JP2007293677A - Image forming device with e-mail notification function - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To reinforce security in an image forming device with an E-mail status function. <P>SOLUTION: An E-mail address, a user name, and a password are set by each item of equipment information in the transmission permitting information table of the image forming device. The transmission request of the equipment information is received by an encrypted E-mail. A request source is authenticated with the use of the user name of a request source described in the E-mail and the password. Only the equipment information permitted in the transmission permitting information table among the requested equipment information is transmitted to the E-mail address of the request source. When the request comes from the request source which is not registered in the transmission permitting information table, the E-mail address is recorded as a log so as to perform notification to a manager and the other same kinds of equipment. <P>COPYRIGHT: (C)2008,JPO&INPIT

Description

  The present invention relates to an image forming apparatus, and more particularly, to an image forming apparatus having a function (electronic mail status function) for providing information related to an image forming apparatus by sending and receiving electronic mail.

  Conventionally, in order to confirm the state of the image forming apparatus installed in each customer's office, a person in charge visits each customer office and conducts an on-site inspection. Then, through this on-site inspection, information on the image forming apparatus in each customer office (failure location information, status information, various setting information, etc.) is acquired and confirmed. The faulty part was repaired.

  However, with the development of networks in recent years, there are an increasing number of devices that provide functions that allow a web browser to browse the status of devices and make settings for devices. In this case, in order to make settings for the device accessible from the outside using a network (access from the Internet, etc.), it is necessary to make it possible to communicate with the device, for example, by making a hole in the firewall. There is. In the worst case, device information may be stolen by unauthorized access, which is a security problem.

  Therefore, a device has been created that can be configured using e-mail that can be easily sent and received regardless of the firewall. Of course, e-mail is natural because of the nature of its use, but a firewall is set up to allow e-mail packets to pass regardless of the data flow from the external network to the internal network or from the internal network to the external network. Is normal.

  The firewall does not restrict the passage of e-mail packets regardless of the communication direction, from the communication network to the in-house network or from the in-house network to the communication network. This is because it is necessary to pass packets in both directions due to the nature of the use of electronic mail. Therefore, an external personal computer or the like can send and receive e-mails to and from an image forming apparatus connected to an in-house network or the like whose communication is restricted by a firewall. Information about the image forming apparatus can be acquired or confirmed by requesting some processing from such an apparatus such as a personal computer using electronic mail. When an e-mail indicating the requested content is transmitted in a predetermined format, the image forming apparatus performs a requested process based on the content of the e-mail.

  The e-mail status function is a function that performs device information provision processing according to the content of the request e-mail received by the image forming apparatus. However, instead of relying on all received e-mails for processing, the sender's e-mail address of the requested e-mail can be subject to authentication, so that unauthorized e-mail access due to impersonation can be eliminated. . The conventional e-mail status function will be described below.

  First, the e-mail notification function will be described. The e-mail notification function is a function for notifying the administrator of information such as the status and failure status of the image forming apparatus via e-mail. There are two types of notification methods: one that notifies by an active action on the device side (email alert) and one that passively responds to an inquiry email from the administrator (email status). .

  An e-mail alert (Outgoing mail) sends an e-mail alert notification to a predetermined notification destination when a toner end or paper jam occurs. Further, when the alert state that has occurred is canceled, an alert cancellation notification can be sent by e-mail. When the administrator sends a request for the device as an e-mail in a predetermined format, the image forming apparatus returns information according to the request as a return mail to the administrator.

  In the case of the electronic mail status, a reply is made to the electronic mail address of the sender (From) of the electronic mail transmitted to the image forming apparatus. However, even if an e-mail return destination is specified in “Reply-To”, “Reply-To” is ignored for security reasons. In order to deal with unauthorized access, an access restriction mechanism for the email status function is provided. Specifically, an image forming apparatus is registered only when a user's e-mail address / domain of an e-mail status function is registered in the apparatus in advance and a request mail is transmitted from the registered e-mail address to the apparatus. Status information is sent. Request mail transmitted from an unauthorized e-mail address not registered in the image forming apparatus is ignored. FIG. 5 is an example showing a result checked by the image forming apparatus. Also, as shown in FIG. 6, in the e-mail status function, it is possible to set whether to restrict access for each notification item that can be acquired. For notification items in which the access restriction is set to be invalid, a request mail can be transmitted from an arbitrary e-mail address. FIG. 7 is an example of an input screen for setting the data shown in FIGS. 5 and 6 for the electronic mail status function.

  A software unit that controls the e-mail notification function will be described. FIG. 8 is a block diagram of a controller unit constituting the image forming apparatus. Of these, MIRS (Machine Information Report Service) is responsible for controlling the e-mail notification function. The flow between software modules in charge of the e-mail notification function (the e-mail alert of FIGS. 9 and 10 and the e-mail status of FIGS. 11 and 12) is shown. The MIRS block includes a mail transmission request manager unit, a mail content creation unit, a request mail analysis unit, an engine status monitoring unit, a request mail reception unit, and a mail transmission request unit. The e-mail alert function is realized by receiving various state notifications notified to the engine status monitoring unit or receiving alert notifications from an application. The e-mail status function operates only after the request e-mail receiving unit receives the request e-mail. At this time, the request mail analysis unit performs authentication by the e-mail address / domain and checks validity / invalidity of information to be transmitted. There is no difference between the e-mail alert function and the e-mail status function with respect to the process of creating the content of the e-mail to be returned and the flow up to the e-mail transmission.

  Next, a schematic configuration of the image forming apparatus will be described with reference to FIG. The image forming apparatus includes a RAM, an HDD, and a frame memory as storage means. A network I / F controller is provided as a communication means. A CPU is provided as a processing means for controlling these. The image forming apparatus also includes various controllers that are interface devices that control software and hardware, a display unit that displays information, an operation unit that receives commands from a user, and an output device that prints out data. ing. These components of the image forming apparatus are connected by a main bus or a local bus. In addition to this, the image forming apparatus also includes a scanner and an image forming mechanism as input means for reading as image data.

  Next, the configuration of the entire system including the image forming apparatus will be described with reference to FIGS. The image forming apparatus is connected to a remote management computer (external system) via a communication network. Examples of the image forming apparatus include a printer, a digital copying machine, and a multifunction machine. The information collecting PC (external system) is a computer system including a server that manages the image forming apparatus. The communication network is various communication lines such as the Internet, a telephone line, a wireless communication line, and a frame relay.

  Next, the processing procedure of the conventional electronic mail status function will be described with reference to FIG. A supply information request e-mail is transmitted from the information collecting personal computer to the target device (image forming apparatus) via the network. At this time, fill in the necessary information in the subject. The target device (image forming apparatus) that has received the e-mail authenticates the address / domain of the e-mail transmission source with reference to the permission table. If authentication is NG, the request is ignored. When the authentication is normally performed, only the device information that is valid as a notification item is entered in the body of the reply mail from the target device (image forming apparatus) and transmitted to the sender mail address (From) of the request mail.

  Next, the processing procedure of the conventional method in which the security of the e-mail status function is enhanced will be described with reference to FIG. An encrypted e-mail requesting supply information is transmitted from the information collection personal computer to the target device via the network. The target device that has received the e-mail decrypts the e-mail and checks the address / domain of the e-mail transmission source with reference to the permission table. Ignored if NG. If it is OK, the target device performs an access check. Only the items that are valid as notification items are sent to the requesting information collecting personal computer by e-mail from the target device. Examples of related art related to this will be given below.

  The “event notification method” disclosed in Patent Document 1 is an event notification method in which displayed information and layout can be easily changed. This is an event notification method for notifying other devices of event notification information related to an event occurring in an information device. A first document that is a document according to the specification for creating event notification information is created. The second document is created by editing the first document according to the layout document that defines the layout of the event notification information. Event notification information is created from the second document. Notify the device of event notification information.

The “image forming apparatus having an E-Mail status function” disclosed in Patent Document 2 is
Information about an image forming apparatus is acquired from an image forming apparatus existing inside an in-house network (LAN or the like) having a firewall with an external network (Internet or the like). The processing unit of the image forming apparatus acquires operation identification information from a request e-mail requesting information related to the image forming apparatus received from the external system via the communication unit. Furthermore, the command data corresponding to the acquired operation identification information is read from the command data table of the storage means. In addition, information related to the image forming apparatus is read from the storage unit, and a reply e-mail including the information related to the read image forming apparatus is generated according to the condition of the read command data. Then, the generated reply electronic mail is transmitted via the communication means.

The “electronic mail terminal” proposed in Patent Document 3 is an electronic mail terminal that is easy for a user to send a request mail to use. An e-mail created based on a request form composed of a character string for requesting execution of a predetermined operation is received from an external terminal connected via a network. A request form changed according to a predetermined rule is received. A predetermined operation is executed in accordance with the request indicated by the changed request form.
JP 2004-341617 A JP 2006-72793 A Japanese Patent Application No. 2005-044531

  However, the conventional e-mail status function has the following problems. By using the sender email address of the request email as the subject of authentication, unauthorized email due to impersonation is eliminated. In the conventional authentication method of the e-mail status function, it is checked whether it is possible to authenticate with the e-mail address or domain from the e-mail address of the received e-mail, and whether or not the image forming apparatus information can be distributed is set as an access restriction Rely only on. However, it is easy to send an e-mail by misrepresenting the e-mail source mail address. For this reason, authenticating only with an e-mail address or domain name is vulnerable in terms of security.

  SUMMARY OF THE INVENTION An object of the present invention is to solve the above-mentioned conventional problems and enhance security related to an electronic mail requesting device information in an image forming apparatus having an electronic mail status function.

  In order to solve the above-described problems, in the present invention, the image forming apparatus corresponds to a unit that accepts a transmission request for email of device information, and a device information that is permitted to be sent by email and an email address. And a means for transmitting only the device information permitted in the transmission permission information table out of the device information requested to be transmitted by e-mail to the request source of the e-mail address. It was.

  The accepting means includes means for decrypting the encrypted electronic mail, and means for authenticating the request source with the user name and one-time password of the request source described in the decrypted electronic mail. Further, the electronic mail address of the request coming from the electronic mail address request source that is not registered in the transmission permission information table is recorded as a log, and transmitted to the administrator and other similar devices.

  With the configuration described above, the security of the image forming apparatus having the electronic mail status function can be enhanced. It is also possible to identify an unauthorized accesser by investigating where unauthorized access has been made. Even if the image forming apparatus has a firewall between the external network and the in-house network and exists inside the in-house network, information about the image forming apparatus can be acquired and confirmed by e-mail.

  Hereinafter, the best mode for carrying out the present invention will be described in detail with reference to FIGS.

  The embodiment of the present invention accepts a request for transmission of device information by encrypted e-mail, authenticates the request source by the user name and one-time password of the request source described in the e-mail, and is requested to send by e-mail. Only the device information permitted in the transmission permission information table in which the device information permitted to be transmitted by e-mail and the e-mail address are associated among the device information transmitted to the request source of the e-mail address, This is an image forming apparatus that records, as a log, a request e-mail address from an e-mail address request source that is not registered in the transmission permission information table, and notifies the administrator and other similar devices.

  The basic configuration of the image forming apparatus in the embodiment of the present invention is the same as the conventional one. The difference is that security related to e-mail requesting device information has been enhanced. FIG. 1 is a diagram showing an e-mail status function setting screen. FIG. 2 shows an e-mail status function setting screen. FIG. 3 is an explanatory diagram of unauthorized access information reporting. FIG. 4 is an explanatory diagram of sharing of unauthorized access information. 3 and 4, the image forming apparatus 1 is a target device that provides device information. The client PC 2 is a terminal device that requests device information. The administrator PC 3 is a terminal device of the administrator of the image forming apparatus. LAN 4 is a local communication network. The image forming apparatuses 5 to 7 are the same type of devices as the image forming apparatus 1.

The function and operation of the image forming apparatus in the embodiment of the present invention configured as described above will be described. First, the security enhancement method will be described.
(1) After the image forming apparatus authenticates the e-mail with the source e-mail address, whether or not the request source e-mail address or domain is set as the distribution destination of the requested content with reference to the transmission permission information table Verify that.
(2) The image forming apparatus performs authentication using the user name and password described in the request mail.
(3) If the user name and password are described in plain text in the e-mail, they can be seen on the network, so the e-mail itself is encrypted. The means for decrypting the cipher is performed by a method defined between the image forming apparatus and the requesting source, so that even if a third party sees it, it is not decrypted.
(4) However, if a password is used for a long time, it may be analyzed by a third party. In order to avoid this, a one-time password (one-time password) is created between the image forming apparatus and the request source. By using this function, even if the password is leaked to a third party, authentication cannot be passed with the leaked password.
(5) By using a combination of the methods (1) to (4), the security aspect is strengthened.

  By setting the device information in the transmission permission information table in association with the e-mail address, it is possible to further restrict access. By writing the user name and password for authentication in the image forming apparatus in the e-mail body, security is further enhanced. However, since the user name and password may be eavesdropped from the outside in the plain text state, the text is encrypted when setting the user name and password. For example, e-mail is converted to S / MIME format, which is a standard encryption method. The flow of processing when transmitting an e-mail encrypted is the same as the conventional method shown in FIG.

  The image forming apparatus stores, in the transmission permission information table, device information permitted to be transmitted by electronic mail and an electronic mail address in association with each other. The reception unit receives a request for transmission of device information by encrypted electronic mail. The encrypted electronic mail is decrypted, and the request source is authenticated by the user name and the one-time password of the request source described in the decrypted electronic mail. Of the device information requested to be transmitted by e-mail, only the device information permitted in the transmission permission information table is transmitted to the request source of the e-mail address. It is safer to encrypt this e-mail and require authentication with the requesting user name and one-time password. The request source e-mail address that is not registered in the transmission permission information table is recorded as a log and transmitted to the administrator and other similar devices.

  Next, a setting method for enhancing the security of the electronic mail status function will be described with reference to FIG. An example of the access restriction of the system configuration information notification of the image forming apparatus will be described as an example. The other notification items are similarly set for each item. On the setting screen, set the e-mail address / domain name, user name, password, and mail language that can be received. If access restriction is disabled, all requests are allowed. The receivable mail address / domain name is a mail address / domain name that permits the request. If registered, the request is granted. The user name and password are for the image forming apparatus to authenticate the request source. If the user name and password described in the received e-mail match the user name and password in the transmission permission information table, the request is permitted. The mail language is the language used for reply mail.

  Next, a setting method when using a one-time password will be described with reference to FIG. If the same password is used for a long time, it may be analyzed by a third party. In order to avoid this, a function for creating a one-time password (one-time password) between the image forming apparatus and the request source is used. One-time passwords can be generated using well-known methods such as those using a one-way function. Even if the one-time password is leaked to a third party, it cannot be used twice, and even if it is used, the authentication mechanism cannot be broken. On the setting screen, set the e-mail address / domain name, user name, password, and mail language that can be received. Set whether to use a one-time password for each notification item and user.

  Next, a method for reporting information related to unauthorized access attacks will be described with reference to FIG. The image forming apparatus 1 (PC 3 for manager) is notified by e-mail of an unauthorized access attack to the image forming apparatus 1 and its e-mail address. The image forming apparatus 1 itself stores and manages information related to the unauthorized access attack. Based on this information, the administrator can investigate where the unauthorized access occurred and take measures such as identifying the unauthorized accessor.

  Next, a method for sharing information on unauthorized access attacks between devices will be described with reference to FIG. The same type of device is notified by e-mail that an unauthorized access attack has been performed, and this information is shared between the image forming apparatuses. A lot of unauthorized access information is stored in each device, which enhances security. By setting the e-mail address used for the unauthorized access attack as a reception rejection address in each device, it is possible to prepare a defense system before the attack is performed. In this embodiment, the e-mail status function of the image forming apparatus has been described as an example. However, when remotely monitoring information on a network device other than the image forming apparatus, it can be used as a means for protecting the function.

  As described above, in the embodiment of the present invention, the image forming apparatus accepts a transmission request for device information by encrypted e-mail, and authenticates the request source by the request source user name and the one-time password described in the e-mail. Of the device information requested to be transmitted by e-mail, only the device information permitted by the transmission permission information table in which the device information permitted to be transmitted by e-mail and the e-mail address are associated, Configuration that sends to the request source of the email address, records the email address of the request from the request source of the email address not registered in the transmission permission information table as a log, and notifies the administrator and other similar devices As a result, the security of the image forming apparatus having the electronic mail status function can be enhanced.

  The image forming apparatus of the present invention is optimal as an image forming apparatus having a function (electronic mail status function) for providing information related to the image forming apparatus by sending and receiving electronic mail. The present invention can also be applied as means for protecting the remote management function of network devices other than the image forming apparatus.

E-mail status function setting screen E-mail status function setting screen Report unauthorized access information Sharing unauthorized access information Example of results checked by image forming device Example of access restriction settings E-mail status function setting screen example Block diagram of controller unit in image forming apparatus Email notification function (email alert) E-mail notification function (e-mail alert) MIRS block diagram Email notification function (email status) E-mail notification function (e-mail status) MIRS block diagram It is the schematic which shows the structure of the conventional image forming apparatus. Configuration diagram of the entire system including the image forming apparatus Configuration diagram of the entire system including the image forming apparatus It is a figure which shows the process sequence of the conventional electronic mail status function. It is a figure which shows the process sequence which strengthened the security of the conventional email status function.

Explanation of symbols

DESCRIPTION OF SYMBOLS 1 ... Image forming apparatus (target apparatus), 2 ... Client PC, 3 ... PC for managers, 4 ... LAN, 5 ... Image forming apparatus (target apparatus), 6 ... Image forming apparatus (target apparatus), 7... Image forming apparatus (target apparatus).

Claims (14)

  Accepting means for receiving a transmission request for device information by e-mail, a transmission permission information table in which device information permitted to be transmitted by e-mail and an e-mail address are associated, and a device requested to be transmitted by e-mail An image forming apparatus comprising: means for transmitting only the device information permitted by the transmission permission information table to the request source of the e-mail address.   The image forming apparatus according to claim 1, wherein the accepting unit includes a unit that authenticates the request source by a user name and a password of the request source described in an e-mail.   The reception means comprises means for decrypting an encrypted e-mail, and means for authenticating the request source with a user name and password of the request source described in the decrypted e-mail. The image forming apparatus according to 1.   The accepting means comprises means for decrypting the encrypted e-mail, and means for authenticating the request source with the user name and one-time password of the request source described in the decrypted e-mail. The image forming apparatus according to claim 1.   2. The image forming apparatus according to claim 1, further comprising means for recording, as a log, a request e-mail address coming from a request source of an e-mail address not registered in the transmission permission information table.   2. The image forming apparatus according to claim 1, further comprising means for notifying an administrator that a request has come from a request source of an e-mail address not registered in the transmission permission information table.   2. The image forming apparatus according to claim 1, further comprising means for transmitting a request from an e-mail address request source not registered in the transmission permission information table to another similar device.   The reception unit of the image forming apparatus receives a transmission request for device information by e-mail, and refers to a transmission permission information table in which device information permitted to be transmitted by e-mail is associated with an e-mail address. A device information notification control method characterized by transmitting only the device information permitted by the transmission permission information table to the request source of the e-mail address among the device information requested to be transmitted by.   9. The device information notification control method according to claim 8, wherein the accepting unit authenticates the request source by a user name and a password of the request source described in an e-mail.   9. The device information notification according to claim 8, wherein the accepting unit decrypts the encrypted electronic mail and authenticates the request source with the user name and password of the request source described in the decrypted electronic mail. Control method.   9. The apparatus according to claim 8, wherein the accepting unit decrypts the encrypted electronic mail, and authenticates the request source with a user name and a one-time password of the request source described in the decrypted electronic mail. Information notification control method.   9. The device information notification control method according to claim 8, wherein an electronic mail address of a request coming from an electronic mail address request source not registered in the transmission permission information table is recorded as a log.   9. The device information notification control method according to claim 8, wherein the administrator is notified that a request has come from a request source of an e-mail address not registered in the transmission permission information table.   9. The device information notification control method according to claim 8, wherein a request from a request source of an e-mail address not registered in the transmission permission information table is transmitted to another similar device.

Images