JP2007219827A - Image processor, image processing method, image processing program and storage medium - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide an image processor, an image processing method, an image processing program and a storage medium, allowing simple login of a user while maintaining security. <P>SOLUTION: In this image processor, image processing method, image processing program and storage medium, processing of the simple login and simple logout is performed by use of a certificate specific to the user comprising encrypted data for identifying information included in user information and the image processor. <P>COPYRIGHT: (C)2007,JPO&INPIT

Description

  The present invention relates to an image processing apparatus, and more particularly to an image processing apparatus that allows a user to log in easily.

  In recent years, image processing apparatuses (including printers, scanners, fax machines, multi-function machines, etc.) are often installed in public places and shared by a plurality of users for short-term use. In addition, the image processing apparatus is equipped with a function for limiting functions that can be used for each user based on user information registered in the image processing apparatus in advance.

  When such an image processing apparatus is used by a plurality of users, switching between users is frequently performed. Therefore, it is desired to perform this switching smoothly. As means for realizing this, a method has been devised in which terminal information of a user terminal is acquired and stored, and simple authentication is performed from the next time based on the terminal information and user information.

  Japanese Patent Laid-Open No. 2004-289302 (Patent Document 1) has a user restriction database on a network, and each user of the database has access rights to the functions of the image processing apparatus, thereby using the device. An image processing apparatus that restricts use of functions as well as restrictions is disclosed.

In Japanese Patent Laid-Open No. 2000-36809 (Patent Document 2), when the user's transmission source address matches the port number and the user's connection request is encoded in the user's application, the security level is not lowered. A simple authentication method for a user that can perform simple authentication and enables data communication in a short time is disclosed.
JP 2004-289302 A JP 2000-36809 A

  However, the inventions disclosed in Patent Document 1 and Patent Document 2 have a problem that security cannot be maintained when terminal information used by a user or the terminal itself is duplicated.

  The present invention has been made in view of such problems, and has been made to solve these problems. An image processing apparatus, an image processing method, an image processing program, and a storage medium that enable a user to log in easily while maintaining security. Is intended to provide.

  In order to achieve the above object, the image forming apparatus of the present invention employs the following configuration.

  An image processing apparatus according to the present invention includes an authentication information input unit that receives an input of authentication information, a user information holding unit that holds user information acquired in advance, and a certificate output unit that outputs a certificate proving user's authority And a certificate processing unit that performs processing related to the certificate, wherein the certificate processing unit issues the certificate based on a result of comparing the authentication information and the user information. The certificate output means can output the certificate to the user.

  Thereby, the user can log in simply by presenting the certificate at the next login.

  In order to achieve the above object, the image processing apparatus of the present invention further includes a configuration in which the certificate includes a part of user information and encrypted data for identifying the image processing apparatus. be able to.

  As a result, the user does not have to input all authentication information at the next login, and can simply log in.

  In the image processing apparatus of the present invention, in order to achieve the above object, the certificate processing means further determines whether the certificate is valid based on the encrypted data. It can be configured.

  Thereby, the user can log in smoothly only by presenting the certificate.

  In order to achieve the above object, the image processing apparatus of the present invention may further include a storage unit that stores issuance information that is information indicating that the certificate has been issued.

  Thereby, information corresponding to the certificate issued to the user can be held in the image processing apparatus.

  In order to achieve the above object, the image processing apparatus of the present invention is further configured such that the certificate processing means includes the certificate received from the authentication information input means and the issue stored in the storage means. It can be configured to determine whether or not the certificate is valid based on a result of comparison with information.

  Thereby, it is possible to determine whether or not the certificate is valid simply by presenting the certificate.

  In order to achieve the above object, the image processing apparatus of the present invention further includes an operation unit that stores the certificate and receives an operation instruction of the image processing apparatus, and the storage unit includes the certificate. The processing means may be configured to delete the certificate stored in the storage means when a first end instruction is given by the operation means.

  As a result, the information related to the user held in the image processing apparatus is deleted.

  In order to achieve the above object, the image processing apparatus of the present invention further includes an operation unit that stores the certificate and receives an operation instruction of the image processing apparatus, and the storage unit includes the certificate. The processing unit may be configured to rewrite a part of the certificate data stored in the storage unit in response to the second end instruction when the operation unit gives a second end instruction. it can.

  Thus, the user can log in simply based on the rewritten certificate without inputting all authentication information at the next login.

  In order to achieve the above object, the image processing method of the present invention is further configured such that the certificate processing means includes user identification information received from the authentication information input means and a user included in the rewritten certificate. When the information matches, it can be configured to present the restriction information related to the use of the function of the image processing apparatus included in the user information.

  Thereby, the user can grasp the usable functions and restrictions.

  The image processing method of the present invention outputs an authentication information input procedure for accepting input of authentication information and a certificate proving the user's authority in the image processing method in an image processing apparatus having user information holding means for holding user information. And a certificate processing procedure for performing processing related to the certificate, wherein the certificate processing procedure issues the certificate based on a result of comparing the authentication information and the user information. The certificate output procedure may be configured to output the certificate.

  By this method, the user can log in simply by presenting the certificate at the next login.

  An image processing program of the present invention is an image processing program executed in a computer having user information holding means for holding user information and an arithmetic processing unit, and an authentication information input step for accepting input of authentication information to the computer And a certificate output step for outputting a certificate for certifying the user's authority, and a certificate processing step for performing processing related to the certificate. In the certificate processing step, the authentication information and the user information The certificate is issued based on the result of the comparison, and the certificate is output in the certificate output step.

  By executing this program, the user can log in simply by presenting the certificate at the next login.

  The storage medium of the present invention is a computer-readable storage medium storing an image processing program.

  According to the present invention, the user can simply log in to the image processing apparatus while maintaining security.

  Embodiments of the present invention will be described below with reference to the drawings.

  The image processing apparatus, the image processing method, the image processing program, and the storage medium of the present invention use a user-specific certificate that includes a part of user information and encrypted data for identifying the image processing apparatus. Simple login and simple logout are performed.

  FIG. 1 is an example of a functional block diagram of an image processing apparatus 10 of the present invention. The image processing apparatus 10 includes an authentication information input unit 11, a user information holding unit 12, a certificate processing unit 13, an output unit 14, a storage unit 15, an operation unit 16, an engine control unit 17, a scanner unit 18, a printer unit 19, and an engine. The unit 20 is configured.

  The image processing apparatus 10 operates as a multifunction machine having a plurality of functions such as a copy function, a printer function, a scanner function, and a facsimile function. In the image processing apparatus 10, the authentication information input from the authentication information input unit 11 and the user information held in the user information holding unit 12 are compared in the certificate processing unit 13, and the user's qualification is proved based on the result. A certificate is issued. This certificate is issued to the user by the output unit 14. At this time, the certificate may be handed over to the user, and the form thereof may be various storage media such as a barcode and an IC card. Details of the data structure of the certificate will be described later.

  The authentication information input unit 11 is for inputting authentication information for authenticating a user. The authentication information is, for example, a user ID for identifying the user, a password corresponding to the user ID, information included in the certificate issued by the certificate processing unit 13, and the like. The authentication information input unit 11 includes, for example, an operation unit for inputting a user ID and a password, and means for reading information held in a certificate. Here, the means for reading the certificate is, for example, a barcode reader or an IC card reader.

  The user information holding unit 12 holds user information acquired in advance. Details of the user information held here will be described later. The certificate processing unit 13 executes processing related to a certificate, such as processing related to certificate issuance and processing to determine the validity of a certificate. The output unit 14 issues the certificate issued by the certificate processing unit 13 in a state where the user can obtain the certificate.

  The operation unit 16 has a display function, and displays information indicating restrictions and the like related to use of the image processing apparatus 10 so that the user can grasp the information. The engine control unit 17 is for controlling the engine unit 20 for operating the scanner unit 18 and the printer unit 19.

  FIG. 2 is a diagram illustrating an example of a configuration of user information held in the user information holding unit 12. The user information includes items “user name”, “password”, “group”, and “access role”.

  The item “user name” and the item “password” are information arbitrarily set for each user. The item “group” indicates an authority (such as Administrator, User, Guest, etc. in Windows (registered trademark)) that can be used by the user. The item “access role” is information indicating restrictions and the like related to use of the image processing apparatus 10 for each user.

  Here, the item “group” is for collectively setting the item “access role” for each group. FIG. 3 is a diagram illustrating an example of setting an access role for each item “group”. In FIG. 3, when the item “group” of the user information is “Administrator”, the user corresponding to this user information can use all the functions of the image processing apparatus 10, and the user who uses the image processing apparatus 10. Indicates an administrator who manages the authority of

  When the user information item “group” is “User”, the user corresponding to the user information can use the scanner function of the image processing apparatus 10. Similarly, when the item “group” of the user information is “Guest”, the user corresponding to this user information can use the copy function of the image processing apparatus 10.

  In the user information, the setting of the item “group” and the corresponding access role are set in advance by a user having administrator authority. At this time, the administrator can set different access roles even if the item “group” is the same. In this embodiment, the user information is stored in the user information storage unit 12 in advance. However, the present invention is not limited to this. For example, the user information may be acquired from an external device such as a server via a network. good.

  FIG. 4 is a diagram illustrating an example of a data structure of a certificate. The certificate issued from the certificate processing unit 13 is composed of information included in the user information and encrypted data for identifying the image processing apparatus 10. The certificate includes items “user name”, “login date / time”, “use count”, “restricted period”, “remaining count”, “use history”, and “encrypted data”.

  Here, the item “login date and time” is information indicating the date and time when the user logged in, and is detected by a timer function (not shown) provided in the image processing apparatus 10. The items “use count”, “restricted period”, “remaining count”, and “use history” are information generated by expanding the user information item “access role”. The item “encrypted data” is unique data for identifying the image processing apparatus 10. The certificate processing unit 13 determines whether the certificate is issued from the image processing apparatus 10 itself to the user based on the encrypted data.

  FIG. 5 is a sequence diagram for explaining the operation during normal login in the first embodiment of the present invention. Here, normal login refers to a case where a user who does not have a certificate performs a login operation on the image processing apparatus 10.

  The user inputs a user name and password as authentication information from the authentication information input unit 11 (S51). Upon receiving this authentication information, the certificate processing unit 13 acquires user information corresponding to the user name (S52). The certificate processing unit 13 searches the user information holding unit 12 by “user name” (S53), and acquires the corresponding user information (S54).

  The certificate processing unit 13 determines whether the user name and password included in the user information acquired here match the user name and password input by the user from the authentication information input unit 11 (S55). . When the certificate processing unit 13 determines that they match, the certificate processing unit 13 generates a certificate and issues it to the output unit 14 (S56).

  This certificate is output by the output unit 14 in the form of the user. The certificate processing unit 13 issues a certificate and simultaneously displays the access role included in the user information on the operation unit 16 to notify the user of restriction information related to the use of the image processing apparatus 10. For example, according to FIG. 2, the access role displayed here indicates that when the user B logs in, the printer function can be used. When the user D logs in, the access role is 10 minutes. Only the image processing apparatus 10 can be used.

  FIG. 6 is a sequence diagram illustrating logout from the image processing apparatus 10. When the user performs logout processing from the image processing apparatus 10 in the operation unit 16 (S61), the certificate processing unit 13 displays the access role after logout to the user (S62). The access role displayed here indicates that, for example, if the user B in FIG. 2 logs out, the printer function cannot be used. If the user D logs out, the image processing apparatus 10 can use it. For example, it will disappear.

  FIG. 7 is a sequence diagram for explaining simple login using the certificate issued in FIG. When the certificate is read by the authentication information input unit 11 (S71), the certificate processing unit 13 issues the certificate from the image processing apparatus 10 itself based on the encrypted data included in the certificate. It is determined whether or not (S72).

  The encrypted data is obtained by encrypting information for identifying the image processing apparatus 10 and may be unique information that can identify the image processing apparatus 10. For example, the serial number or the MAC address of the image processing apparatus 10 is encrypted.

  When the certificate processing unit 13 determines that the certificate read from the authentication information input unit 11 is issued from the image processing apparatus 10 itself, the certificate processing unit 13 regards this certificate as valid. Then, the access role is displayed on the operation unit 16 based on the certificate, the user is notified of the restriction information related to the use of the image processing apparatus 10 (S73), and the login process is completed.

  The access role displayed at this time is generated by the certificate processing unit 13 based on the certificate information. In addition, data that changes according to the usage status and usage frequency of the user, such as the item “restriction period” and the item “usage count”, is updated in the certificate processing unit 13 each time. Is.

  Thus, the user can log in simply without inputting authentication information at the next login by using the certificate issued at the first login. In addition, by using a certificate issued so as to be delivered to the user's hand instead of for each terminal, it is possible to log in simply while maintaining security.

  A second embodiment of the present invention will be described with reference to FIGS. In the second embodiment, the configuration of the image processing apparatus 10 is the same as that of the first embodiment, and thus the description of the configuration of the image processing apparatus 10 is omitted, and only the operation thereof will be described.

  FIG. 8 is a sequence diagram for explaining the operation during normal login in the second embodiment of the present invention. In FIG. 8, the processing from S81 to S87 is the same as the processing from S51 to S57 in FIG. 5, and thus the description thereof will be omitted. The processing of S88 and S89, which is different from the first embodiment, will be described.

  When the certificate processing unit 13 issues a certificate in S86, the certificate processing unit 13 generates issuance information indicating that the certificate has been issued (S88), and stores it in the storage unit 15 (S89), thereby completing the login process. . Here, the issue information is information having the same data structure as the certificate.

  FIG. 9 is a sequence diagram for explaining simple login using the certificate issued in FIG. Note that the logout process in the second embodiment is the same as that in the first embodiment, and a description thereof will be omitted.

  When the certificate issued in S86 is read by the authentication information input unit 11 (S91), the certificate processing unit 13 performs a process of calling the issue information corresponding to this certificate (S92). The certificate processing unit 13 searches the issue information stored in the storage unit 15 in S89 (S93), and obtains the corresponding issue information (S94). When the issue information is acquired, the certificate processing unit 13 determines whether the acquired issue information matches the certificate read from the authentication information input unit 11 (S95).

  Here, if the certificate processing unit 13 determines that the issued information matches the certificate, the certificate processing unit 13 regards this certificate as valid. Then, the access role is displayed on the operation unit 16 based on this certificate, the usage restriction information of the image processing apparatus 10 is notified to the user (S96), and the login process is completed.

  As described above, the issuance information corresponding to the certificate is stored when the certificate is issued, and when this certificate is used, the validity of the certificate is determined by comparing with the issuance information. Security can be maintained.

  A third embodiment of the present invention will be described with reference to FIGS. In the third embodiment, the configuration of the image processing apparatus 10 is the same as that of the first embodiment, and thus the description of the configuration of the image processing apparatus 10 is omitted, and only the operation thereof will be described.

  FIG. 10 is a sequence diagram for explaining the operation during normal login in the third embodiment of the present invention. In the third embodiment, the certificate is not output to the user but is stored in the storage unit 15 instead. Further, the certificate issued in the third embodiment includes information indicating the user status indicating whether the user is logged in or the like. Details of the data structure of the certificate in the third embodiment will be described later.

  In FIG. 10, the processing from S101 to S105 is the same as the processing from S51 to S55 in FIG.

  If the certificate processing unit 13 determines in S105 that the user name and password included in the acquired user information match the user name and password input by the user from the authentication information input unit 11, the certificate processing unit 13 determines the certificate. It is issued (S106), and this is written and stored in the storage unit 15 (S107). Then, the certificate processing unit 13 displays the access role on the operation unit 16 based on the certificate, notifies the user of the usage restriction information of the image processing apparatus 10 (S108), and completes the login process. .

  FIG. 11 is a sequence diagram for explaining the operation at the time of normal logout in the third embodiment of the present invention. When the user finishes using the image processing apparatus 10, the user performs a normal logout operation. In the normal logout operation, the user inputs a logout instruction from the operation unit 16 and inputs a user name from the authentication information input unit 11 (S111). Here, the fact that the normal logout is performed is notified to the certificate processing unit 13 that the normal logout is performed, for example, by selecting the normal logout by an operation unit (not shown) when the user inputs the user name. The

  The certificate processing unit 13 searches the storage unit 15 with the input user name based on the user name input by the normal logout operation (S112). Then, based on the certificate corresponding to the input user name stored in the storage unit 15, the user is caused to display the access role after the normal logout on the operation unit 16 (S113). Further, the certificate processing unit 13 deletes the corresponding certificate from the storage unit 15 and completes the normal logout process (S114).

  FIG. 12 is a sequence diagram for explaining the operation at the time of simple logout in the third embodiment of the present invention. When the user finishes using the image processing apparatus 10, the user performs a simple logout operation. In the simple logout operation, the user inputs a simple logout instruction from the operation unit 16 and inputs a user name from the authentication information input unit 11 (S121). Here, the fact that simple logout is performed, for example, when the user inputs the user name, the simple logout is notified to the certificate processing unit 13 by selecting simple logout by an operation unit (not shown) or the like. May be.

  Based on the user name input by the simple logout operation, the certificate processing unit 13 searches the storage unit 15 with the input user name (S122). Then, based on the certificate corresponding to the user name input in the storage unit 15, the user is caused to display the access role after the simple logout on the operation unit 16 (S123). Further, the certificate processing unit 13 rewrites the information indicating the user status included in the corresponding certificate stored in the storage unit 15 from the information indicating the “login status” to the information indicating the “simple logout status” ( S124). Then, the certificate processing unit 13 completes the simple logout process.

  FIG. 13 is a sequence diagram illustrating an operation when a user in the simple logout state logs in again in FIG. Only the user name which is information for identifying the user is input from the authentication information input unit 11 by the user (S131). Upon receiving this user name, the certificate processing unit 13 calls information indicating the user status corresponding to the user name from the storage unit 15 (S132). The certificate processing unit 13 searches the storage unit 15 based on the user name input from the authentication information input unit 11 (S133), and acquires information indicating the user status included in the corresponding certificate (S134).

  Here, when the user state is the simple login state, the certificate processing unit 13 determines that the simple login with the user name is valid (S135). And based on the certificate memorize | stored in the memory | storage part 15, the access role after a simple login is displayed on the operation part 16 with respect to a user (S136), and a simple login process is completed.

  As described above, in this embodiment, the issued certificate is stored, and the login process is completed by comparing the input user name with the stored certificate. The user can input the user name only for the second and subsequent logins, and does not need to input a password, so that the user can log in easily. Further, since the entered user name is compared with the stored certificate, it is possible to log in easily while maintaining higher security.

  FIG. 14 is a diagram illustrating an example of a certificate data structure according to the third embodiment. The certificate issued in the present embodiment is obtained by adding the item “user state” to the certificate data structure of the first embodiment. The information indicated by the certificate shown in FIG. 14 will be described below with reference to FIG.

  For example, the certificate of user A in FIG. 2 will be described. The login date and time is the date and time when the user A logged into the image processing apparatus 10. Since the access role of the user A is ALL, there is no data corresponding to the items “usage count”, “time limit”, and “remaining count”. In the item “usage history”, for example, a history of functions used so far by the user A is shown. The item “user state” indicates that the user A is in the login state.

  Next, the certificate of user C will be described. The access role of the user C is the limited number of times 10times. Therefore, in the certificate of the user C, the item “number of uses” indicates the number of times the user C has used the image processing apparatus 10, for example, “twice” here. The item “remaining number of times” indicates the number of times that the user C can use the image processing apparatus 10 in the future, for example, “8 times”. As described above, the information that changes depending on the usage status of the user is updated at every login.

  The item “usage history” indicates a history such as how many times user C has used which function. The item “user state” indicates that the user C is in a simple login state. This indicates that the user C can log in by a simple login operation in which only the user name is input at the next login. For user C, there is no information regarding the item “time limit”.

  Furthermore, the certificate of user D will be described. User D's access role has a time limit of 10 min. Therefore, in the certificate of the user D, the item “time limit” indicates a time during which the user D can use the image processing apparatus 10 in the future, for example, “4 min”. As described above, the information that changes depending on the usage status of the user is updated at every login.

  The item “usage history” indicates a history of how many minutes the user D has used. The item “user state” indicates that the user D is in a login state. In addition, for user D, there is no information regarding the items “number of uses” and “number of remaining times”.

  Next, an image processing program of the present invention and a computer-readable storage medium storing the image processing program will be described with reference to FIG. The image processing program of the present invention is an image processing program capable of executing all the processes described in the first to third embodiments.

  FIG. 15 is a hardware configuration diagram of the computer 30 that can read the image processing program. The computer 30 includes a CPU 32, a hard disk 33, a memory 34, a network control unit (hereinafter “NCU”) 35, a display unit 36, an input unit 37 and a driver 38, and is connected to the image processing apparatus 10 via the NCU 35. .

  The image processing program of the present invention may be stored in the memory 34 or may be stored in the storage medium 50. This image processing program may be transmitted to the image processing apparatus 10 via the NCU 35, for example. good.

  Here, the CPU 32 executes the image processing program of the present invention stored in the storage medium 50 connected via the memory 34 or the driver 38. In addition to the image processing program of the present invention, the memory 34 stores a program for causing the computer 30 to function and various setting values. The NCU 35 is used as a communication unit with the image processing apparatus 10 and may be connected to, for example, a general public line or a LAN line.

  The display unit 36 displays the results of the processing executed by the CPU 32, and the input unit 37 is used by the user to input various data. The driver 38 mediates between the CPU 32 and the storage medium 50 connected to the outside. The display unit 36 may display an access role for each user transmitted from the image processing apparatus 10.

  The storage medium 50 may store the image processing program of the present invention. In that case, the CPU 32 reads the image processing program from the storage medium 50 via the driver 38 and executes it. Here, the storage medium 50 may be a storage medium such as a floppy (registered trademark) disk, a magneto-optical disk, or a USB memory, or may be other than that as long as it can be read by the CPU 32. . The storage medium may be a medium that can be directly read by the image processing apparatus 10.

  As described above, according to the present invention, a user-specific certificate is issued, and the user can easily log in to the image processing apparatus 10 by using the certificate.

  Further, by using a user-specific certificate, it is possible to maintain a high level of security without depending on the terminal used by the user.

  Although the present invention has been described based on each embodiment, the present invention is not limited to the requirements shown in the above embodiment. With respect to these points, the gist of the present invention can be changed without departing from the scope of the present invention, and can be appropriately determined according to the application form.

  The present invention can be applied to an image processing apparatus that performs image processing, an image processing method, an image processing program, and a storage medium.

It is an example of the functional block diagram of the image processing apparatus 10 of this invention. It is a figure which shows the example of a structure of the user information hold | maintained at the user information holding part. It is a figure which shows the example of the setting of the access role for every item "group." It is a figure which shows an example of the data structure of a certificate. It is a sequence diagram explaining the operation | movement at the time of normal login in Example 1 of this invention. 3 is a sequence diagram illustrating logout from the image processing apparatus 10. FIG. FIG. 6 is a sequence diagram for explaining simple login using a certificate issued in FIG. 5. It is a sequence diagram explaining the operation | movement at the time of the normal login in Example 2 of this invention. FIG. 9 is a sequence diagram for explaining simple login using a certificate issued in FIG. 8. It is a sequence diagram explaining the operation | movement at the time of the normal login in Example 3 of this invention. It is a sequence diagram explaining the operation | movement at the time of the normal logout in Example 3 of this invention. It is a sequence diagram explaining the operation | movement at the time of simple logout in Example 3 of this invention. It is a sequence diagram explaining operation | movement when the user of a simple logout state logs in again. It is a figure which shows the example of the data structure of the certificate in Example 3. FIG. It is a hardware block diagram of the computer 30 which can read an image processing program.

Explanation of symbols

DESCRIPTION OF SYMBOLS 10 Image processing apparatus 11 Authentication information input part 12 User information holding part 13 Certificate processing part 14 Output part 15 Storage part 16 Operation part 17 Engine control part 18 Scanner part 19 Printer part 20 Engine part

Claims (11)

Authentication information input means for receiving input of authentication information, user information holding means for holding user information, certificate output means for outputting a certificate proving user's authority, and a certificate for performing processing related to the certificate An image processing apparatus having processing means,
The certificate processing means issues the certificate based on a result of comparing the authentication information and the user information,
The image processing apparatus, wherein the certificate output means outputs the certificate.   The image processing apparatus according to claim 1, wherein the certificate includes a part of user information and encrypted data for identifying the image processing apparatus.   The image processing apparatus according to claim 2, wherein the certificate processing unit determines whether the certificate is valid based on the encrypted data.   The image processing apparatus according to claim 1, further comprising a storage unit that stores issuance information that is information relating to the issuance of the certificate.   The certificate processing means determines whether or not the certificate is valid based on a result of comparing the certificate received from the authentication information input means with the issue information stored in the storage means. The image processing apparatus according to claim 4, wherein the determination is made. The storage means stores the certificate,
Having an operation means for receiving an operation instruction of the image processing apparatus;
The image processing apparatus according to claim 4, wherein the certificate processing unit deletes the certificate stored in the storage unit when a first end instruction is received by the operation unit. The storage means stores the certificate,
Having an operation means for receiving an operation instruction of the image processing apparatus;
The certificate processing means rewrites a part of the certificate data stored in the storage means in response to the second end instruction when a second end instruction is received by the operation means. The image processing apparatus according to claim 4.   The certificate processing means, when the user identification information received from the authentication information input means matches the user information included in the rewritten certificate, the function of the image processing apparatus included in the user information The image processing apparatus according to claim 7, wherein restriction information related to use is presented. In an image processing method in an image processing apparatus having user information holding means for holding user information,
An authentication information input procedure for accepting input of authentication information, a certificate output procedure for outputting a certificate proving the user's authority, and a certificate processing procedure for performing processing related to the certificate,
The certificate processing procedure issues the certificate based on a result of comparing the authentication information and the user information,
The certificate output procedure is characterized in that the certificate is output. An image processing program executed in a computer having user information holding means for holding user information and an arithmetic processing unit,
In the computer,
An authentication information input step for receiving input of authentication information, a certificate output step for outputting a certificate proving the user's authority, and a certificate processing step for performing processing related to the certificate,
In the certificate processing step, the certificate is issued based on a result of comparing the authentication information and the user information,
An image processing program that outputs the certificate in the certificate output step.   A computer-readable storage medium storing the image processing program according to claim 10.

Images