JP2006074525A - Information providing device - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide an information providing device capable of coping with problems inherent to a specific network in an information providing device (server) connected to a network in a different band. <P>SOLUTION: When the type of a communication interface used for transmission is a WAN (wide area network) side connector (in the case of S235: Y), addition of print inhibition data (S237), erasure of redundant data (S239), insertion of electronic watermark data (S241), encryption (S251) and compression (S253) are performed. Meanwhile, when the type of a communication interface used for transmission is a LAN (local area network) side connector (in the case of S235: N), PDF (portable document format) conversion is performed (S255). Then, it is possible to cope with problems (band problem and security problem) that may occur in the case of providing information through a WAN. <P>COPYRIGHT: (C)2006,JPO&NCIPI

Description

  The present invention relates to an information providing apparatus that accumulates information and provides the accumulated information based on a request from a terminal.

  Conventionally, for example, when the same information is provided on the Internet and an in-house network, the Internet has a narrower communication bandwidth than the in-house network, so a server that holds files for the Internet and a server that holds files for the in-house network Servers were configured separately, and Internet files were provided with a reduced file size (for example, provided with a reduced image resolution) compared to files for in-house networks.

However, there is a problem that hardware costs increase when servers are provided separately in this way. Therefore, as one method for solving such a problem, there is a technique described in Patent Document 1. This technology measures the bandwidth between the device itself and the transmission target device, selects a codec according to the bandwidth, and transmits information.
JP 2002-217965 A

  However, for example, considering that the technique described in Patent Document 1 is applied to one server connected to two lines of a WAN (Wide Area Network) and a LAN (Local Area Network), the following There may be a problem.

  First, in addition to the problem that the bandwidth is narrower than that of the LAN, the WAN has a problem that the safety on the transmission path is lower than that of the LAN (for example, risk of eavesdropping or tampering). No consideration is given to a particular problem. Further, as in the technique described in Patent Document 1, the bandwidth is measured when the codec is selected by dynamically measuring the bandwidth between the own device and the transmission target device for each transmission target device. For this reason, there is a problem that the overhead of communication cannot be ignored, and communication loss is large, so that it cannot be operated in a large-scale system.

  The present invention has been made in view of such a problem, and provides an information providing apparatus (server) connected to a network of a different band and capable of dealing with a problem specific to a specific network. Objective.

  The information providing apparatus according to claim 1, which has been made to solve the above problem, provides a communication means having a plurality of communication interfaces, each of which is connected to a network having a different band, and a terminal. Holding means for holding information for receiving, and compression transmission means for extracting information from the holding means and transmitting the information to the terminal via the communication means. Among these, the compression transmission means, when the type of the communication interface used for transmission is a predetermined type, compresses the information extracted from the holding means and then transmits it to the terminal via the communication means. If the type of communication interface used for transmission is not a predetermined type, the information extracted from the holding unit is transmitted as it is to the terminal via the communication unit.

According to such an information providing apparatus, it is possible to perform compression processing on information transmitted from a communication interface that is assumed to have a narrow bandwidth. It is possible to reduce the problem that communication time is required when the bandwidth that is one is narrow. Even in that case, since the presence or absence of compression processing is determined in advance depending on the type of communication interface, there is no need for communication for measuring the bandwidth, and there is no problem of overhead due to such communication. It has the potential to withstand the system.

By the way, the compression processing performed by the compression means may be to perform reversible compression (claim 2). If lossless compression is performed, it is possible to completely restore the original information later on the terminal side while reducing the size (file size) of information to be transmitted. For example, gzip (RFC1952) may be used as a specific lossless compression algorithm. gzip (RFC1952) is advantageous because it is an algorithm that can easily realize that an original file is provided by compressing a file on the WEB server side and expanding the compressed file on the browser side.

  The compression processing performed by the compression means may be irreversible compression (claim 4). If irreversible compression is performed, the size of information (file size) can be generally reduced as compared with the case of lossless compression.

  In addition, as a specific lossy compression method, for example, a method of deleting redundant information in information may be used (claim 5). This is to delete meaningless information (such as “0” and attribute information).

  As a specific lossy compression method, for example, when the information is image information, JPEG (ISO / IEC 10918-1) may be used (claim 6). JPEG employs an algorithm capable of performing high compression using human visual characteristics, and is particularly effective for compression of image information.

  As a specific lossy compression method, for example, when the information is image information, a method of reducing the image resolution may be used (claim 7). This is to reduce the image size itself, and is a particularly effective method for reducing the size of information to be transmitted (file size). Note that these methods (a method for deleting redundant information, a method using JPEG, and a method for reducing image resolution) may be combined.

  By the way, although the compression level (compression condition) at the time of compressing may be fixed, it may be specified from the terminal side. That is, the information providing apparatus further includes a compression level receiving unit that receives information indicating the compression level from the terminal via the communication unit, and the compression transmitting unit changes the compression level according to the information received by the compression level receiving unit. It is good to give compression processing (Claim 8).

  If this is the case, the compression level can be specified from the terminal side, and the usability of the user of the terminal is improved. Because, for example, considering that the information providing apparatus is connected to the Internet, the terminal is connected to the Internet through various communication infrastructures (for example, wireless, telephone lines, etc.). If the terminal user wants to increase the compression level and obtain a sufficient communication speed, or the terminal user wants to obtain information by lowering the compression level because it may take longer communication time. It is possible.

  Moreover, the presence or absence of compression processing itself may be designated from the terminal side. That is, the information providing apparatus further includes a compression stop receiving unit that receives information for temporarily stopping the compression processing from the terminal via the communication unit, and the compression transmitting unit performs the compression processing according to the information received by the compression stop receiving unit. May be temporarily stopped, and the information extracted from the holding means may be transmitted as it is to the terminal via the communication means (claim 9).

Even if it becomes like this, the convenience of the user of a terminal improves.
An information providing apparatus according to claim 10, which is made to solve the above-described problem, includes a communication unit having a plurality of communication interfaces, each of which is connected to a network having a different safety, and a terminal Holding means for holding information to be provided to the terminal, and protection transmission means for transmitting to the terminal via the communication means. Among these, the protection transmission means takes out information from the holding means, and when the type of communication interface used for transmission is a predetermined type, the security transmission processing is performed on the extracted information, and then the communication means is If the type of communication interface used for transmission is not a predetermined type, the extracted information is transmitted as it is to the terminal via the communication means.

  According to such an information providing apparatus, for example, it is possible to perform protection processing on information transmitted from a communication interface that is assumed to be less secure on a route. It is possible to alleviate the problem of information being wiretapped or tampered with on the route, which is one of the problems inherent to the. Also, depending on the type of protection processing, it is possible to restrict the use of information to the user of the distribution destination terminal, so that the rights of the information provider can be protected, and as a result, various information is distributed. It becomes easy.

  By the way, the specific protection processing performed by the protection transmission means may be, for example, encryption of information (claim 11). Currently, various encryption algorithms are considered, and some encryption algorithms can be relatively easily encrypted and have high encryption strength. Therefore, by using such an encryption algorithm, it is possible to easily alleviate the problem of information being wiretapped or tampered with on the route.

  Further, the specific protection processing performed by the protection transmission means may be, for example, prohibition of information printing (claim 12). For example, if printing prohibition is set for a document that can be prohibited from printing, such as a PDF (Portable Document Format) document file, printing cannot be performed on the terminal side, so the rights of the document file provider can be easily protected. Can do.

  Note that such protection processing may be fixedly performed according to the type of communication interface, but the presence or absence of protection processing may be designated from the terminal side. That is, the information providing apparatus further includes a protection stop receiving unit that receives information for temporarily stopping the protection process from the terminal via the communication unit, and the protection transmission unit performs the protection process according to the information received by the protection stop receiving unit. May be temporarily stopped, and the information extracted from the holding means may be transmitted as it is to the terminal via the communication means (claim 13).

  If it is in this way, the presence or absence of protection processing can be designated from the terminal side, and the usability of the user of the terminal is improved. This is because there may be a case where the user of the terminal desires to save the trouble of the decryption work on the terminal side, even at the expense of some security on the communication path.

  By the way, even if it is an information provision apparatus (Claim 14) which can perform both compression processing and protection processing, the subject mentioned above can be solved. The specific protection processing performed by the protection transmission means may be information encryption (Claim 15) or information printing prohibition (Claim 16) as described above, and from the terminal side. The presence or absence of protective processing may be specified (claim 17).

Further, the information providing apparatus described above may have a router function, that is, a router means for routing information between communication interfaces (claim 18).
In addition, the printer may have a printing function, that is, a printing unit that prints information held by the holding unit or information received via the communication unit on a printing medium (claim 19).

  Further, the image forming apparatus may have a scanner function, that is, a scanner unit that reads information printed on a print medium and causes the holding unit to hold the read information or transmit the information via a communication unit. ).

  Further, it may have a facsimile function, that is, a facsimile means for transmitting information held by the holding means or information received via the communication means to another terminal via a telephone line (claim 21). .

  By providing the information providing apparatus with these functions, the use range of the information providing apparatus is expanded and the frequency of use is increased, and the above-described effects are further exhibited.

  Embodiments to which the present invention is applied will be described below with reference to the drawings. The embodiments of the present invention are not limited to the following embodiments, and various forms can be adopted as long as they belong to the technical scope of the present invention.

  FIG. 1 is a block diagram showing a schematic configuration of a multifunction machine 11 in which the function of the information providing apparatus of the present invention is incorporated. The MFP 11 includes a LAN communication unit 13, a WAN communication unit 15, a FAX communication unit 17, a FAX encoding unit 19, a FAX decoding unit 21, a PC communication unit 23, a storage medium access unit 25, a recording unit 27, a reading unit 29, data A storage unit 31, a setting storage unit 33, an operation unit 35, a display unit 37, and a control unit 39 are provided.

The LAN communication unit 13 is connected to the LAN and communicates with various other devices connected to the LAN.
The WAN communication unit 15 is connected to the WAN and communicates with various other devices connected to the WAN. In addition, data processing (encoding and decryption) related to VPN is also performed. Further, the control unit 39 is notified of information that can identify the VPN communication.

  The FAX communication unit 17 is connected to the PSTN (Public Switched Telephone Network), transmits the encoded data passed from the FAX encoding unit 19 to other devices connected to the PSTN, and others connected to the PSTN. The data transmitted from the device is transferred to the FAX decoding unit 21.

The FAX encoding unit 19 encodes the data passed from the control unit 39 according to the facsimile standard, and passes it to the FAX communication unit 17.
The FAX decoding unit 21 decodes data conforming to the facsimile standard delivered from the FAX communication unit 17 to make data that can be processed by the control unit 39 and passes the data to the control unit 39.

The PC communication unit 23 has a function of communicating with a personal computer using a communication standard such as the USB standard or the IEEE 1394 standard based on a command from the control unit 39.
The storage medium access unit 25 accesses a memory card (storage medium) based on a command from the control unit 39, reads data from the memory card, and writes data to the memory card.

The recording unit 27 has a function of recording an image on a paper medium by a recording method such as a laser transfer method or an ink jet method based on a command from the control unit 39.
The reading unit 29 has a function of reading an image recorded on a paper medium as image data by an element having a reading function such as a CCD based on a command from the control unit 39.

  The data storage unit 31 is composed of a hard disk or the like, and stores or reads data based on a command from the control unit 39. The data storage unit 31 includes a content table that stores attribute data of input data, a data table that stores input data, and a keyword table that stores keyword information included in the input data. For example, when the MFP 11 inputs FAX data, data related to the attributes of the FAX data is stored in the content table, the data of the FAX data itself (image data) is stored in the data table, and the keyword table is stored in the keyword table. A keyword included in the FAX data is stored. Note that the data stored in the keyword table is obtained by subjecting FAX data (image data) to OCR processing, parsing a sentence obtained as a result, and extracting keywords based on predetermined conditions. The same applies when print data other than FAX data is input (however, OCR processing is omitted when a character code is directly input). Details of the content table, the data table, and the keyword table will be described later.

  The setting storage unit 33 is a storage unit that stores setting information set for the operation of the multifunction machine 11 by the user operating the operation unit 35 or the like. It is composed of a flash memory or the like. One of the setting information to be stored is confidential keyword data (details will be described later).

  The operation unit 35 includes a touch panel configured integrally with the display surface of the display unit 37 and mechanical keys arranged around the display unit 37, and is used by the user to input various instructions. is there.

The display unit 37 is composed of a liquid crystal display, an organic EL display, or the like, and displays information according to a command from the control unit 39.
The control unit 39 is configured around a well-known microcomputer including a CPU, ROM, RAM, SRAM, I / O, a bus line connecting these configurations, and the like, and is based on the program stored in the ROM. Various processes are executed by comprehensively controlling each unit.

  Next, each field of the content table, the data table, and the keyword table stored in the data storage unit 31 will be described with reference to the field explanatory diagram of the table shown in FIG.

  FIG. 2A is an explanatory diagram for explaining each field of the content table. The content table includes content ID 51a, record status 51b, date 51c, user 51d, input source 51e, security attribute 51f, digital watermark information 51g, function type 51h, function specific attribute 51i, data ID 51j, and keyword ID 51k.

The content ID 51a is a field in which an ID for identifying a record is recorded, and the ID is assigned in ascending order according to the record generation order.
The record status 51b is a field in which information indicating a record state is recorded, and information indicating a lock state (update non-permission state), an invalid state due to deletion, a hold state, and the like are recorded.

The date 51c is a field in which the date when the record was generated is recorded.
The user 51d is a field in which information for identifying the user who has input data is recorded. If the entered user cannot be specified, the field is empty.

  The input source 51e is a field in which information indicating the data input source is recorded. As the data input source, information that can specify any of the LAN communication unit 13, the WAN communication unit 15, the FAX communication unit 17, the PC communication unit 23, the storage medium access unit 25, and the reading unit 29 is recorded. In the case of the LAN communication unit 13, the WAN communication unit 15, and the FAX communication unit 17, information on the transmission source (PC IP address, FAX transmission source number, etc.) is also recorded.

  The security attribute 51f is a field in which data public information is recorded. Specifically, information of “all open”, “internal release”, “partner open”, or “private” is recorded.

The digital watermark information 51g is a field in which a code generated from the serial number of the multifunction machine 11 and the date and time recorded in the date and time 51c field is recorded.
The function type 51h is a field in which the function type is stored. The “function” mentioned here is any one of a print function, a copy function, a FAX transmission function, a FAX reception function, a PC-FAX transmission function, a scanner function, a media print function, a media storage function, or a mail transfer function.

  The function unique attribute 51i is a unique attribute for each function (for example, if it is a FAX transmission function, the transmission mode, the transmission magnification, the image resolution at the time of reading, layout information, monochrome / color information, transmission This is a field in which destination information, output destination resolution, etc. are recorded.

The data ID 51j is a field in which an ID for identifying input data is recorded. The input data stored in the data table can be specified by the ID.
The keyword ID 51k is a field in which an ID for identifying keyword data is recorded. Data relating to the keyword stored in the keyword table can be specified by the ID.

  Next, each field of the data table storing the input data will be described with reference to FIG. The data table includes a data ID 53a, a reference number 53b, a data format 53c, a data size 53d, and actual data 53e.

The data ID 53a is a field in which an ID for identifying a record is recorded, and corresponds to the data ID 51j of the content table described above.
The reference number 53b is a field in which the number of records in the content table referring to the record is recorded.

The data format 53c is a field in which the format of input data is recorded. For example, types such as print data, FAX data, JPEG, and text are recorded.
The data size 53d is a field in which the data size of input data is recorded.

The actual data 53e is a field in which input data itself is recorded.
Next, each field of the keyword table that stores the keyword information included in the input data will be described with reference to FIG. The keyword table includes a keyword ID 55a, a keyword 55b, a place 55c, an appearance count 55d, a color 55e, and a size 55f.

The keyword ID 55a is a field in which an ID for identifying a record is recorded, and corresponds to the keyword ID 51k of the content table described above.
The keyword 55b is a field in which the keyword itself is recorded. As specific keywords, various keywords such as “confidential”, “patent”, and “customer information” can be used as keywords.

The place 55c is a field in which the place in the sentence in which the keyword is described is recorded. For example, information indicating a place such as a header, a text, and a footer is recorded.
The appearance count 55d is a field for recording the number of times the keyword is included in the data.

The color 55e is a field for recording the color of the keyword.
The size 55f is a field for recording the character size (number of points) of the keyword.

  Next, the confidential keyword data stored in the setting storage unit 33 will be described using the confidential keyword table explanatory diagram of FIG. As shown in FIG. 3, the confidential keyword data is stored in a table format, and each record includes a keyword ID 61a, a keyword 61b, an access restriction range (LAN) 61c, an access restriction range (VPN) 61d, and an access restriction range (WAN). 61e, location 61f, color 61g, number of appearances 61h, and size 61i.

The keyword ID 61a is a unique ID for specifying confidential keyword data. It is automatically numbered in ascending order when input.
The keyword 61b is a confidential keyword that should be determined to be a confidential file when it exists.

  The access restriction range (LAN) 61c is a flag indicating whether or not request data including the keyword 61b should be subject to access restriction when the network to which the requesting terminal is connected is a LAN. That is, if this flag is “N”, it is not subject to access restriction, and is transmitted to the requesting terminal even if the keyword 61b is included in the request data. On the other hand, if this flag is “Y”, even request data including the keyword 61b is subject to access restriction, and a predetermined process is performed.

  The access restriction range (VPN) 61d is a flag indicating whether or not the request data including the keyword 61b should be subject to access restriction when the network to which the requesting terminal is connected is VPN.

  The access restriction range (WAN) 61e is a flag indicating whether or not the request data including the keyword 61b should be subject to access restriction when the network to which the requesting terminal is connected is a WAN.

  The location 61f is a condition for the location of the confidential keyword in the text that is subject to access restriction. For example, if “Any”, the confidential keywords in any location are targeted, if “H”, only the confidential keywords in the header are targeted, and if “F”, only the confidential keywords in the footer are targeted. And

  The color 61g is a color condition of a confidential keyword in the text that is subject to access restriction. For example, if “Any”, the confidential keywords of any color are targeted, and if “red”, only the confidential keywords of red are targeted.

  The number of appearances 61h is a condition for the number of appearances of confidential keywords that are subject to access restriction. For example, if it is “1”, even if it appears once, it will be a target. If it is “3”, it will be subject to access restriction only after it appears three times.

  The size 61i is a condition for the character size (number of points) of the confidential keyword that is subject to access restriction. For example, if “12 pt”, the character size is 12 points or more, the access is restricted, and if “Any”, any character size is subject to the access restriction.

  The schematic configuration of the multifunction machine 11 has been described so far. Here, correspondence between each part of the multifunction machine 11 and the terms described in the claims is shown. The LAN communication unit 13 and the WAN communication unit 15 correspond to a communication unit, the data storage unit 31 corresponds to a holding unit, the control unit 39 corresponds to a compression transmission unit, a protection transmission unit, and a router unit. The WAN communication unit 15 and the operation unit 35 correspond to a compression level receiving unit, a compression stop receiving unit, and a protection stop receiving unit. (The LAN communication unit 13 and the WAN communication unit 15 are instructed from terminals on the network connected thereto. Corresponds to each accepting means). The recording unit 27 corresponds to a printing unit, the reading unit 29 corresponds to a scanner unit, and the FAX communication unit 17 corresponds to a facsimile unit.

  Next, each process executed by the control unit 39 will be described. In addition, regarding the description of each process, only the process related to the browsing request from the terminal will be described, and the description of the process executed by the normal multifunction peripheral with storage function will be omitted. The processes specifically described below will be described as a browsing process (1), a browsing screen generation process (2) called from the browsing process, and a confidential keyword check process (3) called from the browsing screen generation process. .

(1) Browsing Process First, the browsing process will be described with reference to the flowchart of FIG. The browsing process is started by the control unit 39 when there is a request for browsing from a terminal connected to the LAN or WAN.

  When starting the execution of the browsing process, the control unit 39 first branches the process depending on whether or not the terminal requests a login screen (S105). If the terminal requests a login screen, the process proceeds to S110. If the terminal does not request a login screen, the process proceeds to S115.

  In S110, which proceeds when the terminal requests a login screen, a login screen is generated. Then, when the generation of the login screen is completed, the process proceeds to S165. Here, an example of the login screen will be described using the login screen 41 (image output on the terminal side) in FIG. The login screen 41 includes a user name text box 42, a password text box 43, and a login command button 44. The user name text box 42 can input a user name, and the password text box 43 can input a password. In addition, when the user presses the login command button 44, a login authentication request is made to the multifunction machine 11.

  Returning to the flowchart of FIG. 4, in S115 that proceeds when the terminal does not request a login screen, the process branches depending on whether or not the terminal requests login authentication (S115). If the terminal requests login authentication, the process proceeds to S120. If the terminal does not request login authentication, the process proceeds to S140.

  In S120, which proceeds when the terminal requests login authentication, login authentication is executed. This is to receive the user name and password entered on the login screen from the terminal and determine whether or not the combination is the same as the combination of the user name and password stored in the setting storage unit 33.

In subsequent S125, the process branches depending on the result of authentication in S120. If the authentication is successful, the process proceeds to S130, and if the authentication fails, the process proceeds to S135.
In S <b> 130, which proceeds when authentication is successful, a search screen is generated. When the generation of the search screen is completed, the process proceeds to S165. Here, an example of the search screen will be described using the search screen 81 (image output on the terminal side) in FIG. The search screen 81 mainly includes a grid 82, a condition input box group 83, a search command button 84, a browse (quality priority) command button 85a, a browse (DL speed priority) command button 85b, and an end command button 86. With. The grid 82 is configured so that a sentence number, recorded date and time, document type (print, FAX transmission, copy, etc.), document information (title, user name, etc.) are displayed for each sentence, and can be selected in units of sentences. Yes. The condition input box group 83 is a group of boxes for inputting conditions for narrowing down the sentences to be displayed on the grid 82, and the user selects at least one of the sentence number, date / time, sentence type, sentence information, and keyword. The text to be displayed on the grid 82 can be narrowed down by inputting the information and pressing the search command button 84. The search command button 84 is a command button for narrowing down sentences to be displayed on the grid 82 in accordance with the conditions input in the condition input box group 83. The browse (quality priority) command button 85a is a command button that is pressed when browsing the text selected in the grid 82 with quality priority. The browse (DL speed priority) command button 85b is a command button to be pressed when browsing the text selected in the grid 82 with priority on the download speed. The end command button 86 is a command button for ending the display of the text search screen.

  Returning to the flowchart of FIG. 4, in S <b> 135, which proceeds to the case where authentication fails (S <b> 125: N), a login screen with an error message is generated. When the generation of the login screen with the error message is finished, the process proceeds to S165. The login screen with an error message is a login screen in which a message such as “authentication failed” is added to the login screen generated in S110 described above. An example is omitted.

  In S140, which proceeds to the case where the terminal does not request login authentication (S115: N), the process branches depending on whether the terminal requests a search result (S150). That is, the process branches depending on whether or not the search command button 84 on the search screen 81 of FIG. 9 described above has been pressed. If the search request is requested by the terminal, the process proceeds to S145. If the search result is not requested by the terminal, the process proceeds to S150.

  In S145, which proceeds when the terminal is requesting a search result, a search is performed based on the condition input in the condition input box group 83 of the search screen 81 in FIG. 9, and a search result screen is generated. Then, when the generation of the search result screen is finished, the process proceeds to S165. The configuration of the search result screen is the same as that of the search screen 81 of FIG. 9, the contents of the grid 82 are updated, and only the text based on the condition input in the condition input box group 83 is displayed in the grid. 82.

  Returning to the flowchart of FIG. 4, in S <b> 150 that proceeds when the terminal does not request a search result, the process branches depending on whether or not the terminal requests a browsing request. Specifically, the process branches depending on whether one of the browse (quality priority) command button 85a or the browse (DL speed priority) command button 85b is pressed. If the terminal requests browsing, the process proceeds to S155, and if the terminal does not request browsing, the process proceeds to S152.

  In S155, which proceeds when the terminal requests browsing, a browsing screen generation process for generating a browsing screen is executed. This browsing screen generation process will be described later. When the browsing screen generation process ends, the process proceeds to S165.

  In S152, which proceeds to the case where the terminal does not request browsing (in the case of S150: N), the process branches depending on whether or not the terminal requests termination. If the terminal requests termination, the process proceeds to S153. If the terminal does not request termination, the process proceeds to S160.

  In step S153, which is performed when the terminal requests termination, an end screen is generated, the generated screen is transmitted to the terminal, and the present process (viewing process) is terminated. The end screen may be a screen on which characters such as “Logout” are drawn, for example. Description of specific examples is omitted.

  In S160 which proceeds to the case where the terminal does not request termination (in the case of S152: N), an error message screen is generated, and the process proceeds to S165. For example, the error message screen may be a screen on which characters “abnormal request received” are drawn. Description of specific examples is omitted.

In S165, the screen generated in S110, S130, S135, S145, S155, or S160 is transmitted to the requesting terminal, and the process returns to S105.
(2) Browsing Screen Generation Processing Next, browsing screen generation processing will be described using the flowcharts of FIGS. The browsing screen generation process is called in the browsing process described above and is started to execute.

  When starting the execution of the browsing screen generation process, the control unit 39 first reads data requested for browsing from the data storage unit 31 (more specifically, a content table, a data table, and a keyword table) (S203).

  Subsequently, based on the read data, processing is performed depending on whether the owner of the data is the same as the user who has performed login authentication (the user input in the user name text box 42 in FIG. 8 and passed authentication). Branches (S205). If the owner of the data and the user who has been authenticated for login are the same, the process proceeds to S225 in the flowchart of FIG. 6 according to the connector 1, and if the owner of the data is not the same as the user who has been authenticated for login. The process proceeds to S207.

  In step S207, where it is determined that the data owner and the login authenticated user are not the same, the process branches according to the security attribute of the data (data stored in the security attribute 51f of the content table). If the security attribute is “private”, the process proceeds to S233 in the flowchart of FIG. 6 according to the connector 2. If the security attribute is not “private”, the process proceeds to S209.

  If the security attribute is not “private”, the process branches in accordance with whether or not the security attribute is “in-house” in step S209. If the security attribute is “internal disclosure”, the process proceeds to S211. If the security attribute is not “internal disclosure”, the process proceeds to S213.

  In step S211, the process proceeds when the security attribute is “internal disclosure”, and the process branches depending on whether the type of the network to which the requesting terminal is connected is WAN (including the case of VPN). If the network type to which the requesting terminal is connected is WAN (including the case of VPN), the process proceeds to S233 in the flowchart of FIG. 6 according to the connector 2, and the requesting terminal is connected. If the network type is not WAN (including the case of VPN), the process proceeds to S225 in the flowchart of FIG.

  In S213, where the security attribute is not “internal disclosure” (S209: N), the process further branches depending on whether the security attribute is “partner disclosure”. If the security attribute is “partner disclosure”, the process proceeds to S215. If the security attribute is not “partner disclosure”, the process proceeds to S225 in the flowchart of FIG.

  In S215, which proceeds when the security attribute is “partner disclosure”, the process branches depending on whether the type of the network to which the requesting terminal is connected is VPN. If the type of network to which the requesting terminal is connected is VPN, the process proceeds to S217. If the type of network to which the requesting terminal is connected is not VPN, the process proceeds to S219.

  In step S217, where the type of network to which the requesting terminal is connected is VPN, authentication for VPN is performed, and then the process proceeds to step S223. The VPN authentication is, for example, authentication performed by requesting the terminal for a user name and password dedicated to the authentication, authentication performed by requesting an electronic certificate from the terminal, or the like.

  In S219, since the type of the network to which the requesting terminal is connected is not VPN, the process branches depending on whether the type of the network to which the requesting terminal is connected is WAN (WAN that is not VPN). . If the type of network to which the requesting terminal is connected is WAN (WAN that is not VPN), the process proceeds to S221, and if the type of network to which the requesting terminal is connected is not WAN (WAN that is not VPN). Advances to S225 in the flowchart of FIG.

  In step S221, where the type of the network to which the requesting terminal is connected is WAN (WAN that is not VPN), WAN authentication is performed, and then the process proceeds to step S223. The WAN authentication is, for example, authentication performed by requesting the terminal for a user name and password dedicated to the authentication, authentication performed by requesting an electronic certificate from the terminal, or the like.

  In step S223, which is performed after the VPN authentication or the WAN authentication, the process branches depending on whether or not each authentication is successful. If the authentication is successful, the process proceeds to S225 of the flowchart of FIG. 6 according to the connector 1, and if the authentication fails, the process proceeds to S233 of the flowchart of FIG.

  Subsequently, the description shifts to the flowchart of FIG. 6, and in S225, in which the process moves according to the connector 1 and is executed, the confidential keyword check process is executed. This secret keyword check process is a process for checking whether or not a secret keyword exists in the target data. Details of the confidential keyword check process will be described later.

  Subsequently, the process branches based on the execution result of the confidential keyword check process. That is, the process branches depending on whether or not a confidential keyword exists in the data to be browsed (S227). If the confidential keyword exists in the data to be browsed, the process proceeds to S229, and if the confidential keyword does not exist in the data to be browsed, the process proceeds to S235.

  In S229, where it is determined that a confidential keyword exists in the data to be browsed, authentication for the confidential keyword is performed, and thereafter, the process proceeds to S231. The authentication for the confidential keyword includes, for example, authentication performed by requesting the terminal for a user name and password dedicated to the authentication, authentication performed by requesting an electronic certificate from the terminal, and the like.

  In S231, the process branches depending on whether the authentication is successful in S229. If the authentication has succeeded in S229, the process proceeds to S235, and if the authentication has failed in S229, the process proceeds to S233.

  In the case where the authentication for the confidential keyword has failed (in the case of S231: N), and in S233 where the processing shifts and is executed according to the connector 2, an error message screen is generated. This error message screen is a screen on which a message indicating that the authentication for the confidential keyword has failed is described. Description of specific examples is omitted. When the generation of the error message screen is finished, this processing (browsing screen generation processing) is ended, and the processing is returned to the browsing processing call source (S155 in FIG. 4).

  When the authentication for the confidential keyword is successful (S231: Y), and in S235 where the confidential keyword does not exist in the data to be browsed, the request source is transmitted via the WAN communication unit 15. The process branches depending on whether communication is performed with the terminal. If communication is being performed with the requesting terminal via the WAN communication unit 15, the process proceeds to S 237. If communication is not being performed with the requesting terminal via the WAN communication unit 15, that is, via the LAN communication unit 13. If it is communicating with the requesting terminal, the process proceeds to S255.

  In S255, which has been determined that communication with the requesting terminal is not being performed via the WAN communication unit 15, the browsing target data is converted to PDF (Portable Document Format). Then, the process proceeds to S257.

  In S237, which proceeds after determining that communication is being performed with the request source terminal via the WAN communication unit 15, the print prohibition data is added to the data to be browsed. Then, redundant data (for example, blank data or unnecessary attribute data) is deleted from the data (S239), and digital watermark data is inserted (S241).

  In subsequent S243, the process branches depending on whether or not a browsing request is made with quality priority from the requesting terminal. That is, the process branches depending on whether the browse (quality priority) command button 85a is pressed or the browse (DL speed priority) command button 85b is pressed (see FIG. 9). If there is a browsing request with quality priority, the process proceeds to S249, and if a browsing request is requested with DL speed priority, the process proceeds to S245.

In S249, which is performed when there is a browsing request with quality priority, the browsing target data is converted to PDF. Then, the process proceeds to S251.
On the other hand, in S245, which is performed when there is a browsing request with priority on the DL speed, the resolution of the browsing target data is reduced and converted to a resolution of 640 dots x 480 dots or less while maintaining the aspect ratio. Then, the reduced and converted data is converted into JPEG (ISO / IEC 10918-1) format (S247), and the process proceeds to S251.

  In S251, the converted data is encrypted. For example, DES or MD5 is used as the encryption algorithm. Then, the encrypted data is compressed in the gzip (RFC1952) format (S253), and the process proceeds to S257.

  In S257, a browsing screen in which the data compressed in S253 or the data converted into PDF in S255 is pasted is generated. Here, an example of this browsing screen will be described using the browsing screen 91 (image output on the terminal side) in FIG. The browsing screen 91 includes a data display area 92, an attribute display area 93, and a return command button 94. The data display area 92 is a place where data to be browsed is displayed. Specifically, the browsing data (image data) compressed and transmitted in the gzip (RFC1952) format from the multifunction machine 11 is expanded and displayed. Or a place to expand and display a PDF file. The attribute display area 93 is a place where attributes of data to be displayed in the data display area 92 are displayed. The return command button 94 is a command button for returning to the text search screen. When the generation of the browsing screen is completed, the present processing (browsing screen generation processing) is terminated, and the processing is returned to the calling source of the browsing processing (S155 in FIG. 4).

(3) Secret Keyword Check Process Next, the secret keyword check process will be described with reference to the flowchart of FIG. The confidential keyword check process is called and started in the browsing screen generation process described above.

  When the control unit 39 starts executing the confidential keyword check process, all the keywords of the browsing target data (keywords stored in the keyword table associated with the browsing target data) are first processed in S310 described later. The process branches depending on whether or not it is (S305). If all the keywords of the browsing target data have already been processed in S310, which will be described later, this processing (confidential keyword check processing) is terminated, and the browsing screen generation process is called (S225 in FIG. 6). Return processing to.

  On the other hand, when all the keywords of the browsing target data are not processing targets in S310 described later, among the keywords of the browsing target data (keywords stored in the keyword table associated with the browsing target data) still Only one record of keywords not to be processed is read (S310).

Subsequently, the top record of confidential keyword data stored in the confidential keyword table is selected (S315).
In the subsequent S320, the processing branches depending on whether or not all confidential keyword data stored in the confidential keyword table has been processed in S325 described later (S320). However, every time the top record of confidential keyword data stored in the confidential keyword table is selected in S315, all confidential keyword data is initialized to an unprocessed state.

If all confidential keyword data has already been processed in S325 described later (S320: Y), the process returns to S305.
On the other hand, when all the confidential keyword data is not a processing target of S325 described later (S320: N), one record of unprocessed confidential keyword data is read (S325).

  Then, the process branches depending on whether or not the keyword of the read confidential keyword data matches the keyword of the browsing target data (the keyword read in S310) (S330). If the keyword of the read confidential keyword data matches the keyword of the target data (the keyword read in S310), the process proceeds to S335, and if not, the process returns to S320.

  In S335, the process branches depending on whether or not the access restriction target corresponding to the network type of the browsing request source terminal in the read confidential keyword data is “Y” (access restriction target). If the access restriction target corresponding to the network type of the browsing request source terminal is “Y”, the process proceeds to S340. If the access restriction target corresponding to the network type of the browsing request source terminal is not “Y”, the process proceeds to S320. Return processing to.

  In S340, the process branches depending on whether or not the appearance location of the keyword of the data to be browsed (the keyword read in S310) satisfies the location condition in the read confidential keyword data. If the location condition in the read confidential keyword data is satisfied, the process proceeds to S345. If the location condition in the read confidential keyword data is not satisfied, the process returns to S320.

  In S345, the process branches depending on whether the color of the keyword of the browsing target data (the keyword read in S310) satisfies the color condition in the read confidential keyword data. If the color condition in the read confidential keyword data is satisfied, the process proceeds to S350. If the color condition in the read confidential keyword data is not satisfied, the process returns to S320.

  In S350, the process branches depending on whether the number of appearances of the keyword of the browsing target data (the keyword read in S310) satisfies the condition of the number of appearances in the read confidential keyword data. If the condition for the number of appearances in the read confidential keyword data is satisfied, the process proceeds to S355. If the condition for the number of appearances in the read confidential keyword data is not satisfied, the process returns to S320.

  In S355, the process branches depending on whether or not the character size of the keyword of the data to be browsed (the keyword read in S310) satisfies the size condition in the read confidential keyword data. If the size condition in the read confidential keyword data is satisfied, the process proceeds to S360. If the size condition in the read confidential keyword data is not satisfied, the process returns to S320.

  In S360, the confidential keyword data is set as “present”, the process (the confidential keyword check process) is terminated, and the process returns to the caller of the browsing screen generation process (S225 in FIG. 6).

  The configuration and operation of the multifunction device 11 according to the embodiment have been described so far. According to the multifunction device 11 according to the present embodiment, the multifunction device 11 is transmitted from a communication interface (WAN communication unit 15) that is presumed to have a narrow bandwidth. Information is compressed (S239, S245, S249, S247, S253 in FIG. 6), and communication time is required when the bandwidth is one of the problems inherent to WAN. This can reduce the problem of Even in that case, since the presence or absence of compression processing is determined in advance depending on the type of communication interface, there is no need for communication for measuring the bandwidth, and there is no problem of overhead due to such communication. It has the potential to withstand the system.

  In addition, since protection processing (S251 in FIG. 6) is performed on information transmitted from the communication interface (WAN communication unit 15) that is assumed to be less secure on the route, a specific process is performed. It is possible to reduce the problem of information being wiretapped or tampered with on a route, which is one of the problems inherent to the network. In addition, since the process of restricting printing to the user of the distribution destination terminal (S237 in FIG. 6) is also performed, the rights of the information provider can be protected, and as a result, various information is distributed. It becomes easy.

Other embodiments will be described below.
The multifunction device 11 can select on the terminal side whether to give priority to quality or download speed (that is, convert to JPEG format by reducing the image resolution or convert to PDF file) when browsing. However, the compression level (degree of compression rate), the presence / absence of compression, the presence / absence of encryption, and the like may be selectable from the terminal side. If it becomes like this, the usability of the terminal side user will improve more.

1 is a block diagram illustrating a schematic configuration of a multifunction machine according to an embodiment. It is a field list of a content table, a data table, and a keyword table. It is explanatory drawing for demonstrating a confidential keyword table. It is a flowchart for demonstrating browsing processing. It is a flowchart for demonstrating a browsing screen production | generation process. It is a flowchart for demonstrating a browsing screen production | generation process. It is a flowchart for demonstrating a confidential keyword check process. It is an example of a screen for explaining a login screen. It is an example of a screen for explaining a search screen. It is an example of a screen for explaining a browsing screen.

Explanation of symbols

  DESCRIPTION OF SYMBOLS 11 ... MFP, 13 ... LAN communication part, 15 ... WAN communication part, 17 ... FAX communication part, 19 ... FAX encoding part, 21 ... FAX decoding part, 23 ... PC communication part, 25 ... Storage medium access part, 27 ... Recording unit, 29 ... reading unit, 31 ... data storage unit, 33 ... setting storage unit, 35 ... operation unit, 37 ... display unit, 39 ... control unit.

Claims (21)

In an information providing apparatus that transmits and provides information to a plurality of terminals,
A communication means having a plurality of communication interfaces, each of which is connected to a network having a different bandwidth;
Holding means for holding information to be provided to the terminal;
When the type of the communication interface used when taking out and transmitting the information from the holding unit is a predetermined type, after compressing the extracted information, the communication unit sends the information to the terminal. When the type of the communication interface used for transmission is not a predetermined type, a compression transmission unit that transmits the extracted information as it is to the terminal via the communication unit;
An information providing apparatus comprising: The information providing apparatus according to claim 1,
The information providing apparatus according to claim 1, wherein the compression processing performed by the compression transmission means is a reversible compression of the information. In the information provision apparatus of Claim 2,
The information providing apparatus, wherein the compression transmission unit uses gzip (RFC1952) as the lossless compression algorithm. The information providing apparatus according to claim 1,
The information providing apparatus according to claim 1, wherein the compression processing performed by the compression transmission unit is irreversible compression of the information. The information providing apparatus according to claim 4,
The information providing apparatus, wherein the compression transmission means deletes redundant information in the information as the lossy compression. The information providing apparatus according to claim 4,
The information providing apparatus, wherein the compression transmission means uses JPEG (ISO / IEC 10918-1) as the lossy compression algorithm when the information is image information. The information providing apparatus according to claim 4,
When the information is image information, the compression transmission unit performs conversion for reducing the image resolution as the lossy compression. In the information provision apparatus in any one of Claims 1-7,
And further comprising a compression level receiving means for receiving information indicating the compression level from the terminal via the communication means,
The information providing apparatus, wherein the compression transmission unit changes the compression level according to the information received by the compression level reception unit and performs the compression process. In the information provision apparatus in any one of Claims 1-8,
Furthermore, it comprises a compression stop receiving means for receiving information for temporarily stopping the compression processing from the terminal via the communication means,
The compression transmission unit temporarily stops the compression processing according to the information received by the compression stop reception unit, and transmits the information extracted from the holding unit as it is to the terminal via the communication unit. Information providing device. In an information providing apparatus that provides information by transmitting information to a plurality of terminals,
A communication means having a plurality of communication interfaces, each of which is connected to a network with different safety;
Holding means for holding information to be provided to the terminal;
When the type of the communication interface used when taking out and transmitting the information from the holding unit is a predetermined type, the extracted information is subjected to protection processing and then sent to the terminal via the communication unit. When the type of the communication interface used for transmission is not a predetermined type, protected transmission means for transmitting the extracted information as it is to the terminal via the communication means;
An information providing apparatus comprising: In the information provision apparatus of Claim 10,
The information providing apparatus, wherein the protection processing performed by the protection transmission means is encryption of the information. In the information provision apparatus of Claim 10,
The information providing apparatus according to claim 1, wherein the protection processing performed by the protection transmission unit is printing prohibition of the information. In the information provision apparatus in any one of Claims 10-12,
And further comprising protection stop accepting means for accepting information for temporarily stopping the protective processing from the terminal via the communication means,
The protection transmission unit temporarily stops the protection processing according to the information received by the protection stop reception unit, and transmits the information extracted from the holding unit as it is to the terminal via the communication unit. Information providing device. In the information provision apparatus in any one of Claims 1-9,
The communication interface is a network with different characteristics,
Further, when the type of the communication interface used when the compression transmission means transmits is a predetermined type, the information transmitted by the compression transmission means is protected, and the protection processing is performed. An information providing apparatus comprising: a protection transmission unit that causes the compressed transmission unit to transmit information. The information providing apparatus according to claim 14,
The information providing apparatus, wherein the protection processing performed by the protection transmission means is encryption of the information. The information providing apparatus according to claim 14,
The information providing apparatus according to claim 1, wherein the protection processing performed by the protection transmission unit is printing prohibition of the information. In the information provision apparatus in any one of Claims 14-16,
And further comprising protection stop accepting means for accepting information for temporarily stopping the protective processing from the terminal via the communication means,
The information providing apparatus, wherein the protection transmission unit temporarily stops the protection processing according to the information received by the protection stop reception unit. In the information provision apparatus in any one of Claims 1-17,
The information providing apparatus further comprises router means for routing information between the communication interfaces. In the information provision apparatus in any one of Claims 1-18,
The information providing apparatus further comprising: a printing unit that prints the information held by the holding unit or the information received via the communication unit on a print medium. In the information provision apparatus in any one of Claims 1-19,
The information providing apparatus further comprises a scanner unit that reads information printed on a print medium and causes the holding unit to hold the read information or to transmit the information via the communication unit. In the information provision apparatus in any one of Claims 1-20,
The information providing apparatus further comprising: facsimile means for transmitting the information held by the holding means or the information received via the communication means to another terminal via a telephone line.

Images