JP2009122888A - Device control system - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide a device control system which can control a device without disclosing an information portion which is not desired to be disclosed to a user of a device out of the information (such as a program code) for controlling operation processing of a device. <P>SOLUTION: In a device control system 1, an information processing terminal 100 transmits operation control request data which includes basic information and control content information on the device according to the request from a user to a server device 300. When receiving operation control request data, the server device 300 determines whether the user has use qualification based on this data and authentication information stored in an authentication information database (DB) 300c, and if the user has the use qualification, selects, from operation control information stored in a device information DB 300f, operation control information (including an operation command for a device and input destination address) corresponding to the operation control request data, and transmits this to the information processing terminal 100. <P>COPYRIGHT: (C)2009,JPO&INPIT

Description

  The present invention relates to a system for controlling a device connected to an information processing terminal, and in particular, information (program code, etc.) for controlling device operation processing is not desired to be disclosed to a device user. The present invention relates to a device control system capable of controlling a device without disclosing an information part.

  Conventionally, application software such as a device driver for controlling a device has been executed in an information processing terminal to which the device is connected. Therefore, the device user can analyze the contents of the application software and tamper with the program. However, due to tampering, for example, if the motor of the device is rotated at a rotational speed higher than normal, the device is used in an inappropriate state, such as significantly shortening the operating life of the motor or damaging the motor. There was a risk of such problems. In addition, there was a risk that the original technology was leaked due to the analysis of the program.

Such failures are often caused by untrustworthy users such as malicious third parties in particular.
On the other hand, conventionally, restrictions have been imposed by encrypting a program or using a function for limiting the number of operations or using a dongle so that the program is not used for other purposes.

For example, in the file safety management method described in Patent Document 1, when a business process using a file to be kept confidential is executed, it is determined whether the business process is permitted to execute or not permitted for the operator. In addition, the business process is executed by the business process control means. In addition, a function that detects unauthorized operations, a function that gives a warning to an operator who requests execution of an unauthorized business process, and an imaging unit that captures and records the operator who requested an unauthorized business process And a function to stop the execution of an application when an unauthorized business process is requested.
Japanese Patent Laid-Open No. 9-288609

  However, in the above prior art, in the information processing terminal (PC etc.) connected to the device, not only the application software but also the function to be protected, the function to determine the restrictions and restrictions included in the application software are executed. For this reason, there is a possibility that a method for avoiding the limitation or restriction may be found, or a technique that is not desired to be leaked may be analyzed by investigating the processing of the CPU when executing the application software.

In the above-mentioned Patent Document 1, an unauthorized operation is detected, a warning is given to an unauthorized request, a person who has made an unauthorized request is imaged and recorded, or an unauthorized request is detected. Even if the operation can be stopped, the application software is on the terminal side, so that it is difficult to prevent the alteration of the program and the technical leak itself.
Therefore, the present invention has been made paying attention to such an unsolved problem of the conventional technology, and among the information (program code etc.) for controlling the operation processing of the device, the use of the device It is an object of the present invention to provide a device control system capable of controlling a device without disclosing information portions that are not desired to be disclosed to a person.

  [Mode 1] In order to achieve the above object, a device control system according to mode 1 includes an information processing terminal, a device connected to the information processing terminal so as to perform data communication, and the information processing terminal and a predetermined communication line. The information processing terminal receives operation control request data that is an operation control information acquisition request including an operation command for causing the device to execute a predetermined operation process. Operation control request data transmitting means for transmitting to the server device via the communication line, and operation control information for receiving operation control information corresponding to the operation control request data transmitted from the server device via the communication line Receiving means, and operation command output means for outputting the operation command to the device based on the received operation control information. The server apparatus includes: an operation control request data receiving unit that receives the operation control request data transmitted from the information processing terminal via the communication line; and a plurality of types of devices in association with each device type Operation control information storage means for storing operation control information including each operation command corresponding to the operation control information selection means for selecting operation control information corresponding to the received operation control request data from the operation control information storage means And operation control information transmitting means for transmitting the selected operation control information to the information processing terminal that is the transmission source of the operation control request data.

  With this configuration, when the operation control request data is transmitted via the communication line in the information processing terminal, the operation control request data is received by the server device, and the server device receives the operation request data as the operation request data. Corresponding operation control information is selected from the operation control information storage means. When the operation request information is selected, the selected operation control information is transmitted to the information processing terminal that is the transmission source of the operation request data via the communication line. This operation control information is received by the information processing terminal of the transmission destination, and an operation command is output to the device based on the operation control information at the information processing terminal. As a result, the device executes an operation process corresponding to the operation command.

  In this way, the server device is caused to execute the main program part (part that wants to prevent outflow, tampering, etc.) of the application for controlling the device, such as the process of selecting the operation control information corresponding to the operation control request data, and Data necessary for execution of the main program part (operation control information corresponding to each operation command) is stored in the server device. Further, the information processing terminal includes an operation control information acquisition process and an operation command device. Since only the program part (the part that may be leaked) that allows simple processing such as output processing to be stored and executed, the main part of the application program that controls the device in the information processing terminal Investigate the processing of the CPU when tampering is performed or the main part of the program is executed Effect that can be prevented from or is.

  Here, the device is connected to an information processing terminal such as a printer, a scanner, a FAX, a copier, a multi-function machine combining any of these, a projector, a digital camera, a digital video camera, etc. This can be controlled. The same applies to the device control system according to the sixth embodiment.

  [Mode 2] Further, the device control system of mode 2 is the device control system of mode 1, wherein the operation control information further includes address information of an input destination in each device of an operation command corresponding to each device, The command output means outputs the operation command together with a write request to the storage area of the address indicated by the address information in the device based on the operation control information, and the device responds to the write request. Accordingly, the operation command is written in the storage area indicated by the address information, and the operation process corresponding to the written operation command is executed.

  With such a configuration, the data table including address information (for example, input port address information) of each operation command in the device is managed in the server device. This makes it possible to make the analysis more difficult.

  [Mode 3] Further, in any one of modes 1 and 2, the device control system according to mode 3 is characterized in that the operation control request data includes identification data capable of identifying the device and control contents indicating the control contents of the device. The operation control information selection means selects operation control information of an operation command corresponding to the control content data for the device identified by the identification data from the operation control information storage means. Yes.

  With such a configuration, when the server device receives the operation control request data, the device type is identified from the identification data included in the operation control request data, and the command type is determined from the control content data. Then, the operation control information corresponding to the identification data and the control content data is selected, and the selected operation control information is transmitted to the information processing terminal that is the transmission source of the operation control request data.

  As a result, in the information processing terminal, it is possible to prevent the main part of the application program that controls the device from being analyzed or falsified, or the main part of the program from being investigated for the CPU processing during execution. Is obtained.

  [Mode 4] Furthermore, the device control system according to mode 4 is the device control system according to any one of modes 1 to 3, wherein the information processing terminal is user-specific information for authenticating the user of the device. User information transmitting means for transmitting certain user information to the server device via the communication line, the server device being connected to each of the information processing terminals and a use capable of using the device User authentication information storage means for storing user authentication information indicating a relationship with the user information of the user, and user information for receiving the user information transmitted from the information processing terminal via the communication line Based on the receiving means, the received user information and the user authentication information stored in the user authentication information storage means, the user corresponding to the user information Authentication processing means for performing authentication processing, and only when the user is authenticated by the authentication processing means, the operation control information corresponding to the operation control request data is transmitted from the transmission source of the operation control request data. The information is transmitted to the information processing terminal.

  With such a configuration, when the user information is transmitted in the information processing terminal and the user information is received by the server device, the server device receives the received user information and the user authentication information storage unit. The user of the device is authenticated based on the user authentication information stored in the device. Only when the user is authenticated, the operation control information corresponding to the operation control request data is selected from the operation control information storage means, and the selected operation control information is the information processing of the transmission source of the operation control request data. Sent to the terminal.

  As described above, since only a legitimate user can execute the application and control the device, it becomes difficult for a malicious third party or the like to use the device. This makes it difficult for the information processing terminal to analyze the main part of the application program for the purpose of falsification of the program or theft of technology (for example, analysis of processing contents from transmitted / received data). The effect of being able to be obtained.

  [Mode 5] Furthermore, the device control system according to mode 5 is the device control system according to mode 4, wherein the server device can use a device connected to each information processing terminal by a user corresponding to the user information. In addition to use time limit information storage means for storing use time limit information, which is information indicating a valid time limit, only when the user is authenticated and the current time is within the use time limit indicated by the use time limit information The operation control information corresponding to the operation control request data is transmitted to the information processing terminal that is the transmission source of the operation control request data.

  In such a configuration, when the server device receives the operation control information and the user is authenticated, the current time limit is reached based on the expiration date information stored in the expiration date information storage means. Only when it is within the time limit, the operation control information corresponding to the operation control request data is selected from the operation control information storage means, and the selected operation control information is stored in the operation control request data. It is transmitted to the information processing terminal of the transmission source.

  In this way, since the expiration date is set for a legitimate user, for example, even if the user information is leaked and the device is likely to be used by a malicious third party, the expiration date is set. By setting a relatively short time, it is possible to shorten the time for a third party to analyze the program, so analysis of the main part of the application program for the purpose of falsification of the program or theft of technology. It is possible to obtain an effect that it is possible to make it more difficult to occur.

  Here, the expiration date is set as either year, month, year, month, day, month, day, time, year, month, day or month + time, and these are compared with the current one. It is determined whether or not it is within the usage period. Note that the present time corresponds to, for example, after acquiring information on a device that the user intends to use, such as after receiving operation control request data.

  [Mode 6] On the other hand, in order to achieve the above object, a device control system according to mode 6 includes an information processing terminal, a device connected to the information processing terminal so as to perform data communication, and predetermined communication with the information processing terminal. A server device connected to be able to perform data communication via a line, and the information processing terminal sends device information request data, which is a request for obtaining device information, which is information related to the device, to the server via the communication line. Device information request data transmitting means for transmitting to a device, and device information receiving means for receiving device information of a device corresponding to the device information request data transmitted from the server device via the communication line, A server device receives a device information request data transmitted from the information processing terminal via the communication line. Device information request data receiving means, device information storage means for storing device information of each device in association with each device type, and the received device information request data from the device information storage means for a plurality of types of devices. Device information selection means for selecting device information of a device corresponding to the device information, and device information transmission means for transmitting the selected device information to the information processing terminal that is the transmission source of the device information request data.

  With such a configuration, the device information request data is transmitted via the communication line in the information processing terminal. The device information request data is received by the server device, and the device information of the device corresponding to the device information request data is selected from the device information storage means in the server device. When the device information of the device is selected, the selected device information is transmitted to the information processing terminal that is the transmission source of the device information request data. The transmitted device information is received at the information processing terminal of the transmission destination.

  In this way, the device information of the device is stored in the server device, and the information processing terminal is configured not to store the device information, so that the device information is not stored in the information processing terminal, It is possible to prevent the device information of the device connected to the information processing terminal from being read and analyzed. As a result, it is possible to make it difficult to analyze the application program for controlling the device.

  Here, the device information includes information on device software, information on hardware, and the like. For example, version information of application software for controlling the device. If the device is, for example, a multifunction device, the multifunction device is a FAX, a scanner, Specification information including configuration information (product information) indicating the functional configuration of the device, such as whether or not it has a printer function, and detailed information on each function of the device (for example, performance limit values exceeding product specifications), etc. Is applicable. In other words, the device information is data such as device parameters that are not originally intended to be disclosed to the user. These data have some rough data patterns, and an appropriate setting value is determined using some equation for them. With the above configuration, such information can be managed on the server device side, so that it is possible to protect technical information such as data patterns and equation logic that were conventionally exposed as a result. it can.

Hereinafter, embodiments of the present invention will be described with reference to the drawings. 1 to 7 are diagrams showing an embodiment of a device control system according to the present invention.
First, a schematic configuration of a device control system according to the present invention will be described with reference to FIG. FIG. 1 is a diagram showing a schematic configuration of a device control system 1 according to the present invention.
As shown in FIG. 1, the device control system 1 includes information processing terminals 100_1 to 100_n, devices 200_1 to 200_n connected to the information processing terminals 100_1 to 100_n so as to be able to perform data communication with the information processing terminals, and a server apparatus 300. The network 400 is configured. Furthermore, the information processing terminals 100_1 to 100_n and the server device 300 are connected to each other via a network 400 so that data communication is possible.

Although FIG. 1 shows a configuration in which one or two devices 200 are connected to the information processing terminals 100_1 to 100_n, the present invention is not limited to this, and the present invention connects three or more devices 200. The present invention can also be applied to the configured configuration.
Hereinafter, since the information processing terminals 100_1 to 100_n have the same function according to the invention of each terminal, they are simply referred to as the information processing terminal 100. Similarly, the devices 200_1 to 200_n have the same basic operation according to the invention. These will be simply referred to as the device 200 for explanation.

Next, a detailed configuration of the information processing terminal 100 will be described with reference to FIG.
FIG. 2 is a block diagram illustrating a detailed configuration of the information processing terminal 100.
As shown in FIG. 2, the information processing terminal 100 includes a user information transmission unit 100a, an acquisition request transmission unit 100b, a data communication unit 100c, an operation control information reception unit 100d, an operation command output unit 100e, a device A property receiving unit 100f and a display unit 100g are included.

The user information transmitting unit 100a transmits, to the data communication unit 100c, server IDs and password information, which are input from a user via an input device (mouse, keyboard, etc.) (not shown). It has a function of outputting together with a transmission request to the apparatus 300.
The acquisition request transmission unit 100b has a function of causing the display unit 100g to display an input screen for various request data when receiving information indicating that the user has been authenticated from the server device 300. Furthermore, operation control information acquisition request data (operation control) that is information for controlling operation processing of the device 200 based on information input from a user via an input device (such as a mouse or a keyboard) (not shown). Request data) and a property acquisition request data (property request data) of the device 200. Furthermore, it has a function of outputting the generated various request data to the data communication unit 100c together with a transmission request to the server device 300.

Here, the operation control request data includes data indicating the type of device to be controlled (for example, device model number), the device ID (for example, manufacturing number), the type of control content, and the like. The property request data includes data indicating the device type, device ID, and the like.
In addition, when a user inputs a request instruction to the device, a character string that is difficult to determine control content is used to prevent a malicious third party from determining control content from the input character string. It is preferable to do this. For example, for a complete reset of the device, a character string such as “P09371” that is difficult to associate with the processing content is used.

  The data communication unit 100c sends data requested by each component to the destination server device 300 based on a designated network address (for example, a global IP address if the network 400 is the Internet). It has a function of transmitting via the network 400. Furthermore, it has a function of receiving data transmitted to the information processing terminal 100 via the network 400.

The operation control information receiving unit 100d has a function of acquiring data related to operation control of the device 200 among the data received by the data communication unit 100c. In addition, the received data has a function of transmitting operation control information to the operation command output unit 100e and transmitting message data to the display unit 100g.
The operation command output unit 100e outputs (writes) the operation command to the storage area corresponding to the input port address of the device based on the operation command and the input port address included in the operation control information acquired from the operation control information receiving unit 100d. ) It has a function. Specifically, a write request command is transmitted to the device 200 so as to write an operation command to the input port address.

The device property receiving unit 100f has a function of acquiring data related to device properties from the data received by the data communication unit 100c and transmitting the acquired data to the display unit 100g.
The display unit 100g has a function of displaying these data on a display device (not shown) (for example, a liquid crystal display) based on message data and property data input from each component unit.

  Note that the information processing terminal 100 includes a computer system for executing the functions of the respective components using software and executing software for controlling hardware necessary for realizing the functions. The hardware configuration of this computer system is not shown, but has a CPU (Central Processing Unit), a RAM (Random Access Memory), and a ROM (Read Only Memory), and a PCI (Peripheral Component Interconnect) between them. It is configured to be connected by various internal and external buses such as buses.

  Further, the bus stores data such as, for example, a device 200 such as a printer, a scanner, a copying machine, and a FAX, and an HDD (Hard Disk Drive) via an input / output interface (I / F) such as IEEE1394, USB, and parallel port. A device, a display device such as a CRT or LCD monitor, an operation panel, an input device such as a mouse and a keyboard, and a network card for communicating with an external device on the network are connected. The network card is connected to the network 400 via a network cable, a broadband router, or the like.

  When the power is turned on, the system program such as BIOS stored in the ROM or the like loads various dedicated computer programs for realizing the functions of the above-described units stored in advance in the HDD or the like into the RAM, and loads them into the RAM. Each function as described above is realized on software by the CPU performing predetermined control and arithmetic processing using various resources in accordance with instructions described in the program.

Next, the device 200 operates in response to a command input from the information processing terminal 100 such as a printer, a scanner, a FAX, a copier, a multifunction machine in which some or all of these are combined, a digital camera, and a digital video camera. It is a device that can be controlled.
Further, the device 200 writes the operation command to the designated input address in response to the operation command write request from the information processing terminal 100, and executes the operation process according to the written operation command. Further, after the operation process is executed, a return value set in advance is transmitted to the information processing terminal 100.

Next, a detailed configuration of the server apparatus 300 will be described based on FIG.
FIG. 3 is a block diagram illustrating a detailed configuration of the server apparatus 300.
As shown in FIG. 3, the server device 300 includes a data communication unit 300a, a user authentication unit 300b, an authentication information database 300c (hereinafter referred to as an authentication information DB 300c), an acquisition request reception unit 300d, and a device information selection Unit 300e and a device information database 300f (hereinafter referred to as device information DB 300f).

The data communication unit 300a has a function of receiving various data transmitted to itself via the network 400, and an IP address designated via the network 400 according to a request from each component unit. And a function of transmitting to the device (mainly the information processing terminal 100).
The user authentication unit 300b is based on the user information (ID and password) received by the data communication unit 300a and the user authentication information (hereinafter referred to as authentication information) stored in the authentication information DB 300c. Has a function of performing authentication processing on the user. Furthermore, a function of outputting information indicating whether or not the user has been authenticated to the data communication unit 300a together with a transmission request to the information processing terminal 100 that is the transmission source of the user information, and user information of the authenticated user Is output to the device information selection unit 300e.

  As shown in FIG. 4A, the authentication information DB 300c includes, for each user, a user ID and a password, a program ID of a program permitted to be used, information on a device permitted to be used, and device usage. Data such as information on time limit and information on countries where devices can be used is registered, and this database has a function of searching various data using a user ID as a keyword. Here, FIG. 4A is a diagram illustrating an example of the authentication information.

The acquisition request receiving unit 300d has a function of acquiring operation control request data and profile request data among the data received by the data communication unit 300a, and transmitting the acquired data to the device information selection unit 300e.
If the device information selection unit 300e acquires the operation control request data, the device information selection unit 300e determines the usage qualification of the device 200 based on the user information, the operation control request data, and the authentication information. The operation control information of the corresponding device 200 is selected and acquired from the device information DB 300f, and the acquired operation control information is transmitted to the data communication unit 300a together with a transmission request to the information processing terminal 100 that is the transmission source of the operation control request data. It has a function to output.

  Further, when the property request data is acquired, the property viewing qualification is determined in the same manner as the usage qualification determination. When it is determined that the property is qualified, the property of the corresponding device 200 is selected and acquired from the device information DB 300f. The acquired property is output to the data communication unit 300a together with a transmission request to the information processing terminal 100 that is the transmission source of the property request data.

On the other hand, if it is determined that there is no use qualification or browsing qualification, a message notifying that there is no qualification is sent to the data communication unit 300a as a transmission request to the information processing terminal 100 that is the source of the operation control request data or property request data. It has the function to output with.
As shown in FIG. 4B, the device information DB 300f includes, for each device type, information indicating the device type, model ID of each device, control contents of each device, address information of an operation command input destination, An operation command corresponding to a device destination, control content, and the like is registered, and this database has a function of searching various data using keywords indicating information indicating the type and model ID. Here, FIG. 4B is a diagram illustrating an example of the operation control information.

  In addition, as with the information processing terminal 100, the server device 300 is used for realizing the functions of the respective components using software, and for executing software for controlling hardware necessary for realizing the functions. A computer system is provided. Although not shown, the hardware configuration of this computer system is configured such that the CPU, RAM, and ROM are connected by various internal and external buses such as a PCI bus. A storage device, a display device, an input device, a network card, and the like are connected to the bus via an input / output I / F. The network card is connected to the network 400 via a network cable, a broadband router, or the like.

Next, a specific operation of the device control system 1 according to the present invention will be described based on FIG. 5 and FIG. Here, FIG. 5 is a flowchart showing an operation process of the information processing terminal 100. FIG. 6 is a flowchart showing an operation process of the server apparatus 300.
Each operation process is performed by the CPU of the information processing terminal 100 and the CPU of the server apparatus 300 executing dedicated programs.

First, when the user inputs a connection request with the server apparatus 300 via the input device, the information processing terminal 100 sends a connection request with the server apparatus 300 in the user information transmission unit 100a accordingly. It transmits toward the server apparatus 300 via the data communication part 100c and the network 400 (step S100).
On the other hand, when the data communication unit 300a receives connection information sent from the information processing terminal 100 via the network 400 (step S200), the server apparatus 300 connects to the data communication unit 300a via the network 400. A session is established with the information processing terminal that is the transmission source of the information (step S202).

  When a session with the server apparatus 300 is established and a connection is established (step S102), the information processing terminal 100 causes the user information transmission unit 100a to display a user ID and password input screen on the display unit 100g. Thereafter, when user information (user ID and password) is input by the user via the input device, the input user information is transmitted to the server device 300 via the data communication unit 100c. (Step S104).

When the user authentication unit 300b receives the user information from the connected information processing terminal 100 ("Yes" branch of step S204), the server device 300 receives the received usage at the user authentication unit 300b. Authentication processing is executed based on the person information and the information stored in the authentication information DB 300c (step S206).
In the present embodiment, the authentication process is a process for determining whether or not the user ID and password received from the information processing terminal 100 are among the user ID and password registered in the authentication information DB 300c. If the user is registered, the user is authenticated. If the user is not registered, the user is not authenticated.

When the authentication process is completed in the user authentication unit 300b, the server apparatus 300 transmits information indicating the authentication result to the information processing terminal 100 that is the transmission source of the user information via the data communication unit 300a (step S208). .
Furthermore, when the user is authenticated (“Yes” branch in step S210), the user authentication unit 300b waits until various data are sent from the information processing terminal 100 connected to the user (step S204). , S214, S228, S222).

On the other hand, if the authentication is not successful ("No" branch in step S210), the connection with the information processing terminal 100 is released and the session is terminated (step S214). In consideration of an input error by the user, the connection may not be released until an error is input a predetermined number of times (for example, three times).
When the acquisition request transmission unit 100b receives the information indicating the authentication result from the server device 300 (step S106), the information processing terminal 100 determines whether the user has been authenticated based on the information indicating the authentication result. To do. If authenticated ("Yes" branch in step S108), the acquisition request transmission unit 100b displays an acquisition request input screen on the display unit 100g and the device 200 connected to the information processing terminal 100 Basic information (information such as device type and device ID) of the device 200 is acquired (step S110).

  If the user is not authenticated, the acquisition request transmitting unit 100b transmits a message indicating that authentication is impossible to the display unit 100g together with a display instruction (“No” branch of step S108). Upon receiving the authentication impossible message from the user information transmitting unit 100a, the display unit 100g displays this message on a display device (not shown) (step S134). Thereafter, the information processing terminal 100 releases the connection with the server device 300 (step S130).

  If the user is authenticated, the information processing terminal 100 continues to obtain operation control request data or profile request data in the acquisition request transmission unit 100b based on the request content input from the user via the input device. The generated request data is transmitted to the server device 300 via the data communication unit 100c (step S112). That is, when an operation control information acquisition request for a predetermined control content of a connected device is input, operation control request data for the acquisition request for the corresponding device (or a specified device when multiple devices are connected) Is generated. When a request for acquiring a profile of a connected device is input, profile request data for the corresponding device is generated.

On the other hand, when the acquisition request receiving unit 300d receives the operation control request data, the server apparatus 300 transmits the received operation control request data to the device information selection unit 300e (“Yes” branch in step S216). .
When the device information selection unit 300e acquires the operation control request data from the acquisition request reception unit 300d, the device information selection unit 300e prompts the user to use the device 200 based on the operation control request data and the authentication information stored in the authentication information DB 300c. It is determined whether or not there is (step S218).

  In determining the use qualification, first, the user is identified from the user ID and password at the time of authentication processing, and the device connected to the information processing terminal 100 is identified from the device type and device ID information included in the operation control request data To do. Then, it is determined from the authentication information whether or not the identified user is permitted to use the identified device. If permitted, the current date is compared with the expiration date to determine whether the expiration date has passed. In the present embodiment, the IP address of the information processing terminal 100 is further based on the country information identification table shown in FIG. 7 stored in the storage device (for example, HDD) of the server device 300 if it is within the usage period. The country of the data transmission source is determined from the above, and it is determined whether or not this country is a country permitted to use. If it is a country where use is permitted, it is determined that there is a use qualification, and if any one of the determination items does not satisfy the condition, it is determined that there is no use qualification.

  If it is determined that there is a usage qualification (“Yes” branch in step S218), the device information selection unit 300e selects and selects the operation control information corresponding to the operation control request data from the device information DB 300f. The operation control information is acquired (step S220), and the acquired operation control information is transmitted to the information processing terminal 100 that is the transmission source of the operation control request data via the data communication unit 300a (step S222).

If it is determined that the user is not qualified to use the operation control information corresponding to the operation control request data (“No” branch in step S218), the device information selection unit 300e does not have a use qualification. Is transmitted to the information processing terminal 100 that is the transmission source of the operation control request data via the data communication unit 300a (step S224).
On the other hand, when the data communication unit 100c receives information (data) from the server device 300 (step S114), the information processing terminal 100 determines whether or not the operation control information receiving unit 100d has received the operation control information. If it is determined that it has been received ("Yes" branch in step S116), the received operation control information is acquired and the acquired operation control information is transmitted to the operation command output unit 100e ("Yes in step S116"). Branch).

  The operation command output unit 100e outputs an operation command toward the input address of the device 200 based on the operation command and the input address included in the operation control information acquired from the operation control information receiving unit 100d (step S118). . Specifically, a write request for writing an operation command to the storage area indicated by the input address of the device 200 is transmitted to the device 200. As a result, the device 200 executes an operation process corresponding to the written operation command. Examples of the operation process include a complete reset process and a cleaning process if the device 200 is a printer. When the device 200 completes the operation process corresponding to the operation command, the device 200 transmits a return value to the information processing terminal 100.

When the operation command output unit 100e receives the return value from the device 200, the information processing terminal 100 generates result information (or the return value itself) based on the received return value, and the generated result information Then, the data is transmitted to the server device 300 via the data communication unit 100c (step S120).
On the other hand, when the acquisition request receiving unit 300d receives the result information from the information processing terminal 100 connected to the server apparatus 300 ("Yes" branch in step S236), the server apparatus 300 stores the received result information in a memory such as a RAM. Then, a message for the result information is transmitted to the information processing terminal 100 connected through the data communication unit 300a (step S240).

When the message is transmitted, the server apparatus 300 releases the connection with the information processing terminal 100 and ends the session (step S214).
When the operation control information receiving unit 100d receives a result message for the transmitted result information from the server device 300, the information processing terminal 100 transmits the received result message to the display unit 100g together with a display instruction (step S122).

Thereby, the display unit 100g displays the result message from the operation control information receiving unit 100d on the display device. When the result message is displayed, the information processing terminal 100 releases the connection with the server device 300 (step S130).
On the other hand, when the server 300 receives the property request data without receiving the operation control request data from the information processing terminal 100 (“No” branch in step S216), the “Yes” branch in step S226). The device information selection unit 300e determines whether or not the user has a property viewing qualification based on the property request data from the acquisition request reception unit 300d and the authentication information stored in the authentication information DB 300c.

In the present embodiment, the determination of the viewing qualification of the property of the device 200 corresponding to the property request data is the same as the determination of the use qualification.
If it is determined that there is a viewing qualification (“Yes” branch of step S228), the device information selection unit 300e selects the device property corresponding to the property request data from the device information DB 300f, and the selected property Is acquired (step S230), and the acquired property is transmitted to the information processing terminal 100 that is the transmission source of the property request data via the data communication unit 300a (step S232).

When receiving the property from the server apparatus 300, the information processing terminal 100 transmits the received property to the display unit 100g together with a display instruction (“Yes” branch of step S126). The display unit 100g displays the property from the device property receiving unit 100f on the display device (step S128).
For example, a case is assumed in which the device 200 connected to the information processing terminal 100 is a complex machine in which a printer, a copier, and a FAX are combined. When an acquisition request for the device property (product information) is made, for example, a property for a specified item of the device is sent from the server apparatus 300. The display device includes, for example, “printer: True” indicating that the device 200 has a printer function, “scanner: False” indicating that the device 200 does not have a scanner function, and similarly “copier: True”. ”,“ FAX: True ”,“ USB connection: True ”, etc., product information of the device 200 is displayed. Device properties are not limited to product information, but can be used to obtain other information such as more detailed device functions such as the number of motor revolutions and specification information indicating the performance limits of the product (device) itself. May be.

If it is determined that there is no viewing qualification ("No" branch in step S228), a message indicating that there is no viewing qualification is sent to the information processing terminal that is the transmission source of the property request data via the data communication unit 300a. 100 (step S234).
When the information processing terminal 100 receives message information other than the operation control information and the property from the server device 300 via the network 400, the information processing terminal 100 transmits the received message information to the display unit 100g together with a display instruction, and displays the display unit 100g. In step S132, a message corresponding to the message information (for example, a message indicating that the user is not qualified) is displayed on the display device (step S132).

  In this way, the device control system 1 according to the present embodiment can execute the main part of the program for controlling the device 200 connected to the information processing terminal 100 in the server device 300, and the main part of the program. The part and data necessary for its execution are stored in the server device. Furthermore, since the information processing terminal 100 stores and executes only a program part that performs simple processing such as operation control information or property acquisition processing or operation command output processing to the device 200, In the information processing terminal 100, it is possible to prevent the main part of the program that controls the device from being analyzed or falsified, or the main part of the program from being investigated for the processing of the CPU.

  In the above embodiment, the acquisition request transmission unit 100b and the data communication unit 100c correspond to the operation control request data transmission unit of claim 1 or the profile request data transmission unit of mode 6, and receive the data communication unit 100c and the operation control information reception. The unit 100d corresponds to the operation control information receiving unit of claim 1, the device property corresponds to the device information described in the form 6, and the data communication unit 100c and the device property receiving unit 100f include the device information of the form 6. Corresponding to the reception means, the operation command output unit 100e corresponds to the operation command output means of claim 1 or 2, and the user information transmission unit 100a and the data communication unit 100c correspond to the user information transmission unit of claim 4. Correspond.

  In the above embodiment, the data communication unit 300a and the acquisition request receiving unit 300d correspond to the operation control request data receiving unit of claim 1 or the device information request data receiving unit of claim 6, and correspond to the device information selecting unit 300e. Corresponds to the operation control information selection means according to claim 1 or 3, or the device information selection means according to claim 6, and the device information DB 300f stores the operation control information storage according to any one of claims 1, 3, 4, and 5. The authentication information DB 300c corresponds to the user authentication information storage unit according to claim 4 or the device information storage unit according to mode 6, and the user authentication unit 300b corresponds to the authentication processing unit according to claim 4. Correspondingly, the device information selection unit 300e and the data communication unit 300a correspond to the operation control information transmitting means of claim 1 or the device information of claim 6. Corresponding to the transmission means.

In addition to the configuration described in the above embodiment, for example, device firmware confirmation request data is transmitted to the server device, and the server side confirms whether there is firmware update information. It is also possible to add a configuration in which FALSE is returned and FALSE is returned if there is no such.
As an application example of the present invention, information on a predetermined function is stored on the server device side, the information processing terminal side transmits function identification information and function arguments to the server device, and the server device calculates the function. It is also possible to configure a system in which only the calculation result is returned to the information processing terminal. Thereby, when performing a calculation using a predetermined function, the contents of the function can be kept secret from the user and a third party.

Further, the contents of the mail to be transmitted are stored only in the server device, the information processing terminal transmits a mail transmission command to the server device, and the server device transmits the mail corresponding to the received transmission command to the information processing terminal. It is also possible to configure. Thereby, the content of the mail can be kept secret from the user and a third party.
In addition, as an application example of the present invention, the server device includes application software that realizes a predetermined function, and the server device is configured as a Web server, for example. It is also possible to adopt a configuration in which information processing (execution of application software) that realizes a function according to usage is performed, and the function (processing result) realized by this information processing is provided to the information processing terminal. is there.

  For example, when a device (such as a printer) that can use the information processing terminal is connected to the server device, the information processing terminal transmits a device information acquisition request for the connected device to the server device (for example, a request). When the server apparatus receives the acquisition request, the server apparatus acquires device information of the device corresponding to the acquisition request from the device, and transmits (provides) the acquired device information to the information processing terminal. To do.

  Here, since the device information of the device connected to the server apparatus can be acquired by direct communication with the device, the information processing terminal can be used to obtain information about software of the device connected to the server apparatus and information about hardware. In addition, real-time information such as information on the device status (for example, ink remaining amount) can be acquired from a remote server device via a network.

1 is a diagram illustrating a schematic configuration of a device control system 1. FIG. 2 is a block diagram illustrating a detailed configuration of an information processing terminal 100. FIG. 3 is a block diagram illustrating a detailed configuration of a server device 300. FIG. (A) is a figure which shows an example of authentication information, (b) is a figure which shows an example of operation control information. 3 is a flowchart showing an operation process of the information processing terminal 100. 5 is a flowchart showing an operation process of the server apparatus 300. It is a figure which shows an example of a country information identification table.

Explanation of symbols

DESCRIPTION OF SYMBOLS 1 ... Device control system, 100_1 to 100_n ... Information processing terminal, 200_1 to 100_n ... Device, 300 ... Server apparatus, 100a ... User information transmission part, 100b ... Acquisition request information transmission part, 100c, 300a ... Data communication part, 100d ... operation control information receiving unit, 100e ... operation command output unit, 100f ... device property receiving unit, 100g ... display unit, 300b ... user authentication unit, 300c ... authentication information DB, 300d ... acquisition request receiving unit, 300e ... device information Selection unit, 300f ... Device information DB

Claims (6)

An information processing terminal; a device connected to the information processing terminal so as to be capable of data communication; and a server device connected to the information processing terminal via a predetermined communication line so as to be capable of data communication. Operation control request data transmission means for transmitting operation control request data, which is an operation control information acquisition request including an operation command for causing the device to execute a predetermined operation process, to the server device via the communication line; Operation control information receiving means for receiving operation control information corresponding to the operation control request data transmitted from the server device via the communication line, and the operation command to the device based on the received operation control information Operation command output means for outputting,
The server device includes an operation control request data receiving unit that receives the operation control request data transmitted from the information processing terminal via the communication line, and a plurality of types of devices in association with the types of the devices. Operation control information storage means for storing operation control information including each operation command corresponding to the device, and operation control information selection for selecting operation control information corresponding to the received operation control request data from the operation control information storage means And a device control system for transmitting the selected operation control information to the information processing terminal that is the transmission source of the operation control request data. In claim 1,
The operation control information further includes address information of an input destination in each device of an operation command corresponding to each device,
The operation command output means is configured to output the operation command together with a write request to the storage area of the address indicated by the address information in the device, based on the operation control information.
In response to the write request, the device writes the operation command to a storage area indicated by the address information, and executes an operation process corresponding to the written operation command. Control system. In any one of Claim 1 and 2,
The operation control request data includes identification data capable of identifying the device, and control content data indicating the control content of the device,
The operation control information selection unit is configured to select operation control information of an operation command corresponding to the control content data for the device identified by the identification data from the operation control information storage unit. Device control system. In any one of Claims 1 thru | or 3,
The information processing terminal further includes user information transmitting means for transmitting user information, which is user-specific information for authenticating a user of the device, to the server device via the communication line,
The server device includes user authentication information storage means for storing user authentication information indicating a relationship between a device connected to each of the information processing terminals and the user information of a user who can use the device, User information receiving means for receiving the user information transmitted from the information processing terminal via the communication line, and the received user information and the user authentication information stored in the user authentication information storage means And an authentication processing means for performing an authentication process of a user corresponding to the user information, and only when the user is authenticated by the authentication processing means, the operation control request data is included in the operation control request data. Corresponding operation control information is transmitted to the information processing terminal that is the transmission source of the operation control request data. In claim 4,
The server device further includes usage time limit information storage means for storing usage time limit information, which is information indicating a time limit for a user corresponding to the user information to use a device connected to each of the information processing terminals. In addition to the fact that the user has been authenticated, the operation control information corresponding to the operation control request data is only transmitted when the current time is within the usage period indicated by the usage period information. A device control system characterized by being transmitted to an information processing terminal. An information processing terminal, a device connected to the information processing terminal so as to be able to perform data communication, and a server device connected to the information processing terminal so as to be able to perform data communication via a predetermined communication line,
The information processing terminal transmits device information request data, which is device information acquisition request, which is information related to the device, to the server apparatus via the communication line, and transmits from the server apparatus. Device information receiving means for receiving device information of a device corresponding to the device information request data that has been received via the communication line,
The server device includes device information request data receiving means for receiving the device information request data transmitted from the information processing terminal via the communication line, and a plurality of types of devices in association with the types of devices. Device information storage means for storing device information of the device; device information selection means for selecting device information of the device corresponding to the received device information request data from the device information storage means; and the selected device information A device control system comprising: device information transmitting means for transmitting to the information processing terminal that is the transmission source of the device information request data.

Images