JP2001016383A - Digital composite machine, image input and output system and user authentication method - Google Patents

Abstract

PROBLEM TO BE SOLVED: To solve various problems related to the user authentication by sorting user authentication into a 1st user authentication of a prescribed level and a 2nd user authentication having the intensity of authentication lower than the 1st user authentication and deciding whether the result of the 2nd user authentication is validated according to initial setting. SOLUTION: When a user ID is inputted via ten keys, the fact whether the input of the user ID should be approved can be set on an initialization table T20. In other words, a display input control part 92a refers to the table T20 after the user ID is inputted and displays a message such as 'This device is unusable.' as long as the input of the user ID is inhibited. Thereafter, the input of function keys are inhibited. It is possible to share the data resources by connecting plural devices to each other on a network via a LAN controller (storage means) 97.

Description

DETAILED DESCRIPTION OF THE INVENTION

[0001]

The present invention relates to a digital multifunction peripheral, and more particularly, to a digital multifunction peripheral capable of registering and retrieving image data.

[0002]

2. Description of the Related Art FIG. 1 is a schematic functional block diagram of a digital multi-functional peripheral disclosed in Japanese Patent Application Laid-Open No. 10-308868.

First, when performing document registration, document retrieval, and the like described below, user authentication is performed to determine whether the user can use the apparatus. That is, first,
A user who uses the device is registered in the user table T40 of the storage unit 97 in a procedure described later. In this state, it is integrated (or separate) into the device.
The card reader / writer has the user's name, department,
When the user registration card Ku in which the user ID or the like is written is set, the user management means 200 reads the contents of the card Ku and refers to the user table T40 to determine whether the user is registered in the user table T40. It is basically determined that the device can be used only when the device is registered.

The registration of the user in the user table T40 is performed when the user registration card Ku is created. Further, instead of the input using the user registration card Ku, the user ID is input from the ten keys on the control panel 92.
The same effect can be obtained by inputting. Furthermore, simple copy processing (copy processing without other functions) does not require user authentication.

[0005] When the user is authenticated as described above, processing such as document registration described below can be performed.

That is, in a state where a paper document is set in an auto document feeder (hereinafter referred to as "ADF") provided in an image reading means 13 such as a scanner, the user registration card Ku is sent to the card reader / writer as described above. Insert (or input user ID from numeric keypad)
After the operation, the function keys K11 to K on the control panel 92 are
When the “registration” (see FIG. 5) in the instruction 14 is input, the image reading unit 13 converts the paper documents fed one by one by the ADF into document image data, and
To be stored.

When the document image data is stored in this way, the document management means 3 issues a unique document ID and then stores the document image data as a document image file 7 having a file name corresponding to the document ID. Means 97 (for example, a hard disk) and the document ID
To the document ID encoding unit 4, which generates a document ID mark corresponding to the document ID and passes it to the pattern synthesizing unit 8. Thus, the pattern synthesizing means 8 synthesizes the document ID mark and a predetermined page (the first page or a page having a characteristic image, etc.) of the document image data to thereby obtain the document image data with the document ID mark (hereinafter referred to as the document image data). “Covered cover image data” is generated and passed to output means 9 such as a printer.
As a result, a cover sheet with a mark as shown in FIG.

Here, when registering the document image data as described above, the document management means 3 registers the attribute information of the document image data in an attribute management table T10 as shown in FIG. . This attribute information is the document ID
In addition to the number of pages of registered documents, image size, registration method (simple registration without copy, registration with copy, registration with fax transmission, registration with fax reception, registration by computer input, etc. ), Registration date, registration time, user ID, access right, and the like.

In the case where only the "owner", that is, the user who has registered the document image data, has the right to access, the "right", that is, the "group", that is, the person who is registered in the apparatus as described later, has the access right. If the user has the right to do so, there is a case where "free", that is, anyone has the right to access, and these access right types can be selected from the control panel 92 at the time of document registration except for the case of receiving the fax. (See FIG. 5).

The storage means 97 includes a hard disk built in the device, a removable medium 98 loaded in a drive 99 mounted in the device, a server connected to the device via a LAN or the like, or the like. Can be considered. Such a difference in the storage means 97 is indicated by a media ID on the attribute management table T10 shown in FIG.

Here, the document image data registered as described above can be extracted as follows. That is, first, the function keys K11 to K of the control panel 92 are set with the cover with the mark set on the ADF.
When the instruction of "take out" (see FIG. 5) is input in 14,
The image reading unit 13 converts the cover with the mark into cover image data with the mark and stores the data in the memory 79.
When the cover image data with the mark is stored in this manner,
The document management means 3 sends the document I so as to start the decoding process.
Instructs the D decoding means 5 to receive the document ID
The decoding means 5 decodes the document ID mark image data included in the marked cover image data into a document ID, and then returns the document ID to the document management means 3. As a result, the document management unit 3 confirms the access right and the document ID as described below, retrieves the document image data corresponding to the document ID from the storage unit 97, and outputs this document image data. Pass to means 9. As a result, a paper document corresponding to the cover with the mark is printed from the output unit 9.

As described above, according to the configuration using the cover with the mark, it is not necessary to perform a troublesome operation such as inputting a document ID using the ten keys of the control panel 92, and the desired document image data can be printed on the paper. Can be retrieved as a document.

Here, the image reading means 13 is illustrated as an input source of document image data (document image input means), but a facsimile receiving means for receiving image data from a facsimile or a print image data from a computer. May be used as the input source. The document image data retrieved from the storage unit 97 is not only output to a printer provided in the apparatus as described above, but also output to a remote facsimile or output to a printer connected via a network. It is also possible. Further, the document image data registered in the hard disk as described above can be copied or moved to another storage medium (for example, a removable medium such as a magneto-optical disk).

When trying to access specific document image data as described above, first, it is necessary to specify the document image data to be accessed.

That is, as shown in FIG. 4, when a cover with a mark is set in the ADF, the document ID mark of the cover with the mark is decoded to obtain a document ID (steps S131a → S132 → S133), and When the attached cover is not set on the ADF, the document ID input by the ten keys on the control panel 92 is obtained (step S131a → S131b).

Next, based on the document ID obtained as described above, it is determined whether this user has a right to access the document image data (step S134).
And only if we determine that we have access,
The document image data designated as described above (that is, the document image data of the document ID) is accessed.

[0017]

By the way, according to the above-mentioned conventional apparatus, the user ID can be inputted from the control panel 92, and even if the user does not have the user registration card Ku, the apparatus can be used. It can be put into operation. For this reason, a person who comes to know the user ID and password of another person at any occasion can easily access the document image data of another person by using the user ID and password of the other person, thereby improving security. This is a problem.

Further, according to the above-mentioned conventional apparatus, it is possible to use a limited range (for example, copy processing) without using the user registration card Ku. However, extended functions other than copy processing (for example, document registration processing) ) Cannot be executed basically without using the user registration card Ku. For this reason, even if the document has low confidentiality, a user registration card Ku is required when registering the document, which may be rather troublesome.

The present invention has been proposed in view of the above-mentioned conventional circumstances, and has as its object to solve various problems caused by requiring user authentication for using an apparatus.

[0020]

The present invention employs the following means to achieve the above object. That is, according to the present invention, as shown in FIG. 1, document image data corresponding to a specific document input from at least one type of document image input means (image reading means) 13 is stored in a document ID for specifying the document image data. And at least one storage means 97
And the attribute information including the document ID is managed by the document management means 3, and the document specified based on the document ID can be output from the output means 9 as necessary. It assumes a possible digital MFP.

In this apparatus, the user authentication is classified into a first user authentication having a predetermined level of authentication strength and a second user authentication having a lower level of authentication strength than the first user authentication. Display input control section 92a that determines whether or not the result of user authentication is valid based on the initial setting
The configuration was provided with. The first user authentication is authentication based on an attribute of the user including the user registration card Ku, and the second user authentication is control panel 9
This is authentication based on the user ID and password input from Step 2. As a result, it is possible to restrict the removal using the user ID and the password of another person.

Further, when the user is authenticated, a display input control section 92a is provided which displays a list of digital multifunction peripherals connected to the network on the control panel 92 and prompts the user to select a target apparatus. It may be configured. By doing so, the user registration card Ku
The target device can be used from any device connected to the network without using the device.

Further, when the user authentication has not been performed, the document management means 3 for judging whether or not various functions provided by the digital MFP can be used based on initial settings may be provided. In this manner, uselessly high security for the document image data with low confidentiality can be relaxed.

Further, the apparatus may further comprise the document management means 3 for setting an access right to the registered document image data without performing the user authentication based on an initial setting.

Further, there is provided a user management means 200 for changing the owner of the registered document image data to another user. When the user management means 200 performs a user deletion process, the document registered by the user is deleted. The image data may also be deleted by the document management means 3. This can prevent unnecessary document image data from being left in the storage unit 97.

[0026]

FIG. 1 is a schematic functional block diagram of a digital multifunction peripheral to which the present invention is applied. The configuration of the multifunction peripheral will be described below, focusing only on differences from the above-described conventional multifunction peripheral. (Embodiment 1) First, in addition to the items described below, the storage means 97 is provided with an initial setting table T20 for setting the functions of the present apparatus, and the set values are set as defaults at the time of factory shipment. However, it can be changed by the user.

This apparatus basically has a copy function, and basically can be used by anyone when performing copy processing regardless of the user ID described below.

Further, when an expansion key (not shown) of the control panel 92 is turned on, the apparatus shifts to a function requiring security such as "registration", "removal", and "management". That is, when the extension key is turned on, keys such as "Registration" K11, "Eject" K12, and "Management" K13 are displayed as shown in FIG. 5, and a default function (for example, "Registration" K11) is selected. It is in the state that was done.

Here, when a key corresponding to a function other than the default function (target function) is turned on, the operation shifts to the target function. Then, click "Register"
N, when the process proceeds to the document registration process (or when the default is “registration”), the display input control means 92 a
The user is prompted to insert the user registration card Ku into the card reader / writer or to input a user ID from the ten keys on the control panel 92. Therefore, a person who comes to know the user ID and password of another person at some occasion can register a document using the user ID and password of the other person, and the problem is whether to permit such a state. Becomes

Therefore, in the present invention, when a user ID is input using the numeric keypad, whether or not the input is accepted can be set in the initial setting table T20. That is, the display input control unit 92a refers to the initial setting table T20 when the user ID is input using the numeric keypad, and here, when the input of the user ID using the numeric keypad is prohibited, For example, a message such as "This device cannot be handled" is displayed, and thereafter, input of the function keys K11 to K14 is prohibited.

As described above, according to the present embodiment, access to document image data of another person using the numeric keypad can be prohibited, and security is enhanced.

In the present invention, the LAN controller 97
A plurality of devices can be connected to each other via a network via a network to share data resources. Here, when a plurality of devices are connected via a network, it is necessary to input not only a user ID but also information for specifying a target device, that is, input of a device ID. Therefore, in such a form, the device ID is also written on the user registration card Ku, and the target device is specified by reading the user registration card Ku with a card reader / writer. In this way, a desired device can be used from any device connected to the network.

However, when inputting the user ID and the password from the control panel 92, the device ID
Is also inconvenient because the user's memory is ambiguous. Therefore, when the user ID and the password are input from the control panel 92, the currently used device is used and the display input control unit 92a displays all the devices connected to the network.
It is preferable to display a list in the list, and instruct the user to specify a target device from the list. In this way, the target device can be used from any device connected to the network without using the user registration card Ku.

In this embodiment, each digital multifunction peripheral manages document image data.
It is not limited to this. For example, as shown in FIG. 7, the server 300 connected via the LAN controller 97 may centrally manage the document image data. Such unified management can be realized by using unique information (hereinafter, referred to as “image ID”) between document image data in the image input / output system, such as information including a device ID and a document ID. That is, when registering the document image data, the document image data to be registered is transmitted to the server 300 by designating the image ID, and when the document image data is retrieved, a retrieval request specifying the image ID can be issued to the server 300. I just need. According to such an image input / output system, not only the operation of designating a target device from the list as described above is not required, but also it is not necessary to provide a large-capacity storage unit 97 in each digital multifunction peripheral. (Embodiment 2) As described above, an extended function basically requires user authentication. If user authentication is required for all functions, a user registration card Ku or a numeric keypad can be used even when security is not required. In such a case, the user needs to input the user ID, which is rather troublesome.

Thus, in the present embodiment, it is possible to set whether or not to enable document registration without user authentication in the initial setting table T20. That is, when the document registration is possible without user authentication, when the cancel key K10 (not shown) is turned on when the control panel 92 requests the input of the user ID, the display input control unit 92a sends the document management unit 3 A document registration permission is issued, thereby enabling the document registration process. The access right at this time is basically "free (anyone can access)", and the document management means 3 sets "free" in the access right column of the attribute management table T10.

Although the access right of the document image data registered without user authentication is set to "free" here,
The type of this access right can be changed. That is, whether the type of the access right is “free” or “group” is set in the initial setting table T20. When “group” is set here, the document image data registered without user authentication as described above is set. , The type of the access right is “group”, and access is permitted only to the user registered in the device. (Embodiment 3) As described above, the present invention is based on the premise that the user registration card Ku is created. This user registration card Ku has a user name and a user name as shown in FIG. 6 in a state where an unregistered card is inserted into a card reader / writer.
Enter your affiliation, phone number, recite number (password) and enter
It is created by turning on the K key, and at this time, a unique user ID is assigned by the device. As a result, information relating to the user is registered in the user table T40 by the user management means 200, and the user registered in the same apparatus as described above is registered in the attribute management table T10 shown in FIG. This constitutes a "group".

Here, when a specific user is deleted from the user table T40, handling of document image data registered by the user becomes a problem. That is, since such document image data is unlikely to be used later, it is not preferable to leave the document image data registered in the storage unit 97.

Therefore, in the present invention, the user registration card Ku is inserted into the card reader / writer in a state where the user deletion mode (not shown) is designated from the control panel 92 (or the user ID and password are inputted from the ten keys). When the OK key is turned on, the control panel 92 issues a user deletion instruction to the user management means 200. As a result, the user management unit 200 deletes the user whose deletion has been instructed from the user table T40, and deletes the user ID of this user.
Is notified to the document management means 3, and the document management means 3 having received the notification extracts the document having the user ID from the attribute management table T10, and deletes the corresponding document image data from the storage means 97.

When there is a change in the state of the user (department or the like), it is necessary to change the contents of the user registration card Ku. That is, with the user information change mode (not shown) specified by the control panel 92,
When the user registration card Ku is inserted into the card reader / writer (or when the user ID and the password are input from the numeric keypad), the user management unit 200 displays the current user registration contents on the control panel 92. Here, for the items that need to be changed, the contents are entered from the numeric keypad and the OK key is turned on, and the user registration card Ku is entered.
Is changed, and the changed contents are registered in the user table T40.

When a user ID and a password are input from the numeric keypad in a state where the user information change mode is specified (that is, when the user registration card Ku is not used), a new user registration card Ku (before performing the registration processing) Will be written to the card). Therefore, the old user registration card Ku and the new user registration card Ku coexist.
Is not changed, so that both the old user registration card Ku and the new user registration card Ku can be used. (Embodiment 4) As described above, an apparatus to which the present invention is applied can access a removable medium. Incidentally, the management of the removable media is left to the individual user who owns the removable media. Therefore, it can be said that there is no need to provide security even when accessing the removable media. Therefore, when accessing the removable media, the document management means 3
Ignores the result of user authentication.

However, the above is a case where it is not necessary to perform user authentication, and when the document image data is moved (moved from the hard disk to the removable medium or the server 300) or when the document image data is deleted,
It is determined whether or not the user has an access right. (Others) When unnecessary document image data exists, such as when the user who has registered the document image data does not use the device, the administrator (super user) of the device may execute the above operation. Unnecessary document image data must be deleted or moved. Therefore, the device administrator can execute functions (for example, delete / move, etc.) restricted to ordinary users by using an ID card dedicated to the administrator or a special operation.

In the above description, user registration and management are performed on the device side. However, when this device is connected to a plurality of devices and the server 300 via a network, the plurality of users are registered and managed. It becomes necessary to manage a plurality of users who use the device collectively. In this case, a plurality of users who use the plurality of devices can be registered and managed collectively in the server 300.

Further, in the above description, the authentication based on the user registration card Ku is exemplified as the user authentication (first user authentication) with the predetermined level of authentication strength, and the user authentication with the lower level authentication strength (first user authentication). As the second user authentication), the authentication based on the user ID and the password input from the control panel 92 is illustrated, but the user authentication applicable in the present invention is not limited to these. That is, as the first user authentication, authentication based on the attributes of the user, such as voiceprint authentication or fingerprint authentication, may be employed.

In the above description, the digital multifunction peripheral is exemplified, but it goes without saying that the present invention can be applied to any digital equipment (for example, a personal computer) that can perform user authentication.

[Brief description of the drawings]

FIG. 1 is a schematic functional block diagram of a digital multifunction peripheral to which the present invention is applied.

FIG. 2 is a diagram showing a cover with a mark.

FIG. 3 is a diagram illustrating an example of an attribute management table.

FIG. 4 is a flowchart for confirming the access right of document image data.

FIG. 5 is a state diagram of the control panel when selecting various functions.

FIG. 6 is a state diagram of the control panel when performing user registration.

FIG. 7 is a network configuration diagram of an image input / output system to which the present invention is applied.

[Explanation of symbols]

 3 Document management means 4 Document ID encoding means 5 Document ID decoding means 8 Pattern synthesis means 9 Output means 10 Interactive operation means 13 Image reading means (document image input means) 92 Control panel 92a Display input control unit 97 Storage means 200 User management Means 300 Server T10 Attribute management table T40 User table

──────────────────────────────────────────────────の Continued on the front page (51) Int.Cl. ⁷ Identification symbol FI Theme coat ゛ (Reference) G03G 21/00 396 B41J 29/00 Z H04N 1/21 G03G 21/00 390 (72) Inventor Takehito Yamaguchi Osaka 1006, Okadoma, Kadoma, Fumonzuma, Matsushita Electric Industrial Co., Ltd. Inside Electric Industrial Co., Ltd. (72) Inventor Joji Tanaka 1006 Kadoma Kadoma, Kadoma City, Osaka Prefecture Inside Matsushita Electric Industrial Co., Ltd. (72) Kenji Hisatomi 1006 Kadoma Kadoma, Kadoma City, Osaka Pref.

Claims (19)

[Claims] At least one document image data corresponding to a specific document input from at least one type of document image input means is provided with a document ID for specifying the document image data.
The attribute information including the document ID is managed by the document management means, and the document designated based on the document ID can be output from the output means as required. In the digital multifunction peripheral capable of authentication, the user authentication is classified into a first user authentication having a predetermined level of authentication strength and a second user authentication having a lower level of authentication strength than the first user authentication. A digital multi-function peripheral, comprising: a display input control unit that determines whether a result of the second user authentication is valid based on an initial setting. 2. The digital multi-function peripheral according to claim 1, wherein the first user authentication is authentication based on a personal attribute of a user including a user registration card. 3. The digital multi-function peripheral according to claim 1, wherein the second user authentication is authentication based on a user ID and a password input from a control panel. 4. At least one document image data corresponding to a specific document input from at least one type of document image input means is assigned a document ID for specifying the document image data.
The attribute information including the document ID is managed by the document management means, and the document designated based on the document ID can be output from the output means as required. When a user is authenticated by a digital multifunction peripheral that can be authenticated, a list of digital multifunction peripherals connected to the network is displayed on a control panel, and a display input prompting a user to select a target digital multifunction peripheral. A digital multi-function peripheral comprising a control unit. 5. At least one document image data corresponding to a specific document input from at least one type of document image input means is assigned a document ID for specifying the document image data.
The attribute information including the document ID is managed by the document management means, and the document designated based on the document ID can be output from the output means as required. A digital multi-function peripheral capable of authentication, wherein the document management means for determining whether or not various functions provided by the digital multi-function peripheral can be used based on initial settings when the user authentication has not been performed, Digital MFP. 6. The document management means according to claim 1, further comprising: the document management means for setting an access right to the registered document image data without performing the user authentication based on an initial setting. Digital MFP. 7. The digital multi-function peripheral according to claim 1, further comprising user management means for changing the owner of the registered document image data to another user. 8. When a user deletion process is performed by the user management unit, the document image data registered by the user is also deleted by the document management unit.
2. The digital multifunction peripheral according to 1. 9. An image input / output system capable of performing user authentication, wherein the user authentication is performed by a first user authentication having a predetermined level of authentication strength and a second user having a lower level of authentication strength than the first user authentication. An image input / output system characterized by comprising means for classifying the result as authentication and selecting whether or not the result of the second user authentication is valid. 10. The image input / output system according to claim 9, wherein whether or not the result of the second user authentication is made valid is selected in an initial setting. 11. The image input / output system according to claim 9, wherein the first user authentication is authentication based on a personal attribute of a user including a user registration card. 12. The image input / output system according to claim 9, wherein the second user authentication is authentication based on a user ID and a password input from a control panel. 13. A document image data corresponding to a specific document input from at least one type of document image input means is registered in at least one type of storage means by attaching a document ID for specifying the document image data. An image input / output system capable of managing attribute information including the document ID by a document management unit, outputting a document specified based on the document ID as necessary from an output unit, and enabling user authentication A display input control unit that displays a list of digital devices connected to the network on the control panel when the user authentication is performed, and prompts a user to select a desired digital device. Image input / output system. 14. A method for registering document image data corresponding to a specific document input from at least one type of document image input means in at least one type of storage means by attaching a document ID for specifying the document image data. An image input / output system capable of managing attribute information including the document ID by a document management unit, outputting a document specified based on the document ID as necessary from an output unit, and enabling user authentication 2. The image input / output system according to claim 1, further comprising a document management unit that determines whether or not various functions provided by the image input / output system can be used based on initial settings when the user authentication has not been performed. 15. A user authentication method in a digital device capable of user authentication, wherein the user authentication is performed by a first user authentication having a predetermined level of authentication strength and a second level having a lower level of authentication strength than the first user authentication. 2. A method for authenticating a user in a digital device, wherein the method is classified into the second type of user authentication and whether or not the result of the second user authentication is valid is determined based on an initial setting. 16. The user authentication method according to claim 15, wherein the first user authentication is authentication based on a personal attribute of a user including a user registration card. 17. The user authentication method according to claim 15, wherein the second user authentication is authentication based on a user ID and a password input from a control panel. 18. A user authentication method for a digital device capable of performing user authentication, wherein when the user authentication is performed, a list of digital devices connected to the network is displayed on a control panel, and the user is provided with a target. A user authentication method for a digital device, which prompts the user to select a digital device. 19. A user authentication method for a digital device capable of performing user authentication, wherein, when the user authentication is not performed, whether or not various functions provided by the digital device can be used is determined based on an initial setting. Characteristic user authentication method for digital equipment.