Embodiment
Here will be described in detail at the preferred embodiments of the present invention, i.e. the equipment of print secure documents and method.Though detailed description of the present invention will be in conjunction with the preferred embodiments, will be appreciated that the present invention is not limited to these embodiment.On the contrary, intention of the present invention comprises the various equivalent embodiments that substitute, revise, and these equivalent embodiments as the appended claims definition also should comprise within the spirit and scope of the present invention.
In addition, for following detailed description the in detail of the present invention, many specific detail of illustrating are in order to understand the present invention more completely.Yet those skilled in the art will be appreciated that does not have these specific detail can implement the present invention yet.Under other situations, the method for knowing, program, element and circuit do not describe in detail at this, avoid making feature of the present invention smudgy.
Fig. 1 has illustrated the network system that comprises a printer 102 100 of one embodiment of the invention.Network 100 has various device, and these equipment intercom mutually by various communication protocols, as Internet protocol (IP) and transmission control protocol (TCP).Thereby comprising printer 102, a plurality of PC or teller work station 104,106...108, network 100 can make intercom the mutually server 110 of exchange message and/or instruction of each several part with one.For simplicity's sake, although only illustrated three workstation1s 04,106...108, network 100 can have any amount of workstation, and can use printer 102 print file.
For example, network system 100 can be a Local Area Network, and teller work station 104,106...108 intercom mutually thereby the kind equipment of server 110 and printer 102 is connected to the maincenter of LAN.Printer 102 can only have printing function, perhaps can be a multipurpose plant that also comprises other functions, as scanning, duplicating, fax and/or e-mail function.
According to one embodiment of the invention, network 100 can have a secure printing software.One of them embodiment according to the present invention, secure printing software is installed among workstation1 04, the 106...108.Perhaps, in another embodiment, secure printing software is installed in the server 110.Secure printing software allows that printer 102 communications are to carry out secure print job will.
Fig. 2 has illustrated the printer 102 of network system shown in Figure 1 100 of one embodiment of the invention.Printer 102 comprises a print module that is used to print 222 and a circuit board 220, and this circuit board 220 comprises control circuit (not shown) and a plurality of slot 204,206,208 of a control print module 222.Slot 204,206,208 is designed to receive a particular module, and in one embodiment, slot 204,206,208 is configured to receive the holding tank of memory module.For example, a memory module can be a dual inline type memory module (DIMM), and another memory module can be a Single in-line memory module (SIMM).The memory module that is connected to this holding tank has a specific dimensions usually and mates profile to be made it to closely cooperate with associated slots.For example, slot 208 can be 100 pin dimm sockets that are generally used for printer and desktop computer.These memory modules can be installed separately, replace or be keeped in repair.Memory module can comprise one or more random access memory (RAM) chip on the single circuit board.
According to one embodiment of present invention, security module 212 possesses the contactless communication function, makes that working as portable set 218 security module 212 in the particular range of proximity printing machine 102 can communicate by letter with portable set 218.Security module 212 is made the size of similar with particular module (as memory module) so that can cooperate fully with slot 208.Network 100 users carry portable set 218, and security module 212 also comprises a contactless communication equipment 216 of communicating by letter with portable set 218.
When the user carried portable set 218 proximity printing machines 102, the contactless communication equipment 216 of security module 212 detected the existence and the identity thereof of this portable set 218.Whether the identity that secure printing software then detects portable set 218 is consistent with the identity code of a mandate, if the identity code of the identity of portable set 218 and mandate coupling then starts print secure data.As previously mentioned, printer 102 has the security module 212 that cooperates with portable set 218, and secure printing software possesses the secure printing characteristic.
In addition, will be appreciated that by the slot on the circuit board, the security module 212 that is easy to possess contactless communication equipment 216 is installed on any other the printer, so that printer possesses the secure printing characteristic, and this makes printer have the secure printing characteristic to need not any hardware and change.Therefore, the secure printing characteristic can be used as the component market product and sells, and perhaps customizes according to the specific user and sells the printer with secure printing characteristic.The complicated assembling process that occurs during the outside contact of available technology adopting input equipment can be avoided.
In one embodiment of the invention, the contactless communication equipment 216 of security module 212 can be radio frequency (RF) reader of incorporating standard size memory module (as DIMM) into.When the user carried portable set 218 proximity printing machines 102, radio-frequency reader 216 can communicate by the RF signal, thus the correlative code of identification portable set 218 and/or portable set 218.The firmware code of system can also be updated, thereby the radio-frequency reader 216 by security module 212 reads a cognizance code, this cognizance code is compared with the authorization code of a specific classified document, if cognizance code and authorization code coupling then allow to print this classified document.Except that radio-frequency reader 216, other bundled features also rise in the security module 212, and these characteristics comprise the confidential nature as encryption and decryption characteristic etc.
In one embodiment of the invention, can place a transmitter or receiver in the security module 212.Portable set 218 comprises other cooperating equipments (transmitter or receiver), so security module 212 can communicate with portable set 218 and equipment room does not need physics to contact.
Security module 212 not only comprises transmitter but also comprise receiver in accordance with another embodiment of the present invention.The transmitter of security module 212 sends an interrogating signal that frequency is known, and portable set 218 responds this interrogating signal with the response signal of an expression recognition data.The receiver of security module 212 then detects this response signal, and this response signal is decoded into the required signal of recognition data of judging that portable set 218 provides.An antenna be can also comprise in the security module 212, the transmission of interrogating signal and the reception of response signal are used to assist.
Fig. 3 has illustrated the security module 212a and the portable set 218a of another embodiment of the present invention.As shown in Figure 2, printer 102 utilizes security module 212a to make the portable set 218a that carries as the user in printer 102 predetermined distances, can realize contactless communication between security module 212a and the portable set 218a.Security module 212a comprises an antenna 308, as the 50Ohm antenna, a radio-frequency (RF) identification (RFID) AFE (analog front end) (AFE) circuit 302, a microcontroller 304, as one 8 8-digit microcontroller, and the field programmable gate array (FPGA) 306 that can carry out the encryption and decryption function, as data encryption standard (DES), Advanced Encryption Standard (AES) and triple DES (3DES).
Portable set 218a can be a transponder or the label incorporating smart card into and cooperate with RFID circuit 302.Portable set 218a comprises an active or passive label.Active label possesses the power supply (as battery) of oneself, and with the time interval transmission signals of rule.Active label is more farther than passive label operating distance usually.Passive label does not have the power source of oneself, is activated when passive label runs into the electromagnetic field that the transmitter of RFID circuit 302 sends.Portable set 218a can be a contact type intelligent card, or observes iso standard (comprising ISO1443A or ISO15693) or compatible with it.
Security module 212a shown in Figure 3 can be in conjunction with the confidential nature of the evident characteristics and the encryption and decryption circuit 306 of RFID/AFE circuit 302.Security module 212a also comprises the base station (not shown) and the field modulation switch (not shown) that are operated in characteristic frequency (as 13.56MHZ).
AFE (analog front end) (AFE) circuit 302 can be the integrated simulation system of the RFID frame of reference of 13.56MHz.AFE circuit 302 purposes are a lot, can be used for having the different RF ID frame of reference of different subcarrier frequencies, as comprise 212kHz to 848kHz, and this has just covered the standard of ISO14443 and ISO15693.Security module 212a observes or the standard of compatible ISO15693, makes security module 212a can detect portable set 218a in about 3 meters scopes.The AFE circuit 302 of security module 212a also comprises an integrated circuit (IC) transmitter, this integrated circuit transmitter can send to the output power of 20mW 50ohm (antenna), and transmitter can utilize various modulation techniques, comprises amplitude shift keying (ASK) and on-off keying (OOK) digital modulation technique.
In addition, Fig. 4 has illustrated the workstation1 04b of one embodiment of the invention.Workstation1 04b comprises a print out task creator 404 that sends a secure print job will.Those skilled in the art should know that this print out task creator 404 can be the software that moves in the operating system.When sending secure print job will, workstation1 04b requires the user that the cognizance code relevant with portable set 218b is provided.For example, portable set 218b is a contact type intelligent card.Workstation1 04b has a communication module 402, and this communication module 402 is communicated by letter with portable set 218b by radiofrequency signal and obtained/receive the authentication codes of portable set 218b.The cognizance code of the portable set 218b that is received saves as authorization code, and this authorization code combines with secure print job will in the authorization code module 406 of workstation1 04b, and this secure print job will is sent to server 110b.Then, when the user carried portable set 218b proximity printing machine 102, the cognizance code of portable set 218b was printed machine 102b and receives and send to server 110b.The cognizance code that the comparer 412 of server 110b is used for relatively receiving and the authorization code of secure print job will are if the cognizance code that receives is consistent with authorization code the print security task.In this case, no portable set 218b person just can't start the print security task.In addition, the user can import or key entry and the relevant authorization code of portable set 218 cognizance codes.
According to another embodiment of the invention, when user's logging in network 100, network 100 is just discerned this user.Security software has recognition code list, and these cognizance codes are relevant with the cognizance code of the portable identification 218 of authorized user.When the user sends a secure print job will, this secure print job will is sent to printer 102.Ability print security task when the cognizance code that the user carries portable set 218 proximity printing machines 102 and portable set 218 is consistent with authorization code in the tabulation.In other words, in this case, printer 102 starts secure print job will by a group authorized user.
Fig. 5 has illustrated the step 500 of print secure documents of one embodiment of the invention.In step 500, during a workstation print secure documents, the user carries out print command at workstation in using network, and workstation is directly handed to the task of print secure documents printer or handed to printer by a server of network.In step 512, the user carries portable set near printer.In step 514, portable set is with noncontact mode (as the RF signal) and printer communication, and the cognizance code of portable set sends security module to.In step 516, the cognizance code of portable set is compared with an authorization code, thereby whether the cognizance code of judging portable set mates with authorization code.If the cognizance code and the authorization code of portable set do not match, then forward step 520 to and stop to print.If coupling then forwards step 518 to and allows the print security task.
In one embodiment, in step 500, send an authorization code relevant with print out task and with the cognizance code unanimity of portable set.Authorization code is attached on the print out task.In step 516, the cognizance code of portable set is compared so that allow the print security task with the authorization code that adheres to.
Though description before and description of drawings the preferred embodiments of the present invention, it should be understood that also to have various interpolations, modification and the replacement that does not break away from the present invention's spirit scope essence, as the definition of appended claims.It will be understood by those skilled in the art that, many forms, structure, arrangement, ratio, material, element, assembly or other aspects also can be used for the present invention through revising, especially be useful under the specific environment and specific operation is implemented the present invention when needing, these do not break away from essence of the present invention.Therefore, the embodiment of Jie Shiing should be as the explanation of all aspects of the scope of the invention here, rather than restrictive, and the present invention is represented by appended claims and legal equivalent thereof, the description before being not limited to.