JP2008181183A - Image processing device - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide an image processing device comprising a security function not to accept such an operation that a password may be used by a third person without notice and the third person intentionally may deceive as a user and operate the device. <P>SOLUTION: The image processing device comprises a storage part 4, a determination part 80 and a control part 7. The determination part 80 determines whether or not input operation contents and operation patterns are completely matching. When the input operation contents and the operation patterns are not completely matching, the control part 7 determines whether or not they are incompletely matching, where the operation patterns of minimum standard are matching. When they are incompletely matching, possible processes are carried out while restricting part of processes. When they are not matching, the processes are forbidden. <P>COPYRIGHT: (C)2008,JPO&INPIT

Description

  The present invention relates to an image processing device, and in particular, an image processing device including a security device that specifies a user and restricts processing.

  Recently, various electronic devices having a security function have been developed in order to prevent information leakage and unauthorized use. As a typical security function, the user is identified and authenticated by inputting a password, which is a complex character string intermingled with half-width alphanumeric characters and symbols, or by inserting an IC card in which user information is registered. There is user authentication.

As another security function, for example, as disclosed in Patent Document 1, there is a security function that warns the display unit when an operation input that is not a normal operation procedure is detected. In addition, there is a security function that performs user authentication using an account and a password and restricts functions that can be used according to the account, as disclosed in Patent Document 2.
JP-A-7-85341 JP 2006-260085 A

  However, when a password, an IC card, or the like is used as user authentication, there is a problem that the use of the device is permitted using a stolen password, a stolen or skimmed IC card.

  Patent Document 1 discriminates an operation procedure of a product selection button and a prepaid card, discriminates an erroneous operation of a customer, and detects an illegal use of the prepaid card, depending on whether or not the operation procedure is determined for the apparatus. There is a problem that is not considered for a person who intentionally performs unauthorized use.

  Patent Document 2 merely determines whether an account is appropriate based on a password, and only permits the use of the device in a range corresponding to the level of the account. According to a preset level such as a general user or an administrator. This limits the range of use of the device, and there is a problem that no consideration is given to how to deal with a password used without permission by a third party.

  Therefore, in view of the above problems, the present invention provides an image output device having a security function that does not accept an operation even if a password or the like is used without permission from a third party and is intentionally manipulated as a user. For the purpose of provision.

  In order to achieve the above object, according to the present invention, a storage unit that stores a feature of a user's operation, a determination unit that determines whether or not an input operation content matches the feature of the operation, and the operation And a control unit that permits processing when the contents match the characteristics of the operation and limits the processing when the contents do not match.

  The operation features are the user's operation pattern, the procedure for the user to input the operation content, the time to press the input key to input the operation content, the time to press the next input key, the pressure to press the input key, etc. It is. The detection of the procedure is determined from the input key that has been pressed. The detection of time is determined by whether or not the input key is pressed. The pressure is detected by an input key provided with a pressure sensor.

  The characteristics of the operation are different for each user. Furthermore, since the feature of the operation is an operation that the user unconsciously inputs, it is difficult for the third party to grasp the feature of the operation only by snooping.

  Therefore, it is determined whether the authenticated user is a true user by comparing the input operation content with an operation pattern stored in the past of the authenticated user. If authentication is performed but the operation pattern is different from that of the true user, the function is restricted to prevent unauthorized operation. Thereby, it is possible to improve the security by suppressing the outflow of important data.

  The storage unit stores operation details as history information each time it is used, and the control unit extracts a user operation pattern based on the history information, and the extracted operation pattern is a feature of the operation. And

  The storage unit stores the operation content input for each user and the feature of the operation extracted based on the operation content. Each time the user inputs the operation content, the input operation content is stored. Operation contents are accumulated and stored as history information. The determination unit extracts an operation pattern based on the history information, and stores the operation pattern as an operation feature. As a result, more accurate operation features can be extracted and specified.

  The determination unit performs pattern matching between the input operation pattern and the stored operation pattern to determine whether they match. When the input operation pattern matches the stored operation pattern, or when it is determined that the input operation pattern matches a part of the stored operation pattern, and the input operation pattern does not match all the stored operation patterns It is determined that it is not suitable.

  When the input operation pattern matches the stored operation pattern, the control unit executes processing. When the input operation pattern partially matches the stored operation pattern, the process is executed while limiting a part of the process. If the input operation pattern does not match the stored operation pattern, the processing is restricted. In this way, leakage of confidential data can be prevented by limiting the processing when it is determined that the operation is unauthorized by a third party.

  For example, when the communication unit includes a communication unit that performs data communication with an external device, the control unit restricts the use of the communication unit. By restricting access to an external device or data transmission to the outside, leakage of confidential data stored in a server and an external device can be prevented.

  When processing is restricted, the control unit creates a job log with an image. As a result, when it is determined that the operation is unauthorized, the contents of the unauthorized operation can be traced by storing the job log with the image.

  As another example, a notification unit that displays a warning on the display unit or notifies an external device is provided. When it is determined that the operation is unauthorized, the notification unit notifies the third party or an external device that the operation is unauthorized. Thereby, for example, unauthorized use is suppressed for a third party who is illegally used, and unauthorized use can be detected early for an external device.

  As another example, a notification unit is provided. The notification unit displays a warning for the third party. Alternatively, it notifies the external device that it has been illegally used.

  As described above, according to the present invention, it is determined whether or not the input is unauthorized use by determining whether or not the input operation content matches the feature of the authenticated user operation. . Non-users cannot be matched with the characteristics of the operation, so that unauthorized use can be prevented.

  The image processing apparatus according to the present embodiment is a multifunction machine that executes a copy mode, a print mode, a scanner mode, and a facsimile mode. As shown in FIG. 1, the image processing apparatus stores, in a cabinet 1, an image reading unit 2 that reads a document and inputs image data, an image forming unit 3 that processes and prints the image data, and image data. A storage unit 4, a communication unit 5 that communicates with an external device, an operation panel 6 for input operation, and a control unit 7 that controls the processing unit and executes image data processing according to the mode. Yes. The processing unit performs processing to output input image data, and includes the image forming unit 3, the storage unit 4, and the communication unit 5.

  As shown in FIG. 2, the image reading unit 2 is disposed above the cabinet 1 and includes a scanner unit 10 and an automatic document feeder 11. The automatic document feeder 11 is provided above the scanner unit 10 and automatically conveys a document in order to read image data of the document.

  A document table 12 made of platen glass is provided on the upper surface of the cabinet 1, and a document cover 13 that covers the document table 12 is provided. The automatic document feeder 11 is integrally mounted on the document cover 13. The document cover 13 can be freely opened and closed. When the document cover 13 is in a closed state, the document is conveyed by the automatic document conveyance unit 11. When the document cover 13 is open, the document can be placed on the document table 12. Opening / closing of the document cover 13 is detected by a cover opening / closing sensor. A document size detection sensor for detecting the size of the document placed on the document table 12 is also provided.

  When a document is set on the document set tray 15 of the automatic document feeder 11, the document detection sensor 16 detects that the document has been set. Then, on the operation panel 6, copy conditions such as the size of the sheet to be printed and the scaling ratio are input. Thereafter, reading of the image of the document is started by an input operation of the start key.

  In the automatic document feeder 11, each document on the document set tray 15 is pulled out one by one by the pickup roller 17. The document passes through between the separating plate 18 and the transport roller 19 and is sent to the document table 12. The document is transported in the sub-scanning direction on the document table 12 and discharged to the document discharge tray 20. The document discharge tray 20 is provided with a document discharge sensor to detect the presence or absence of a document on the document discharge tray 20.

  The scanner unit 10 includes a first reading unit 21 and a second reading unit 22. A reading area is formed on one side of the document table 12 and passes through the reading area when the document is conveyed on the document table 12. Below the reading area, the first scanning unit 23 of the first reading unit 21 is positioned, and the surface (lower side) of the document is read.

  When the document is transported to the document table 12 by the automatic document transport unit 11, the first scanning unit 23 is moved to the reading position and positioned, and the second scanning unit 24 is also positioned at a predetermined position. The surface of the document is irradiated from below the document table 12 by the exposure lamp of the first scanning unit 23. Reflected light from the document is guided to the imaging lens 25 by the respective reflection mirrors of the first and second scanning units 23 and 24. The reflected light of the document is condensed on the CCD 26 by the imaging lens 25. An image on the surface of the document is formed on the CCD 26. As a result, the image on the surface of the conveyed document is read.

  Further, the second reading unit 22 reads the back surface (upper side surface) of the document. The second reading unit 22 is disposed above the document table 12 and has an LED that irradiates the back side of the document, an exposure lamp array having a fluorescent lamp, a self-focal lens array that collects reflected light of the document for each pixel, and a cell. A contact image sensor (CIS) that photoelectrically converts reflected light from a document received through a fock lens array and outputs an analog image signal is provided. As a result, the image on the back side of the conveyed document is read.

  When a document is placed on the document table 12, the first reading unit 21 reads an image on the surface of the document. The first and second scanning units 23 and 24 move in the sub-scanning direction while maintaining a predetermined speed relationship with each other. The document on the document table 12 is exposed by the first scanning unit 23, and reflected light from the document is guided to the imaging lens 25 by the first and second scanning units 23 and 24. An image of the original is formed on the CCD 26 by the imaging lens 25.

  When the image on one or both sides of the document is read in this way, the image data on one or both sides of the document is input to the control unit 7. The control unit 7 includes an image data processing unit, and the image data processing unit performs various types of image processing on the image data. This image data is output to the image forming unit 3.

  The image forming unit 3 prints a color image or a monochrome image on the sheet based on the input image data. The image forming unit 3 includes a laser scanning unit 30, four image stations 31, an intermediate transfer belt unit 32, a fixing device 33, and a conveying device 34.

  Each image station 31 forms a color image corresponding to each color of black, cyan, magenta, and yellow. Each image station 31 includes a photosensitive drum 35, a developing device 36, a charging device 37, a cleaning device 38, and a charge eliminating device (not shown).

  The photosensitive drum 35 is rotationally driven in one direction, the cleaning device 38 cleans the residual toner on the surface of the photosensitive drum 35, and the neutralization device neutralizes the surface of the photosensitive drum 35. The charging device 37 uniformly charges the surface of the photosensitive drum 35.

  The laser scanning unit 30 modulates laser light based on image data input from an image reading unit or the like, and repeatedly scans the surface of the photosensitive drum 35 in the main scanning direction with this laser light, thereby generating an electrostatic latent image. It is formed on the surface of the photosensitive drum 35. The developing device 36 supplies toner to the surface of the photosensitive drum 35 to develop the electrostatic latent image, and forms a toner image on the surface of the photosensitive drum 35.

  The intermediate transfer belt unit 32 includes an intermediate transfer belt 40, an intermediate transfer roller 41, a transfer belt cleaning device 42, and a tension mechanism 43. The intermediate transfer belt 41 is disposed above each photosensitive drum 35, is wound around the driving roller 44 and the driven roller 45, and rotates in the direction of arrow B.

  The intermediate transfer roller 41 is disposed to face the photosensitive drum 35 with the intermediate transfer belt 40 interposed therebetween, and a transfer bias voltage is applied thereto. The toner image on the surface of the photosensitive drum 35 is transferred to the intermediate transfer belt 40 by applying a voltage having a polarity opposite to that of the toner by the intermediate transfer roller 41. The toner images of the respective colors are laminated on the intermediate transfer belt 40, and a combined multi-color toner image is formed.

  The transfer roller 41 is disposed in pressure contact with the intermediate transfer belt 40, and a voltage having a polarity opposite to that of the toner is applied. The toner image on the intermediate transfer belt 40 is transferred onto the sheet conveyed between the transfer roller 46 and the intermediate transfer belt 40 by the transfer roller 46. The toner remaining on the intermediate transfer belt 40 is removed by the transfer belt cleaning device 42.

  The toner image transferred to the sheet is heated and pressurized by the fixing device 33 and fixed on the sheet, and an image is formed on the sheet. The sheet on which the image is printed in this manner is discharged to a discharge tray 50 provided at the top of the cabinet 1.

  The transport device 34 transports the sheet from the sheet cassette 51 or the manual feed tray 52 along the transport path 53. The conveyance path 53 passes between the intermediate transfer belt 40 and the transfer roller 46, passes through the fixing device 33, and reaches the discharge tray 50.

  The transport device 34 includes a pickup roller 54, a transport roller 55, a registration roller 56, and a discharge roller 57. The sheets in the sheet cassette 51 or the manual feed tray 52 are sent one by one to the transport path 53, transported through the transport path 53, and discharged to the discharge tray 50. An image is printed on the sheet during conveyance of the sheet. In addition, a switchback conveyance path 58 is provided for duplex printing. The sheet after fixing passes through the switchback conveyance path 58 by the conveyance roller 55 and is conveyed between the intermediate transfer belt 40 and the transfer roller 46. The sheet printed on both sides passes through the fixing device 33 and is discharged to the discharge tray 50.

  The operation panel 6 is provided in the scanner unit 10 and includes an operation unit 60 and a display unit 61. The operation unit 60 includes various operation keys. The display unit 61 includes a liquid crystal display and is a touch panel. Touch keys are formed in the operation screen displayed on the display unit 61, and these also function as operation keys.

  The communication unit 5 includes a communication interface, and the communication interface is connected to a network such as a LAN or a WAN. A plurality of external devices are connected to the network. The external device is another image processing device, an information processing device such as a personal computer, or a server. The network is connected to the Internet from a router through a communication line such as a telephone line or an optical fiber. The communication unit 5 can communicate with an external device through a network using a predetermined communication protocol. The image processing apparatuses can also communicate with each other. Communication within the network may be wired or wireless. An image processing system is formed by these image processing devices and external devices.

  The communication unit 5 includes a modem device. A telephone line is connected to the modem device. The image processing apparatus can perform facsimile communication. Note that the image processing apparatus can also perform data communication by Internet facsimile through a network. Furthermore, the communication unit 5 includes a communication terminal and a communication card for wireless communication. The communication terminal is connected to a storage medium such as a USB memory or an IC card, and the communication unit 5 transmits / receives data to / from the storage medium. In addition, data is transmitted and received by wireless communication with a communication terminal such as a mobile phone or PDA through a communication card.

  The storage unit 4 includes a hard disk device. The storage unit 4 stores image data input from the image reading unit 2 or image data input from the communication unit 5. The input image data is temporarily stored in an image memory such as a DRAM, subjected to image processing and encryption processing, and then transferred from the image memory to the storage unit 4. Further, when image data is read from the storage unit 4, the image data is subjected to image processing and decoding processing and stored in an image memory. Thereafter, the image data is output to the outside by printing, data transmission, and facsimile communication according to the processing to be executed.

  The storage unit 4 includes a management table 62, and information necessary for operating the image processing apparatus such as control information, setting information, and user authentication information of the image processing apparatus is stored in the management table 62. When these pieces of information are created and changed, the information in the management table 62 is updated. The management table 62 may be provided in a non-volatile memory different from the storage unit 4.

  The control unit 7 includes a microcomputer having a CPU, a ROM, and a RAM. The CPU reads a control program stored in the ROM into the RAM and executes the control program. Each unit operates according to the control program. When image data is input, one of the print mode, copy mode, scanner mode, and facsimile mode is selected based on the processing conditions included in the input information from the operation unit 60 and the header information of the image data input from the external device. Mode is executed. In addition, the control program includes a browser and mail software, and the control unit 7 performs data communication with an external device or transmits / receives e-mail using a communication protocol such as TCP / IP protocol.

  The control unit 7 temporarily stores the input image data in the storage unit 4 when performing each mode. Further, the control unit 7 executes a filing mode in which the input image data is stored in the storage unit 4 and managed. The stored image data is re-output according to the instructed process.

  The output image data is erased from the storage unit 4 according to an instruction from the control unit 7. At the time of this erasure, the image data is invalidated so that it cannot be restored by overwriting the image data with random data. As described above, invalidation of image data is prevented by performing invalidation processing and further encryption processing.

  The image processing apparatus includes an authentication unit 70 that authenticates a user. When the user inputs authentication information such as a password or ID from the input keys of the operation unit 60 or the screen unit 61, the authentication unit 70 authenticates the user based on the input authentication information. The authentication unit 70 compares the input authentication information with the registered authentication information to confirm whether the user is a registered user. The user is authenticated by confirming that the user is a registered user. The authentication information is not limited to information directly input by the user, and may be authentication information read from a storage medium such as an IC card or biometric information such as a fingerprint. In this case, the image processing apparatus includes a communication interface such as a USB and a biological information reading device.

  Here, for example, if the authentication information is stolen by a third party, and the third party impersonates the user and inputs the authentication information, the control unit 7 permits the use of the image processing apparatus. Therefore, in the present invention, in order to determine again whether the input user is a true user or not, the determination to determine whether or not the input operation content matches the characteristics of the user's operation. A portion 80 is provided. The determination unit 80 is controlled by the control unit 7 and determines whether or not the user is a true user based on whether or not the input operation content matches the feature of the authenticated user operation.

  Note that the characteristics of the operation are specific to the user, such as the procedure for the user to input the operation content, the time to press the input key to input the operation content, the time to press the next input key, and the pressure to press the input key. This is an operation pattern. Since the user has a habit of repeating the same operation, the operation pattern is preferably a procedure for inputting operation content.

  As shown in FIG. 3, the storage unit 4 stores the input operation content as history information for each user. The determination unit 80 extracts a user operation pattern based on the stored history information, and stores the extracted operation pattern in the storage unit 4 as an operation feature. The history information may be stored in a nonvolatile memory such as a flash memory.

  Specifically, after user A selects copy as the process, “original set → magnification → density → number of copies → START”, “original set → magnification → START”, “original set → magnification → duplex → number of copies → When an operation content such as “START” or “original set → magnification → N_UP → number of sheets → START” is input, the operation content is stored in the storage unit 4 as history information. For example, when the input procedure of “original set → magnification → density → number of sheets → START” has been input a predetermined number of times, the determination unit 80 uses the input procedure of “original set → magnification → density → number of sheets → START” as an operation pattern. Extract. The operation pattern of the user A is stored in the storage unit 4 as “original set → magnification → density → number of sheets → START”. Other procedures are also extracted as operation patterns when they are input a predetermined number of times, and stored in the storage unit 4 as operation patterns.

  Further, the determination unit 80 extracts a minimum reference operation pattern from the stored history information. For example, when the user A selects copy as the process, “original set → magnification → density → number of sheets → START”, “original set → magnification → START”, “original set → magnification → double-sided → number of sheets → START”, or , “Document set → magnification → N_UP → number of sheets → START” is entered in the order of “document set → magnification →...”. Therefore, the determination unit 80 extracts “original set → magnification” as the minimum reference operation pattern. Then, the minimum reference operation pattern of the user A is stored in the storage unit 4 as “original set → magnification”. When data transmission is selected as the process, the control unit 7 extracts and stores “original set → transmission destination” as the minimum standard operation pattern. When the user B selects copy as the process, the control unit 7 extracts and stores “original set → density” as the minimum standard operation pattern.

  The determination unit 80 performs pattern matching to determine whether or not the input operation content matches the operation pattern, that is, whether the operation pattern completely matches, incompletely matches, or does not match. Note that “matching with an operation pattern” is a case where it is determined that pattern matching is complete or incompletely matched. The case where it does not match the operation pattern is a case where it is determined that there is a mismatch in pattern matching.

  For example, when the input operation content completely matches the operation pattern, the determination unit 80 permits the input process. Specifically, when the user A selects copy and inputs in the order of “original set → magnification → density → number of sheets → START”, the determination unit 80 determines the operation pattern from which the input operation content is extracted. It is determined that there is complete match, and the determination result is transmitted to the control unit 7.

  In the case of an incomplete match in which a part of the input operation content matches a part of the operation pattern, a part of the processing is restricted and permitted. Specifically, when the user A inputs copy in the order of “original set → magnification → number of sheets → density → START”, the determination unit 80 determines that the input operation content is the minimum reference operation pattern. It is confirmed that there is a match and the others do not match, and it is determined that the match is incomplete when only the lowest standard operation pattern is matched. The determination result is transmitted to the control unit.

  When the input operation content does not match the operation pattern and the minimum standard operation pattern, that is, when the operation pattern does not match the minimum standard operation pattern, the processing is prohibited. Specifically, when the user A inputs copy in the order of “original set → number of sheets → density → START”, the determination unit 80 determines that the input operation content does not match the operation pattern, The determination result is transmitted to the control unit 7.

  By the way, when used for the first time after user registration, since the history information is not stored in the storage unit 4, the determination unit 80 cannot perform pattern matching with the input operation content. Therefore, in the present embodiment, a reference operation pattern is stored in advance. Thereby, even if it is the first input, operation content and an operation pattern can be pattern-matched, and it can be determined whether it is a true user.

  Based on the result from the determination unit 80, the control unit 7 permits, partially restricts, or prohibits the process. Specifically, the control unit 7 permits the process when it is determined as a perfect match. If it is determined as an incomplete match, a part of the processing is limited. Specifically, the control unit 7 confirms the process to be restricted based on the determination result. The control unit 7 processes the input operation content based on the limited processing. If it is determined that there is a mismatch, processing is prohibited.

  When the processing is partially restricted or prohibited, the control unit 7 creates a job log with an image, for example, when copying a document, creates a log of the image of the document and the creation date and stores it in the storage unit 4. Thereby, since what has happened is stored, it is possible to investigate the image processing apparatus that has performed the process or the user who has performed the process.

  Further, a warning may be notified to the user via the display unit 61. In this case, the image processing apparatus includes a notification unit 90. The notification unit 90 instructs the display unit 61 to display a warning by the drive control of the control unit 7 based on the result of the determination unit 80. Alternatively, the communication unit 5 notifies the server, the external device, and the like that the third party is illegally using.

  Next, the operation will be described with reference to FIG. The user inputs a password as authentication information from the operation unit 60 (S1). The control unit 7 confirms the password that is the input authentication information (S1). When the password does not match the authentication information stored in the storage unit 4 (S2), the control unit 7 displays a message prompting re-input. If authentication is not possible even after a predetermined number of inputs, a warning message is displayed on the display unit 61.

  When the user can be authenticated, the history information of the authenticated user is read from the storage unit 4 (S3). The user inputs the operation content (S4). At that time, the control unit 7 stores the input procedure in a volatile memory such as a RAM.

  Each time the operation content is input, the determination unit 80 performs pattern matching to determine whether or not the procedure completely matches the operation pattern (S5). If the input operation content completely matches the operation pattern, the process is executed (S13). Thereafter, it is confirmed whether or not there is an input (S12).

  On the other hand, when the input operation content does not completely match the operation pattern, the determination unit 80 confirms whether or not the operation content matches the lowest reference operation pattern, that is, incompletely matches (S6). If the operation pattern does not match the minimum reference operation pattern, the determination unit 80 determines that the operation pattern does not match, and transmits the determination result to the control unit 7. The control unit 7 prohibits processing based on the result of the determination unit 7. And the alerting | reporting part 90 is drive-controlled so that a warning may be displayed on the display part 61. FIG. In addition, the notification unit 90 is controlled so as to notify a server or an external device. Then, the process ends.

  If the operation pattern matches the minimum reference operation pattern, the determination unit 80 determines that the operation pattern is incomplete and transmits the determination result to the control unit 7. The control part 7 restrict | limits a part of process based on the result of the determination part 7 (S7). At this time, the control unit 7 drives and controls the notification unit 90 so that a message indicating that a part of the processing is restricted is displayed on the display unit 61 (S8).

  The control unit 7 checks whether or not the subsequent processing is possible by limiting a part of the processing (S9). In the case where the processing is impossible, for example, when the input operation content is data transmission and the restriction is forbidden to use the communication unit 5, the input operation content cannot be executed. 7 stops processing. And the alerting | reporting part 90 is drive-controlled so that it cannot display on the display part 61. In addition, the notification unit 90 is driven and controlled so as to notify the server or external device.

  On the other hand, if the subsequent process is possible, a part of the process is performed (S11). For example, when copying an original, the original image is thinned out and copied. Or when copying in color, copy in black and white. After the processing is completed, it is confirmed whether there is an input (S12).

  As described above, by specifying the user from the operation pattern unique to the user, even if a third party steals the authentication information, the characteristics of the operation cannot be imitated. As a result, unauthorized use due to impersonation can be prevented.

  In addition, this invention is not limited to the said embodiment, Of course, many corrections and changes can be added to the said embodiment within the scope of the present invention. In the present invention, when the same operation content is input a predetermined number of times, it is extracted and stored as a user operation pattern. However, every time the image processing apparatus is used, the operation content is recorded as an operation pattern. Also good. In addition, an operation pattern may be set in advance. In this case, since the capacity of the storage unit that stores the operation pattern can be reduced, the cost can be reduced.

  The determination unit may not provide an incomplete match, and may not allow an operation unless it completely matches the operation pattern. That is, the pattern matching determination is only complete match or mismatch. In this case, since the input operation content does not coincide with the minimum standard operation pattern, security is improved.

  As a countermeasure when the processing is restricted, the fingerprint of the person who inputs the operation may be stored. For example, a fingerprint sensor is provided on the START key. As a result, the fingerprint is collected at the same time as the START key is input. When it is determined by the determination unit that the match is incomplete, the fingerprint is stored together with the job log. As a result, it is possible to track the unauthorized use.

Control block diagram of image processing apparatus The figure which shows the schematic whole structure of an image processing apparatus The figure which shows an example of the operation pattern memorize | stored for every user Flow chart of authentication operation

Explanation of symbols

2 image reading unit 3 image forming unit 4 storage unit 5 communication unit 6 operation panel 7 control unit 70 authentication unit 80 determination unit 90 notification unit

Claims (9)

When a storage unit that stores user operation characteristics, a determination unit that determines whether or not the input operation content matches the operation characteristic, and the operation content matches the operation characteristic An image processing apparatus comprising: a control unit that permits processing and restricts processing when it does not match. The storage unit stores the operation content as history information every time it is used,
The image processing apparatus according to claim 1, wherein the control unit extracts a user operation pattern based on the history information, and the extracted operation pattern is an operation feature. The image processing apparatus according to claim 2, wherein the determination unit determines the input operation pattern and operation characteristics by pattern matching. The image processing apparatus according to claim 3, wherein when a part of the input operation pattern matches an operation feature, the determination unit determines that the operation feature matches the operation feature. The image processing apparatus according to claim 4, wherein the control unit executes the process while limiting a part of the process. It has a communication unit that performs data communication with external devices,
The image processing apparatus according to claim 1, wherein when the input operation content does not match the feature, the control unit restricts use of the communication unit. The image processing apparatus according to claim 1, wherein when the input operation content does not match the feature, the control unit creates a job log with an image. The image processing apparatus according to claim 1, further comprising: a notification unit that displays a warning when the input operation content does not match the feature. The image processing apparatus according to claim 1, further comprising a notifying unit that notifies an external device when the input operation content does not match the feature.

Images