JP2006350629A - Clustering system - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To protect, when even one of network printers constituting a cluster is excluded from the configuration, the data stored in the printer concerned. <P>SOLUTION: The clustering system comprises a detection means detecting that a network printer is excluded from clustering; a device lock means prohibiting, based on the detection means, fetching of information data stored in the network printer or stopping printing operation of the printer, and a lock confirmation response means reporting the execution of device lock by the device lock means to a network manager. Even if one network printer is excluded from the configuration, this network printer is made unusable. <P>COPYRIGHT: (C)2007,JPO&INPIT

Description

  The present invention relates to a clustering system composed of a plurality of network printing apparatuses, and when at least one of the plurality of network printing apparatuses constituting the cluster is out of the configuration, data stored in the network printing apparatus Spillage and unauthorized use are prohibited. In the present specification, the network printing apparatus is mainly described in relation to the present invention, but personal information data and input images are also included in the network peripheral apparatus such as an image scanner / FAX having other network interfaces. A device that can store and store print data and the like is included in the technical field of the present invention.

  In recent years, a lot of personal information, input images, and print data are temporarily or permanently stored in network input / output devices such as network printers and network image scanners, and printed as needed. This trend is increasing. However, when these network printing apparatuses are separated from the owner due to loss or theft, various problems occur. In that case, it is first necessary to prevent the personal information data and print data mounted on the apparatus from being leaked or lost, and to ensure that the data and the apparatus are returned to the original apparatus owner. However, in such a case, there is no effective means such as contacting the network printing apparatus that has left the owner and taking action.

  In the case of theft or loss of a network printing apparatus, the following request is requested from the apparatus owner for security protection.

  (a) If a network printing device is stolen and this network printing device has a lot of personal information data and print data, these data must not be leaked to the outside and must be kept confidential. I must.

  (b) When a network printing device is stolen, printing using this network device must be prevented.

  (c) If the network printing device is lost, the person who found this network printing device should be able to easily understand where to return it by using a message via the operation panel or the network.

  (d) When the network printing device is stolen or lost, it alerts people in the vicinity by beeping, message notification, etc. This way, someone might discover this.

  Moreover, the following measures have been proposed as a conventional method of coping.

  (a) To prevent someone from using this network printing device illegally, the owner changes the setting so that the network printing device cancels all printing or saves it in the HDD and does not print. If requested, this network printing device will be disabled.

  (b) Since the network printing apparatus has a function of manually locking the apparatus security by inputting a password unique to the apparatus, the owner uses the apparatus while frequently locking it.

As another conventional example, Patent Literature 1 and Patent Literature 2 can be cited.
JP 2000-155729 A JP 2004-185106 A

  However, the conventional techniques have the following problems.

  The network administrator can prevent someone from using the network printing device by changing the setting so that the network printing device is not printed. However, the personal information data and the print data are stored in the network printing device. Since it is left inside and can still be used effectively, it may be taken outside.

  Most of the owners do not use the network printer's security lock function because it is cumbersome and inconvenient. Therefore, after this network printing apparatus is stolen or lost, there is no way to operate the security lock function.

  ・ Beep alerts are not very useful today.

  -There is a growing demand for personal information data and print data stored and held in network printing apparatuses to be kept confidential.

  The present invention has been made in view of the problems of the conventional apparatus as described above, and is equipped with a new remote lock function that does not depend on the security lock mechanism set by the owner as in the prior art. Has remote security features that can reliably and easily prevent printing without the permission of the printing device owner and illegal access and use of personal information and print data An object is to provide a network printing apparatus.

  The network printing apparatus of the present invention that achieves the above object has the following configuration.

  That is, a network printing apparatus that is connected to the Internet or an intranet, can transmit / receive data to / from the apparatus owner, and can store and store personal information data in the apparatus, from the original apparatus owner Loss information detection means for detecting a message or command sent by the network administrator based on the loss notification made to the network administrator, and the removal of information data stored in the network printing device based on the lost information detection means Device lock means for stopping the printing operation; and lock confirmation response means for notifying the network administrator that the device lock has been executed by the device lock means.

  As described above, according to the network printing apparatus of the present invention, the following excellent effects are exhibited. That is, a highly reliable network printing apparatus with a security function that is operated by remote management by a network administrator can be easily realized with an inexpensive apparatus or system with an extremely simple configuration. Then, it becomes possible to efficiently and reliably execute a third party so that printing cannot be performed without the permission of the owner of the network printing apparatus and that information in the printer cannot be read.

  Next, details of the present invention will be described in accordance with the description of the embodiments.

[First embodiment]
Embodiments of a network printing apparatus according to the present invention will be described below in detail with reference to the accompanying drawings. FIG. 1 is a block diagram showing a configuration of a cooperative relationship including a network printing apparatus and an apparatus owner-network administrator according to the present invention. The network printing apparatus 50 may be equipped with a FAX transmission / reception function (not shown).

  FIG. 3 is a flowchart showing the flow of execution of the lock function of the network printing apparatus according to the present invention, and FIG. 4 is an explanatory diagram showing the exchange of messages, commands, etc. accompanying the lock function. The network administrator of the present invention refers to an administrator and a management server machine that collectively manage installation locations and operating states of network printing apparatuses in a network.

  The network printing apparatus of the present invention has the following characteristics.

  The original owner of the network printing device can request the network administrator to send a message request or command that prevents unauthorized use of the device.

  When the device receives a report from the network manager that there is no network printing device, the printing stop or memory protection function of the device is remotely activated, and the device is suspended.

  A special type of message request or command is sent to the network printing device by the network administrator.

  The network printer can lock the memory, printing mechanism, or UI (user interface) and display a message on the operation panel when it receives those special types of short messages or special commands. .

  ・ The special message can be alerted via the network interface by setting an error status in MIB (Message Information Base).

  -The special message can be alerted via the network interface by sending an e-mail to the network administrator.

  ・ The special message can be alarmed with an alarm sound or beep.

  The network printing device automatically sends a confirmation acknowledgment (acknowledgment) to the network administrator.

  The network printing apparatus of the present invention is used and implemented in the relationship with [the apparatus owner 30, the network manager 40, and the network printing apparatus 103] as shown in FIG. First, <device owner 30> is the owner of the network printing device, and is indicated by the device owner client machine 31. <Network administrator 40> includes a management server machine 41 as an example of the configuration. The operation in the network management server machine 41 may be either directly operated by an operator or a program provided with an automatic response function.

  <Network printing device 103> is a network printing device (including all network peripheral devices) possessed by device owner 30 as an example of the configuration. The network printing apparatus 103 includes an internal bus 111, a network interface 112, a CPU 113 (including a CPU and storing device programs), an HDD 114 (personal information data and print job data can be stored and stored), and a RAM (memory) 115. (Control unit for the entire apparatus including the memory control unit), other than the network, other interface 116 such as serial or parallel, image forming unit 117 for forming an image from PDL, operation panel 118 (by LCD or the like), printing unit (printing) Engine) 119.

  With the overall configuration as shown in FIG. 2, the device owner 30 of the present invention can transmit and receive with the network administrator 40 and can store and store personal information data and print data in the memory 115 of the network printing device 103. The network administrator 40 transmits a message or command from the network management server machine 41 via the network 101 based on the notification of loss or theft made from the original device owner 30 to the network administrator 40, and this is transmitted to the network administrator 40. The printing apparatus 103 has lost information detection means for detecting through the network interface 112. Then, based on the lost information detection means, the apparatus lock means for prohibiting the retrieval of the information data stored in the apparatus (locking the memory unit 115) or stopping the printing unit 119 of the apparatus, and the device lock means execute the device lock. And a lock confirmation response means for notifying the network administrator 40 of the fact. The operation and execution of these lost information detection means, device lock means, and lock confirmation response means are controlled by the CPU 113. It should be noted that these means cannot normally operate when the apparatus is turned off. Therefore, it is also possible to make a specially configured device that operates even when the device power is turned off.

  The device locking means in the network printing apparatus 103 displays a message on the network printing apparatus 103 (screen display on the operation panel 118), generates a warning sound (sounds a beep sound from a speaker not shown in the operation panel 118, etc.). It is recommended that the operation be executed with the alarm function activated). Further, the lock confirmation response means lock in the network printing apparatus 103 is preferably executed on the network administrator 40 side with a message display or warning sound generation.

  Next, according to FIG. 3, when implementing the lock function of the mobile telephone device according to the present invention, the flow is divided into two sides, <Network Manager 40> and <Network Printing Device 103>, and the flow is as follows. is there.

  <Network Administrator 40> The user 30 (owner 30) notices that the network printing apparatus 103 has disappeared (step S10). → The user 30 contacts the network management server machine 40 (not limited to a person but may be a device) and notifies the loss of the device 103 (step S11). → The network server management machine 41 performs a procedure for sending a special short message or command to the network printing apparatus 103 (step S12).

  Next, the process proceeds to <network printing apparatus 103>. The network printing apparatus 103 receives the special short message or command (step S13). → The network printing apparatus 103 determines whether these are special short messages or commands that are originally transmitted when the owner 30 loses the apparatus (step S14). If it is No here, these are processed as normal messages (step S15).

  Therefore, if Yes, a command (some messages are included in the message) is executed (step S16). → The memory unit 115 and / or the HDD unit 114 of the device 103 is locked (step S17). → The device 103 is locked (step S18). → A message is displayed on the operation panel 118 of the network printing apparatus 103. At this time, the text may be included in the short message. (Step S18). → The beep sound is generated and the alarm function is executed (step S19). → Sends a confirmation response (command) to the network management server machine 41. Then, the process returns to <network administrator 40> and receives a confirmation response (command) from the device 103 (step S22). → The user is notified of this (step S23), and a series of flows is executed.

  It is explanatory drawing which shows transmission / reception of a message, a command response, etc. in connection with implementing the lock function of the network printing apparatus 103 by this invention. The network administrator 40 side may transmit a command for executing a lock or an alarm to the apparatus side through the data channel via the layer 3. A message display command is sent from the network manager 40 to display a message on the display unit 55 of the apparatus 50, and the network printing apparatus 103 responds by sending a confirmation response (acknowledgement) command.

  FIG. 4 shows an example of a message displayed on the operation panel 118 in accordance with a command or message sent from the network management server machine 41. Reference numeral 301 is for letting the user recognize that the network printing apparatus 103 cannot print, and 302 is for announcing the recovery method to the user.

  FIG. 5 is an example of print job data and personal information data stored in the network printing apparatus 103 and to be protected. 401 is an example of print job data. The type of print job data is determined according to the installed printer description language (PDL). 402 is an example of personal information data. The type of personal information held may differ depending on the device, but here, representative examples include user name, e-mail address, billing information, and information about jobs waiting to be printed.

  FIG. 6 is an example of a FAX transmission address book and a FAX transmission log. Although not shown, the network printing apparatus 50 can be equipped with a FAX transmission / reception unit. If a FAX transmission / reception unit is installed, the FAX address book and FAX transmission / reception history information are also protected because they can be regarded as confidential information data, such as related to accounting.

  FIG. 7 shows an example of a UI for preventing unauthorized use of the printer. When it is detected that the printer has been moved during the activation of the printer, a message to the user is displayed on the printer operation panel 118 (601), and then the admin password is waited for (602). In this case, you cannot proceed until the correct Admin password is entered. Note that a model such as an external print controller that displays a BOOT screen when the printer is activated may be displayed on a printer BOOT screen (not shown) instead of the printer operation panel 118 (603, 604). FIG. 8 shows an example in which a printer call is replaced with a service call. In this case, since the user cannot do anything until the service person comes, the data is surely protected. Furthermore, since the called service person knows the illegal movement and is transmitted to the information network of the sales company, the incident is solved if the original owner has reported the theft. (605, 606).

  9 and 10 show an example of movement detection when the printer 50 is moved from the network 101 to the network 101a. The flowchart shown in FIG. 10 will be described. When the printer 50a is activated (S701), the MAC addresses in the same segment are collected (S702), and a MAC address list table 76 is created. Here, it is assumed that the table 75 / table 76 exists on the HDD 114 and the RAM 115. Subsequently, the table 76 and the table 75 are compared (S703). The table 75 is created when the printer is activated last time. If it is assumed that the printer has moved between 75 and 76, 75 is before movement and 76 is after movement. If the tables are compared and a common MAC address is included (S704), it is assumed that the printer has not moved, and the activation of the printer is continued (S710). If no MAC address is included (S704), the password entry screen is displayed (S705). If the Admin password cannot be entered, an infinite loop is entered. If the Admin password is correctly entered (S706), the next question is whether to erase the HDD (S707). If Yes, the HDD is erased (S708). Otherwise, the process proceeds to S709 without erasing. In step S709, the table 76 is overwritten on the table 75, and the printer is continuously started after considering that the next MAC address is the same MAC address (S710).

  11 and 12 show an example of movement detection in the external printer controller 801. FIG. It is assumed that the external controller 801 and the print engine 803 are connected via a local communication cable 802, and the external printer controller can be connected to another print engine via the local communication cable 802. The print engine 803 is uniquely identified by the model name and the engine serial number.

  The flowchart shown in FIG. 12 will be described. When the printer is activated (S801), the engine serial number is compared with that at the previous activation (S802). It is assumed that the engine serial number at the previous activation is stored on the HDD 114 and the RAM 115 of the printer 50. If the previous and current engine serial numbers match, the printer continues to be activated (S808). If they do not match, the screen shifts to a password input screen and prompts the user to input an Admin password (S803). If the user doesn't know the Admin password, he gets into an infinite loop. If the correct Admin password is entered, the next question is whether to erase the HDD (S805). If Yes, the HDD is erased (S806). If not, the HDD is not erased and the process proceeds to S807. In S807, the current engine serial number is overwritten on the previous engine serial number, and the startup of the printer is continued after considering that the serial number mismatch does not occur at the next startup (S808).

[Second Embodiment]
In the first embodiment, only the personal information data and the print data are protected because of the relationship described with respect to the network printing apparatus. A network input / output device characterized by protecting image data.

[Third embodiment]
In the first embodiment, the printer controller system is stopped as a means for stopping the printing operation. However, the printer controller is operated as it is, so that all the print data is skipped inside the printer and is not printed. A network printer.

It is a block diagram which shows the structure of the cooperation relation containing the network printing apparatus by this invention, and an apparatus owner-network administrator. It is a block diagram which shows the structure of the cooperation relation containing the network printing apparatus by this invention, and an apparatus owner-network administrator. It is a flowchart figure which shows the flow of implementation of the apparatus lock function of the network printing apparatus by this invention. It is one Example explaining the apparatus lock function of the network printing apparatus by this invention. It is one Example explaining the storage format of the print job data by this invention, and personal information data. It is one Example explaining the FAX transmission address book and FAX transmission log by this invention. It is an Example explaining UI when detecting a movement of a printer and locking an apparatus. It is an Example explaining UI when detecting a movement of a printer and locking an apparatus. FIG. 6 is an example illustrating a means for detecting movement when the printer is connected to another network. FIG. FIG. 6 is an example illustrating a means for detecting movement when the printer is connected to another network. FIG. 6 is an example illustrating a means for detecting movement when an external print controller is connected to another engine. 6 is an example illustrating a means for detecting movement when an external print controller is connected to another engine.

Explanation of symbols

DESCRIPTION OF SYMBOLS 101 Network 102 Information processing apparatus 103 Image processing apparatus 111 Internal bus 112 Network interface 113 CPU
114 HDD
115 RAM
116 Other Interfaces 117 Image Forming Unit 118 Operation Panel 119 Printing Unit (Print Engine)
S201 Flowchart of image processing apparatus main task 301 Operation panel screen 1 (operation panel 118)
302 Operation panel screen 2 (operation panel 118)
401 Print job data (RAM 115)
402 Personal information data (RAM115)
30 Device owner 40 Network administrator 50 Network printing device

Claims (8)

From multiple network printers connected to the Internet or an intranet, capable of sending and receiving data with the device owner, and storing registration information such as personal information data and print data in the device In the clustering system configured,
In the network printing here, a detecting means for detecting that it is out of clustering;
A device locking unit for prohibiting the retrieval of information data stored in the network printing device based on the detection unit or stopping the printing operation of the device;
Lock confirmation response means for notifying the network administrator that the device lock has been executed by the device lock means;
A clustering system characterized by comprising: Regarding the device locking means in the clustering system according to claim 1, as means for stopping the printing operation,
Means for stopping the printer controller system by the printer operation unit;
Means to skip all print data inside the printer,
Or means to intentionally cause a jam when feeding the paper and not transfer the output image to the paper,
A clustering system characterized by comprising: Regarding the lost information detecting means according to claim 1, as means for detecting lost,
When starting the printer, check the MAC address of the neighboring network device, and if it has been changed compared to the previous startup, means to not start the printer,
Or in the case of a printer with an external type print controller, check the engine serial number, and if it has been changed compared to when it was started last time, means to not start the printer,
A clustering system characterized by comprising:   2. The clustering system according to claim 1, wherein the device lock means is operated with a message display or warning sound generation on an operation panel attached to the network printing apparatus.   2. The clustering system according to claim 1, wherein the lock confirmation response means is operated with message display or warning sound generation on the network administrator side. Regarding the information data stored in the network printing device according to claim 1, when the network printing device itself is equipped with a FAX, the FAX address book and FAX transmission / reception history information are also prohibited from being taken out. Clustering system. The clustering system according to claim 2, further comprising: an unlocking unit that allows an Admin password to be input to unlock the device. Regarding the lost information detecting means according to claim 3, when the loss is released by the unlocking means according to claim 7,
Means to prevent the loss at the next startup by overwriting the MAC address table saved at the previous startup with the current MAC address table,
Or
In the case of a printer equipped with an external type print controller, the engine serial number when it was last started is overwritten with the current engine serial number, so that there is a means to prevent loss at the next startup. A clustering system characterized by

Images