JP2002127545A - Printer security system - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide a printer security system which can be readily operated and efficiently executes outputting. SOLUTION: In this system, a computer 100 and a printer 200 are connected to a network such as an LAN. The printer 200 comprises an ID data input section 201, a registration/identification judging section 202, an ID data memory section 203, an ID data identifying section 204, a data judging section 205, an encrypting section 206, a memory 207, a decrypting section 208, an operation/ display section 209, an output order control section 210, and a data output section 211. In this system, image data of a fingerprint or a handwritten character is registered beforehand and a number is added to the image data to be an ID. As a result, while the number is designated from the computer and input of the image data such as a fingerprint or a handwritten character makes ID data in the printer, the operation can be readily executed through an operation section of the printer and the security property can be improved because the ID is of the image data.

Description

DETAILED DESCRIPTION OF THE INVENTION

[0001]

[0001] 1. Field of the Invention [0002] The present invention relates to a printer security system, and more particularly to a printer security system for protecting the security of data for printing out data of a printer, a copying machine, a facsimile, and the like.

[0002]

2. Description of the Related Art For example, in an environment where a plurality of computers and a printer are connected via a network, a user ID is added to printer data as a method of protecting confidential data to be printed out, and the data is transmitted to the printer. Is temporarily stored in the memory.

[0003] An ID is input from the operation unit of the printer at the time of output, and when the IDs match, printing is performed. Alternatively, there is a device in which a card reader is provided in a printer instead of ID data, and output is permitted by a card.

[0004]

However, in the case of the above-described conventional method, in order to enhance security, it is necessary to increase the ID number to complicate the ID. As a result, the number of data inputs from the operation unit increases, and there is a first problem that operability deteriorates.

[0005] In addition, there is a second problem that when a card is lost, a new card is required, and it is necessary for the apparatus to deal with the ID of the lost card, which is troublesome.

In data processing, it is necessary to temporarily store confidential data in a memory. If there is a large amount of confidential data, if the available capacity is reduced because the memory is consumed, other data output is performed. There is a third problem that it cannot be performed efficiently.

[0007] The confidential data is stored in a memory until an output request is made. Even if a part is confidential data, all data is stored in the memory. When there is an output request, a printout process is started. From the meaning of the data to be handled, it is necessary to be on the printer side at the time of output, and there is a fourth problem that if the data amount is large, the waiting time becomes longer.

The present invention has been made in view of the above problems, and provides a printer security system that can be easily operated and efficiently outputs.

[0009]

According to a first aspect of the present invention, there is provided a printer security system in which a computer and a printer are connected to a network. A confidential data transmitting unit that transmits the confidential data to the output device as confidential data; the printer includes a storing unit that stores the print data; an encrypting unit that encrypts the confidential data transmitted by the confidential data transmitting unit; Decryption means for decrypting the encrypted data encrypted by the decryption means, and ID identification means for identifying an ID at the time of decryption by the decryption means.
Using image data of fingerprints and handwritten characters as data,
D means for inputting D, registration means for registering ID data, authentication means for authenticating the ID data registered by the registration means and ID inputted at the time of requesting output of confidential data, and authentication means. Output permission means for permitting output of the confidential data based on the authentication result.
To protect confidential data.

According to a second aspect of the present invention, in the first aspect of the invention, at the time of output of confidential data, an ID is input from an input unit from a printer side, and when a request for output of confidential data is made, request information is output. And a holding means for holding an image of data whose ID is not authenticated by the authentication means.

[0011] The invention according to claim 3 is the invention according to claim 1 or 2.
In the invention described in the above, when a part of the print data is confidential data, an instructing means for instructing some of the data as confidential data, and storing only the confidential data instructed by the instructing means in the memory as protection data Means, output means for normally outputting data other than confidential data, and generating means for generating dummy data instead of a part or page of the confidential data when outputting data other than confidential data by the output means. And

<Operation> The present invention registers image data of fingerprints and handwritten characters in advance, adds a number to the image data, and uses the image data as an ID. On the side, by inputting image data such as fingerprints and handwritten characters into ID data, the operation can be easily performed by the operation unit of the output device, and since the ID is image data, security can be enhanced.

Further, according to the present invention, when an output instruction is illegally performed, the information can be notified to the computer side.

Further, when a part of the output data is confidential data, the other data is output first to reduce the waste of time, and the memory used is small, so that the output of the other data can be reduced. This can be done without lowering efficiency.

[0015]

Next, a printer security system according to an embodiment of the present invention will be described in detail with reference to the accompanying drawings. 1 to 9 show an embodiment of a printer security system according to the present invention.

<First Embodiment> FIG. 1 shows an embodiment in which, when confidential data is output by a printer security system according to a first embodiment of the present invention, ID data is used as image data of a fingerprint or handwritten characters. The description will be made based on .about.5.

FIG. 1 is a block diagram showing a schematic configuration of a printer security system according to a first embodiment of the present invention. In FIG. 1, a printer security system according to a first embodiment of the present invention
0 and the printer 200 are connected via a LAN line (network).

The printer 200 has an ID data input unit 201 for inputting data when registering and inputting image data serving as an ID for protecting confidential data, and a request for confidential data output as to whether the data is to be registered as an ID. Registration / identification determination unit 202 for identifying whether or not the ID data is for ID data, and ID data storage unit 2 for registering ID data
03, an ID identification unit 204 that converts the image data of the ID input at the time of the data output request into identifiable information of the input image data at the time of authentication and ID registration, and that the data from the computer 100 is confidential data. A data judging unit 205 for judging whether or not there is, an encrypting unit 206 for encrypting confidential data, a memory 207 for storing and storing confidential data and for temporarily storing normal output data, and decrypting the encrypted data Decryption unit 208, an operation / display unit 209 for displaying confidential data output instructions and various information and operations, an output order control unit 210 for controlling and managing data output, and forming an image of output data. Data output unit 2
11 is comprised.

FIG. 2 is a flowchart showing an example of ID registration processing according to the first embodiment of the present invention. The data used as the ID is image data or image feature data of a fingerprint or a handwritten character. The data is stored in the system as identifiable data, and identification processing is performed as an ID.

In step S1, the operation / display unit 20
9 is instructed for ID registration. When an instruction for ID registration is given, a message prompting input of data to be an ID is displayed, and a signal is output to registration / identification determination unit 202. ID
The data input unit 201 enters an input waiting state.

When the image data used as the ID is a fingerprint, the ID data input unit 201 is a device such as a CCD that optically captures the image data. In the case of a handwritten character, the ID data input unit 201 is a device that captures position information of input data such as a digitizer. Here, an example using a fingerprint as the ID image data will be described.

In step S2, a signal for performing the registration processing operation is output to the ID data storage unit 203 and the ID identification unit 204 in response to the registration instruction.

In step S3, the ID identifying unit 204
Extracts the features required for recognition from the input image data, and outputs the data to the ID data storage unit 203. The ID data storage unit 203 stores the feature data for identification from the ID identification unit 204.

In step S4, after the feature extraction and data storage are completed, it is confirmed whether or not identification is possible. Operation / display unit 209 displays a message prompting data input for confirmation
, And waits for input of ID data.

In step S5, when ID data is input, identification is performed based on the data from which features have been extracted.

In step S6, if identification is possible (Yes), as shown in FIG. 3, an ID number for the extracted characteristic data is automatically created, and the address information storing the characteristic data for the ID number is stored. Register (step S7).

At step S7, the registered data displays an ID number (step S8).

The ID number is a number for designating an ID when outputting confidential data from a computer to a printer, and is simple data such as a serial number.

In step S6, if the identification is impossible (No), the feature extraction process is performed again.

In step S9, the feature extraction process
It is determined whether it is the first time. If the feature extraction has not been performed twice (No), the process returns to step S2, and the process is performed again.

In step S9, the feature extraction process
If it has been performed a number of times (Yes), the data whose characteristics have already been extracted is registered (step S7).

FIG. 4 is a flowchart showing an example of processing when storing confidential data. A plurality of computers connected via a network make data output requests to the printer.

In step S11, when security is to be applied to the data requested to be output, the data to which the ID number registered for the ID is added is transferred. The addition of the ID number is instructed by application software for outputting.

In step S12, the printer 200
The side uses the data determination unit 205 to determine whether the received data is confidential data.

In step S13, the data judgment unit 2
If the data is determined to be confidential data in step 05, the data is encrypted by the encryption unit 206.

In step S14, the encryption unit 206
Is stored in the memory 207.

If it is determined in step S12 that the data is not confidential data (No), normal output processing is performed (step S15).

FIG. 5 is a flowchart showing an example of processing when outputting confidential data. The output of the data stored as the confidential data is output to the operation / display unit 209 of the printer 200.
Output instruction.

In step S21, fingerprint data is input from the ID data input unit 201. In the registration / identification determination unit 202, the operation / display unit 2 in step S21
09, the discrimination processing and the judgment are performed according to the output instruction from
A signal is output to the data storage unit 203 and the ID identification unit 204.

In step S22, the ID identifying section 20
4, the input fingerprint data is stored in the ID data storage unit 20.
3 is identified from the data registered.

If the ID is correctly identified in step S23 (Yes), a list of the corresponding confidential data is displayed on the operation / display unit 209 (step S24).

If the ID cannot be identified in step S23 (No), a message indicating that output is impossible is displayed (step S29).

In step S25, if there are a plurality of data, the data to be output is selected from the list.
If there is one data, the process proceeds without displaying the list.

In step S 26, the selected data is read from the memory 207 by the output order control unit 210.

In step S27, the data read from the memory 207 is subjected to decryption processing in the decryption unit 208.

In step S28, the decryption unit 20
8 is output to the output order control unit 21.
0 outputs data, and the data output unit 211 forms an image of output data.

In the case of normal data, the output request data from the computer is determined not to be confidential data by the data determination unit 205, and a signal that is normal data is output to the output order control unit 210. The data is processed without being encrypted, and the memory 207 is used as a buffer. The decryption unit 208 outputs the raw data to the output order control unit 210 without performing the decryption processing. The output order control unit 210
Control is performed so that reading from the memory 207 is sequentially performed, and data is output to the data output unit 211. The data output unit 211 forms output data.

<Second Embodiment> An example of a printer security system according to a second embodiment of the present invention, in which an output request for confidential data and an authentication result are notified to a data transfer source, will be described with reference to FIGS. explain.

FIG. 6 is a block diagram showing a schematic configuration of a printer security system according to a second embodiment of the present invention. The printer security system according to the second embodiment of the present invention notifies the data transfer source when an instruction to output confidential data stored in a printer is issued. At this time, an operation in which the ID notifies the authentication result and holds the ID input data will be described.

In FIG. 6, the same components as those in the first embodiment of the present invention are denoted by the same reference numerals, and description thereof is omitted.

In addition to the functions shown in the first embodiment, the ID identifying section 204 stores the input data as image data as input data when the ID is not correctly identified. The data is output to the storage unit 212 and stored in the input data unit 212. In addition, it has a function of notifying the data transfer source when there is a request to output confidential data.

FIG. 7 is a flowchart showing a processing example of the printer security system according to the second embodiment of the present invention.

In step S31, the output of the data stored as the confidential data is based on the operation /
An output instruction is given by the display unit 209.

In step S32, fingerprint data is input from the ID data input unit 201. The registration / identification determination unit 202 determines the identification processing based on the output instruction from the ID data input unit 201 in step S31,
It outputs signals to the ID data storage unit 203 and the ID identification unit 204.

In step S33, the ID identifying section 20
4, the input fingerprint data is stored in the ID data storage unit 20.
3 is identified from the data registered.

If the ID cannot be identified in step S33 (No), the fingerprint data input from the ID data input unit 201 is stored in the input data storage unit 212 (step S34).

In step S35, as the information at this time, the date and time, the management number of the stored data, and the like are stored together with the fingerprint data as operation information.

In step S36, the operation information stored in step S35 is transferred to the transfer source of the confidential data registered in the printer.

In step S37, the printer 200
The operation / display unit 209 displays that the IDs do not match. The stored data can be printed out or transferred to the computer 100 in response to a data retrieval request from the operation / display unit 209 or the computer 100.

In step S33, when the ID is correctly identified (Yes), a list of the corresponding confidential data is displayed on the operation / display unit 209.

In step S38, if there is a plurality of data, the data to be output is selected from the list, but if there is one data, the process proceeds without displaying the list.

In step S 39, the selected data is read from the memory 207 by the output order control unit 210.

In step S40, the read data is subjected to decryption processing by decryption section 208 based on the information whose ID has been correctly identified.

The data decrypted by the decryption unit 208 is output by the output order control unit 210, and the data output unit 211 forms an image of the output data.

<Third Embodiment> An example in which when the confidential data of the printer security system according to the third embodiment of the present invention is a part, other data is output based on FIG. 8 and FIG. explain.

FIG. 8 is a block diagram showing a schematic configuration of a printer security system according to a third embodiment of the present invention. In the printer security system according to the third embodiment of the present invention, when only a part of output data is to be secured, dummy data is created instead of confidential data and output first, and only the part to be confidential is protected. The operation of accumulating and securing will be described.

In FIG. 8, the same components as those of the first and second embodiments of the present invention are designated by the same reference numerals and the description is omitted.

The dummy data creation unit 213 creates dummy data instead of confidential data when only a part of output data is to be secured.

FIG. 9 is a flowchart showing a processing example of the printer security system according to the third embodiment of the present invention. The computer issues an output request by designating the data to be secured in page units or partial units. Here, as an example in which security is applied in page units, for example, a case where security is applied to the third and fourth pages of data having a data amount of four pages will be described below.

In step S51, the data is transferred by adding the ID number of the security and the information of the place to be secured. Designation of a place where security is applied is performed by application software for output.

At step S52, the printer 200
The data determination unit 205 determines, for each page, whether the received data is confidential data. The unit of the data amount for determining whether it is confidential data is page, block,
By making it possible to respond variously such as the number of lines, it is possible to specify security more finely. Here, it is set in page units.

First, since the first and second pages are not confidential data, a normal output operation is performed (step S54). In the case of normal data, the output request data from the computer 100 is judged not to be confidential data by the data judgment unit 205, and a signal that is normal data is output to the output order control unit 210. This data is processed without being encrypted, and the memory 207 is used as a buffer.

The decryption unit 208 does not perform decryption processing,
The raw data is output to the output order control unit 210. The output order control unit 210 controls reading from the memory 207 so as to be sequentially performed, and outputs data to the data output unit 211. The data output unit 2112 forms output data

In step S53, the third and fourth pages are
Create dummy data because it is confidential data. This dummy data is, for example, blank page data. The data from the dummy data creation unit 213 is output to the decryption unit 208, and the decryption unit 208 outputs the data to the output order control unit 210 as it is. The output order control unit 210 controls reading from the memory 207 so as to be sequentially performed, and outputs data to the data output unit 211. Data output unit 21
1 forms the output data.

The original data of the third and fourth pages is stored in the encrypting unit 2
08 (step S55), and
7 (step S56). The secure data is identified by identifying the data by inputting an ID from the operation unit in the same manner as described above. By performing the above processing, it is possible to secure data, that is, protect confidentiality.

[0076]

As is clear from the above description, according to the first aspect of the present invention, image data of fingerprints and handwritten characters is registered in advance, and a number is added to the image data to generate an ID.
By using as, the computer side indicates the number, and the printer side can easily operate the operation unit of the output unit by making ID data by inputting image data such as fingerprints and handwritten characters, Since the ID is image data, security can be improved.

According to the second aspect of the present invention, in the first aspect of the present invention, when an output instruction is illegally performed,
It is possible to notify the computer of the information.

According to the third aspect of the present invention, in the first or second aspect of the invention, when a part of the output data is confidential data, the other data is output first to save time. In addition to reducing waste, the memory used can be reduced, so that processing can be executed without lowering the output efficiency of others.

[Brief description of the drawings]

FIG. 1 is a block diagram showing a configuration for authenticating confidential data by an image ID in a printer security system according to a first embodiment of the present invention.

FIG. 2 is a flowchart illustrating an example of a process of ID registration according to the first embodiment of the present invention.

FIG. 3 is a diagram illustrating ID registration management according to the first embodiment of the present invention.

FIG. 4 is a flowchart illustrating a process of accumulating confidential data according to the first embodiment of the present invention.

FIG. 5 is a flowchart illustrating confidential data output processing according to the first embodiment of the present invention.

FIG. 6 is a block diagram showing a configuration for transferring confidential data output request information to a computer in a printer security system according to a second embodiment of the present invention.

FIG. 7 is a flowchart illustrating an example of processing for transferring confidential data output request information to a computer according to the second embodiment of the present invention.

FIG. 8 is a block diagram illustrating a configuration in which a part of data of a printer security system according to a third embodiment of the present invention is handled as confidential data.

FIG. 9 is a flowchart illustrating a processing example of data including a part of confidential data according to the third embodiment of the present invention.

[Explanation of symbols]

 REFERENCE SIGNS LIST 100 computer 200 printer 201 ID data input unit 202 registration / identification determination unit 203 ID data storage unit 204 ID identification unit 205 data determination unit 206 encryption unit 207 memory 208 decryption unit 209 operation / display unit 210 output order control unit 211 data Output unit 212 Input data storage unit 213 Dummy data creation unit

Claims (3)

[Claims] 1. A printer security system in which a computer and a printer are connected to a network, wherein the computer has confidential data transmission means for transmitting confidential data to the output device when the print data is confidential data. A storage unit for storing print data; an encryption unit for encrypting the confidential data transmitted by the confidential data transmission unit; and a decryption unit for decrypting the encrypted data encrypted by the encryption unit. And I for identifying an ID at the time of decryption by the decryption means.
D identification means, wherein the ID identification means uses fingerprint or handwritten character image data as ID data, and input means for inputting an ID; registration means for registering ID data; Authentication means for authenticating the registered ID data and the ID input at the time of the secret data output request, and output permission means for permitting output of the secret data based on an authentication result by the authentication means. A printer security system for protecting the confidential data with an image ID. 2. A notifying means for inputting an ID by the input means from the printer side at the time of outputting the confidential data, and notifying a computer of request information when the confidential data output request is received, 2. The printer security system according to claim 1, further comprising: holding means for holding an image of data whose ID is not authenticated by the authentication means. 3. An instruction means for designating a part of the print data as confidential data when a part of the print data is confidential data, and storing only the confidential data designated by the instruction means in a memory as protection data. Storage means for performing normal output of data other than the confidential data, and generating means for generating dummy data instead of a part or page of the confidential data when outputting other than the confidential data by the output means. The printer security system according to claim 1, further comprising: