JP2008238585A - Printing system and job management method - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide a new framework which enables each user to individually set authentication procedures without the medium of a manager etc. in authentication printing. <P>SOLUTION: This printing system comprises: a means for receiving setting information (authentication procedures) to be referred when authentication print processing is executed as print job-associated information on the basis of a print job, from a user's terminal, so as to store the setting information in a memory; a reading means for reading out the corresponding authentication procedures from the memory, in terms of the print job stored in a job retaining device; a means for acquiring ID information on a user desiring printing; a means for determining whether or not the user desiring the printing has printing execution authority, on the basis of the read authentication procedures and the acquired ID information, in terms of the print job (authentication procedure reading job) in which the authentication procedures are read out by the reading means; and a means for performing control so that print processing can be executed by a printer, in terms of the authentication procedure reading job in which it is determined that the user desiring the printing has the printing execution authority. <P>COPYRIGHT: (C)2009,JPO&INPIT

Description

  The present invention relates to authenticated printing that executes printing on the condition that authentication has been performed.

2. Description of the Related Art Conventionally, there is known an authentication printing system that prevents information leakage by permitting printing only to a person who has been authenticated using an authentication device. For example, in Patent Document 1, when printing a confidential document, image data developed based on the print data is stored in the printing apparatus instead of immediately printing according to a print instruction. A configuration is disclosed in which printing is executed based on the image data on condition that user authentication is performed. Patent Document 2 discloses a configuration in which print data for authentication printing is stored in a server, and corresponding authentication data is transmitted to the printer when authentication information is transmitted from the printer.
Japanese Patent No. 3034160 JP 2004-118232 A

  Office sharing is the sharing of multiple offices by multiple companies for the purpose of reducing the burden of equipment costs and rent. When a printing apparatus such as a printer is shared in such an office sharing environment, it is considered that there is a higher risk of information leakage from the printed matter. Therefore, it is desirable to construct an authentication printing system.

  Here, when an authentication printing system is constructed in an office sharing environment, the authentication printing system itself is managed by an administrator on the office providing side, so that setting information (used) when executing authentication processing is used. It is necessary to disclose an authentication device or printing device, ID information extraction rule from an ID card, etc. (hereinafter referred to as “authentication procedure information”) to an administrator etc. and have the authentication printing server set it. .

  However, since the authentication procedure information is highly confidential information related to whether or not the authentication printing can be executed, there are not a few users who feel resistance to disclosure to an outside manager or the like. On the other hand, for administrators etc., regardless of whether the user is in-house or outside the company, such highly confidential authentication procedure information must be managed and set for each user and maintained, The burden is heavy.

  Furthermore, since there are cases where the security level required for printed materials differs for each user even in a normal office environment, each user can perform an authentication procedure individually for authentication printing without using an administrator or the like according to the required security level. If information can be set, it is considered that user convenience is greatly improved.

  Accordingly, an object of the present invention is to provide a new framework in which each user can individually set authentication procedure information without using an administrator or the like in authentication printing.

  A control apparatus according to the present invention includes a user terminal that creates a print job, a print job holding device that stores the created print job, and a printing system that includes a printing device that executes print processing based on the stored print job. A control device for receiving setting information (authentication procedure information) to be referred to when executing an authentication print process based on the print job as information associated with the print job from the user terminal; Authentication procedure management means stored in the print job storage device, authentication procedure read means for reading out the corresponding authentication procedure information from the memory for the print job stored in the print job holding device, and using the authentication device, An ID acquisition means for acquiring ID information, and a print job (authentication procedure) from which the authentication procedure information has been read out by the authentication procedure reading means; Read-out job) based on the read-out authentication procedure information and the acquired ID information, adaptive type authentication means for determining whether the print-execution-desiring user has print execution authority, and the print-execution-desiring user A print permission control unit configured to perform control so that a printing process is executed by the printing apparatus for an authentication procedure read job determined to have print execution authority;

  According to such a configuration, the user can set the authentication procedure information without going through the administrator or the like by specifying the authentication procedure information in association with the print job, so it is necessary to disclose the authentication procedure information to the administrator or the like. Absent. As a result, it is possible to reduce the burden on the administrator and the like related to the setting and management of authentication procedure information.

  In addition, authentication procedure information can be specified individually for each print job according to the security level considered necessary by the user, such as specifying more secure authentication procedure information for important print jobs. It is possible to realize a flexible authentication printing framework that is highly convenient for the user regarding the procedure setting.

  Preferably, the authentication procedure management means receives the print job authentication procedure information by receiving a print job including the authentication procedure information from the user terminal.

  Further preferably, the authentication procedure information includes designation information of an ID information extraction rule, and the ID acquisition means is read out via an authentication device in accordance with the ID information extraction rule specified in the read authentication procedure information. ID information is extracted from medium recording information.

  Preferably, the authentication procedure information includes authentication device designation information, and the adaptive authentication means confirms that the used authentication device matches the authentication device designated in the read authentication procedure information. As at least a condition, it is determined that the user who wants to execute printing has the authority to execute printing based on the authentication procedure reading job.

  Preferably, the authentication procedure information includes designation information for post-authentication processing, and the adaptive authentication means determines whether or not the print execution-requesting user has print execution authority, and then reads the read authentication. A post-authentication process specified in the procedure information is executed.

  Further preferably, the print permission control unit is configured to execute a print permission condition set by an administrator of the print system or the like for an authentication procedure read job that is determined by the user who desires print execution to have print execution authority. The printing apparatus is controlled to execute a printing process. The print permission condition is, for example, a condition that the user who wants to execute printing is located in a predetermined area designated by an administrator or the like.

  According to such a configuration, when it is not always possible to sufficiently confirm the presence or absence of the print execution authority only by the determination based on the authentication procedure information specified by the user (for example, the authentication procedure information is specified so that the user always erroneously establishes “authentication”). Even in the case of having been performed, a secure authentication printing environment can be ensured according to the print permission conditions set by the administrator or the like.

  The printing system of the present invention is a printing system comprising: a print job holding device that stores a print job created in a user terminal; and a printing device that executes print processing based on the stored print job, Authentication procedure management means for accepting setting information (authentication procedure information) to be referred to when executing an authentication print process based on the print job as information associated with the print job from the user terminal, and storing it in a memory; An authentication procedure reading unit that reads out corresponding authentication procedure information from the memory for a print job stored in the print job holding device; an ID acquisition unit that acquires ID information of a user who wants to execute printing using an authentication device; For a print job (authentication procedure read job) from which authentication procedure information has been read by the authentication procedure reading means, Based on the issued authentication procedure information and the acquired ID information, an adaptive authentication means for determining whether or not the user who desires print execution has print execution authority, and an authentication procedure when it is determined that the user has print execution authority Printing permission control means for controlling the printing apparatus to execute a printing process based on a read job.

  A control method according to the present invention includes a user terminal that creates a print job, a print job holding device that stores the created print job, and a printing system that includes a printing device that executes print processing based on the stored print job. A setting method (authentication procedure information) to be referred to when executing an authentication print process based on the print job as information associated with the print job from the user terminal; The authentication procedure reading step for reading out the corresponding authentication procedure information from the memory for the print job stored in the print job holding device, and the ID information of the user who wants to execute the printing using the authentication device. And a print job (authentication procedure read job) from which the authentication procedure information has been read by the authentication procedure read step. Determining whether the user who wants to execute printing has the authority to execute printing based on the read authentication procedure information and the acquired ID information; and determining that the user who wants to execute printing has the authority to execute printing A step of controlling the printing apparatus to execute a printing process for the authentication procedure read job.

  The control method of the present invention can be implemented by a general information processing apparatus, and a program therefor can be installed or loaded through various media such as a CD-ROM, a magnetic disk, a semiconductor memory, and a communication network. it can.

  In the present invention, the term “means” does not simply mean a physical means, but includes a case where the functions of the means are realized by software. Also, the functions of one means or device may be realized by two or more physical means or devices, or the functions of two or more means or devices may be realized by one physical means or device.

  In the present invention, storing A and B in association with each other means storing at least one of A or B so that the other can be searched or extracted, and A and B are directly stored. In addition to the mode of storing in association with each other, the mode of storing A and C in an indirect association by storing A and C in association with each other and storing C and B in association with each other is also included. . Further, in the case of a configuration in which A, B, and C are stored in association with each other (that is, in which three or more elements are stored in association with each other), for example, B is associated with C and A and B are associated with each other. And a mode of memorizing.

  Further, in the present invention, accepting X includes not only receiving X directly but also receiving X indirectly by receiving Y including X.

  As described above, according to the present invention, it is possible to provide a new framework in which each user can individually set authentication procedure information without using an administrator or the like in authentication printing.

  FIG. 1 is a block diagram showing a schematic configuration of an authentication printing system 1 according to an embodiment of the present invention.

  As shown in FIG. 1, the authenticated printing system 1 executes a printing process based on a user terminal 10 that creates a print job, an authenticated print server 20 that holds the created print job, and the stored print job. It includes authentication devices 100A-B connected to the printer devices 30A-B via the device connection interfaces such as the printer devices 30A-B and USB.

  The user terminal 10, the authentication print server 20, and the printer devices 30A to 30B are configured to be able to communicate with each other via a communication network. The communication network may be any of a LAN, the Internet, a dedicated line, a packet communication network, a combination thereof, and the like, and may include both wired and wireless.

  In FIG. 1, one user terminal 10 and one authentication print server 20 and two printer devices 30 are shown. However, the authentication print system 1 has a different number from that shown in FIG. 1 according to the design. May be configured.

  Hereinafter, the configuration of each apparatus will be described. If there is no need to distinguish between the printer devices 30A and 30B, they are collectively referred to as the printer device 30, and the same applies to the authentication devices 100A and 100B.

  The user terminal 10 includes hardware such as a CPU (processor), ROM, RAM, user interface, communication interface, and HDD (see FIG. 2A).

  The user terminal 10 has the same function as an information processing apparatus such as a normal personal computer. For example, the user terminal 10 includes an input / output unit 11 that inputs / outputs various information via a user interface, a communication unit 12 that transmits / receives various data to / from other devices via a communication interface, and a printer device 30. Includes a printer driver unit 13 that creates a print job in a print processable format and transmits it to the authentication print server 20 (see FIG. 2B).

  However, the user terminal 10 of the present embodiment supports adaptive authentication printing that performs authentication based on the authentication procedure information specified by the user. For this purpose, the authentication procedure reception means 14 that receives the specification of authentication procedure information from the user. It has. The printer driver unit 13 is configured to create a print job so as to include authentication procedure information designated by the user.

  Each of these means is functionally realized by the CPU executing a program stored in the ROM, RAM, HDD, external storage medium or the like in the user terminal 10.

  The authentication print server 20 includes hardware such as a CPU (processor), ROM, RAM, user interface, communication interface, and HDD (see FIG. 3A).

  The authenticated print server 20 receives the same function as that of a normal print job holding device (print server), for example, a print job from the user terminal 10, and associates the received print job with a job ID to print job storage means 21. The job management means 22 stored in the job list and the job list request received from the printer apparatus 30, a list of corresponding print jobs is created and transmitted to the printer apparatus 30. The job request received from the printer apparatus 30. And a job providing unit 24 for transmitting a corresponding print job to the printer 30 (see FIG. 3B).

  However, the job management unit 22 of the present embodiment is compatible with adaptive authentication printing, and therefore has a function as an authentication procedure management unit. In other words, the job management unit 22 receives the print procedure including the authentication procedure information, receives the authentication procedure information, and stores it in the print job storage unit 21 in association with the job ID.

  Further, the authentication print server 20 includes the following units in order to support adaptive authentication printing. That is, for a print job stored in the print job storage unit 21, an authentication procedure reading unit 25 that reads out corresponding authentication procedure information, an ID acquisition unit 26 that acquires ID information of a user who desires to execute printing, and an authentication procedure reading unit 25. Whether the user who wishes to execute printing has the print execution authority based on the read authentication procedure information and the acquired ID information, for the print job from which the authentication procedure information has been read out (hereinafter referred to as “authentication procedure read job”) An adaptive authentication unit 27 that determines whether or not the print job is determined to be executed by the printer device 30 for a print job that is determined to be authorized by the user who wants to execute the print. (See FIG. 3B).

  Each of these means is functionally realized by the CPU executing a program stored in the ROM or RAM in the authentication print server 20, an external storage medium, or the like.

  The printer device 30 has the same configuration as a normal printer device (see FIG. 4A).

  For example, the printer device 30 includes a power supply mechanism that includes a paper feed mechanism that supplies paper into the printer device, a print engine that performs printing, and a paper discharge mechanism that discharges paper outside the printer. A print engine is usually configured to include a paper feed mechanism, a carriage mechanism, a print head, and the like. A serial printer that prints in units of characters, such as an inkjet printer or a thermal transfer printer, a line printer that prints in units of lines, and a page unit. Various print engines corresponding to a page printer or the like for printing can be used.

  Further, for example, the printer device 30 includes an information processing unit including a user interface such as a CPU, a ROM, a RAM, a communication interface, and a console panel.

  In principle, the information processing unit of the printer device 30 has the same function as the information processing unit of the conventional printer device. For example, the receiving unit 31 that receives a print job analyzes the print job, generates a raster-format print image for one band or one page, stores it in an image buffer, and prints a predetermined unit (for example, one pass). The printer includes a print control unit 32 that transfers an image from the image buffer to the print engine, and executes printing while controlling the print engine.

  Further, the function means as the authentication printing apparatus, for example, the record information reading means 33 for reading the information recorded using the authentication device 100 from the recording medium such as the ID card of the user who wants to execute printing, and the authentication print server 20 A job list requesting unit 34 for requesting a list of print jobs corresponding to the read recording information, a job requesting unit 35 for requesting a print job registered in the job list to the authentication print server 20, and the like. (See FIG. 4 (b)). As long as ID information (user name, user ID, employee number, etc.) is stored, the ID card can be freely selected from existing modes such as an IC card and a magnetic card according to the reading method of the authentication device 100. be able to.

  Each of these means is functionally realized by the CPU executing a program stored in the ROM or RAM in the printer device 30, an external storage medium, or the like.

  The authentication device 100 can employ various reading-type authentication devices such as an IC card reader, a magnetic card reader, and a barcode reader depending on the design. However, it is assumed that the reading method is different between the authentication devices 100A and 100B.

  The adaptive authentication printing framework in the authentication printing system 1 will be described below with reference to the flowcharts shown in FIGS. In addition, in this specification, each process shown in a flowchart etc. (including a partial process to which no reference numeral is assigned) is arbitrarily changed or executed in parallel within a range that does not contradict the processing contents. Can do.

(Print job storage process: FIG. 5)
When the user who wishes to execute printing instructs the user terminal 10 to create a print job, the following print job accumulation process is executed.

  First, the authentication procedure reception means 14 displays an authentication procedure reception screen on the display (S100), and waits for the user to specify authentication procedure information (S101).

  FIG. 9A schematically shows an example of an authentication procedure acceptance screen. In this example, an input field and a check box are provided for each authentication procedure information that can be specified, and the user can specify authentication procedure information by inputting or checking a desired value in the input field or the like. .

  Here, the authentication procedure information that can be specified can be determined according to the design, but in this embodiment, the authentication device used for the authentication processing, the ID information extraction rule, and the post-authentication processing performed after the determination of the authentication success / failure, It can be specified as authentication procedure information.

  For the authentication device, for example, it is conceivable to specify the reading method of the authentication device. In the example shown in the figure, the reading method “IC card reader” of the authentication device 100 is designated.

  In addition, regarding the ID information extraction rule, for example, it is conceivable to specify which information is extracted as ID information from recorded information read from an ID card or the like. In this embodiment, it is assumed that the extraction start position X1 and the extraction end position X2 can be specified for the record information, and the binary data from the X1th to the X2th of the record information is extracted as the character code constituting the ID information. adopt. In the example shown in the figure, X1 = 10 and X2 = 20 are designated, and this is the character code that constitutes the ID information of binary data from the 10th byte to the 20th byte of the recording information read from the ID card or the like. Is specified to be extracted.

  Regarding post-authentication processing, for example, it is conceivable to specify processing for recording a result of authentication success / failure in a log, processing for sending an email to an authenticated user when authentication is successful, and the like. In the example shown in the figure, both the log recording process and the mail transmission process are designated as post-authentication processes.

  When the designation of the authentication procedure information is received from the user (S101: Yes), the printer driver unit 13 creates a print job so as to include the authentication procedure information designated by the user (S102).

  The print job can be created in a format that can be interpreted by the printer device 30 as in the past. The format of the print job can be determined according to the design, and includes, for example, information such as a job ID, output destination printer model information, job creation user ID information, authority user ID information, document name, and print setting information. be able to. The authorized user may be different from the job creation user, and a plurality of authorized users may be designated by one authenticated print job.

  For example, the authentication procedure information may be stored in a print job header. As a storage method, for example, it is conceivable to store the authentication procedure information as a data structure in a table format as shown in FIG.

  Next, the printer driver unit 13 outputs the created print job to the authentication print server 20 (S103).

  When the job management unit 22 of the authentication print server 20 receives a print job from the user terminal 10 (printer driver unit 13), the job management unit 22 extracts the authority user ID information, authentication procedure information, and the like from the print job, and prints them out. Is stored in the print job storage means 21 (S104).

  FIG. 11 shows an example of the data structure of the print job storage unit 21. In this example, the print job storage unit 21 includes a print job management table (FIG. 11A), an authentication procedure management table (FIG. 11B), and the like. The print job information table stores job IDs, authorized user ID information, authentication procedure information IDs, print job storage location addresses, and the like in association with each other. The authentication procedure information table stores authentication procedure information IDs, authentication procedures. Information is stored in association with each other.

(Authentication printing process: FIGS. 6 to 8)
When the printer device 30 receives an authentication print execution instruction from a user who wishes to execute printing, the following authentication print processing is executed.

  First, the record information reading means 33 of the printer device 30 reads card record information from the ID card of the user who wishes to execute printing via the authentication device 100 (S200).

  Next, the job list request unit 34 issues a job list request so as to include the reading method information of the authentication device 100 (authentication device used for authentication printing) connected to the own apparatus 30 and the read card recording information. It is created and transmitted to the authentication print server 20 (S201).

  When receiving the job list request from the printer device 30, the adaptive authentication unit 27 of the authentication print server 20 initializes the job list to an empty list (S202). If no print job is stored in the print job storage unit 21 (S203: No), the process proceeds to S216.

  On the other hand, when a print job is stored (S203: Yes), the adaptive authentication unit 27 sequentially selects the stored print jobs (S204).

  Next, the authentication procedure reading unit 25 reads the authentication procedure information corresponding to the selected print job with reference to the print job storage unit 21 (S205). Hereinafter, the selected print job from which the authentication procedure information has been read is referred to as “authentication procedure read job”.

  Next, the adaptive authentication means 27 extracts the reading method information of the authentication device 100 from the received job list request and determines whether or not it matches with the reading method of the authentication device specified in the read authentication procedure information. Is determined (S206).

  If the read reading method information is the device name or the like of the authentication device 100, the reading method of the authentication device 100 is specified from the device name or the like with reference to the device database or the like, and matches the specified reading method. Or not.

  If they do not match, the adaptive authentication means 27 determines that the authentication procedure read job has not been authenticated, that is, the authentication procedure read job is not a print job whose authority is the user who wants to execute printing (S207), and proceeds to step S215. Transition.

  On the other hand, in the case of matching, the adaptive authentication means 27 extracts card record information from the received job list request, and from the extracted card record information according to the ID information extraction rule specified in the read authentication procedure information. ID information of the user who wishes to execute printing is acquired (S208).

  For example, the extracted card record information is binary data corresponding to 20 character codes “aet38: 4iuw3: 85wmf: 019gw”, and the ID information extraction rule specified in the read authentication procedure information is X1 = 10. When X2 = 20 (10th to 20th ID information is used), “85 wmf: 019 gw” is acquired as the ID information of the user who wants to execute printing.

  Next, the adaptive authentication unit 27 refers to the print job storage unit 21, reads the authority user ID information corresponding to the authentication procedure read job, and reads the authority user ID information thus read and the acquired print execution desired user. It is determined whether or not the ID information matches (S209).

  When the ID information acquired from the card recording information and the ID information associated with the authenticated print job in the print job storage unit 21 are different types (for example, the print job storage unit 21 assigns the authenticated print job to the authorized user). If the ID information obtained from the card record information is the employee number of the authorized user), the adaptive authentication means 27 associates different types of ID information corresponding to the same user in advance. Whether the authority user of the authentication procedure read job matches the user who wants to execute printing by referring to the table or inquiring the LDAP server (directory server that provides the LDAP authentication service) that manages such correspondence It may be determined whether or not.

  If they do not match, the adaptive authentication unit 27 determines that the authentication is not successful for the authentication procedure reading job, that is, the authentication procedure reading job is not a print job whose authority user is the print execution desired user ( S210).

  In this case, the adaptive authentication means 27 executes post-authentication processing specified in the read authentication procedure information (S211). For example, in the read authentication procedure information, when post-authentication processing is designated as shown in FIG. 9A, the adaptive authentication means 27 associates it with the acquired ID information of the user who wants to execute printing. A process for recording an authentication result indicating failure of authentication in a log is executed.

  Thereafter, the process proceeds to step S215.

  On the other hand, if they match, the adaptive authentication means 27 determines that authentication has been established for the authentication procedure read job, that is, the authentication procedure read job corresponds to a print job having the user who wants to execute printing as an authorized user (S212).

  In this case, the print permission / inhibition control means 28 adds the job ID of the authentication procedure read job to the job list so that the print processing is executed by the request source printer device 30 based on the authentication procedure read job (S213).

  Further, the adaptive authentication means 27 executes post-authentication processing specified in the read authentication procedure information (S214). For example, when post-authentication processing is specified in the read authentication procedure information as shown in FIG. 9A, the adaptive authentication means 27 performs authentication in association with the acquired ID information of the user who wants to execute printing. A process of recording an authentication result indicating establishment in a log is executed. Further, the mail address of the user who desires printing execution is specified based on the acquired ID information of the user who desires printing execution with reference to the user management table and the like, and a mail indicating that authentication is established is transmitted.

  Next, the adaptive authentication unit 27 determines whether or not there is an unselected print job (S215). If it is determined that there is, the process returns to S204.

  On the other hand, if it is determined in S203 that no print job is stored, or if it is determined in S215 that there is no unselected print job, the adaptive authentication unit 27 transmits the job list to the requesting printer device 30. (S216).

  When the job request unit 35 of the printer device 30 receives the job list from the authentication print server 20, the job request unit 35 determines whether the job list is an empty list (S217).

  If it is an empty list, the job request unit 35 displays a message such as “no print job corresponding to the input ID information” on the console panel (S218), and ends the authentication printing process.

  On the other hand, if the received job list is not an empty list, the job request unit 35 sequentially selects job IDs registered in the job list (S219), and creates a job request so as to include the selected job ID. Is transmitted to the authentication print server 20 (S220).

  When the job providing unit 24 of the authentication print server 20 receives a job request from the printer device 30, the job providing unit 24 extracts a job ID from the job request, and reads a print job corresponding to the extracted job ID from the print job storage unit 21. Is transmitted to the request source printer apparatus 30 (S221).

  The print job that has been transmitted to the printer device 30 is printed at a predetermined timing (for example, when a print completion notification is received from the printer device 30 or after a certain period of time has elapsed after the transmission is completed). It is desirable to delete from. However, the authentication procedure information may be configured so that it can be specified that the print job is deleted or left without being deleted.

  When the receiving unit 31 of the printer device 30 receives a print job from the authentication print server 20 (S222), the print control unit 32 executes a printing process based on the print job (S223) as in the conventional case.

  That is, a print job is analyzed, a raster-format print image for one band or one page is generated and stored in an image buffer, and a predetermined unit (for example, one pass) based on a control command in the authentication print job The print image is transferred from the image buffer to the print engine, and printing is executed while controlling the print engine.

  When the print processing is completed for the received print job, and there is an unselected job ID in the job list (S224: Yes), the process returns to S219. On the other hand, if there is no unselected job ID (S224: No), the authentication printing process ends.

  As described above, in this embodiment, the user terminal 10 creates a print job so as to include the authentication procedure information designated by the user, and the authentication print server 20 executes the print job based on the authentication procedure information included in the print job. Is a print job corresponding to the user who wishes to execute printing.

  According to such a configuration, the user can set the authentication procedure information without going through the administrator or the like by specifying the authentication procedure information in association with the print job, so it is necessary to disclose the authentication procedure information to the administrator or the like. Absent. As a result, it is possible to reduce the burden on the administrator and the like related to the setting and management of authentication procedure information.

  In addition, authentication procedure information can be specified individually for each print job according to the security level considered necessary by the user, such as specifying more secure authentication procedure information for important print jobs. It is possible to realize a flexible authentication printing framework that is highly convenient for the user regarding the procedure setting.

(Modification)
In this modification, assuming that the user's ID card is an IC card of a type that requires read key information when reading card record information, the read key information can also be specified as authentication procedure information. Constitute.

  Specifically, the authentication procedure accepting unit 14 is configured to display an authentication procedure accepting screen as shown in FIG. 9B on the display and accept designation of read key information from the user.

  Further, the authentication printing process is modified as shown in the flowcharts of FIGS.

  That is, when the printer device 30 receives an authentication print execution instruction from a user who wishes to execute print, the following authentication print processing is executed.

  First, the recorded information reading means 33 of the printer device 30 creates a read key request so as to include the reading method information of the authentication device connected to the own device, and transmits it to the authentication print server 20 (S300).

  When receiving the read key request from the printer device 30, the adaptive authentication unit 27 of the authentication print server 20 initializes the job list to an empty list (S301). If no print job is stored in the print job storage unit 21 (S302: No), the process proceeds to S318.

  On the other hand, when a print job is stored (S302: Yes), the adaptive authentication unit 27 sequentially selects the stored print jobs (S303).

  Next, the authentication procedure reading unit 25 refers to the print job storage unit 21 and reads authentication procedure information corresponding to the selected print job (S304). Hereinafter, the selected print job from which the authentication procedure information has been read is referred to as an “authentication procedure read job” as in the above embodiment.

  Next, the adaptive authentication means 27 extracts the reading method information of the authentication device 100 from the received read key request and determines whether or not it matches the reading method of the authentication device specified in the read authentication procedure information. Is determined (S305).

  If they do not match, the adaptive authentication means 27 determines that the authentication procedure read job has not been authenticated, that is, the authentication procedure read job is not a print job whose authority is the user who wants to execute printing (S306), and proceeds to step S317. Transition.

  On the other hand, if they match, the adaptive authentication unit 27 reads the read key information corresponding to the authentication procedure read job with reference to the print job storage unit 21 and transmits it to the request source printer device 30 (S307).

  When the record information reading means 33 of the printer device 30 receives the read key information from the authentication print server 20, the record information reading means 33 receives the card record from the IC card of the user who wishes to execute printing via the authentication device 100 based on the received read key information. Information is read out (S308).

  Next, the record information reading means 33 transmits the read card record information to the authentication print server 20 (S309).

  When the authentication authentication server 27 of the authentication print server 20 receives the card record information, the ID information of the user who wants to execute printing is received from the received card record information according to the ID information extraction rule specified in the read authentication procedure information. Is acquired (S310).

  Next, the adaptive authentication unit 27 refers to the print job storage unit 21, reads the authority user ID information corresponding to the authentication procedure read job, and reads the authority user ID information thus read and the acquired print execution desired user. It is determined whether or not the ID information matches (S311).

  If they do not coincide with each other, the adaptive authentication means 27 determines that the authentication procedure read job is not authenticated, that is, the authentication procedure read job is not a print job whose authority is the user who wants to execute printing (S312).

  In this case, the adaptive authentication means 27 executes post-authentication processing specified in the read authentication procedure information (S313), and then proceeds to step S317.

  On the other hand, if they match, the adaptive authentication means 27 determines that authentication has been established for the authentication procedure read job, that is, the authentication procedure read job corresponds to a print job whose authority user is the print execution desired user (S314).

  In this case, the print permission / inhibition control means 28 adds the job ID of the authentication procedure read job to the job list so that the printing process is executed by the request source printer device 30 based on the authentication procedure read job (S315).

  Further, the adaptive authentication means 27 executes a post-authentication process specified in the read authentication procedure information (S316).

  Next, the adaptive authentication unit 27 determines whether or not there is an unselected print job (S317), and if it is determined that there is, it returns to S303.

  On the other hand, if it is determined in S302 that no print job is stored, or if it is determined in S317 that there is no unselected print job, the adaptive authentication unit 27 transmits the job list to the requesting printer apparatus 30. (S318).

  When the job request unit 35 of the printer apparatus 30 receives the job list from the authentication print server 20, the job request unit 35 determines whether the job list is an empty list (S319).

  If it is an empty list, the job request unit 35 displays a message such as “no print job corresponding to the input ID information” on the console panel (S320), and ends the authentication print processing.

  On the other hand, if the received job list is not an empty list, the job request unit 35 sequentially selects job IDs registered in the job list (S321), and creates a job request so as to include the selected job ID. Is transmitted to the authentication print server 20 (S322).

  When the job providing unit 24 of the authentication print server 20 receives a job request from the printer device 30, the job providing unit 24 extracts a job ID from the job request, and reads a print job corresponding to the extracted job ID from the print job storage unit 21. Then, it is transmitted to the request source printer device 30 (S323).

  When the receiving unit 31 of the printer device 30 receives a print job from the authenticated print server 20 (S324), the print control unit 32 executes a print process based on the authenticated print job (S325), as in the past.

  When the print processing is completed for the received print job, and there is an unselected job ID in the job list (S326: Yes), the process returns to S321. On the other hand, if there is no unselected job ID (S326: No), the authentication printing process ends.

(Other variations)
The present invention can be applied with various modifications without being limited to the above-described embodiments and modifications. For example, in the above-described embodiment, an authentication printing system including a printer device as a printing apparatus has been described. However, the present invention is also applicable to an authentication printing system including a printing apparatus such as a copying machine, a facsimile machine, or a multifunction machine. .

  In the above embodiment, the user terminal 10, the authentication print server 20, and the printer device 30 are described as separate units. However, some or all of the functions of other devices (devices other than the above 10 to 30) are described. May be provided).

  For example, in the above-described embodiment, the authentication print server 20 uses the main means (authentication procedure management means, authentication procedure reading means 25, ID acquisition means 26, adaptive authentication means 27, printing necessary for adaptive authentication printing based on the present invention. Although the availability control means 28) is provided, it is also conceivable that some or all of these means are provided in other servers. For example, the printer device 30 may include the print job storage unit 21.

  Further, in the above-described embodiment, the configuration is such that when the user who wants to execute printing determines that he / she has print execution authority, the print processing is performed for the authentication procedure read job. However, the present invention is not limited to such a configuration. Is not something For example, for an authentication procedure read job that is determined that the user who wants to execute printing has the authority to execute printing, control is performed so that printing processing is performed when a print permission condition set by the administrator of the printing system is satisfied. It is good also as a structure.

  As the print permission condition, for example, a condition that the user specified by the ID information extracted from the card record information is located in a predetermined area (for example, in the room where the printer device 30 is installed) can be considered. . In this case, the authentication printing system 1 (adaptive authentication means 27) acquires the entrance / exit information of the predetermined area from the entrance / exit management system that performs entrance / exit management of the room or the like in which the printer device 30 is installed. It is determined whether the user specified by the extracted ID information is located in the predetermined area based on withdrawal information.

  According to such a configuration, when it is not always possible to sufficiently confirm the presence or absence of the print execution authority only by the determination based on the authentication procedure information specified by the user (for example, the authentication procedure information is specified so that the user always erroneously establishes “authentication”). Even in the case of having been performed, a secure authentication printing environment can be ensured according to the print permission conditions set by the administrator or the like.

  In the above embodiment, the authentication procedure accepting unit 14 is configured to accept the designation of the authentication procedure information. However, instead of this configuration, the printer driver unit 13 may directly accept the designation of the authentication procedure information.

  In the above-described embodiment, the print driver and the authentication procedure information are associated with each other by creating a print job so that the printer driver 13 includes the authentication procedure information (adding the authentication procedure information to the print job internally). Configuration, in other words, the job management unit 22 (authentication procedure management unit) receives the print job including the authentication procedure information from the user terminal 10 and receives the authentication procedure information of the print job. The invention is not limited to such a configuration.

  For example, an extended print job in which authentication procedure information is externally added to a print job may be created to associate the print job with the authentication procedure information. In this case, the extended print job may be created by adding the authentication procedure information to the print job, for example, other than the printer driver unit 13 such as a port monitor. Furthermore, if the authentication procedure information is added with information specifying a print job (or information specifying authentication procedure information is added to the print job), the print job and the authentication procedure information are transmitted separately. You can also

  In the above embodiment, in the print job accumulation process, the authentication procedure information is designated from the user when creating the print job. However, the authentication procedure information is designated from the user before creating the print job. The stored authentication procedure information may be referred to in the print job accumulation process.

  In the above embodiment, the job management unit 22 also has a function as an authentication procedure management unit and stores the authentication procedure information in the print job storage unit 21. However, for example, the authentication procedure information is separated from the print job. In the case of transmission, an authentication procedure management unit and an authentication procedure storage unit (memory) are provided separately from the job management unit 22 and the print job storage unit 21, and the authentication procedure management unit receives the authentication procedure information. A configuration may be adopted in which the authentication procedure storage unit stores the information in association with the print job.

  Further, in the above-described embodiment, the configuration in which the authentication device used for the authentication process, the ID information extraction rule, and the post-authentication process are specified as the authentication procedure information has been described. A configuration may be adopted in which items relating to other authentication establishment / non-establishment conditions such as designation of a printer device or LDAP server, designation of a printable time zone, etc. are designated as authentication procedure information. For example, as the authentication procedure information, a printer device is specified by a model, a device name, an IP address, etc., and the printer device 10 connected to the authentication device 100 that has acquired the recording information matches the printer device specified in the authentication procedure information. In this case, it may be determined that the user who wishes to execute printing has the authority to execute printing based on the authentication procedure read job. In addition, for example, in the case of authentication using an LDAP server, the LDAP server is designated by the IP address or the like as the authentication procedure information, and further information (for example, post information) acquired from the LDAP server, the acquisition information You may comprise so that it may designate about the conditions (for example, it is more than a section manager) regarding.

  In the above embodiment, the authentication procedure information is represented by a data structure in a table format as shown in FIG. 10 and stored in the header of the print job. For example, the authentication procedure information is a macro function as shown in FIG. (Or script), and may be stored in a print job header or the like. In this case, the authentication procedure reception screen is appropriately changed to a screen suitable for receiving a macro function. Part of the authentication printing process is executed by calling the macro function. In the example shown in the figure, the FUNC_AUTHENTICATE function corresponds to the steps S206 to S212 (however, the order of the steps is different from the flowchart), and the FUNC_POST_PROCESS function corresponds to the steps S211 and S214.

  In the above-described embodiment, the authentication establishment / non-establishment is determined based on whether or not the authority user ID information corresponding to the authentication procedure reading job matches the ID information of the user who wants to execute printing. If identification information (including a password set by the authorized user) that is different from the authorized user ID information included in the print job is specified in the authentication procedure information, the designated identification information and print execution are performed. You may comprise so that it may be judged whether ID information of a desired user corresponds.

  In the above-described embodiment, the authenticated print server 20 first creates a job list and transmits the job list to the printer device 30. If there is a request for a print job registered in the job list from the printer device 30, this is processed. Although it is set as the structure which transmits, this invention is not necessarily restricted to such a structure. For example, if it is determined that the authentication procedure read job corresponds to a print job whose authority is the user who wants to execute printing without creating a job list, the authentication procedure read job may be transmitted to the printer device 30 each time. Good. In this case, the job providing unit 24 functions as the print permission / non-permission control unit 28 that controls the printer device 30 to execute print processing for the determined authentication procedure read job.

1 is a block diagram illustrating a schematic configuration of an authentication printing system 1. FIG. 2 is a block diagram showing a configuration of a user terminal 10. FIG. 2 is a block diagram showing a configuration of an authentication print server 20. FIG. 2 is a block diagram illustrating a configuration of a printer device 30. FIG. 6 is a flowchart for explaining print job accumulation processing; It is a flowchart for demonstrating an authentication printing process. It is a flowchart for demonstrating an authentication printing process. It is a flowchart for demonstrating an authentication printing process. It is a figure which shows the example of an authentication procedure reception screen. It is a figure which shows typically the data structure at the time of expressing authentication procedure information in a table format. 3 is a diagram illustrating an example of a data structure of a print job storage unit 21. FIG. It is a flowchart for demonstrating the authentication printing process in a modification. It is a flowchart for demonstrating the authentication printing process in a modification. It is a flowchart for demonstrating the authentication printing process in a modification. It is a figure which shows the example at the time of expressing authentication procedure information as a macro function.

Explanation of symbols

DESCRIPTION OF SYMBOLS 1 Authentication printing system, 10 User terminal, 11 Input / output means, 12 Communication means, 13 Printer driver means, 14 Authentication procedure reception means, 20 Authentication print server, 21 Print job storage means, 22 Job management means, 23 Job list provision means , 24 job providing means, 25 authentication procedure reading means, 26 ID obtaining means, 27 adaptive authentication means, 28 printability control means, 30 printer device, 31 receiving means, 32 print control means, 33 record information reading means, 34 list Request means, 35 Job request means, 100 Authentication device

Claims (10)

A control device for a printing system including a user terminal that creates a print job, a print job holding device that stores the created print job, and a printing device that executes print processing based on the stored print job. And
From the user terminal, setting information (hereinafter referred to as “authentication procedure information” of the print job) referred to when executing the authentication print processing based on the print job is received as information associated with the print job, Authentication procedure management means stored in
An authentication procedure reading means for reading out authentication procedure information corresponding to the print job stored in the print job holding device;
ID acquisition means for acquiring ID information of a user who wishes to execute printing using an authentication device;
For a print job from which authentication procedure information has been read by the authentication procedure reading means (hereinafter referred to as “authentication procedure read job”), the user who wants to execute printing prints based on the read authentication procedure information and the acquired ID information. Adaptive authentication means for determining whether or not to have execution authority;
A control device comprising: a print permission control unit configured to perform control so that a printing process is executed by the printing device for an authentication procedure reading job that is determined that the user who desires printing execution has print execution authority.   The control apparatus according to claim 1, wherein the authentication procedure management unit receives the authentication procedure information of the print job by receiving a print job including the authentication procedure information from the user terminal. The authentication procedure information includes designation information of the ID information extraction rule,
The ID acquisition unit extracts ID information from medium recording information read out via an authentication device in accordance with an ID information extraction rule specified in the read out authentication procedure information. Control device. The authentication procedure information includes the specified information of the authentication device,
The adaptive authentication means is configured so that the user who wants to execute the print execution authority based on the authentication procedure read job, at least on the condition that the used authentication device matches the authentication device specified in the read authentication procedure information. The control device according to claim 1, wherein the control device determines that the control device is included. The authentication procedure information includes the specified information for post-authentication processing.
The adaptive type authentication unit executes post-authentication processing specified in the read authentication procedure information after determining whether or not the user who wants to execute printing has print execution authority. 5. The control device according to any one of 1 to 4.   The print permission control unit is configured to execute, in the printing apparatus, when a print permission condition set by an administrator of the print system is established for an authentication procedure read job that is determined that the user who desires print execution has print execution authority. The control device according to claim 1, wherein control is performed so that printing processing is executed.   The control apparatus according to claim 6, wherein the print permission condition is a condition that the user who wants to execute printing is located in a predetermined area designated by an administrator or the like. A printing system comprising: a print job holding device that stores a print job created in a user terminal; and a printing device that executes print processing based on the stored print job,
From the user terminal, setting information (hereinafter referred to as “authentication procedure information” of the print job) referred to when executing the authentication print processing based on the print job is received as information associated with the print job, Authentication procedure management means stored in
An authentication procedure reading means for reading out authentication procedure information corresponding to the print job stored in the print job holding device;
ID acquisition means for acquiring ID information of a user who wishes to execute printing using an authentication device;
For a print job from which authentication procedure information has been read by the authentication procedure reading means (hereinafter referred to as “authentication procedure read job”), the user who wants to execute printing prints based on the read authentication procedure information and the acquired ID information. Adaptive authentication means for determining whether or not to have execution authority;
A printing system comprising: a print permission control unit configured to perform control so that a printing process is executed by the printing apparatus based on an authentication procedure read job when it is determined that the user has print execution authority. A control method for a printing system including a user terminal that creates a print job, a print job holding device that stores the created print job, and a printing device that executes print processing based on the stored print job. And
From the user terminal, setting information (hereinafter referred to as “authentication procedure information” of the print job) referred to when executing the authentication print processing based on the print job is received as information associated with the print job, The process of storing in
An authentication procedure reading step of reading corresponding authentication procedure information from the memory for a print job stored in the print job holding device;
Using an authentication device to obtain ID information of a user who wishes to execute printing;
For a print job from which authentication procedure information has been read out in the authentication procedure reading step (hereinafter referred to as “authentication procedure read job”), the user who wants to execute printing prints based on the read out authentication procedure information and the acquired ID information. Determining whether or not to have execution authority;
And a step of controlling the printing apparatus so that a printing process is executed with respect to an authentication procedure reading job determined that the user who desires printing execution has the authority to execute printing.   A program for causing a computer to execute the control method according to claim 9.

Images