user identification information of authorized user (promptly, password or fingerprint), image-reading device 100 peculiar device-specific information (that is the serial number of device identification number or image-reading device 100) and about the device parameter information of the device parameter such as operation parameter and operating parameter of image-reading device 100.
Collecting function is used for collecting device customizing messages and device parameter information, as comprise the operating parameter that image-reading device 100 is operated of being used for of resolution, colour/monochrome, document size, brightness and contrast, and/or comprise the Operation Log information (operation and process information) of the content of operation.
Whether user authentication feature is used for, correct based on the user totem information that is used to identify the user that image-reading device 100 is operated (that is, password or fingerprint) that the validated user identification information judgment of utilizing the memory function storage is obtained, to carry out user rs authentication.That is, user authentication feature is used for carrying out checking so that identifying user (identifying user) based on user totem information.
The device authentication function is used for, and judges based on the device-specific information of utilizing the memory function storage whether the device-specific information of utilizing collecting function to collect is correct, so that image-reading device 100 is carried out checking.That is, the device authentication function is used for based on device-specific information, and the authenticity of image-reading device 100 is carried out checking (marking equipment).
The parameter authentication function is used for, and judges based on the device parameter information of utilizing the memory function storage whether the device parameter information of utilizing collecting function to collect is correct, carries out checking with the device parameter that image is read parameter 100.
Encryption function is used for creating electronic signature, and utilizes secret keys that information is encrypted.
Image-reading device 100 utilizes TPM chip 10 to collect the Operation Log information as device parameter information, and with operation log information recording in TPM chip 10.Image-reading device 100 uses and is stored in secret keys in the TPM chip 10, utilizes the Operation Log information of 10 pairs of records of TPM chip to encrypt.After this, image-reading device 100 arrives assessment apparatus 200 with the Operation Log information transmission of encrypting.
Assessment apparatus 200 receives from the Operation Log information of image-reading device 100 transmission.The Operation Log information that 200 pairs of assessment apparatus receive is decrypted, and based on the Operation Log information of deciphering, assessment is by the operation of user's execution of image-reading device 100.When assessing, assessment apparatus 200 can be based on the Operation Log information of deciphering, the running time of the sequence of operations that the user of measurement image fetch equipment 100 carries out, can be based on the Operation Log information of deciphering with about the predetermined operating process information of the proper operation process of image-reading device 100, checking is by the consistance of the operating process of the operation of user's execution of image-reading device 100, and can be based on running time of measuring and the result who obtains from checking, assessment is by the skill level of the operation of user's execution of image-reading device 100.Assessment apparatus 200 not only can be assessed skill level, but also validity that can evaluation operation and appropriateness and user's qualification.
Fig. 2 is the block scheme of image-reading device 100.Only in the conceptive part configuration that has shown according to image-reading device 100 of the present invention.
As shown in Figure 2, image-reading device 100 generally comprises machine assembly 110, control module 120 and optical unit 130, as minimal configuration.Image-reading device 100 all comprises TPM chip 10 with respect to each unit, is used to collect the information about each unit, and canned data therein.In other words, disposed at least one unit for image-reading device 100, with a plurality of unit, with respect to each unit, all comprise TPM chip 10, be used to obtain the unit-specific information (that is, device identification number or serial number) of each unit, store the information of being obtained, and electronic signature is added in the information.TPM chip 10 storage unit information specific as serial number with create electronic signature and encrypt required secret keys, and comprise user authentication feature, device authentication function and parameter authentication function.In the main body of each unit, provide TPM chip 10, so that can not take out TPM chip 10 like a cork from the outside.In addition, stipulate that also if TPM chip 10 is disassembled, then just can't work in the unit.
Machine assembly 110 comprises and automatic document feeder (ADF) unit/flat unit (comprising motor and sensor, TPM chip 10) that interconnected, and the unit-interface unit that is used for machine assembly is connected to other unit.
Control module 120 comprises and interconnected microprocessing unit (MPU), the memory cell of having stored control program, graphics processing unit, fingerprint acquiring unit, network interface unit, random-access memory (ram), TPM chip 10 and unit interface unit.
Optical unit 130 comprises optical system unit, comprising charge-coupled device (CCD) and light source, and TPM chip 10, they are by the unit interface cell interconnection together.
Fig. 3 is the block scheme of TPM chip 10.Only in the conceptive part configuration that has shown according to TPM chip 10 of the present invention.As shown in Figure 3, as minimal configuration, TPM chip 10 comprises, MPU 11, be used to control the control program 12 of each unit, be used to the secret keys file 13 that utilizes secret keys that the information such as facility information is encrypted, stored the unit information file 14 of the device identification number of each unit, stored and be used for the password that the user is verified and the user authentication information file 15 of finger print information, stored and be used to the content of operating the operating parameter of each unit and/or comprising the operation of operating image-reading device 100, about the information of operating parameter and about the RAM 16 of the Operation Log information of the information of cell parameters.TPM chip 10 utilizes MPU 11 to carry out collecting function, user authentication feature, device authentication function, parameter authentication function and encryption function.
Fig. 4 is the block scheme of assessment apparatus 200.Only in the conceptive part configuration that has shown according to assessment apparatus 200 of the present invention.As shown in Figure 4, as minimal configuration, assessment apparatus 200 comprises, control module (comprising the CPU (central processing unit) that constitutes by hardware (CPU)), storage unit comprises hard disk drive and the memory cell such as RAM and ROM (read-only memory) (ROM), input block, output unit (that is, monitor and printer), I/O (I/O) control interface and Communications Control Interface.Each function in the assessment apparatus 200 all is to realize by the program of controlling each unit and each unit in the assessment apparatus 200.The hardware configuration of assessment apparatus 200 can be a messaging device, as the workstation or the personal computer that can from market, obtain, also can be the auxiliary device of messaging device.
As minimal configuration, the control module of assessment apparatus 200 comprises, receiving element, this unit receives from the device parameter information of the encryption of image-reading device 100 transmission (specifically, Operation Log information), decryption unit, this unit to the device parameter information that received by receiving element (specifically, Operation Log information) be decrypted, assessment unit, this unit is based on the operation of being carried out by image-reading device 100 through device parameter information (Operation Log the information specifically) assessment of decryption unit deciphering.Assessment unit comprises running time measuring unit, consistency checking unit and skill level assessment unit.The running time measuring unit is based on the running time of the operation of user's execution of the Operation Log information measurement image-reading device of deciphering through decryption unit 100.The consistency checking unit is based on through the Operation Log information of decryption unit deciphering with about the predetermined operating process information of the proper operation process of image-reading device 100, the consistance of the operating process of the operation that checking is carried out by the user of image-reading device 100.The skill level assessment unit is based on running time of being measured by the running time measuring unit and the checking result that obtained by the consistency checking unit, the skill level of the operation that assessment is carried out by the user of image-reading device 100.
Fig. 5 is the process flow diagram of the processing procedure of operations according to the instant invention.Image-reading device 100 obtains the user's that image-reading device 100 is operated password or fingerprint by the fingerprint acquiring unit in the control module 120, and based on password that obtains and fingerprint, utilize the user authentication feature of TPM chip 10, carry out user rs authentication (step SA-1, obtaining step and user rs authentication step).
When the checking result who is obtained in step SA-1 can accept, image-reading device 100 utilizes the collecting function of TPM chip 10 to obtain and write down serial number and Operation Log information, based on serial number of collecting and Operation Log information, utilize the device authentication function of TPM chip 10, image-reading device 100 is carried out device authentication (step SA-2 collects step and device authentication step).After this, image-reading device 100 utilizes the parameter authentication function of TMP chip 10 that the parameter of image-reading device 100 is verified (step SA-3, collection step and parameter verification step) based on the Operation Log information of collecting.
When the checking result who obtains in step SA-2 and step SA-3 can accept, image-reading device 100 uses the encryption function of TPM chip 10, utilize secret keys, the Operation Log information of collecting in step SA-3 is encrypted (step SA-4, encrypting step).
The Operation Log information transmission that image-reading device 100 utilizes control module 120 to encrypt in step SA-4 by network interface unit arrives assessment apparatus 200 (step SA-5, transmitting step).
Assessment apparatus 200 receives from the Operation Log information (step SA-6, receiving step) of image-reading device 100 transmission by the receiving element in the control module of assessment apparatus 200.
Assessment apparatus 200 uses corresponding decruption key (that is, PKI), by the decryption unit in the control module of assessment apparatus 200, Operation Log information is decrypted (step SA-7, decryption step).
Assessment apparatus 200 is by the assessment unit in the control module of assessment apparatus 200, and based on the Operation Log information of deciphering in step SA-7, assessment is by the operation (step SA-8, appraisal procedure) of user's execution of image-reading device 100.
In step SA-8, assessment unit can be in the running time measuring unit, and based on the Operation Log information of deciphering in step SA-7, measurement is by the running time of the operation of user's execution of image-reading device 100.In addition, assessment unit can also be based on the Operation Log information of deciphering in step SA-7 with about the predetermined operating process information of the proper operation process of image-reading device, the consistance of the operating process of the operation that checking is carried out by the user of image-reading device 100 in the consistency checking unit.After this, assessment unit can be based on running time of being measured by the running time measuring unit and the checking result who is obtained by the consistency checking unit, and assessment is by the skill level of the operation of user's execution of image-reading device 100.
Specifically, assessment unit is to analyzing about the Operation Log information of the sequence of operation shown in Fig. 6 B that is carried out by the user, and by measuring unit measuring operation time running time (running time shown in Fig. 6 B " t ").Assessment unit compares and analyzes about the Operation Log information of the sequence of operation shown in Fig. 6 B that is carried out by the user with about the operating process information in proper order of the proper operation shown in Fig. 6 A, with the error in the detecting operation process, and the consistance of the operation carried out of the user by consistency checking unit authentication image fetch equipment 100.After this, assessment unit based on by the running time of running time measuring unit measurement and the checking result who is obtained by the consistency checking unit, is assessed skill level by the skill level assessment unit.In addition, assessment unit can also detect the frequency that breaks down based on Operation Log information, can be based on user's sequence of operation, running time and the frequency that breaks down, and the assessment skill level.
As mentioned above, according to the present invention, image-reading device 100 utilizes the user authentication feature of TPM chip 10 to carry out user rs authentication, the device authentication function of utilizing TPM chip 10 utilizes the parameter authentication function of TPM chip 10 that image-reading device 100 execution parameter are verified to the checking of image-reading device 100 actuating equipments.In addition, image-reading device 100 also writes down the Operation Log information of being collected by the collecting function of TPM chip 10, and utilizes the encryption function of TPM chip 10, by secret keys the Operation Log information of record is encrypted.Image-reading device 100 arrives assessment apparatus 200 by control module 120 with the Operation Log information transmission of encrypting.Assessment apparatus 200 receives from the Operation Log information of image-reading device 100 transmission by receiving element, by decryption unit the Operation Log information that receives is decrypted, by assessment unit, based on the Operation Log information of deciphering, the operation that assessment is carried out by image-reading device 100.As a result, when operation that assessment is carried out by the user of image-reading device 100, can guarantee the primitiveness of credibility, reliability and the mandate of the information that is used to assess with higher accuracy.
The present invention only is confined to the detail and the representational embodiment that show and describe here.Correspondingly, under the situation of the spirit or scope that do not depart from claims and their the defined general inventive concept of equivalent, can carry out various modifications.For example, in the various processing that illustrate in the description to one exemplary embodiment, manually carrying out in explanation is that some or all processing of automatically carrying out also are acceptables.On the contrary, using known technology automatically to carry out in explanation is that some or all processing of manually carrying out also are acceptables.
In addition, unless stated otherwise, can revise the processing procedure, control procedure, specific names, the information that comprises various data and parameter, image and the database structure that exist in text and the accompanying drawing in any form.
The assembly of equipment shown in the accompanying drawing is based on concept of function.Assembly not necessarily must be arranged according to mode shown in the accompanying drawing physically.For example, the some or all processing capacities that provided by equipment can realize by CPU and the program of being analyzed and being carried out by CPU, also can be used as the hardware with hard wired logic and realize.Program is recorded in the recording medium, as illustrated after a while, and is retrieved with mechanical means as required by control module.
The computer program from the instruction of various processing to CPU being used for of sending that carry out that is associated with operating system (OS) is stored in the storage unit such as ROM or hard disk (HD).Computer program is loaded into and supplies among the RAM to carry out, and collaborative CPU has realized control module.Computer program can be stored in the apps server that connects by network, can download a part or whole computer program as required.
Can store in the computer-readable recording medium according to computer program of the present invention, comprise removable physical medium, built-in physical medium and the communication media that has temporarily kept program.Removable physical medium comprises floppy disk (FD), and magneto-optic (MO) dish, ROM, EPROM (Erasable Programmable Read Only Memory) (EPROM), EEPROM (Electrically Erasable Programmable Read Only Memo) (EEPROM), compact disc read-only memory (CD-ROM) or digital versatile disc (DVD).Built-in physical medium comprises ROM, RAM or the HD that is installed in the computer system.Communication media comprises communication line or the carrier that is used for by the network transmission program such as Local Area Network, wide area network (WAN) or the Internet.Program is with the data processing method of any compiling form with written in any language, causes source code and binary code both to accept.Not necessarily, also can be used as a plurality of modules or storehouse and separately prepare with single structure preparation routine.In addition, also can comprise and realized the functional programs that is associated with other programs such as OS.Be used for reading customized configuration, read process, and the installation process after reading can be known configurations and process according to the recording medium of each unit of embodiment.
Distribute and the AD HOC of integrated equipment is not limited only to shown those in the accompanying drawing.Can be according to various loads and user mode, on any any unit on function or distribution physically or integration section or all devices.For example, each database can make up a part of processing independently as independent database equipment and can realize by CGI (Common Gateway Interface) (CGI).
According to embodiments of the invention, when operation that assessment is carried out by the user of image-reading device, can guarantee the primitiveness of credibility, reliability and the mandate of the information that is used to assess with higher accuracy.
Though be describe with reference to specific embodiment of the present invention, to guarantee providing complete and explanation clearly, but, appended claim is not done so restriction, and all modifications and alternative structure have been interpreted as realizing, known to those skilled in the art, also in the scope of the ultimate principle of here being set forth.

Claims (7)

1. image-reading device comprises:
Be used to obtain the acquiring unit of the user totem information of identifying user; And
Resist and alter chip, comprising:
Storage unit is used for storing therein:
The peculiar secret keys of image-reading device;
Be used to identify the validated user identification information that is allowed to validated user that image-reading device is operated;
The peculiar device-specific information of image-reading device; And
About the operation parameter of image-reading device and the device parameter information of operating parameter;
The collector unit that is used for collecting device customizing messages and device parameter information;
User authentication unit, this unit comes the user is verified by the validity based on the user totem information that obtains of validated user identification information judgment of storage;
The device authentication unit, this unit comes image-reading device is verified by judge the validity of the device-specific information of collecting based on the device-specific information of storage;
The parameter authentication unit, this unit comes the device parameter of image-reading device is verified by judge the validity of the device parameter information of collecting based on the device parameter information of storage; And
Utilize the secret keys of storing at least one ciphering unit encrypted in described user totem information, described device-specific information and the described device parameter information,
Described image-reading device comprises that also the device parameter information transmission that is used for encrypting arrives the transmission unit of assessment apparatus.
2. image-reading device according to claim 1, wherein:
Device parameter information comprise relevant image-reading device operation operating parameter and comprise in the Operation Log information of content of operation at least one.
3. the assessment apparatus of an operation of image-reading device and assessment being carried out image-reading device by network couples together the evaluating system that forms, wherein
Image-reading device comprises:
Be used to obtain the acquiring unit of the user totem information of identifying user; And
Resist and alter chip, comprising:
Storage unit, be used for storing therein: the peculiar secret keys of image-reading device, be used to identify the validated user identification information that is allowed to validated user that image-reading device is operated, the peculiar device-specific information of image-reading device and about the operation parameter of image-reading device and the device parameter information of operating parameter;
The collector unit that is used for collecting device customizing messages and device parameter information;
User authentication unit, this unit comes the user is verified by the validity based on the user totem information that obtains of validated user identification information judgment of storage;
The device authentication unit, this unit comes image-reading device is verified by judge the validity of the device-specific information of collecting based on the device-specific information of storage;
The parameter authentication unit, this unit comes the device parameter of image-reading device is verified by judge the validity of the device parameter information of collecting based on the device parameter information of storage; And
The secret keys of utilizing storage is at least one ciphering unit encrypted in described user totem information, described device-specific information and the described device parameter information; And
Described image-reading device comprises that also the device parameter information transmission that will encrypt arrives the transmission unit of assessment apparatus, and
Assessment apparatus comprises:
Receive the receiving element of the device parameter information of encrypting from image-reading device;
The decryption unit that the device parameter information that receives is decrypted; And
Based on the assessment unit of the device parameter information evaluation of deciphering to the operation of image-reading device execution.
4. evaluating system according to claim 3, wherein
Device parameter information comprise relevant image-reading device operation operating parameter and comprise in the Operation Log information of content of operation at least one, and
Assessment unit further comprises
The running time measuring unit, this unit is based on the running time of Operation Log information measurement image-reading device;
Consistency checking unit, this unit are based on the predetermined operating process information of Operation Log information and relevant proper operation process, and checking is to the consistance of the operating process of image-reading device execution; And
The skill level of the operation that the checking outcome evaluation that skill level assessment unit, this unit are carried out based on the running time of measuring and consistency checking unit is carried out image-reading device.
5. the appraisal procedure of an evaluating system, this evaluating system are that the assessment apparatus of the operation image-reading device and assessment carried out image-reading device by network couples together and forms, and this appraisal procedure comprises:
Acquisition process comprises the user totem information that is obtained identifying user by image-reading device;
Implementation, comprise by image-reading device by based on the validity that is used to identify the user totem information that the validated user identification information judgment that is allowed to validated user that image-reading device is operated obtains, come the user is verified anti-alter in chip of described validated user identification information storage in being installed in image-reading device;
Collection process when the user totem information that obtains in judgement is effective, is collected the peculiar device-specific information of image-reading device and the operation parameter of relevant image-reading device and the device parameter information of operating parameter by image-reading device;
Implementation comprises by image-reading device coming image-reading device is verified by judging the validity of the device-specific information of collecting based on being stored in the anti-device-specific information of altering in the chip;
Implementation comprises by image-reading device coming device parameter is verified by judging the validity of the device parameter information of collecting based on being stored in the anti-device parameter information of altering in the chip;
Ciphering process when the device parameter information of the device-specific information of judge collecting and collection of being included in is effective, is stored in the anti-secret keys of altering in the chip by the image-reading device utilization device parameter information is encrypted;
Transmission course comprises by image-reading device the device parameter information transmission of encrypting to assessment apparatus;
Receiving course comprises by assessment apparatus receiving the device parameter information of encrypting from image-reading device;
Decrypting process comprises by assessment apparatus the device parameter information that receives is decrypted; And
Evaluation process comprises the operation of based on the device parameter information evaluation of deciphering image-reading device being carried out by assessment apparatus.
6. appraisal procedure according to claim 5, wherein
Device parameter information comprise relevant image-reading device operation operating parameter and comprise in the Operation Log information of content of operation at least one, and
Described evaluation process further comprises:
Based on the running time of Operation Log information measurement image-reading device;
Based on the predetermined operating process information of Operation Log information and relevant proper operation process, checking is to the consistance of the operating process of image-reading device execution; And
Checking outcome evaluation during based on running time of measuring and checking is to the skill level of the operation of image-reading device execution.
7. appraisal procedure comprises:
Obtain the user's who is used for the identification image fetch equipment user totem information;
By based on the validity that is used to identify the user totem information that the validated user identification information judgment that is allowed to validated user that image-reading device is operated obtains, come the user is verified anti-alter in chip of described validated user identification information storage in being installed in image-reading device;
When the user totem information that obtains when judgement is effective, collect the peculiar device-specific information of image-reading device and the operation parameter of relevant image-reading device and the device parameter information of operating parameter;
By judging the validity of the device-specific information of collecting, come image-reading device is verified based on being stored in the anti-device-specific information of altering in the chip;
By judging the validity of the device parameter information of collecting, come device parameter is verified based on being stored in the anti-device parameter information of altering in the chip;
When the device parameter information of device-specific information of judge collecting and collection is effective, utilize to be stored in the anti-secret keys of altering in the chip device parameter information is encrypted;
The device parameter of encrypting is transferred to assessment apparatus;
Receive the device parameter of the encryption of the operation parameter of relevant image-reading device and operating environment;
The device parameter that receives is decrypted; And
Device parameter based on deciphering is assessed the operation that image-reading device is carried out.
CNB2007100020664A 2006-01-18 2007-01-18 Image reading apparatus, authentication method, evaluation system, evaluation method, and computer program product Expired - Fee Related CN100476848C (en)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
JP2006010356 2006-01-18
JP2006010356 2006-01-18
JP2006158720 2006-06-07

Publications (2)

Publication Number Publication Date
CN101004773A CN101004773A (en) 2007-07-25
CN100476848C true CN100476848C (en) 2009-04-08

Family

ID=38703905

Family Applications (1)

Application Number Title Priority Date Filing Date
CNB2007100020664A Expired - Fee Related CN100476848C (en) 2006-01-18 2007-01-18 Image reading apparatus, authentication method, evaluation system, evaluation method, and computer program product

Country Status (1)

Country Link
CN (1) CN100476848C (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2013015992A (en) * 2011-07-04 2013-01-24 Sony Corp Communication device, communication method, service provision device, service provision method, cooperation device, cooperation method, program, transmission/reception system and transmission/reception method
CN108769004B (en) * 2018-05-25 2021-08-03 郑州轻工业大学 Remote operation safety verification method for industrial internet intelligent equipment

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1694032A (en) * 2004-04-29 2005-11-09 国际商业机器公司 Method and system for bootstrapping a trusted server having redundant trusted platform modules

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1694032A (en) * 2004-04-29 2005-11-09 国际商业机器公司 Method and system for bootstrapping a trusted server having redundant trusted platform modules

Also Published As

Publication number Publication date
CN101004773A (en) 2007-07-25

Similar Documents

Publication Publication Date Title
JP5074709B2 (en) Target device, device management system, device management method, and external device
CN101958795B (en) Key storage device, biometric authentication device, biometric authentication system, key management method, biometric authentication method
CN1968095B (en) Method and apparatus for login local machine
CN100463483C (en) Image processing system
CN101159800B (en) Image processing apparatus
KR101039390B1 (en) A method and system of examining the genuineness of the issued document using a bar-code
US8341398B2 (en) Communication system, network device and program
JP2009532792A (en) Product certification system
JP2006246015A5 (en)
US20070198861A1 (en) Method and apparatus for processing information, and computer program product
US8156548B2 (en) Identification and authentication system and method
JP4960023B2 (en) Image reading apparatus, authentication method, evaluation system, evaluation method, and program
JP2008181178A (en) Network output system, authentication information registration method, and authentication information registration program
US7916328B2 (en) Image reading apparatus and computer program product
KR100841274B1 (en) The forgery of the scanning original document and the system for security management for the check protect and the security management method for the originals maintain
JP5227474B2 (en) Device management system, device management method, and external device
US20090152350A1 (en) Systems, methods, and programs for voter information initialization and consolidation
CN100476848C (en) Image reading apparatus, authentication method, evaluation system, evaluation method, and computer program product
US7711962B2 (en) Data transmission system, data transmission method, and device
KR100918301B1 (en) electron document management system possible electron document - history management and store leading.
JP2006268513A (en) Log-on management device for terminal device
KR101285362B1 (en) Authentication system for electronic signature
CN100517356C (en) Image reading apparatus and computer program product
CN112651033A (en) LIMS-based inspection information acquisition and input method, system and medium
US20220414199A1 (en) Method and token for document authentication

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
ASS Succession or assignment of patent right

Free format text: FORMER OWNER: FUJITSU LTD.

Effective date: 20150519

Owner name: FUJITSU LTD.

Free format text: FORMER OWNER: PFU LIMITED;PFU LIMITED

Effective date: 20150519

C41 Transfer of patent application or patent right or utility model
TR01 Transfer of patent right

Effective date of registration: 20150519

Address after: Kanagawa, Japan

Patentee after: Fujitsu Ltd.

Address before: Ishikawa County

Patentee before: PFU Company

Patentee before: Fujitsu Ltd.

CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20090408

Termination date: 20180118

CF01 Termination of patent right due to non-payment of annual fee