JP2007174186A - Information unit, and computer readable recording medium - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To avoid an information unit from being suddenly suspended because of log full. <P>SOLUTION: Information equipment 1 stores into a log storage section 108 an event log including the execution or the setting of a job produced in the self-equipment. When information including a user ID and a password for authentication is input to an authentication section 103 together with an authentication request, the authentication section 103 decides whether the operation including the job execution or setting to the self-equipment is to be authenticated, based on the above information. When the logs stored in the log storage section 108 reach a preset upper limit value, the authentication requests being input thereafter are rejected. <P>COPYRIGHT: (C)2007,JPO&INPIT

Description

  The present invention relates to an information apparatus including a copying machine, a multi-function peripheral, a printer, a scanner, and a computer capable of collecting history information of events that have occurred in the apparatus itself, and a computer-readable recording medium.

In recent years, there have been many cases of information leaks on the stage of companies, and the cost of recovering them has become impossible to ignore in corporate management.
Under such circumstances, the importance of security protection is recognized by companies, and the management system and security of information devices (also referred to as “information devices”) including copiers, multifunction devices, printers, scanners, and computers are regarded as important. It has become.
Therefore, user authentication is always required when inputting / outputting information to / from an information device, and history information (logs) is stored in the form of “who did what on the device” and what happened on the device. Saving is important for customers who care about security.

By storing the log as described above, if any incident occurs, the leakage path can be determined from the log, and this information device can be informed in advance that the history has been taken. As a result, it is possible to suppress unauthorized access by a malicious person.
Further, in companies, reduction of total cost ownership (TCO), which is the total amount of expenses related to the introduction, maintenance, and management of computer systems, is recognized as an important issue.
In that case, it is required to set a reduction target for each department and to grasp the progress and achievement rate.

For example, the operating cost of a laser printer (LP) / multifunction peripheral (a personal computer peripheral device having a plurality of functions such as a printer, a fax, a copy, a scanner, etc .: MFP) is also an object.
Further, it is routinely performed to continuously acquire a log when processing is executed by the information apparatus and use the log as material for cost analysis.
Next, when logging an event that occurred in the information device, it is due to a power failure or disconnection of the power outlet before the log is stored in the nonvolatile recording medium (also referred to as “nonvolatile storage medium”). Considering the occurrence of power interruption, it is necessary to store logs in a nonvolatile recording medium in the information device.

In addition, since there may be a plurality of information devices for a plurality of devices, a method is adopted in which a server for managing logs in a batch is set up and logs are transferred to the server.
By performing “accumulation in the information apparatus + transfer to the log server” as described above, it is possible to prevent an important log from disappearing.
The log transfer timing to the log server can be transferred periodically or when an event occurs.
The best way to do this is when something happens, but periodic forwarding is often used because of network load.

However, the problem in the case of “accumulation in the information device + transfer to the log server” is that “log full” in which untransferred logs are accumulated in the information device and the capacity of the nonvolatile storage medium is exceeded. It is.
For example, log full may occur in the following two cases.
1) During regular transfer, when there is a large amount of log writing to the non-volatile storage medium by the next transfer timing 2) Even when transfer occurs when an event occurs, the log can be transferred to the server due to a temporary failure in the communication path If not

When a log full occurs, it is desirable to overwrite the transferred log, but when there is no transferred log and all are untransferred logs, the following two processes are conceivable.
1) Overwrite the untransferred log 2) Stop the information device before the log becomes full so that no more log events occur.
However, since important logs are lost without being saved, overwriting of untransferred logs should be avoided if possible.
Of course, depending on the operation (for example, when a customer who does not attach importance to security is a user), there are cases where overwriting is possible, so it is desirable that two operations can be selected.
Conventionally, there has been a log management method using “accumulation in an information device + transfer to a log server” (see, for example, Patent Document 1).
JP 2001-350652 A

However, when the information device becomes full, if the information device is stopped, there is an advantage in that the occurrence of a new log event is suppressed, and the log in the previous information device is not lost. This method is very effective for an information device as a server or an information device that is used only by a specific user (when operated only by an administrator). In this case, there is a problem that the information device is suddenly stopped, which causes great anxiety to the user who is using the information device.
The present invention has been made in view of the above points, and an object of the present invention is to prevent a situation in which a sudden stop occurs due to log full.

In order to achieve the above object, the present invention provides the following information device and computer-readable program.
(1) Storage means for storing event history information including job execution or settings that occurred in the own device, and when authentication information is input together with an authentication request to the own device, An authentication unit for determining whether or not to authenticate an operation including job execution or setting for the apparatus, and when the history information stored in the storage unit reaches a preset upper limit value; An information device provided with rejection means for rejecting an authentication request input thereafter.
(2) In the information apparatus of (1), when the authentication means includes information indicating an administrator in the authentication information input together with the authentication request, the rejection means issues an authentication request. An information device provided with means for preventing rejection.
(3) In the information device according to (1) or (2), if the log-in is in progress when the history information stored in the storage means reaches a preset upper limit value in the authentication means, the login is automatically performed. Information device provided with means for logging out automatically.

(4) In the information device of (1) or (2), if the log-in is being performed when the history information stored in the storage unit reaches a preset upper limit value in the authentication unit, An information device provided with means for preventing new operations from being accepted.
(5) The information apparatus according to (1), wherein means for setting the rejection request so as not to reject the authentication request is provided.
(6) The information device according to (5), wherein the storage device is provided with means for storing history information of an event that the setting has been made.
(7) In the information device of (1), when the history information stored in the storage means reaches a preset upper limit value, the history information of events that have occurred thereafter is reserved in the storage means. An information device provided with means for storing in an area.

(8) In the information device of (7) above, when the history information stored in the reserved area of the storage means reaches a preset upper limit, only the number of occurrences for each type of event occurring after that is counted An information device provided with means for storing information.
(9) In the information device according to any one of (1) to (8), history information on an event that the history information stored in the storage means has reached a preset upper limit value is stored in the storage means. An information device provided with means for causing
(10) In the information device according to any one of (1) to (9), when the history information stored in the storage unit reaches a preset upper limit value, the history information stored in the storage unit is deleted. An information device provided with a deleting means.
(11) The information device according to (10), wherein a history information is deleted by the deleting unit only when requested by an administrator.

(12) The information device according to (10) or (11), wherein the storage means is provided with means for storing history information of an event that the history information stored in the storage means has been deleted.
(13) In the information device according to any one of (10) to (12), the storage unit stores the history information of the event that the history information stored in the storage unit is deleted by the deletion unit. Information device provided with means.
(14) In the information device according to any one of (10) to (13), history information stored in the storage unit by the deletion unit is deleted from the authentication unit and stored in the storage unit. An information apparatus provided with means for resuming authentication of an input authentication request when history information is less than a preset upper limit value.
(15) The information apparatus according to any one of (1) to (14), wherein means for notifying that the authentication is rejected by the rejection means is provided.

(16) When a storage procedure for storing history information of an event including job execution or setting that has occurred in the own device is input to the computer, and information for authentication is input together with an authentication request to the own device, Based on the authentication procedure for determining whether to authenticate the operation including job execution or setting for the own device based on the history information stored by the storage procedure reaches a preset upper limit value, it is input after that A computer-readable recording medium having recorded thereon a program for executing a rejection procedure for rejecting an authentication request.

The information device according to the present invention can prevent a situation where the information device suddenly stops due to log full.
In addition, the computer-readable recording medium of the present invention allows a computer to easily introduce a function that prevents a computer from suddenly stopping due to log full.

Hereinafter, the best mode for carrying out the present invention will be specifically described with reference to the drawings.
〔Example〕
FIG. 1 is a block diagram showing an internal configuration of an information device which is an embodiment of the information apparatus of the present invention and a PC which is a remote information apparatus existing outside the information apparatus. Arrows in the figure indicate communication between modules, and thick arrows indicate a case where a response (a message in the reverse direction) exists.
The PC 101 is an information processing apparatus including a personal computer that outputs various requests to the information device 1 by user operation and acquires various information including logs from the information device 1.

The request includes, for example, a job execution request including a reprint instruction for a document accumulated in the information device 1, and since it cannot be determined whether or not the PC 101 is logged in in the information device 1, there is a request from the PC 101. 1-shot authentication request for requesting authentication to the information device 1 every time it is performed, setting request for request to change the setting in the information device 1 from the PC 101, history information of events generated in the information device 1 with respect to the information device 1 (“ There are various requests including a log download request for requesting acquisition of a log.
The operation unit 102 exists in the information device 1, and the user requests the information device 1 for various requests including a login request, a logout request, a setting request, and a job execution request, and the login device itself. The user ID and password are input, and various information corresponding to the input is displayed.

  The authentication unit 103 stores a combination of a user ID assigned to each user who can use the information device 1 and a password set by each user, and stores the user ID and password stored in advance. When a combination is input, an authentication process is performed to determine that the user who has input the combination is a user who can use the information device 1. Similarly, authentication of the manager of the information device 1 (corresponding to the information device manager and the information device manager) is also performed here. Further, it receives a login request, a logout request, and a one-shot authentication request, and returns a result in response thereto. Further, for example, in order to leave a log that Mr. A has logged in at 3:30 pm, an authentication status log is written in the log storage unit 108. Further, in response to the log full status notification from the log storage unit 108, the general user from the operation unit 102 is denied authentication, and the operation unit is notified of auto logout. The authentication unit 103 functions as each unit including an authentication unit, a rejection unit, and a unit for storing a log according to the present invention.

The job execution unit 104 handles a series of execution operations as a job. For example, a copying operation and a printer printing operation are handled as jobs. In addition, the log deletion request is handled as a job here. For job execution, a request is received from the operation unit 102 or the PC 101, processing is performed, and processing for writing the contents as a log is performed. Further, in response to the log full status notification from the log storage unit 108, processing is performed to cancel execution of a new job. The job execution unit 104 functions as each unit including a deleting unit and a log storing unit according to the present invention.
The setting unit 105 performs various setting operations of the information device 1. In response to a request from the operation unit 102 or the PC 101, the setting is changed. Further, there is a process of writing a log, which is history information indicating what kind of setting has been changed, to the log storage unit 108. The setting unit 105 functions as means for storing a log according to the present invention.
The voluntary execution unit 107 is a module that performs a process that needs to be executed by itself without receiving a request from another. The process includes, for example, NTP time setting. A log of the contents of this execution is also written in the log storage unit 108. The voluntary execution unit 107 functions as means for storing a log according to the present invention.

The log storage unit 108 receives a log write request from another module and performs a process of writing various logs to a nonvolatile storage medium (HDD). In addition, it determines whether the log is full, and notifies the job execution unit 104 and the authentication unit 103 of the log full status when the log is full and when the log full is canceled. The log storage unit 108 functions as each unit including the storage unit according to the present invention.
The log server 109 stores a log transferred from the log storage unit 108 of the information device 1.
The timer unit 110 is a timer that notifies the log storage unit 108 that a certain period of time has elapsed as a trigger for transferring the accumulated logs to the log server 109 at regular time intervals.
A step 120 (indicated by “S” in the figure) 120 is an input of a setting request from the operation unit 102 to the setting unit 105.

S 121 is an input of a job execution request from the operation unit 102 to the job execution unit 104.
S122 is an input of a login request and logout request from the operation unit 102 to the authentication unit 103.
S123 is an input of a job execution request from the PC 101 to the job execution unit 104.
S 124 is an input of a one-shot authentication request from the PC 101 to the authentication unit 103.
S 125 is an input of a setting request from the PC 101 to the setting unit 105.
S 126 is an input of a log download request from the PC 101 to the log storage unit 108.
S 127 is an output of a log full status notification from the log storage unit 108 to the job execution unit 104.

S 128 is an output of a log deletion request from the job execution unit 104 to the log storage unit 108.
S 129 is an output of a log full status notification from the log storage unit 108 to the authentication unit 103.
S 130 is an output of an auto logout notification from the authentication unit 103 to the operation unit 102.
In step S131, the timer unit 110 notifies the log storage unit 108 that a certain time has elapsed.
S 140 is an output of a log write request from the job execution unit 104 to the log storage unit 108.
S 141 is an output of a log write request from the authentication unit 103 to the log storage unit 108.
S 142 is an output of a log write request from the setting unit 105 to the log storage unit 108.
S143 is log transfer from the log storage unit 108 to the log server 109.
S146 is an output of a log write request from the voluntary execution unit 107 to the log storage unit 108.

FIG. 2 is a block diagram showing a hardware configuration of the information device 1 shown in FIG.
The CPU 201 governs overall control of the information device 1. This information device 1 operates with one CPU.
The ROM 202 stores data including various programs executed by the CPU 201.
The RAM 203 stores various data when the ROM 202 program is executed. It is also used as an image input / output memory and HDD access memory.
The operation unit 204 corresponds to the operation unit 102 in FIG.
The nonvolatile RAM 205 stores various types of information including setting values for the information device 1.
The document reading device 206 reads an image of the document, and the read content (image data) is recorded in the RAM 203 via the MSU 208. It is also possible to recognize the size of the document.

An HDD (Hard Disk Drive) 207 is a storage device that stores various data including a log of events that have occurred in the information device 1. The HDD 207 functions as the log storage unit 108 in FIG.
An MSU (Memory SuperchargerUnit: controller for memory) 208 controls each unit including an image memory in response to a command from the CPU 201. The main functions are listed below.
(1) The contents written in the RAM 203 are transferred to the HDD 207 and written.
(2) Read the contents of the HDD 207 and write it to the RAM 203.
(3) Read and write the contents of the RAM 203 from the CPU 201.
(4) The image read by the document reading device 206 is developed in the RAM 203.
(5) The image data in the RAM 203 is printed by the printing device 209.
The printing apparatus 209 prints image data on a sheet.

A real time clock (RTC) 210 corresponds to the timer unit 110 in FIG. 1 and notifies the CPU 201 of the time. The RTC 210 can be set to notify the CPU 201 for log transfer at every elapse of a predetermined time.
A network interface card (NIC) 211 controls communication for transferring logs stored in the HDD 207 to the log server 213 (corresponding to the log server 109 in FIG. 1).
The PC 212 is a remote information device corresponding to the PC 101 in FIG.
The log server 213 corresponds to the log server 109 in FIG. 1 and is an information processing apparatus that accumulates and stores logs transferred from the information device 1 at regular intervals.
The CPU 201, the ROM 202, and the nonvolatile RAM 205 realize the functions of the authentication unit 103, the job execution unit 104, the setting unit 105, and the spontaneous execution unit 107 in FIG.
Further, a program for causing the CPU to execute each procedure for realizing each means according to the present invention is recorded on a computer-readable recording medium including a CD and a DVD (not shown), and the recording medium is passed through the recording medium. By installing the program in a normal information device, the function as the information device 1 can be realized.

FIG. 3 is a diagram showing an example of a list of logs accumulated in the information device 1 shown in FIG.
This log is history information of the event (for example, various requested operations by the operator and execution of the requested function) that is accumulated every time various events occur in the information device 1, for example, As shown in the figure, an item of an operator type for the information device 1, an item of a type of request made by the operator, an item of a result indicating whether the request has succeeded or failed, and a request The item of the time of occurrence is recorded in time series. The types of request include, for example, “log full operation setting”, “log full”, “log full release”, and “log deletion”.
In this way, all the logs indicating who did what and what to the information device 1 are stored and stored so that they can be output.

FIG. 4 is a diagram showing a series of operations from log accumulation to log full in the information device 1 until the information device administrator performs a recovery operation in terms of a time axis and the number of log storage (registration) cases.
The information device 1 stores the attribute of the log of an event that has occurred with the passage of time from the state where the number of log storage items is 0 as a normal operation each time. The log attributes are information on all items of the history information stored in advance shown in FIG. When the accumulated number of logs reaches the preset log full number, it is determined that the log is full, and the logs are accumulated up to the preset reserved area number in the reserved area provided in advance. After that, when logs are accumulated up to the number of reserved areas, after that, only the number of events for each type of event (for example, request types including "Log full operation setting", "Log full", "Log full release", "Log deletion") is counted. To do. Then, when a predetermined time has elapsed, the accumulated log is transferred to the log server and stored. Although the number of log storage cases has been described here, log accumulation and recovery processing can be similarly performed based on the log storage capacity.

In this way, accumulation of logs in the log storage unit proceeds without transfer of logs to the log server, the log storage unit becomes in a log full state, and logs can be recorded up to a reserved area provided in advance. .
In addition, when the log is recorded, after the reserved area is full, only the number of occurrences for each event type is counted.
When a recovery operation is performed by the information device administrator when the log is full, all logs are transferred to the log server for recovery, and the logs of the own device are deleted at once.

FIG. 5 is a diagram illustrating an example of the count value of the number of cases for each event type.
Here, five types of events, “login”, “logout”, “one-shot authentication”, “copy”, and “information device setting”, are shown.
In this way, it is possible to record how many events of that type have occurred for each of the five types of events up to a predetermined number.

6 shows the operation unit 102, the authentication unit 103, the job execution unit 104, the setting unit 105, and the log storage shown in FIG. 1 until the user logs in to the information device 1 shown in FIG. FIG. 6 is a sequence diagram showing exchange of information between units 108.
Step 601 (indicated by “S” in the figure) is a login operation to the information device 1 by the user, and is entered by pressing the login key of the operation unit 102.
In step 602 (operation of S122 in FIG. 1), the operation unit 102 detects the input of the login key and outputs a login request to the authentication unit 103.
In step 603 (operation of S141 in FIG. 1), the authentication unit 103 detects the login request and outputs a log write request for the login request to the log storage unit 108. The log storage unit 108 writes and stores a log for the login request based on the log write request.

In step 604, the authentication unit 103 executes authentication processing based on the login request, and outputs a login response (login success) to the operation unit 102 when the authentication is successful. The operation unit 102 enables various request inputs thereafter.
In step 605, the user inputs a setting value from the operation unit 102. For example, when the log full setting screen shown in FIG. 38 is displayed on the touch panel of the operation unit 102, the user can input the log full setting from the operation unit 102. In this log full setting screen, it is possible to set whether or not to reject an authentication request from an information device manager other than the information device manager when the log is full.
In step 606 (operation of S120 in FIG. 1), the operation unit 102 outputs the setting request for the set value input to the setting unit 105.
In step 607, the setting unit 105 executes the setting value setting operation based on the setting request.

In step 608 (operation of S142 in FIG. 1), the setting unit 105 outputs a log write request for the setting operation to the log storage unit. The log storage unit 108 writes and stores a log for the setting operation based on the log write request.
In step 609, the setting unit 105 outputs a setting response that is a response to the setting request to the operation unit 102. For example, information indicating completion of setting is output by the setting operation.
In step 610, the user inputs a job execution operation for requesting execution of a desired job from the operation unit 102.
In step 611 (operation of S121 in FIG. 1), the operation unit 102 outputs a job execution request for the job instructed by the job execution operation to the job execution unit 104.

In step 612, the job execution unit 104 executes the instructed job based on the job execution request.
In step 613 (operation of S140 in FIG. 1), the job execution unit 104 outputs a log write request for job execution to the log storage unit. The log storage unit 108 writes and stores a log for job execution based on the log write request.
In step 614, the job execution unit 104 outputs a job execution response as a response to the job execution request to the operation unit 102. For example, job result information is output.
Step 615 is a logout operation to the information device 1 by the user, and is entered by pressing the logout key of the operation unit 102.

In step 616 (operation of S122 in FIG. 1), the operation unit 102 detects the input of the logout key and outputs a logout request to the authentication unit 103.
In step 617 (operation of S141 in FIG. 1), the authentication unit 103 detects the logout request and outputs a log write request for the logout request to the log storage unit 108. The log storage unit 108 writes and stores a log for the logout request based on the log write request.
In step 618, the authentication unit 103 executes logout processing from the logout request and outputs a logout response (success) to the operation unit 102.

  In this manner, the authentication unit 103 processes the login and logout from the user, and when a setting value for the information device 1 is input from the user after the login, the setting value is output to the setting unit 105 to execute the setting process. To do. When a job execution operation is input, the job execution unit 104 performs a job operation instructed by the user. At that time, the contents of the operations of the authentication unit 103, the setting unit 105, and the job execution unit 104 are output to the log storage unit 108 as messages, and the log storage unit 108 accumulates the messages as logs.

FIG. 7 is a sequence diagram showing the exchange of information between the respective units when a setting for the information device 1 and execution of a job are requested from the PC 101 connected to the information device 1 shown in FIG. 1 via a network.
Step 701 (indicated by “S” in the figure) 701 is a login operation from the PC 101 to the information device 1, and the user inputs a login from the PC 101 to the information device 1.
In step 702 (operation of S124 in FIG. 1), the PC 101 outputs a one-shot authentication request to the authentication unit 103 of the information device 1 based on the login operation.
In step 703 (the operation of S141 in FIG. 1), when the authentication unit 103 of the information device 1 detects the one-shot authentication request, it outputs a log write request for the one-shot authentication request to the log storage unit 108. The log storage unit 108 writes and stores a log for the one-shot authentication request based on the log write request.

In step 704, the authentication unit 103 executes a one-shot authentication process based on the one-shot authentication request, and when the one-shot authentication is successful, outputs a one-shot authentication response (success) to the PC 101.
Step 705 is a setting value input to the information device 1 from the PC 101, and the user inputs a setting value from the PC 101 to the information device 1.
In step 706 (operation of S124 in FIG. 1), when the PC 101 detects the set value input, it outputs a one-shot authentication request to the authentication unit 103.
In step 707 (operation of S141 in FIG. 1), when the authentication unit 103 detects the one-shot authentication request, the log storage unit 108 outputs a log write request for the one-shot authentication request. The log storage unit 108 writes and stores a log for the one-shot authentication request based on the log write request.

In step 708, the authentication unit 103 executes a one-shot authentication process based on the one-shot authentication request, and when the one-shot authentication is successful, outputs a one-shot authentication response (success) to the PC 101.
In step 709 (operation of S125 in FIG. 1), the PC 101 outputs the setting value setting request input to the setting unit 105.
Step 710 executes a setting operation in which the setting unit 105 sets the set value.
In step 711 (operation of S142 in FIG. 1), the setting unit 105 outputs a log write request for the setting operation to the log storage unit 108. The log storage unit 108 writes and stores a log for the setting operation based on the log write request.

In step 712, the setting unit 105 outputs a setting response that is a response to the setting request to the PC 101.
Step 713 is a job execution operation for the information device 1 from the PC 101, and the user operates a job execution from the PC 101 to the information device 1.
In step 714 (operation of S124 in FIG. 1), when the PC 101 detects the job execution operation, it outputs a one-shot authentication request to the authentication unit 103.
In step 715 (operation of S141 in FIG. 1), when the authentication unit 103 detects the one-shot authentication request, the log storage unit 108 outputs a log write request for the one-shot authentication request. The log storage unit 108 writes and stores a log for the one-shot authentication request based on the log write request.

In step 716, the authentication unit 103 executes a one-shot authentication process based on the one-shot authentication request, and when the one-shot authentication is successful, outputs a one-shot authentication response (success) to the PC 101.
In step 717 (operation of S123 in FIG. 1), the PC 101 outputs a job execution request based on the job execution operation to the job execution unit 104.
In step 718, the job execution unit 104 executes a job based on the job execution request.
In step 719 (operation of S140 in FIG. 1), the job execution unit 104 outputs a log write request for the job execution operation to the log storage unit. The log storage unit 108 writes and stores a log for the job execution operation based on the log write request.

In step 720, the job execution unit 104 outputs a job execution response to the job execution request to the PC 101.
Step 721 is a logout operation from the PC 101 to the information device 1, and the user inputs logout from the PC 101 to the information device 1.
In this way, the processing is almost the same as the processing shown in FIG. 6, but in the case of the PC 101, it is not managed whether or not the information device 1 is logged in, but whether or not the PC 101 is logged in. ing. The information device 1 performs authentication by a one-shot authentication method called “one-shot authentication” whenever there is a setting or job execution request from the PC 101.

FIG. 8 is a sequence diagram showing the exchange of information between the respective units when the log is full in the information device 1 shown in FIG.
Here, the user who can be authenticated is classified into “general user” and “information device manager”.
Step 801 (indicated by “S” in the figure) 801 (operation of S146 in FIG. 1) outputs a log write request for an event spontaneously executed by the voluntary execution unit 107 to the log storage unit. When the log storage unit 108 detects a log write request from the voluntary execution unit 107, the log storage unit 108 stores a log of events executed by the voluntary execution unit 107.
In step 802, the log storage unit 108 detects a log full state.
Step 803 records a log indicating that the log storage unit 108 is in a log full state.

In step 804 (operation of S129 in FIG. 1), the log storage unit 108 outputs a log full status notification to the authentication unit 103. In this case, the notification is a transition to the log full state.
Step 805 is a login operation by a general user, and login to the information device 1 is input to the PC 101.
In step 806 (operation of S124 in FIG. 1), the PC 101 outputs a one-shot authentication request to the authentication unit 103 of the information device 1 by the login input.
In step 807 (operation of S141 in FIG. 1), the authentication unit 103 outputs a log write request for the one-shot authentication request to the log storage unit 108. The log storage unit 108 writes and stores a log for the one-shot authentication request based on the log write request.

In step 808, the authentication unit 103 executes a one-shot authentication process based on the one-shot authentication request, and when the one-shot authentication fails, a one-shot authentication response (failure) is output to the PC 101.
In step 809, the PC 101 displays a login failure and notifies the general user.
Step 810 inputs a login operation in which the general user presses the login key of the operation unit 102.
In step 811 (operation of S122 in FIG. 1), the operation unit 102 inputs a login request to the authentication unit 103.
In step 812 (operation of S141 in FIG. 1), the authentication unit 103 outputs a log log write request for the login request to the log storage unit 108. The log storage unit 108 writes and stores a log for the login request based on the log write request.

In step 813, the authentication unit 103 executes authentication processing based on the login request, and outputs a login response (failure) to the operation unit 102 when the authentication fails.
In step 814, the operation unit 102 displays a login failure to notify the general user.
For example, a message when login fails as shown in FIG. 36 is displayed on the touch panel of the operation unit 102.
Step 815 is a login operation of the information device manager for the information device 1, and the information device manager presses the login key of the operation unit 102 to input.
In step 816 (operation of S122 in FIG. 1), when the operation unit 102 detects the input of the login key, a login request is output to the authentication unit 103.

In step 817 (operation of S141 in FIG. 1), the authentication unit 103 outputs a log write request for the login request to the log storage unit 108. The log storage unit 108 writes and stores a log for the login request based on the log write request.
In step 818, the authentication unit 103 executes authentication processing based on the login request, and outputs a login response (success) to the operation unit 102 when the authentication is successful.
Step 819 executes log full recovery processing based on the log full recovery operation from the information device manager.
In step 820, a log indicating that the log full in the log storage unit 108 is released by the log full recovery operation is recorded.
Step 821 is a 6-out operation by the information device manager, and the information device manager presses the logout key of the operation unit 102 to input.

In step 822 (operation of S122 in FIG. 1), when the operation unit 102 detects the input of the logout key, a logout request is output to the authentication unit 103.
In step 823 (operation of S141 in FIG. 1), when the authentication unit 103 detects the logout request, the log storage unit 108 outputs a log write request for the logout request. The log storage unit 108 writes and stores a log for the logout request based on the log write request.
In step 824, the authentication unit 103 executes logout processing based on the logout request, and outputs a logout response (success) to the operation unit 102.
In step 825 (operation of S129 in FIG. 1), the log storage unit 108 outputs a log full status notification to the authentication unit 103. In this case, the notification indicates log full release.

Step 826 is a login operation from the PC 101 to the information device 1, and a general user inputs a login to the information device 1 from the PC 101.
In step 827 (operation of S124 in FIG. 1), when the PC 101 detects the login operation, a one-shot authentication request is output to the authentication unit 103 of the information device 1.
In step 828 (operation of S141 in FIG. 1), the authentication unit 103 outputs a log write request for the one-shot authentication request to the log storage unit. The log storage unit 108 writes and stores a log for the one-shot authentication request based on the log write request.
In step 829, the authentication unit 103 executes a one-shot authentication process based on the one-shot authentication request. When the one-shot authentication is successful, a one-shot authentication response (success) is output to the PC 101.

Step 830 is a general user login operation to the operation unit 102, and the general user presses and inputs the login key of the operation unit 102.
In step 831 (operation of S122 in FIG. 1), when the operation unit 102 detects the login operation, a login request is output to the authentication unit 103.
In step 832 (operation of S141 in FIG. 1), when the authentication unit 103 detects the login request, it outputs a log write request for the login request to the log storage unit 108. The log storage unit 108 writes and stores a log for the login request based on the log write request.
In step 833, the authentication unit 103 executes authentication processing based on the login request, and outputs a login response (success) to the operation unit 102 when the authentication fails.

In this way, when the log execution becomes complete due to the occurrence of log writing in the voluntary execution unit 107, the authentication unit 103 is notified in S804 that the log is full.
In response to this, the authentication unit 103 rejects an authentication request (login request, one-shot authentication request) from the PC 101 or the operation unit 102.
However, the log-in request of the information device administrator can be made when the log is full as in S823. The information device administrator performs a recovery operation (S819) including log deletion after downloading the log.
As a result, the log full state is released, and the general user can receive the authentication of the login request again.

FIG. 9 is a sequence diagram showing the exchange of information between the respective units when a general user has already logged in when the log is full in the information device 1 shown in FIG.
Step 901 (indicated by “S” in the figure) is a login operation by the user, and the user presses the login key of the operation unit 102 to input.
In step 902 (operation of S122 in FIG. 1), when the operation unit 102 detects the input of the login key, a login request is output to the authentication unit 103.
In step 903 (operation of S141 in FIG. 1), when the authentication unit 103 detects the login request, it outputs a log write request for the login request to the log storage unit. The log storage unit 108 writes and stores a log for the login request based on the log write request.

In step 904, the authentication unit 103 executes authentication processing based on the login request, and outputs a login response (success) to the operation unit 102 when the authentication is successful.
In step 905, the operation unit 102 starts logging in, and enables various request inputs thereafter.
In step 906, the log storage unit 108 detects a log full state.
Step 907 records a log indicating that the log storage unit 108 has become full.
In step 908 (the operation of S129 in FIG. 1), the log storage unit 108 outputs a log full state notification notifying the authentication unit 103 that the log full state has been reached.
Step 909 executes an auto logout process in which the authentication unit 103 automatically logs out the general user who is logged in at that time based on the log full status notification from the log storage unit 108.

In step 910 (the operation of S141 in FIG. 1), when the authenticating unit 103 executes the auto logout process, a log write request for the auto logout process is output to the log storage unit 108. The log storage unit 108 writes and stores a log for the auto logout process based on the log write request.
In step 911 (operation of S130 in FIG. 1), the authentication unit 103 outputs an auto logout notification to the operation unit 102. The operation unit 102 displays the auto logout notification to notify the general user.
In this way, when the authentication unit 103 receives a log full notification, it sends an auto logout message to the operation unit 102. As a result, the operation unit 102 automatically performs logout processing.

FIG. 10 is a sequence diagram illustrating the exchange of information between the job execution unit and other units when the log is full in the information device 1 illustrated in FIG.
A step (indicated by “S” in the figure) 1001 is a job execution operation by the user, and the user inputs a job execution request from the operation unit 102.
In step 1002 (operation of S121 in FIG. 1), when the operation unit 102 detects the input of the job execution request, the job execution request is output to the job execution unit 104.
In step 1003, the job execution unit 104 starts executing a job corresponding to the job execution request.
In step 1004 (operation of S146 in FIG. 1), the log execution request of the process voluntarily executed by the voluntary execution unit 107 is output to the log storage unit 108. The log storage unit 108 records a log of processing executed by the voluntary execution unit 107 based on the log write request.

Step 1005 detects that the log storage unit 108 is in a log full state.
Step 1006 records a log indicating that the log storage unit 108 has become full.
In step 1007 (operation of S127 in FIG. 1), the log storage unit 108 outputs a log full status notification to the job execution unit 104. In this case, the notification indicates that the log full state has been entered.
In step 1008 (operation of S140 in FIG. 1), the job execution unit 104 outputs the job execution log write request to the log storage unit. The log storage unit 108 writes and stores the job execution log based on the log write request.
In step 1009, the job execution unit 104 ends the job execution.
In step 1010, the job execution unit 104 outputs a job execution response (success) as a job execution result corresponding to the job execution request to the operation unit 102.

Step 1011 is a job execution operation by the user, and the user inputs a job execution request from the operation unit 102.
In step 1012 (operation in S121 in FIG. 1), the operation unit 102 outputs the job execution request to the job execution unit 104.
In step 1013, the log storage unit 108 executes log full recovery processing based on the log full recovery operation by the information device administrator.
In step 1014, the log storage unit 108 records a log indicating that the log full state is released.
In step 1015, the job execution unit 104 outputs a job execution response (failure) as a result of the job execution process to the operation unit 102.

In step 1016 (operation of S127 in FIG. 1), the log storage unit 108 outputs a log full status notification to the job execution unit 104. In this case, the notification is for notifying log full cancellation.
Step 1017 is a job execution operation by the user, and the user inputs a job execution request through the operation unit 102.
In step 1018 (operation of S121 in FIG. 1), the operation unit 102 outputs a job execution request to the job execution unit 104.
In step 1019, the job execution unit 104 starts executing a job based on the job execution request.
In step 1020 (operation of S140 in FIG. 1), the job execution unit 104 outputs the job execution log write request to the log storage unit. The log storage unit 108 writes and stores the job execution log based on the log write request.

In step 1021, the job execution unit 104 ends the job execution.
In step 1022, the job execution unit 104 outputs a job execution response (success) as a job execution result corresponding to the job execution request to the operation unit 102.
In this way, when the job execution unit 104 receives that the log is in the full state in S1007, the execution of the already executed job is continued as it is, but the subsequent execution of the new job is failed. When the log full is canceled, the job can be newly executed again.

FIG. 11 is a sequence diagram showing the exchange of information between the respective units when the information device 1 shown in FIG. 1 transfers a log to the log server 109.
Step (indicated by “S” in the drawing) 1101 (operation of S131 in FIG. 1) notifies the log storage unit 108 of the elapse of a certain time when a certain time set in advance by the timer unit 110 has elapsed.
In step 1102, the log storage unit 108 extracts a log that has not been transferred to the log server 109 from the accumulated logs in response to a notification from the timer unit 110.
In step 1103 (operation of S143 in FIG. 1), the log storage unit 108 transfers the log extracted above to the log server 109. The log server 109 stores the transferred log.

In step 1104 (operation of S131 in FIG. 1), when a predetermined time set in advance by the timer unit 110 elapses, the log storage unit 108 is notified of the elapse of the predetermined time.
In step 1105, the log storage unit 108 extracts a log that has not been transferred to the log server 109 from the accumulated logs in response to a notification from the timer unit 110.
In step 1106 (operation of S143 in FIG. 1), the log storage unit 108 transfers the log extracted above to the log server 109. The log server 109 stores the transferred log.
In this way, the timer unit 110 outputs a message informing the log storage unit 108 that the fixed time has passed at regular time intervals. Processing to transmit to 109 is performed.

FIG. 12 is a sequence diagram showing an exchange of information between each unit of the information device 1 shown in FIG. 1 during a recovery operation by the information device manager.
In step 1201 (indicated by “S” in the figure), a log write request from the authentication unit 103, the job execution unit 104, the setting unit 105, or the voluntary execution unit 107 is input to the log storage unit. The log storage unit 108 records a log based on the log write request.
In step 1202, the log storage unit 108 detects a log full state.
Step 1203 records a log indicating that the log storage unit 108 has become full.
In step 1204 (operation of S127 in FIG. 1), the log storage unit 108 outputs a log full status notification to the job execution unit 104. In this case, it is a notification notifying that the log full state has been entered.

In step 1205 (operation of S129 in FIG. 1), the log storage unit 108 outputs a log full status notification to the authentication unit 103. In this case, it is a notification notifying that the log full state has been entered.
Step 1206 is a login operation to the PC 101 by the information device manager.
In step 1207 (operation of S124 in FIG. 1), when the PC 101 detects the login operation, it outputs a one-shot authentication request to the authentication unit 103.
In step 1208, the authentication unit 103 executes a one-shot authentication process based on the one-shot authentication request. When the one-shot authentication is successful, a login response (success) is output to the PC 101.
Step 1209 is a log taking operation to the PC 101 by the information device manager.

In step 1210 (operation of S124 in FIG. 1), when the PC 101 detects the log take-up operation, it outputs a one-shot authentication request to the authentication unit 103.
In step 1211, the authentication unit 103 executes a one-shot authentication process based on the one-shot authentication request. When the one-shot authentication is successful, a login response (success) is output to the PC 101.
In step 1212 (operation of S126 in FIG. 1), the PC 101 outputs a log download request to the log storage unit.
In step 1213 (operation of S144 in FIG. 1), the log stored in the log storage unit 108 is transferred to the PC 101.
Step 1214 performs a log download process in which the PC 101 receives and stores the log transferred from the log storage unit 108.

Step 1215 is a log deletion operation to the PC 101 by the information device manager.
In step 1216 (operation of S123 in FIG. 1), when the PC 101 detects the log deletion operation, it outputs a job execution request for requesting execution of the job for deleting the log in the log storage unit 108 to the job execution unit 104.
In step 1217 (operation in S128 of FIG. 1), the job execution unit 104 outputs a log deletion request for requesting log deletion to the log storage unit.
In step 1218, the log storage unit 108 performs log deletion processing for deleting the accumulated log based on the log deletion request.
In step 1219, the log storage unit 108 outputs a log deletion response notifying the job execution unit 104 that log deletion has been completed.

In step 1220, the job execution unit 104 outputs a log write request for requesting writing of a log deletion log to the log storage unit 108. The log storage unit 108 writes and accumulates a log deletion log based on the log write request.
In step 1221, the log storage unit 108 detects that the log full state has been released.
In step 1222, the log storage unit 108 records a log that the log full is released.
In step 1223 (operation of S127 in FIG. 1), the log storage unit 108 outputs a log full state notification (log full release) informing the job execution unit 104 that the log full state has been released.
In step 1224 (the operation of S129 in FIG. 1), the log storage unit 108 outputs a log full state notification (log full release) informing the authentication unit 103 that the log full state has been released.

In step 1225, the job execution unit 104 outputs a job execution response to the PC 101.
Step 1226 is a logout operation to the PC 101 by the information device manager. As a result, the PC 101 logs out from the information device 1.
In this way, after the log storage unit 108 becomes full of logs, the information device administrator logs in (one-shot authentication) from the PC 101 and makes a log download request there. As a result, the log stored in the log storage unit 108 is taken over by the PC 101.
After collecting the log, the logs stored in the log storage unit 108 are collectively deleted. Batch deletion of the log is included in the job.
The log storage unit 108 eliminates the log full state by deleting the logs in a batch, notifies the authentication unit 103 and the job execution unit 104 that the log full has been canceled, and the recovery processing is completed.

FIG. 13 is a sequence diagram illustrating the exchange of information between the PC 101 and the authentication unit 103 when log deletion is rejected.
A step (indicated by “S” in the figure) 1301 is a login operation to the information device 1 from a general user to the PC 101.
In step 1302 (operation of S124 in FIG. 1), when the PC 101 detects the login operation, the authentication unit 103 of the information device 1 is requested to perform one-shot authentication.
In step 1303, the authentication unit 103 executes one-shot authentication, and when the one-shot authentication is successful, outputs a login response notifying that the user has logged in to the PC 101.
Step 1304 is a log deletion operation from the general user to the information device 1 for the PC 101.

In step 1305, when the PC 101 detects a log deletion operation from a general user, a process of rejecting the log deletion request to the information device 1 is executed.
As described above, after logging in as a general user from the PC 101, the log of the information device 1 cannot be deleted collectively. Also, log deletion can be performed only by the information device manager.
If batch deletion is possible from the operation unit, only the information device manager can execute the deletion.

FIG. 14 is a flowchart showing processing of the PC 101 shown in FIG.
In the PC 101, a program for accessing the information device 1 is activated, and the processing shown in this flowchart is performed there.
In step (indicated by “S” in the figure) 1401, the PC 101 determines whether or not the login key has been pressed. If it is determined that the button has not been pressed, this determination process is repeated. If it is determined that the button has not been pressed, the process proceeds to step 1402.
In step 1402, input of a user ID and a password is accepted. At that time, the user ID and password input screen shown in FIG. 35 is displayed.
In step 1403, a one-shot authentication message is transmitted to the information device. The message transmitted in this process is handled in the process of the flowchart shown in FIG.

In step 1404, it is determined whether a one-shot authentication response is received from the information device. The one-shot authentication response received here is a response transmitted in the process of the flowchart shown in FIG. If it is determined that the received one-shot authentication response is successful, the process proceeds to step 1405. If the received one-shot authentication response is determined to be unsuccessful, the process proceeds to step 1410.
In step 1405, it is determined whether or not the start key has been pressed. If it is determined that the start key has been pressed, the process proceeds to step 1411. If it is determined that the start key has not been pressed, the process proceeds to step 1406.
In step 1406, it is determined whether or not the setting key has been pressed. If it is determined that the setting key has been pressed, the process proceeds to step 1414. If it is determined that the setting key has not been pressed, the process proceeds to step 1407.

In step 1407, it is determined whether the download key has been pressed. If it is determined that the download key has been pressed, the process proceeds to step 1416. If it is determined that the download key has not been pressed, the process proceeds to step 1408.
In step 1408, it is determined whether or not the logout key has been pressed. If it is determined that the logout key has been pressed, the process returns to step 1401, and if it is determined that the logout key has not been pressed, the process proceeds to step 1409.
In step 1409, it is determined whether an auto logout notification has been received. If it is determined that the auto logout notification has been received, the process returns to step 1401, and if it is determined that the auto logout notification has not been received, the process returns to step 1405. The auto logout notification received here is a notification transmitted in the process of the flowchart shown in FIG.

In step 1410, the authentication failure and the reason are displayed on the display unit, and the process returns to step 1401. Display examples of this authentication failure and the reason are shown in FIGS.
In step 1411, it is determined whether or not the job is log deletion and one-shot authentication other than the information device manager. If it is determined that the job is a log deletion and one-shot authentication other than the information device manager, the process proceeds to step 1406. If the job is determined not to be a log deletion and one-shot authentication other than the information device administrator, the process proceeds to step 1412.
In step 1412, a job execution request is transmitted to the information device. The job execution request transmitted here is handled in the process of the flowchart shown in FIG.
In step 1413, it is determined whether a job execution response has been received. The job execution response received here is a response transmitted in the process of the flowchart shown in FIG. If it is determined that a job execution response has not been received, this determination process is repeated. If it is determined that a job execution response has been received, the process proceeds to step 1406.

In step 1414, a setting request is transmitted to the information device. The setting request transmitted here is handled in the process of the flowchart shown in FIG.
In step 1415, it is determined whether a setting response has been received. The setting response received here is a response transmitted in the process of the flowchart shown in FIG. If it is determined that a setting response has not been received, this determination process is repeated. If it is determined that a setting response has been received, the process proceeds to step 1407.
In step 1416, a log download request is transmitted to the information device. The log download request transmitted here is handled in the process of the flowchart shown in FIG.

In step 1417, it is determined whether a log transferred from the information device has been received. The log received here is transmitted by the processing of the flowchart shown in FIG. If it is determined that the log has not been received, this determination process is repeated. If it is determined that the log has been received, the process proceeds to step 1418.
In step 1418, a download result storing process for storing the log received from the information device is executed, and the process proceeds to step 1408.
In this way, it is possible to operate the login processing, logout processing, job execution processing (including batch deletion of logs), information device setting processing, and log download processing from the PC 101.

FIG. 15 is a flowchart showing processing of the operation unit 102 shown in FIG.
In step (indicated by “S” in the figure) 1501, the operation unit 102 determines whether or not the login key has been pressed. If it is determined that the button has not been pressed, this determination process is repeated. If it is determined that the button has not been pressed, the process proceeds to step 1502.
In step 1502, input of a user ID and a password is accepted. At that time, the user ID and password input screen shown in FIG. 35 is displayed.
In step 1503, a login request message is transmitted to the authentication unit. The message transmitted in this process is handled in the process of the flowchart shown in FIG.

In step 1504, it is determined whether a login response is received from the authentication unit. The login response received here is a response transmitted in the process of the flowchart shown in FIG. If it is determined that it has not been received, this determination is repeated. If it is determined that the received login response is successful, the process proceeds to step 1505. If the received login response is determined to be unsuccessful, the process proceeds to step 1509.
In step 1505, it is determined whether or not the start key has been pressed. If it is determined that the start key has been pressed, the process proceeds to step 1510. If it is determined that the start key has not been pressed, the process proceeds to step 1506.
In step 1506, it is determined whether or not the setting key has been pressed. If it is determined that the setting key has been pressed, the process proceeds to step 1512. If it is determined that the setting key has not been pressed, the process proceeds to step 1507.

In step 1507, it is determined whether the download key has been pressed. If it is determined that the download key has been pressed, the process proceeds to step 1514. If it is determined that the download key has not been pressed, the process proceeds to step 1508.
In step 1508, it is determined whether an auto logout notification has been received. If it is determined that the auto logout notification has been received, the process returns to step 1501. If it is determined that the auto logout notification has not been received, the process returns to step 1505. The auto logout notification received here is a notification transmitted in the process of the flowchart shown in FIG.
In step 1509, the authentication failure and the reason are displayed on the display unit, and the process returns to step 1501. Display examples of this authentication failure and the reason are shown in FIGS.

In step 1510, a job execution request is transmitted to the job execution unit. The job execution request transmitted here is handled in the process of the flowchart shown in FIG.
In step 1511, it is determined whether a job execution response has been received. The job execution response received here is a response transmitted in the process of the flowchart shown in FIG. If it is determined that the job execution response has not been received, this determination process is repeated.

In step 1512, a setting request is transmitted to the setting unit. The setting request transmitted here is handled in the process of the flowchart shown in FIG.
In step 1513, it is determined whether a setting response has been received. The setting response received here is a response transmitted in the process of the flowchart shown in FIG. If it is determined that a setting response has not been received, this determination process is repeated. If it is determined that a setting response has been received, the process proceeds to step 1507.
In step 1514, a logout request is transmitted to the authentication unit. The logout request transmitted here is handled in the process of the flowchart shown in FIG.

In step 1515, it is determined whether a logout response is received from the authentication unit. The logout response received here is transmitted by the process of the flowchart shown in FIG. If it is determined that a logout response has not been received, this determination process is repeated. If it is determined that a logout response has been received, the process proceeds to step 1508.
In this way, login processing, logout processing, job execution processing (including batch log deletion), information device setting processing, and auto logout processing can be performed.

FIG. 16 is a flowchart showing processing of the authentication unit 103 shown in FIG.
After receiving the message transmitted from each unit, the authentication unit 103 performs a different process in a subroutine depending on the type of each message.
In step (indicated by “S” in the figure) 1601, the authentication unit 103 waits for reception of a request (message).
In step 1602, it is determined whether or not a login request has been received. If it is determined that the login request has not been received, the process proceeds to step 1603. If it is determined that a login request has been received, the login request process in step 1607 is executed. Return to step 1601. The detailed content of this login request process is the process of the flowchart shown in FIG.

In step 1603, it is determined whether a logout request has been received. If it is determined that the logout request has not been received, the process proceeds to step 1604. If it is determined that a logout request has been received, the logout request process in step 1608 is executed. Return to step 1601. The detailed contents of this logout request processing are the processing of the flowchart shown in FIG.
In step 1604, it is determined whether or not a log full status notification (notification indicating that the log full status has been transferred) has been received. If it is determined that the log full status notification indicating that the log full status has not been received, the process proceeds to step 1605. If it is determined that the log full status notification indicating the log full status has been received, the processing at the time of the log full status notification indicating the log full status in step 1609 is executed, and the processing returns to step 1601. The detailed contents of the processing at the time of log full status notification indicating the log full status are the processing of the flowchart shown in FIG.

In step 1605, it is determined whether or not a log full status notification (a notification indicating that log full has been canceled) has been received. If it is determined that the log full status notification indicating log full cancellation has not been received, the flow proceeds to step 1606 to indicate log full cancellation. If it is determined that the log full status notification has been received, the processing at the time of log full status notification indicating the log full release in step 1610 is executed, and the processing returns to step 1601. The detailed content of the process at the time of log full status notification indicating the log full release is the process shown in the flowchart of FIG.
In Step 1606, it is determined whether or not a one-shot authentication request has been received. If it is determined that the one-shot authentication request has not been received, the process returns to Step 1601. The shot authentication request process is executed, and the process returns to step 1601. The detailed content of this one-shot authentication request process is the process shown in the flowchart of FIG.

FIG. 17 is a state transition diagram of the authentication unit 103 shown in FIG.
(A) in the figure shows the state transitions during login and logout, and (b) in the figure shows the state transitions in the log full state. “Logout”, “log full status notification (log full) reception”, and “log full status notification (log full release) reception” indicate events when the state transitions.
As shown in (a) of the figure, when the authentication unit 103 is logged out in step 1701, if there is an event of successful login (operation of S1805 in FIG. 18) by the operation unit, the authentication unit 103 shifts to login in step 1702. To do. Further, when logged in in step 1702, if there is a logout event (operation in S1904 in FIG. 19) or an auto logout event (operation in S2004 in FIG. 20) by the operation unit, the process proceeds to logout in step 1701. .

  Further, as shown in FIG. 5B, the authentication unit 103 sends a log full status notification (log full) indicating that the log has become full when the log full status of the log storage unit has sufficient free space in step 1703. Upon reception (operation of S2002 in FIG. 20), in step 1704, the log storage unit shifts to log full indicating that the log full state is full. In addition, when the log full state of the log storage unit is full in step 1704 and a log full state notification (log full release) indicating log full release is received (operation of S2101 in FIG. 21), the free space of the log storage unit is determined in step 1703. Move to a room with room.

FIG. 18 is a flowchart showing the login request process of the authentication unit 103 shown in FIG.
This process is a detailed process of the login request process in step 1607, which is a subroutine of the flowchart shown in FIG. In this process, duplicate logins during login are determined and rejected. Also, when the log is full, logins other than the information device manager are rejected by this processing.
In step (indicated by “S” in the figure) 1801, authentication section 103 determines whether or not the login state is login. This determination is made based on the state transition shown in FIG. If it is determined that the user is logged in, the process proceeds to step 1808. If it is determined that the user is not logged in (logged out), the process proceeds to step 1802.

In step 1802, it is determined whether or not to reject authentication when the information device setting value is full. This information device setting value is determined based on a value preset by the user on the setting screen of the operation unit shown in FIG. If it is determined that authentication rejection is set when the log is full, the process proceeds to step 1804. If it is determined that authentication rejection is not set when the log is full, the process proceeds to step 1803.
In step 1803, it is determined whether the log full state is log full (full). This determination is made based on the state transition shown in FIG. 17B to determine whether or not the login storage unit is full. If it is determined that the log is full, the process proceeds to step 1810. If it is determined that the log is not full (there is sufficient capacity), the process proceeds to step 1804.
In step 1804, it is determined whether or not the password verification is OK. If the password verification is NO, the process proceeds to step 1812, and if OK, the process proceeds to step 1805.

In step 1805, the login state is shifted to during login.
In step 1806, a login response (success) is transmitted (returned) to the operation unit or the PC. The state transition here is shown in FIG.
In step 1807, a log write request (log content = login success) is transmitted to the log storage unit, and the process returns. The log write request transmitted here is used in the process of the flowchart shown in FIG.
In step 1808, a login response (failure) is transmitted (returned) to the operation unit or the PC.
In step 1809, a log write request (log content = login failure) is transmitted to the log storage unit. The log write request transmitted here is used in the process of the flowchart shown in FIG.

In step 1810, it is determined whether or not there is a login request from the information device manager. If it is determined that there is no login request from the information device manager, the process proceeds to step 1811. If it is determined that there is a login request from the information apparatus manager, the process proceeds to step 1804.
In step 1811, a login response (failure, information indicating that the log is full as a reason) is transmitted (returned) to the operation unit or the PC.
In step 1812, a login response (information indicating that the password input as the failure or the reason is a mismatch with the password registered in advance) is transmitted (returned) to the operation unit or the PC.
In step 1813, a log write request (log content = login failure) is transmitted to the log storage unit, and the process returns. The log write request transmitted here is used in the process of the flowchart shown in FIG.

FIG. 19 is a flowchart showing logout request processing of the authentication unit 103 shown in FIG.
This process is a detailed process of the logout request process in step 1608, which is a subroutine of the flowchart shown in FIG.
In step 1901 (indicated by “S” in the figure), authentication section 103 determines whether or not the login state is login. This determination is made based on the state transition shown in FIG. If it is determined that the user is logged in, the process proceeds to step 1902. If it is determined that the user is not logged in (during logout), the process proceeds to step 1905.
In step 1902, a logout response (success) is transmitted (returned) to the operation unit or the PC.

In step 1903, a log write request (log content = logout success) is transmitted to the log storage unit. The log write request transmitted here is used in the process of the flowchart shown in FIG.
In step 1904, the login state is shifted to logout, and the process returns. The state transition here is shown in FIG.
In step 1905, a logout response (failure) is transmitted (returned) to the operation unit or the PC.
In step 1906, a log write request (log content = logout failure) is transmitted to the log storage unit, and the process returns. The log write request transmitted here is used in the process of the flowchart shown in FIG.

FIG. 20 is a flowchart showing a log full state notification (log full) process of the authentication unit 103 shown in FIG.
This process is executed once when the log is full. In addition, auto-logout processing is performed for login users other than the information device manager.
This process shows the detailed process of the log full status notification (log full) process of step 1609 which is a subroutine of the flowchart shown in FIG.
In step (indicated by “S” in the drawing) 2001, the authentication unit 103 shifts the log full state to log full (full). The state transition here is shown in FIG.
In step 2002, it is determined whether or not the login state is login. This determination is made based on the state transition shown in FIG. If it is determined that the user is logged in, the process proceeds to step 2003. If it is determined that the user is not logged in (logged out), the process returns.

In step 2003, it is determined whether or not the logged-in user is an information device manager. If it is determined that the logged-in user is not an information device manager, that is, a general user, the process proceeds to step 2004. If it is determined that the logged-in user is an information device manager, the process returns.
In step 2004, the login state is shifted to logout. The state transition here is shown in FIG.
In step 2005, an auto logout notification is transmitted (returned) to the operation unit or the PC.
The auto logout notification notified here is used in each processing of S1409 in FIG. 14 and S1508 in FIG.
In step 2006, a log write request (log content = logout success) is transmitted to the log storage unit, and the process returns. The log write request transmitted here is used in the process of the flowchart shown in FIG.

FIG. 21 is a flowchart showing a log full state notification (log full release) process of the authentication unit 103 shown in FIG.
This process shows the detailed process of the log full state notification (log full release) process of step 1610 which is a subroutine of the flowchart shown in FIG.
In step (indicated by “S” in the figure) 2101, the authentication unit 103 shifts the log full state to a margin and returns the process. The state transition here is shown in FIG.

FIG. 22 is a flowchart showing the one-shot authentication request process of the authentication unit 103 shown in FIG.
This process is a detailed process of the one-shot authentication request process in step 1611 which is a subroutine of the flowchart shown in FIG.
In this process as well, authentication other than the information device manager is rejected when the log is full, as described above.
In step (indicated by “S” in the figure) 2201, authentication section 103 determines whether or not to reject authentication when the information device setting value is log full. This information device setting value is determined based on a value preset by the user on the setting screen of the operation unit shown in FIG. If it is determined that authentication rejection is set when the log is full, the process proceeds to step 2202. If it is determined that authentication rejection is not set when the log is full, the process proceeds to step 2203.

In step 2202, it is determined whether or not the log full state is log full (full). This determination is made based on the state transition shown in FIG. 17B to determine whether or not the login storage unit is full. If it is determined that the log is full, the process proceeds to step 2206. If it is determined that the log is not full (there is a sufficient capacity), the process proceeds to step 2203.
In step 2203, it is determined whether or not the password verification is OK. If the password verification is NO, the process proceeds to step 2207, and if OK, the process proceeds to step 2204.
In step 2204, a one-shot authentication response (success) is transmitted (returned) to the PC.
The one-shot authentication response (success) transmitted here is used in the processing of S1404 in FIG.

In step 2205, a log write request (log content = one-shot authentication success) is transmitted to the log storage unit, and the process returns. The log write request transmitted here is used in the process of the flowchart shown in FIG.
In step 2207, a one-shot authentication response (failure) is transmitted (returned) to the PC.
The one-shot authentication response (failure) transmitted here is used in the processing of S1404 in FIG.
In step 2208, a log write request (log content = one-shot authentication failure) is transmitted to the log storage unit, and the process returns. The log write request transmitted here is used in the process of the flowchart shown in FIG.

FIG. 23 is a flowchart showing processing of the job execution unit 104 shown in FIG.
After receiving the message transmitted from each unit, the job execution unit 104 performs a different process in a subroutine depending on the type of each message.
In step (indicated by “S” in the figure) 2301, the job execution unit 104 waits for a request (message) to be received.
In step 2302, it is determined whether a job execution request has been received. If it is determined that the job execution request has not been received, the process proceeds to step 2303. If it is determined that a job execution request has been received, the job execution process in step 2305 is performed. Execute and return to step 2301. The detailed contents of this job execution processing are the processing of the flowchart shown in FIG.

  In Step 2303, it is determined whether or not a log full status notification (a notification indicating that the log full status has been transferred) has been received. If it is determined that the log full status notification indicating that the log full status has not been received, the process proceeds to Step 2304. If it is determined that a log full status notification indicating that the log is full is received, a log full status (log full) transition process indicating that the log is full is executed in step 2306, and the process returns to step 2301. The detailed contents of the log full state (log full) transition process indicating the log full state is the process shown in the flowchart of FIG.

  In step 2304, it is determined whether or not a log full status notification (a notification indicating that log full has been canceled) has been received. If it is determined that the log full status notification indicating log full cancellation has not been received, the flow returns to step 2301 to indicate log full cancellation. If it is determined that the log full status notification has been received, a log full status (log full release) transition process indicating log full release in step 2307 is executed, and the processing returns to step 2301. The detailed contents of the log full state (log full release) transition process indicating the log full release is the process of the flowchart shown in FIG.

FIG. 24 is a state transition diagram of the job execution unit 104 shown in FIG.
This figure shows the state transition of the log full state in the job execution unit 104, and “log full state notification (log full) reception” and “log full state notification (log full release) reception” indicate events when the state transitions. Yes.
When the job execution unit 104 receives a log full status notification (log full) indicating that the log full status is present when the log full status of the log storage unit has sufficient free space in step 2401 (operation of S2601 in FIG. 26), the step In 2402, the log storage unit shifts to log full indicating that the log full state is full. In addition, when the log full state of the log storage unit is full in step 2402, when a log full state notification (log full release) indicating log full release is received (operation of S2701 in FIG. 27), the free space of the log storage unit is determined in step 2401. Move to a room with room.

FIG. 25 is a flowchart showing job execution processing of the job execution unit 104 shown in FIG.
This process shows the detailed process of the job execution process in step 2305 which is a subroutine of the flowchart shown in FIG. In this processing, the processing contents differ depending on whether or not the job is log deletion. Also, when the log is full, a new job is rejected here.
In step (indicated by “S” in the figure) 2501, the job execution unit 104 determines whether the job type is log deletion. If it is determined that the request is a log deletion request, the process proceeds to step 2506. If it is determined that the request is not a log deletion request, the process proceeds to step 2502.
In step 2502, it is determined whether the log full state is log full (full). This determination is based on the state transition shown in FIG. 24 to determine whether or not the login storage unit is full. If it is determined that the log is full, the process proceeds to step 2510. If it is determined that the log is not full (capacity is sufficient), the process proceeds to step 2503.

In step 2503, the requested type of job is executed.
In step 2504, a log write request (log content = job execution success) is transmitted to the log storage unit. The log write request transmitted here is used in the process of the flowchart shown in FIG.
In step 2505, a job execution response (success) is transmitted (returned) to the operation unit or the PC, and the process is returned.
In step 2506, a log deletion request is transmitted to the log storage unit. The log deletion request transmitted here is used in the process of the flowchart shown in FIG.
In step 2507, it is determined whether a log deletion response is received from the log storage unit. The log deletion response from the log storage unit received here is transmitted by the process shown in the flowchart of FIG.

In step 2508, a log write request (log content = job execution success) is transmitted to the log storage unit. The log write request transmitted here is used in the process of the flowchart shown in FIG.
In step 2509, a job execution response (success) is transmitted (returned) to the operation unit or the PC, and the process returns.
In step 2510, a log write request (log content = job execution failure) is transmitted to the log storage unit. The log write request transmitted here is used in the process of the flowchart shown in FIG.
In step 2511, a job execution response (failure) is transmitted (returned) to the operation unit or the PC, and the process returns.

FIG. 26 is a flowchart showing a log full status notification (log full) process of the job execution unit 104 shown in FIG.
The job execution unit 104 executes this process once when the log becomes full.
This process shows the detailed process of the log full state (log full) transition process of step 2306 which is a subroutine of the flowchart shown in FIG.
In step (indicated by “S” in the figure) 2601, the job execution unit 104 shifts the log full state to log full (full), and returns the process. The state transition here is shown in FIG.

FIG. 27 is a flowchart showing a log full status notification (log full release) process of the job execution unit 104 shown in FIG.
The job execution unit 104 executes this process once when releasing the log full.
This process shows the detailed process of the log full status notification (log full release) process in step 2307 which is a subroutine of the flowchart shown in FIG.
In step (indicated by “S” in the drawing) 2701, the job execution unit 104 shifts the log full state to a margin and returns the process. The state transition here is shown in FIG.

FIG. 28 is a flowchart showing processing of the setting unit 105 shown in FIG.
The setting unit 105 performs this setting process in response to a message (only a setting request is received here) from the PC 101 or the operation unit 102.
In step (indicated by “S” in the figure) 2801, the setting unit 105 waits for reception of a request (message).
In Step 2802, it is determined whether or not a setting request has been received. If it is determined that the setting request has not been received, the process returns to Step 2801. If it is determined that a setting request has been received, the setting process in Step 2803 is executed.
In step 2804, a log write request (log content = setting execution success) is transmitted to the log storage unit. The log write request transmitted here is used in the process of the flowchart shown in FIG.
In step 2805, a setting execution response (success) is transmitted (returned) to the operation unit or the PC, and the process returns.

FIG. 29 is a flowchart showing processing of the log storage unit 108 shown in FIG.
After receiving the message transmitted from each unit, the log storage unit 108 performs a different process depending on the type of each message in a subroutine.
In step (indicated by “S” in the figure) 2901, the log storage unit 108 waits for a request (message) to be received.
In step 2902, it is determined whether or not a log write request is received. If it is determined that the log write request is not received, the process proceeds to step 2903. If it is determined that a log write request is received, the log of step 2905 is determined. A registration process (log writing process) is executed, and the process returns to step 2901. The detailed contents of this log registration processing are the processing of the flowchart shown in FIG.

In step 2903, it is determined whether a log deletion request has been received. If it is determined that the log deletion request has not been received, the process proceeds to step 2904. If it is determined that a log deletion request has been received, the log deletion process in step 2906 is performed. Execute and return to step 2901. The detailed contents of this log deletion processing are the processing of the flowchart shown in FIG.
In step 2904, it is determined whether or not a log download request is received. If it is determined that the log download request is not received, the process returns to step 2901. If it is determined that a log download request is received, the log download process in step 2907 is performed. Execute and return to step 2901. The detailed contents of this log download processing are the processing of the flowchart shown in FIG.

FIG. 30 is a state transition diagram of the log storage unit 108 shown in FIG.
This figure shows the state transition of the log full state in the log storage unit 108, and “log full” and “log deletion” indicate events when the state transitions.
When the log full state of the log storage unit is sufficient in the free capacity in step 3001, the log storage unit 108, when log writing is piled up and becomes log full (operation of S3104 in FIG. 31), the log full of the log storage unit in step 3002 Transitions to log full indicating that the state is full. When the log full state of the log storage unit is full in step 3002, the log is deleted based on the log deletion request from the job execution unit 104, and a log deletion response (operation of S3204 in FIG. 32) The free space in the log storage unit shifts to a margin.

FIG. 31 is a flowchart showing the log registration process of the log storage unit 108 shown in FIG.
This process shows the detailed process of the log registration process in step 2905 which is a subroutine of the flowchart shown in FIG.
In this process, a normal area and a reserved area are provided in the storage area of the log storage unit 108 in advance, logs up to a preset number of registrations are stored in the normal area, and after that number of registrations are stored in the reserved area. When is full, only count by event type.
In step 3101 (indicated by “S” in the figure), the log storage unit 108 determines whether or not the number of logs currently registered in the normal area (the number of currently registered logs) is equal to or less than a preset maximum number that can be registered. If it is less than the maximum number that can be registered, the process proceeds to step 3106. If the number exceeds the maximum number that can be registered, the process proceeds to step 3102.

In step 3102, it is determined whether or not the previous log full state has a margin. This determination is based on the state transition shown in FIG. 30 to determine whether the log full state has a margin.
If it is determined that there is a margin, the process proceeds to step 3103. If it is determined that there is no margin, that is, the log is full (full), the process proceeds to step 3107.
In step 3103, a log full status (log full) notification is transmitted to the authentication unit and the job execution unit. The log full state (log full) notification transmitted here is used in the processes shown in the flowcharts of FIGS.
In step 3104, the log full state is set to log full (full).
In step 3105, the log is stored in the reserved area, and the process returns. Here, logs are stored in the reserved area up to the range of the number of reserved areas shown in FIG.

In step 3106, the log is stored in the normal area, and the process returns. Here, the logs are stored in the normal area up to the full log number shown in FIG.
In step 3107, it is determined whether there is a remaining reservation area. In this determination, the determination is made based on whether or not the log is stored in the reserved area up to the range of the number of reserved areas shown in FIG.
If it is determined that there is a remainder in the reserved area, the log is stored in the reserved area in step 3105, and the process returns.
On the other hand, if it is determined that there is no remaining reservation area, the number of records for each log type (event type) is counted and stored in step 3108, and the process returns.
Here, the processing in the case of using the number of registrations in the log storage unit 108 has been described, but the same processing as described above can be performed using the amount registered in the log storage unit 108.

FIG. 32 is a flowchart showing log deletion processing of the log storage unit 108 shown in FIG.
This process shows the detailed process of the log deletion process in step 2906 which is a subroutine of the flowchart shown in FIG.
By this processing, the log full state is canceled by deleting the log.
In step (indicated by “S” in the figure) 3201, the log storage unit 108 determines whether or not the log full state is log full (full). This determination is based on the state transition shown in FIG. 30 to determine whether the log full state is log full (full). If it is determined that the log is full, the process proceeds to step 3202, and if it is determined that the log is not full, the process proceeds to step 3205.

In step 3202, logs are deleted from the storage area at once, and the counter value for each event type is also reset to zero. In this log batch deletion process, when all the logs accumulated so far are transferred to the PC and have not been backed up, a process of transferring the log that has not yet been transferred to the PC is performed.
In step 3203, a log deletion response is transmitted (returned) to the job execution unit. The log deletion response transmitted here is used in the processing of S2507 in FIG.
In step 3204, the log full state is shifted to a margin and the process returns. The state transition here is shown in FIG.

FIG. 33 is a flowchart showing log download processing of the log storage unit 108 shown in FIG.
This process is a detailed process of the log download process in step 2907 which is a subroutine of the flowchart shown in FIG.
By this processing, all the logs stored in the log storage unit 108 are transferred to the PC 101 side.
In step (indicated by “S” in the figure) 3301, the log storage unit 108 transmits (transfers) all the logs recorded in the log storage unit to the PC, and returns the process.

FIG. 34 is a front view showing an example of the appearance of the operation unit in the case where the information device 1 shown in FIG. 1 is a multifunction machine including functions of a printer, a copier, and a facsimile.
The login key 3401 is a key that is pressed by the user and the information device manager when logging in. A logout key 3402 is a key pressed by the user and the information device manager when logging out. When the login key 3401 is pressed, a screen shown in FIG. 35 is displayed.
An initial setting key 3403 is a key to be pressed when setting information equipment.
The touch panel 3404 can display an arbitrary image and an arbitrary key, and an input content indicated by the key can be input to the information device 1 by pressing the displayed key.
A numeric keypad 3405 is a numeric keypad for inputting the number of copies and information device setting values. A clear key 3406 is a key for clearing the value input with the numeric keypad 3405. A start key 3407 is a key to be pressed when executing a job.

FIG. 35 is a diagram showing an example of a login screen displayed on the touch panel of the operation unit or the display unit of the PC shown in FIG.
On this screen, it is possible to input user IDs and passwords of general users and information device managers.
FIG. 36 is a diagram illustrating an example of a display at the time of authentication failure displayed on the touch panel of the operation unit illustrated in FIG. 1 or the display unit of the PC.
This screen displays a message notifying that the authentication has failed (the authentication cannot be received) because the log storage unit 108 is log full. By this display, the general user can recognize that login is not possible when the log is full.

FIG. 37 is a diagram showing another example of the display at the time of authentication failure displayed on the touch panel of the operation unit shown in FIG. 1 or the display unit of the PC.
This screen displays a message notifying that authentication has failed (cannot be authenticated) because the input password does not match that registered in advance. This display indicates that the general user has failed in password authentication.
FIG. 38 is a diagram illustrating an example of a touch panel screen when setting whether to reject an authentication request from a non-information device administrator (general user) when the log is full.
On this screen, set whether or not to reject authentication requests from information device managers when the log is full. The setting contents are held in the setting unit 105.
FIG. 39 is a diagram showing an example of the execution screen of the PC when deleting logs at once.
When the log batch delete execution key is pressed on this screen, the information device 1 starts to delete jobs in the log storage unit.

In the case where the information device 1 of this embodiment is log full at the time of authentication, it is possible to stop the generation of log events related to the subsequent operation of the information device 1 by rejecting authentication and not to make the general user uneasy. become.
The operation of the information device 1 here includes a series of execution processing called a job (for example, processing including copying and printing from a printer), and an attribute setting operation (for example, processing related to the operation of the information device 1). , Editing of the address book of the multifunction device and setting of the paper feed stage of the plotter).
Further, by stopping the information device 1 in a log full state, there is an advantage that the occurrence of a new log event is suppressed and the log in the information device 1 so far is not lost.
Furthermore, when the log becomes full, it is necessary for the administrator of the information device 1 to perform a recovery process on the information device 1, but for the information device administrator, it is handled separately from general users. Since the authentication is not rejected, it is possible to prevent the information device manager from performing the recovery process itself.

In addition, when the log is full, if the user who has already logged in is allowed to remain as it is, the information device 1 can be operated continuously. A mechanism to log out is provided.
However, depending on the operation status, such as during job execution, it may not be possible to automatically log out immediately when the log is full. This has the effect of suppressing the occurrence of new log events.
Moreover, since the setting of the information device 1 can be changed according to the priority of security, it is possible to give priority to usability so as not to reject when the log is full.

  Furthermore, since such a setting leads to a change in the strength of security, it is also logged, so if there is a problem with the operation when the log is full, it can be traced later who changed the setting.

In addition, voluntary operations (for example, time adjustment by an NTP time server with respect to the built-in clock) need to be logged in some cases, and log events cannot be completely eliminated just because the log is full. .
In addition, it is necessary to log recovery processing from log full performed by the information device administrator. Further, when the information device 1 rejects authentication, it is sometimes necessary to log the rejection itself.
Therefore, since log full detection, job execution, and various setting operations are mixed, a reserved area is provided, and a log can be stored to some extent even after the log is full.

In addition, when the reserved area is used up, it is not possible to log the newly generated event, but by counting only the type of log event, only the fact that some event has occurred will be logged later. You can refer to it.
Furthermore, when the log becomes full, it is necessary for the administrator to take recovery means by some means including display on the operation unit and notification of mail to the administrator.
Therefore, if it is necessary to audit whether such management has been performed properly later, it is determined whether or not appropriate management has been performed by comparing the log full timing with the recovery timing. It can be easily judged.

If the log can be stored as usual, the normal operation can be restored.
Furthermore, in order to cancel the log full, it is necessary to delete the log after storing it in another non-volatile area by some method including a method of downloading the log.
However, this deletion operation should be performed at the same time as the recovery operation. By enabling only the information device administrator, it is possible to prevent a general user's erroneous operation and intentional log deletion, and to store the information in the information device 1. Log can be maintained.
Furthermore, by informing the general user of the reason for refusal of authentication, the inquiry to the information device manager can be smoothly performed. In addition, the information device administrator can perform a log-full recovery process using this inquiry as a trigger.

  The information apparatus and computer-readable recording medium according to the present invention can be applied to personal computers such as desktop personal computers and notebook personal computers.

It is a block diagram which shows the internal structure of the information apparatus which is one Example of the information device of this invention, and PC which is a remote information device which exists outside the information device. It is a block diagram which shows the hardware constitutions of the information equipment 1 shown in FIG. FIG. 3 is a diagram illustrating an example of a list of logs accumulated in the information device 1 illustrated in FIG. 1. It is the figure which showed a series of operation | movement from the log accumulation | storage to log information full in the information equipment 1 until an information equipment manager performs recovery operation by the time-axis and the number of log storage. It is a figure which shows an example of the count value of the number for every kind of event.

FIG. 2 is a sequence diagram showing exchange of information between each unit until a user logs in, inputs settings, executes jobs, and logs out from the information device 1 in FIG. 1. FIG. 2 is a sequence diagram showing information exchange between each unit when a setting is made to the information device 1 and a job execution is requested from the PC 101 connected to the information device 1 shown in FIG. 1 via a network. FIG. 3 is a sequence diagram showing exchange of information between each unit when the log is full in the information device 1 shown in FIG. 1.

It is a sequence diagram which shows the exchange of the information between each part when a general user has already logged in when the log apparatus becomes full with the information apparatus 1 shown in FIG. FIG. 7 is a sequence diagram illustrating an exchange of information between a job execution unit and other units when the log is full in the information device 1 illustrated in FIG. 1. FIG. 2 is a sequence diagram illustrating an exchange of information between units when the information device 1 illustrated in FIG. 1 transfers a log to a log server 109. It is a sequence diagram which shows the exchange of the information between each part of the information equipment 1 shown in FIG. 1 at the time of recovery operation by the information equipment manager.

FIG. 10 is a sequence diagram showing exchange of information between a PC 101 and an authentication unit 103 when log deletion is rejected. It is a flowchart figure which shows the process of PC101 shown in FIG. It is a flowchart figure which shows the process of the operation part 102 shown in FIG. It is a flowchart figure which shows the process of the authentication part 103 shown in FIG. It is a state transition diagram of the authentication part 103 shown in FIG.

It is a flowchart figure which shows the login request process of the authentication part 103 shown in FIG. It is a flowchart figure which shows the logout request process of the authentication part 103 shown in FIG. It is a flowchart figure which shows the log full state notification (log full) process of the authentication part 103 shown in FIG. It is a flowchart figure which shows the log full state notification (log full cancellation | release) process of the authentication part 103 shown in FIG. It is a flowchart figure which shows the one-shot authentication request process of the authentication part 103 shown in FIG.

FIG. 2 is a flowchart showing processing of a job execution unit 104 shown in FIG. It is a state transition diagram of the job execution unit 104 shown in FIG. FIG. 2 is a flowchart showing job execution processing of a job execution unit 104 shown in FIG. 1. FIG. 8 is a flowchart showing a log full status notification (log full) process of the job execution unit 104 shown in FIG. 1. FIG. 6 is a flowchart showing a log full status notification (log full release) process of the job execution unit 104 shown in FIG. 1.

It is a flowchart figure which shows the process of the setting part 105 shown in FIG. It is a flowchart figure which shows the process of the log memory | storage part 108 shown in FIG. It is a state transition diagram of the log storage unit shown in FIG. It is a flowchart figure which shows the log registration process of the log memory | storage part 108 shown in FIG. It is a flowchart figure which shows the log deletion process of the log memory | storage part 108 shown in FIG. It is a flowchart figure which shows the log download process of the log memory | storage part 108 shown in FIG.

FIG. 2 is a front view illustrating an example of an appearance of an operation unit in a case where the information device 1 illustrated in FIG. 1 is a multifunction device including functions of a printer, a copier, and a facsimile. It is a figure which shows an example of the screen at the time of login displayed on the touch panel of the operation part shown in FIG. 1, or the display part of PC. It is a figure which shows an example of the display at the time of the authentication failure displayed on the touch panel of the operation part shown in FIG. 1, or the display part of PC. It is a figure which shows the other example of the display at the time of the authentication failure displayed on the touch panel of the operation part shown in FIG. 1, or the display part of PC.

It is a figure which shows an example of a touch-panel screen when setting whether to reject the authentication request | requirement of other than an information equipment manager (general user) at the time of log full. It is a figure which shows an example of the execution screen of PC at the time of log batch deletion.

Explanation of symbols

1: Information device 101, 212: PC 102, 204: Operation unit 103: Authentication unit 104: Job execution unit 105: Setting unit 107: Spontaneous execution unit 108: Log storage unit 109, 213: Log server 201: CPU 202: ROM 203: RAM 205: Non-volatile RAM 206: Document reading device 207: HDD 208: MSU 209: Printing device 210: RTC 211: NIC 3401: Login key 3402: Logout key 3403: Initial setting key 3404: Touch panel 3405: Tenkey 3406 : Clear key 3407: Start key

Claims (16)

Storage means for storing event history information including job execution or settings that occurred in the device itself, and when authentication information is input together with an authentication request to the device, a job for the device based on that information Authentication means for determining whether to authenticate an operation including execution or setting,
An information apparatus characterized in that the authentication means is provided with a rejection means for rejecting an authentication request input after that when the history information stored in the storage means reaches a preset upper limit value.   The authentication means includes means for preventing the authentication request from being rejected by the rejection means when information indicating an administrator is included in the authentication information input together with the authentication request. The information device according to claim 1.   2. The means for automatically logging out the log-in when the log-in is being performed when the history information stored in the storage means reaches a preset upper limit value. Or the information apparatus of 2.   The authentication means is provided with means for preventing a new operation from being accepted during login when the login is in progress when the history information stored in the storage means reaches a preset upper limit value. The information device according to claim 1 or 2.   2. The information apparatus according to claim 1, further comprising means for setting the authentication request not to be rejected by the rejection means.   6. The information device according to claim 5, further comprising means for storing history information of an event of the setting in the storage means.   When the history information stored in the storage means reaches a preset upper limit value, there is provided means for storing history information of events that have occurred thereafter in a reserved area preset in the storage means The information device according to claim 1.   When the history information stored in the reserved area of the storage means reaches a preset upper limit value, there is provided means for counting and storing only the number of occurrences for each type of event that has occurred thereafter. The information device according to claim 7.   9. The storage means is provided with means for storing history information of an event that the history information stored in the storage means has reached a preset upper limit value. The information device according to item.   10. The delete means for deleting the history information stored in the storage means when the history information stored in the storage means reaches a preset upper limit value. The information device according to one item.   11. The information apparatus according to claim 10, further comprising means for enabling deletion of history information by the deleting means only when a request is made from an administrator.   The information device according to claim 10 or 11, wherein the storage unit is provided with a unit that stores history information of an event that the history information stored in the storage unit is deleted.   13. The storage means is provided with means for storing history information of an event that the history information stored in the storage means has been deleted by the deletion means. The information device described in 1.   When the history information stored in the storage means is less than a preset upper limit value due to the deletion of the history information stored in the storage means by the deletion means, the authentication request input 14. The information apparatus according to claim 10, further comprising means for resuming authentication.   15. The information apparatus according to claim 1, further comprising means for notifying that the authentication is rejected by the rejection means. When the storage procedure for storing the history information of the event including the job execution or setting that occurred in the own device and the authentication request are input to the computer together with the authentication request, the computer automatically An authentication procedure for determining whether or not to authenticate an operation including job execution or setting for an apparatus, and an authentication request input after that when the history information stored by the storage procedure reaches a preset upper limit value And a computer-readable recording medium on which a program for executing a rejection procedure for rejecting the program is recorded.

Images