JP2011197949A - Information processor, information processing system, use limitation method, program, and recording medium with the program recorded thereon - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide an information processor, an information processing system, a use limitation method, a program and a recording medium with the program recorded thereon, for limiting the use of functions mounted on a device with high accuracy.SOLUTION: The information processor 100 monitors authentication by an authentication means. The information processor 100 receives a use limitation notification for limiting the use of the function to one user, from an image processor determined to limit the use of the function to the one user during provision of the function to the one user. The information processor 100 transmits a processing execution command for requesting execution of processing for limiting the use of the function in the one user, to the image processor that has authenticated the one user.

Description

  The present invention relates to an information processing apparatus, an information processing system, a usage restriction method, a program, and a recording medium on which the program is recorded.

  Conventionally, from the viewpoint of resource saving and cost reduction, for example, an upper limit for each user has been set for the usage amount (number of copies and number of copies) of a MFP (Multifunction Peripheral) that has a copy function, etc. Upper limit management that limits usage is known. The restriction of use includes not only suspension of use but also restriction for encouraging use in consideration of resource saving and cost reduction, such as outputting in monochrome printing if a color print request is made.

  Examples of the target user for setting the upper limit of usage include a group composed of a department or a plurality of members in a company in addition to an individual who uses a multifunction peripheral. Therefore, in an environment where a plurality of multifunction peripherals are installed and the same user can use the plurality of multifunction peripherals, if the upper limit management is performed independently for each device, the user usage cannot be managed collectively. For this reason, a system has been proposed in which a management device connected to each device via a network is installed, and the upper limit management is performed by collectively collecting the usage amounts used by a plurality of devices (see, for example, Patent Document 1).

  The reason why a system for installing a management apparatus is proposed is due to the specifications of the multifunction machine in addition to the above. Specifically, since the multifunction peripheral uses a lot of hardware and software resources to realize its main functions, there are restrictions on resources used for other functions. Therefore, it can be said that providing a management device such as a server for managing a plurality of multifunction peripherals in a system is more suitable as the system becomes larger.

  As described above, in an upper limit management system including a plurality of multifunction peripherals and a management device that manages usage amount information and usage amount upper limit information for each user information of the user with respect to the multifunction peripheral, the user requests to use the multifunction peripheral. The use restriction for the is determined using the use amount information and the use amount upper limit information.

  However, since the above determination in the conventional system is made only for the use restriction of the multifunction device requested for use, the same user uses a plurality of multifunction devices at the same time. If the usage exceeds the upper limit value in a certain multifunction device, the usage restriction judgment cannot be reflected to other multifunction devices in use, and the accuracy of the usage restriction is low. There's a problem.

  The present invention has been made in view of the above, and is an information processing apparatus, an information processing system, a use restriction method, a program, and a program that can perform use restriction with high accuracy with respect to a device mounting function. An object of the present invention is to provide a recording medium.

  In order to solve the above-described problems and achieve the object, an information processing apparatus according to the present invention is configured to communicate with a plurality of image processing apparatuses that execute functions for a user authenticated by an authentication unit. An authentication monitoring unit that monitors authentication by the authentication unit, and the image processing apparatus that determines that it is necessary to restrict the use of the function to the one user while providing the function to one user From the notification receiving means for receiving a usage restriction notification for restricting the use of the function to the one user, and to the image processing apparatus in which the one user is authenticated by the authentication means, the one user's Command transmitting means for transmitting a process execution command for requesting execution of a process for restricting the use of a function.

  An information processing apparatus according to the present invention is an information processing apparatus that is communicably connected to a plurality of image processing apparatuses that execute a function for a user authenticated by an authentication unit, and performs authentication by the authentication unit. Authentication monitoring means for monitoring, usage amount information relating to the usage amount of the function in units of users from each of the image processing devices, and usage amount management means for managing the total usage amount of the function for each user; A determination unit that determines whether or not it is necessary to restrict the use of the function to the user by using the total usage amount, and a determination that the determination unit needs to limit the use to one user In this case, a process execution command for requesting execution of a process for restricting the use of the function of the one user is transmitted to the image processing apparatus for which the authentication of the one user is performed by the authentication unit. Characterized in that it comprises a command transmitting means.

  The information processing system of the present invention includes a plurality of image processing apparatuses that execute a function for a user authenticated by an authentication unit, an information processing apparatus that is communicably connected to the plurality of image processing apparatuses, Authentication monitoring means for monitoring authentication by an authentication means, and the image processing that is included in the information processing apparatus and has determined that it is necessary to restrict the use of the function to the one user while providing the function to one user A notification receiving means for receiving a usage restriction notification for restricting the use of the function for the one user, and the image processing apparatus for which the one user is authenticated by the authentication means; Command transmission means for transmitting a process execution command for requesting execution of a process for restricting the use of the function.

  The information processing system according to the present invention includes a plurality of image processing apparatuses that execute a function for a user authenticated by an authentication unit, an information processing apparatus that is communicably connected to the image processing apparatus, and the authentication unit. An authentication monitoring means for monitoring authentication by the authentication unit, and included in the information processing apparatus, receives usage amount information relating to the usage amount in units of users from each of the image processing devices, and manages the total usage amount of the function for each user A usage amount managing means, a determination means included in the information processing apparatus for determining whether or not it is necessary to restrict the use of the function to a user using the total usage amount, and the information processing If the determination unit determines that it is necessary to restrict the use for one user, the image processing apparatus in which the one user is authenticated by the authentication unit, A command transmitting means for transmitting a process execution instruction for requesting the serial execution of a process for limiting the use of the functions of the user, characterized in that it comprises a.

  The use restriction method of the present invention is a use restriction method executed by a plurality of image processing apparatuses that execute a function for a user authenticated by an authentication unit and an information processing apparatus that is communicably connected. The authentication monitoring means monitoring the authentication by the authentication means, and the notification receiving means determines that it is necessary to restrict the use of the function to the one user while providing the function to one user. A step of receiving a usage restriction notification for restricting the use of the function for the one user from the image processing apparatus; and a command transmitting means to the image processing apparatus for which the one user has been authenticated by the authentication means. And a step of transmitting a process execution command for requesting execution of a process for restricting the use of the function of the one user.

  In addition, the use restriction method of the present invention is executed by a plurality of image processing apparatuses that execute a function for a user who has a function related to printing and is authenticated by an authentication unit, and an information processing apparatus that is communicably connected. A usage restriction method in which an authentication monitoring unit monitors authentication by the authentication unit, and a usage amount management unit uses a usage amount related to a usage amount of the function in units of users from each of the image processing apparatuses. Receiving the information and managing the total usage amount of the function for each user; and whether or not the determination unit needs to restrict the usage of the function to the user using the total usage amount. The determining step and the command transmitting means determine that the one user is authenticated by the authenticating means when the determining means determines that it is necessary to restrict the use to one user. To an image processing apparatus, characterized by comprising the steps of: transmitting a process execution instruction for requesting the execution of a process for limiting the use of the function of the one user.

  Further, the program of the present invention monitors a plurality of image processing apparatuses that execute a function for a user who has been authenticated by an authentication means and a computer of an information processing apparatus that is communicably connected to the authentication means. The use of the function for the one user is restricted from the authentication monitoring means and the image processing apparatus that has determined that it is necessary to restrict the use of the function to the one user while providing the function to one user. A notification receiving unit that receives the use restriction notification of the user, and requests the image processing apparatus for which the one user is authenticated by the authentication unit to execute a process for restricting the use of the function of the one user. It functions as command transmission means for transmitting a process execution command.

  Further, the program of the present invention monitors a plurality of image processing apparatuses that execute a function for a user who has been authenticated by an authentication means and a computer of an information processing apparatus that is communicably connected to the authentication means. Authentication monitoring means, usage amount management means for receiving usage amount information relating to the usage amount of the function in units of users from each of the image processing apparatuses, and managing the total usage amount of the function for each user, and the total usage A determination unit that determines whether or not it is necessary to restrict the use of the function to the user using the amount, and the determination unit determines that the use limitation needs to be performed for one user A process execution command for requesting the image processing apparatus for which the one user is authenticated by the authentication unit to execute a process for restricting the use of the function of the one user; A command transmitting section for signal for, to function as a.

  The recording medium of the present invention is a computer-readable recording medium storing any one of the plurality of programs.

  According to the present invention, it is possible to provide an information processing apparatus, an information processing system, a usage restriction method, a program, and a recording medium on which the program is recorded, which can perform use restriction with high accuracy with respect to a device-mounted function. .

FIG. 1 is a diagram showing a configuration example of an information processing system according to the first embodiment of the present invention. FIG. 2 is a diagram illustrating a hardware configuration example of the authentication management apparatus. FIG. 3 is a diagram illustrating a hardware configuration example of the image processing apparatus. FIG. 4 is a diagram illustrating a configuration example of the use restriction function. FIG. 5 is a diagram illustrating an example of log data. FIG. 6 is a diagram illustrating an example of user data. FIG. 7 is a diagram illustrating an example of a user login state table. FIG. 8 is a sequence diagram showing an example of a processing procedure for performing user authentication according to the first embodiment of the present invention. FIG. 9 is a sequence diagram illustrating an example of a processing procedure for performing usage restriction according to the first embodiment of the present invention. FIG. 10 is a sequence diagram illustrating an example of a procedure for updating the user login state table. FIG. 11 is a flowchart illustrating an example of a procedure for updating the user login state table. FIG. 12 is a diagram illustrating a configuration example of the use restriction function according to the second embodiment of the present invention. FIG. 13 is a sequence diagram illustrating an example of a processing procedure for restricting use. FIG. 14 is a sequence diagram illustrating an example of a processing procedure for performing usage restriction according to the third embodiment of the present invention. FIG. 15 is a sequence diagram illustrating an example of a processing procedure for performing usage restriction according to the fourth embodiment of the present invention. FIG. 16 is a flowchart showing log transfer method determination processing according to the fifth embodiment of the present invention. FIG. 17 is an explanatory diagram for explaining a determination method of the final determination of the log transfer method.

  Hereinafter, embodiments of the present invention will be described in detail with reference to the drawings. In addition, the same component is contained in the following several embodiment. Therefore, in the following, common reference numerals are given to those similar components, and redundant description is omitted.

(First embodiment)
First, a first embodiment of the present invention will be described.

<System configuration>
A system configuration for providing an authentication service according to the present embodiment will be described.

FIG. 1 is a diagram illustrating a configuration example of an information processing system 1 according to the present embodiment. As shown in FIG. 1, an information processing system 1 according to the present embodiment includes an authentication management device (authentication server) 100 serving as an information processing device and a plurality of image processing devices 200 ₁ to 200 _n. The transmission line N (for example, “LAN: Local Area Network”) is connected. In the following description, the image processing apparatuses 200 ₁ to 200 _n are collectively referred to as “image processing apparatus 200”. The authentication management apparatus 100 can perform data communication with a plurality of image processing apparatuses 200.

  The image processing apparatus 200 is a device that executes a request job (image processing as a requested function) from a user. For example, an MFP (multifunction machine) having a copy function, a printer function, a scanner function, and a facsimile function is used. LP (Laser Printer) having a printer function. The authentication management apparatus 100 is an information processing apparatus having a server function for performing authentication management of users who use the image processing apparatus 200. The image processing apparatus of the present invention is not limited to an MFP or LP, and can be applied to any image processing apparatus such as a copying machine, a printer, a scanner apparatus, and a facsimile apparatus.

  With such a system configuration, the information processing system 1 realizes a user authentication function by login / logout in the image processing apparatus 200. Specifically, the two devices (the authentication management device 100 and the image processing device 200) perform user authentication by performing a linked operation as follows.

  For example, the image processing apparatus 200 displays a login screen on an operation panel included in the apparatus, and requests the user to input authentication information such as a user ID and a password. When the authentication information is input, the image processing apparatus 200 transmits the input information to the authentication management apparatus 100 and requests user authentication. In response to the request, the authentication management apparatus 100 performs user authentication based on the received information, and returns an authentication result to the requesting image processing apparatus 200. Based on the authentication result received from the authentication management apparatus 100, the image processing apparatus 200 notifies the user of the availability of the installed function. In addition, the image processing apparatus 200 notifies the user of logout after completion of the request process.

  As described above, the information processing system 1 maintains the confidentiality of the image processing apparatus 200 that is assumed to be used by an unspecified number.

  In this embodiment, under such a system environment, high-precision usage restrictions are realized for the functions installed in the image processing apparatus 200.

<Hardware configuration>
Next, the hardware configuration of each device constituting the information processing system 1 will be described.

<Authentication management device>
FIG. 2 is a diagram illustrating a hardware configuration example of the authentication management apparatus 100 according to the present embodiment. As shown in FIG. 2, the authentication management apparatus 100 includes an input device 101, a display device 102, a drive device 103, a RAM (Random Access Memory) 104, a ROM (Read Only Memory) 105, a CPU (Central Processing Unit) 106, an interface. A device 107, an HDD (Hard Disk Drive) 108, and the like are provided and are connected to each other via a bus B. The RAM 104, ROM 105, and CPU (Central Processing Unit) 106 constitute a computer.

  The input device 101 includes a keyboard and a mouse, and is used to input each operation signal to the authentication management device 100. The display device 102 includes a display or the like, and displays a processing result (for example, “management information”) by the authentication management device 100.

  The interface device 107 is an interface that connects the authentication management device 100 to a predetermined data transmission path N. Therefore, the authentication management apparatus 100 can perform data communication with the image processing apparatus 200 via the interface apparatus 107.

  The HDD 108 is a non-volatile storage device that stores various programs and data. The stored programs and data include, for example, an OS (Operating System) that is basic software such as an information processing system (for example, “Windows (registered trademark)” or “UNIX (registered trademark)) that controls the entire authentication management apparatus 100. ), And an application that provides various functions (for example, “authentication management function”) on the information processing system. The HDD 108 manages the stored program and data by a predetermined file system and / or DB (Data Base).

  The drive device 103 is an interface with a removable recording medium 103a. As a result, the authentication management apparatus 100 can read and / or write the recording medium 103a via the drive apparatus 103.

  The ROM 105 is a nonvolatile semiconductor memory (storage device) that can retain internal data even when the power is turned off. The ROM 105 stores data such as a basic input / output system (BIOS) that is executed when the authentication management apparatus 100 is activated, and system settings and network-related settings of the authentication management apparatus 100.

  The RAM 104 is a volatile semiconductor memory (storage device) that temporarily stores programs and data read from the various storage devices. The CPU 106 implements the overall control of the authentication management apparatus 100 and the operation of various functions by executing the program read on the RAM 104.

  With such a hardware configuration, for example, the authentication management apparatus 100 can realize a mounting function by executing a program (software component that realizes a mounting function) read from the HDD 108 onto the RAM 104 by the CPU 106.

<Image processing device>
FIG. 3 is a diagram illustrating a hardware configuration example of the image processing apparatus 200 according to the present embodiment. As shown in FIG. 3, the image processing apparatus 200 includes a controller 210, an operation panel 220, a plotter 230, a scanner 240, an external device I / F 250, and the like, which are connected to each other via a bus B.

  The operation panel 220 includes an input unit such as a touch panel in addition to the display unit, and provides various information such as device information to the user and accepts various user operations such as operation settings and operation instructions.

  The plotter 230 includes an image forming unit and forms an output image on a sheet. For example, methods for forming an output image include an electrophotographic method and an inkjet method. The scanner 240 optically reads a document and generates a read image.

  The external device I / F 250 is an interface for reading stored information from the external device 250a. Examples of the external device 250a include a non-contact IC (Integrated Circuit) card such as a smart card.

  In the office environment, the external device 250a is issued in the form of an employee ID card or a usage certificate to a user who is a target of use of the image processing apparatus 200.

  In recent years, RFID (Radio Frequency Identification) has been used as a mechanism for managing authentication of people and things. RFID is a technology for exchanging information by wireless communication at a short distance (several centimeters to several meters depending on a frequency band) using an electromagnetic field or radio wave from a tag in which ID information is embedded.

  The external device I / F 250 can read stored information from the external device 250a using such a technique. Note that the authentication information input method is not limited to a method using a storage medium such as an IC card, and various methods such as a method using biometric information can be employed.

  The controller 210 includes a CPU 211, a storage device 212, a network I / F 213, an external storage I / F 214, and the like, which are connected to each other via a bus B.

  The CPU 211 executes various programs and controls various functions and the entire apparatus. The storage device 212 stores and holds the program and various data (for example, “image data”). Examples of the storage device 212 include a RAM that is a volatile memory, a ROM that is a nonvolatile memory, and an HDD having a large-capacity storage area. The RAM functions as a work area for the CPU 211 (a storage area from which programs and data are temporarily read). ROM and HDD are used as storage locations for programs and various data. As a result, in the image processing apparatus 200, the CPU 211 reads the program stored in the ROM onto the RAM and executes the program.

  The network I / F 213 is an interface for connecting the image processing apparatus 200 to a predetermined data transmission path N. Thereby, the image processing apparatus 200 can perform data communication with the authentication management apparatus 100 via the network I / F 213.

  The external storage I / F 214 is an interface for connecting a recording medium 214a corresponding to external storage. Accordingly, the image processing apparatus 200 can read and / or write the recording medium 214a via the external storage I / F 214.

  With such a hardware configuration, the image processing apparatus 200, for example, in the controller 210, the CPU 211 executes a program (software component that implements a mounted function) read from the ROM to the RAM, and is connected to the bus B. By controlling a device (for example, “plotter” or “scanner”), a mounting function can be realized.

  In the present embodiment, the case where the image processing apparatus 200 is an MFP has been described as an example. For example, when the image processing apparatus 200 is LP, the scanner 240 is not provided.

<Usage restriction function>
The usage restriction function according to the present embodiment will be described.

  In the image processing apparatus 200 according to the present embodiment, when a function use request is received from an authenticated user, an operation log of the used function executed in response to the request is issued in units of pages. Based on the issued operation log, the image processing apparatus 200 updates the accumulated consumption value that quantitatively indicates the accumulated consumption due to the past requested operation to the latest value. The image processing apparatus 200 compares and determines the updated value (latest cumulative consumption amount) and the upper limit value (use limit value) related to the set consumption. As a result, the image processing apparatus 200 instructs the use function to stop the operation in units of pages based on the comparison determination result. The image processing apparatus 200 has such a use restriction function. Furthermore, the authentication management apparatus 100 according to the present embodiment places a use restriction on the functions of all other image processing apparatuses 200 when the function use restriction is executed on one image processing apparatus 200. .

  Further, in the image processing apparatus 200 according to the present embodiment, the use function is restricted in units of pages based on the operation log for each page in the installed function executed in response to the function use request from the authenticated user. .

  The configuration and operation of the use restriction function will be described below. FIG. 4 is a diagram illustrating a configuration example of the use restriction function according to the present embodiment. As shown in FIG. 4, in the information processing system 1 according to the present embodiment, the use restriction function is realized by the cooperative operation of the functional units included in the authentication management apparatus 100 and the image processing apparatus 200.

<Authentication management device>
The authentication management apparatus 100 implements the log service unit 11 and the user information service unit 12 as functional units by following the program.

  The log service unit 11 manages logs collected from the image processing apparatus 200. As a log collection method, for example, a passive method for receiving a log transmitted from the image processing apparatus 200, or an active method for making an acquisition request to the image processing apparatus 200 and receiving a response log is given. and so on. The log service unit 11 manages the collected logs by storing and holding (storing) them in the log holding unit 11s. For example, the log holding unit 11s corresponds to a predetermined storage area of a storage device (for example, “HDD”) included in the authentication management apparatus 100.

  The user information service unit 12 manages various types of information (hereinafter referred to as “user information”) of users who are the utilization targets of the image processing apparatus 200. The user information service unit 12 stores / holds (stores) user information in the user information holding unit 12s and manages the user information by various data operations. Similarly to the log holding unit 11s, the user information holding unit 12s corresponds to, for example, a predetermined storage area of a storage device (for example, “HDD”) included in the authentication management apparatus 100. The user information held in this way can be operated using, for example, a predetermined management tool provided by the user information service unit 12. Therefore, the administrator can perform information management by registering and setting the target user information in advance using the management tool, and then adding, changing (updating), deleting, etc. the registration data.

  In addition, the user information service unit 12 performs user authentication during information management. That is, the user information service unit 12 functions as an authentication unit. The user information service unit 12 is based on authentication information (for example, “input user ID” or “input password”) transmitted from the image processing apparatus 200 and user information (for example, registered authentication information) managed by the service. , Perform user authentication.

  Details of the log and the user information will be described in << various data >>.

<Image processing device>
According to the program, the image processing apparatus 200 includes a log application unit 21, an authentication application unit 22, an external device control unit 23, an external device information acquisition unit 24, an authentication communication unit 25, a main body function unit 26, a log notification unit 27, and The main body control unit 28 and the like are realized as functional units.

  The log application unit 21 manages an operation log issued when the function of the device is operated. The log application unit 21 receives an operation log for each page from a log notification unit 27 described later. The log service unit 11 manages the received operation log by storing and holding (storing) it in the log holding unit 21s. The log holding unit 21s corresponds to, for example, a predetermined storage area of a storage device (for example, “HDD”) included in the image processing apparatus 200.

  In addition, the log application unit 21 transmits the operation log received from the log notification unit 27 to the authentication management apparatus 100. As a result, the image processing apparatus 200 and the authentication management apparatus 100 hold and manage the same log.

  The authentication application unit 22 cooperates with the user information service unit 12 included in the authentication management apparatus 100, and provides an authentication function to a user who is a usage target of the apparatus. The authentication application unit 22 displays a login screen (GUI: Graphical User Interface) on the operation panel 220 provided in the apparatus, and prompts input of authentication information. The authentication application unit 22 requests user authentication by transmitting the input authentication information to the authentication management apparatus 100 via the authentication communication unit 25 described later. As a result, the authentication application unit 22 receives the authentication result returned from the authentication management apparatus 100. At this time, when the user is authenticated, the authentication application unit 22 acquires corresponding user information managed by the user information service unit 12 as an authentication result. The authentication application unit 22 stores / holds (stores) the acquired corresponding user information in the user information holding unit 22s. The user information holding unit 22s corresponds to, for example, a predetermined storage area of a storage device (for example, “HDD”) included in the image processing apparatus 200.

  Further, the authentication application unit 22 determines whether or not it is necessary to restrict the use to the authenticated user (whether or not the use restriction is necessary). The usage restriction determination unit 221 corresponds to this.

  The operation log received by the log application unit 21 from the log notification unit 27 is transferred to the authentication application unit 22 in units of pages. Based on the received operation log, the authentication application unit 22 updates the value of the cumulative consumption (total usage amount) that quantitatively indicates the cumulative consumption due to the past requested operation to the latest value. The use restriction determination unit 221 determines whether or not use restriction is necessary by comparing the updated value (latest cumulative consumption) with the set upper limit value (use restriction value). As a result, the authentication application unit 22 instructs the use function to stop operation in units of pages via the main body control unit 28 described later based on the determination result.

  The total usage amount and the upper limit value are included in the corresponding user information received as an authentication result from the authentication management apparatus 100 by the authentication application unit 22. That is, the authentication application unit 22 accesses the user information holding unit 22s and updates the total usage amount included in the user information of the authenticated user. In addition, the usage restriction determination unit 221 accesses the user information holding unit 22s, refers to the upper limit value included in the user information of the authenticated user, and determines whether usage restriction is necessary.

  The external device control unit 23 controls the external device I / F 250. The external device information acquisition unit 24 acquires (reads) storage information from the external device 250a via the external device I / F 250.

  With these functional units, the image processing apparatus 200 can read, for example, authentication information stored in a tag in the non-contact IC card.

  Therefore, the authentication application unit 22 can perform not only user authentication based on the authentication information input from the login screen but also user authentication based on the authentication information acquired by the external device information acquisition unit 24. That is, the image processing apparatus 200 can perform user authentication by holding the external device 250a over the external device I / F 250.

  The authentication communication unit 25 performs data communication related to user authentication performed between the authentication management apparatus 100 and the image processing apparatus 200. For example, the authentication communication unit 25 transmits and receives authentication information and an authentication result through the network I / F 213 included in the image processing apparatus 200.

  The main body function unit 26 provides a predetermined service to the user in the image processing apparatus 200. The image processing apparatus 200 can be equipped with a basic function related to input / output and an extended function that can be added / deleted linked to the basic function. In the present embodiment, functions related to printing (output) are targeted for use restriction. Therefore, for example, when the image processing apparatus 200 is an MFP, functions such as copy, printer, and facsimile, which are basic functions related to output, are collectively referred to as a main body function unit 26.

  The log notification unit 27 issues and notifies the operation log of the main body function unit 26 that operates in response to the function use request from the authenticated user in units of pages. When the main body function unit 26 (copy function) receives a copy request from an authenticated user, the log notification unit 27 issues and notifies an operation log as follows. For example, when one copy of a five-page document is copied, a total of five action logs are issued / notified in the order of processed pages. When five copies of a 5-page document are copied, a total of 25 operation logs are issued / notified in the order of processed pages. As a result, the operation log for each page is transferred to the log application unit 21 in the order processed by the main body function unit 26.

  The main body control unit 28 realizes an operating environment (platform) of the main body function unit 26. The main body control unit 28 controls the start, stop, termination, etc. of the main body function unit 26 (controls the life cycle of the functions installed in the image processing apparatus). Thereby, according to the instruction | indication from the authentication application part 22, the operation | movement of the main body function part 26 (utilization function) can be stopped.

《Various data》
Here, logs, user information, and user login tables held in each holding unit will be described.

  FIG. 5 is a diagram illustrating an example of the log data 31 according to the present embodiment. The log data (operation log) 31 illustrated in FIG. 5 is operation log data issued / notified in units of pages from the log notification unit 27. As described above, the log data 31 is stored and managed in the log holding unit 21 s by the log application unit 21. Further, the log data 31 is transferred from the log application unit 21 to the authentication application unit 22 at an issue / notification timing by the log notification unit 27. Further, the log data 31 is collected by the authentication management apparatus 100 and stored and managed in the log holding unit 11s.

  As shown in FIG. 5A, the log data 31 includes user information 31U, device information 31M, consumption resource information 31R, and the like.

  Each of these pieces of information 31U, 31M, and 31R is configured by actual values (actual data) corresponding to the following information items.

  The user information 31U is information related to the authenticated user who has requested the operation, and includes a value corresponding to a user identification item such as “user ID”, for example. Note that the value of the user identification item (user identification information) may be a user name or the like other than the ID shown in FIG.

  The device information 31M is information related to the image processing apparatus 200 in which the function operates, and includes a value corresponding to a device identification item such as “device ID”, for example. Note that the value of the device identification item (device identification information) may be a device name or the like other than the ID shown in FIG.

  The consumed resource information 31R is information related to the resource consumed by the requested operation, and includes, for example, “number of pages”, “color model”, “double-sided / single-sided”, “paper size”, “used function”, and the like. Contains a value corresponding to each consumed resource item. In the data example of the consumption resource item shown in FIG. 5B, values are shown when a document of paper size [A3] is copied for one page with [color] and [single side].

  In the present embodiment, the log data 31 having such a configuration is issued by the log notification unit 27 in units of pages. As a result, the image processing apparatus 200 can obtain the resource consumed per page at the time of printing.

  FIG. 6 is a diagram showing an example of user data 41 according to the present embodiment. User data (user information) 41 shown in FIG. 6 is data stored and managed in the log holding unit 11 s by the log service unit 11. The user data 41 is transmitted from the authentication management apparatus 100 to the image processing apparatus 200 at the time of user authentication, and is referred to by the usage restriction determination unit 221 included in the authentication application unit 22.

  As shown in FIG. 6A, the user data 41 includes authentication information 41A, usage restriction information 41L, and the like.

  Each of these pieces of information 41A and 41L is composed of actual values (actual data) corresponding to the following information items.

  The authentication information 41A is information relating to user authentication, and includes values corresponding to authentication items such as “authentication user ID”, “authentication password”, “external device ID”, and “use permission authority”, for example. . Among these, the item “external device ID” is an item in which a value (external device identification information) for identifying the external device 250a used at the time of user authentication is set. In addition, the item “use permission authority” is an item in which a function (authorization information) that permits use of the authenticated user is set. In the data example of the authentication item shown in FIG. 6B, the user has the external device 250a identified by [Card01], the user is authenticated by the ID [User01] and the password [***], and the use permission function after the authentication. The values when the users of [Copy] and [Printer] are registered and set are shown.

  The usage restriction information 41L is information related to usage restrictions set for the user. For example, “consumption amount calculation coefficient”, “upper limit value (use restriction value)”, and “total usage amount (cumulative consumption amount)”. ) "And the like corresponding to each usage restriction item. The item “consumption amount calculation coefficient” is an item in which a coefficient K for calculating a consumption amount per page (a value to be added to the cumulative consumption amount up to now) by the requested operation is set. For example, the coefficient K is set in a table format as shown in FIG.

  As shown in FIG. 6C, the coefficient K has a coefficient value per page corresponding to each item such as “color”, “monochrome”, “single side”, “double side” for each function / print type. Is set. For example, in the data example shown in FIG. 6C, when color copying is performed, the consumption amount per page is calculated using the coefficient [3.0]. When color printing is performed using the function N, the consumption amount per page is calculated using the coefficient [2.0].

  In this way, in the item “consumption calculation coefficient”, a weight can be set for each user with respect to the consumption per page resulting from the execution of the use function.

  In addition, the item “upper limit value (usage limit value)” is an item in which an upper limit value that is the maximum permitted consumption amount for determining whether or not the use limit is required is set. In addition, the item of “total usage (cumulative consumption)” is a value obtained by accumulating the consumption by the requested action calculated using the above coefficient (a value that quantitatively shows the cumulative consumption by the past requested action (to date) Is the item for which the cumulative consumption)) is set. Therefore, “0” is set as an initial value in the item “total usage amount”, and the calculated consumption amount is accumulated in units of pages when the operation is executed. In the data example of the use restriction item shown in FIG. 6B, the consumption amount per page at the time of printing is calculated using [Coefficient 1] to [Coefficient n], and the use restriction is required by the upper limit value [25]. A value when a user who is determined to be negative is registered is shown. The total usage amount (cumulative consumption amount) may be a cumulative value of consumption amount calculated within a set period. In that case, the accumulated consumption up to the present within the set period becomes the total usage.

  In the present embodiment, the user data 41 having such a configuration is managed by the authentication management apparatus 100 (user information service unit). As a result, the image processing apparatus 200 can perform user authentication and use restrictions during printing.

  As shown in FIG. 5A, the log data 31 includes user information 31U, device information 31M, consumption resource information 31R, and the like.

  Each of these pieces of information 31U, 31M, and 31R is configured by actual values (actual data) corresponding to the following information items.

  The user information 31U is information related to the authenticated user who has requested the operation, and includes a value corresponding to a user identification item such as “user ID”, for example. Note that the value of the user identification item (user identification information) may be a user name or the like other than the ID shown in FIG.

  FIG. 7 is a diagram illustrating an example of a user login state table that is a table according to the present embodiment. As shown in FIG. 7, the user login status table 51 includes a first storage area 51A for storing identification information of the image processing apparatus 200, and a second storage area for storing a logged-in user ID (user identification information). 51B, a third storage area 51C for storing the last connection time, and a fourth storage area 51D for storing the timer time. The user login state table 51 stores the logged-in user ID, the last connection time, and the timer time for each image processing apparatus 200.

  Here, the user information service unit 12 manages the user login state table 51. Therefore, the user information service unit 12 authenticates the identification information of the image processing device used by the authenticated user in accordance with the fact that the image processing device is in use and the image processing device 200. It functions as an authentication management means for associating with the user identification information stored in the user login state table 51 as a table. The user information service unit 12 updates the user login state table 51 in at least one of the case where authentication is performed and the case where an update request is received from the image processing apparatus 200. In the present embodiment, the user login state table 51 is updated at least when authentication is performed. Further, the user information service unit 12 performs the processing for the image processing apparatus 200 whose identification information is stored in the user login state table 51 when the user authentication using the image processing apparatus 200 is canceled (when the user logs out). The image processing apparatus 200 deletes the data related to the image processing apparatus 200 from the user login state table 51 in at least one of the cases where the data indicating that the data is being used is not updated for a specified time. The specified time is determined using a timer value set in advance in the image processing apparatus 200. Specifically, a timer value set in advance in the image processing apparatus 200 is used as it is as the specified time. This timer value is transmitted from the image processing apparatus 200 to the authentication management apparatus 100 during the authentication process. As described above, the user information service unit 12 functions as an authentication monitoring unit that monitors the authentication by the user authentication unit by managing the user login state table 51.

  As described above, the use restriction function according to the present embodiment is realized by the above-described functional units linking and performing processing using the data.

  Next, the detailed operation of the use restriction function (the operation of associating the functional unit group) will be described with reference to a sequence diagram showing a processing procedure.

  The use restriction function is a program (software component related to the use restriction function) installed (installed) in the authentication management apparatus 100 and the image processing apparatus 200 by the CPUs 106 and 211 from the storage location (for example, “ROM”) to the storage device ( For example, it is realized by reading the data onto “RAM”) and executing the following processing. Hereinafter, “user authentication process” and “usage restriction process” will be described in this order.

<< User authentication process >>
FIG. 8 is a sequence diagram illustrating an example of a processing procedure for performing user authentication according to the present embodiment. In the information processing system 1 according to the present embodiment, the following user authentication process is performed by the authentication management apparatus 100 and the image processing apparatus 200.

  The image processing apparatus 200 causes the authentication application unit 22 to display a login screen on the operation panel 220 provided in the apparatus, and waits for input of authentication information from the user U (step S101).

  The authentication application unit 22 receives authentication information such as user identification information and a password input from the login screen by the user U (step S201).

  The authentication application unit 22 requests user authentication by transmitting the received authentication information to the authentication management apparatus 100 (step S301).

  The authentication management apparatus 100 performs user authentication based on the received authentication information and the user data 41 held in the user information holding unit 12s by the user information service unit 12 (step S302), and the authentication result is sent to the request source image. Responds to the processing device 200. At this time, the user information service unit 12 performs user authentication as follows. The user information service unit 12 accesses the user information holding unit 12 s and specifies user data 41 corresponding to the authentication target user U based on the user identification information included in the received authentication information. The user information service unit 12 compares the password included in the received authentication information with the set value of the “authentication password” item of the authentication information 41A included in the specified user data 41, and performs user authentication. When the passwords match and the user U is authenticated, the user information service unit 12 transmits the specified user data 41 to the image processing apparatus 200 as an authentication result.

  The image processing apparatus 200 receives the authentication result from the authentication management apparatus 100 by the authentication application unit 22, and stores the received user data 41 in the user information holding unit 22s if the user U is authenticated (step S303). ).

  The authentication application unit 22 notifies the user U of a function permitted to be used after authentication based on the setting value of the “use permission authority” item of the authentication information 41A included in the stored user data 41 (use Display the permission function screen. For example, when receiving the user data 41 shown in FIG. 6 as an authentication result, the authentication application unit 22 notifies the user U of the copy function and the printer function as functions permitted to be used after authentication (step S304). ).

  On the other hand, if the user U is not authenticated, the authentication application unit 22 displays a screen (authentication error screen) for notifying that on the operation panel 220.

  In the information processing system 1, the user U can log in to the image processing apparatus 200 and use the device mounting function by the above processing procedure.

《Usage restriction processing》
FIG. 9 is a sequence diagram illustrating an example of a processing procedure for performing usage restriction according to the present embodiment. Subsequently, in the information processing system 1 according to the present embodiment, the following usage restriction process is performed by the authentication management apparatus 100 and the image processing apparatus 200. In the following description, the authenticated user U is referred to as “authenticated user U”, and the processing procedure when the authenticated user U requests one copy of a single-sided color copy of a 6-page document from the image processing apparatus 200. Will be explained. Therefore, the main body function unit 26 in the figure is a copy function.

  As shown in FIG. 9, when the image processing apparatus 200 receives a copy request from the authenticated user U (step S401), the main body function unit 26 starts a request operation (copy operation) (step S501).

  In the image processing apparatus 200, the use restriction in units of pages is performed by executing the processing procedure of steps S502 to S510 described below every time the copy operation for one page is completed.

  When the main unit 26 completes the copy operation for one page, it requests the log notification unit 27 to issue / notify the log data 31 related to the copy operation in units of pages (step S502).

  The log notification unit 27 issues / notifies the log application unit 21 in response to the request to the log application unit 21 (step S503).

  The log application unit 21 stores the issued / notified log data 31 in the log holding unit 21s (step S504).

  Subsequently, the log application unit 21 gives the authentication application unit 22 the value of the “total usage (consumed cumulative value)” item of the usage restriction information 41L included in the user data 41 held by the user information holding unit 22s. A request is made to update to the latest value (step S505). At this time, the log application unit 21 requests the update of the user data 41 by passing the log data 31 for each page to the authentication application unit 22.

  In response to the request, the authentication application unit 22 calculates the latest cumulative consumption value including the copy operation for one page that has been executed based on the received log data 31 for each page, The value of the “consumption” item is updated (step S506: calculation, update means).

  First, the authentication application unit 22 based on the value of the consumption resource information 31R included in the log data 31 and the set value (coefficient K) of the “consumption calculation coefficient” item of the usage restriction information 41L included in the user data 41, A consumption per page (a value to be added to the cumulative consumption until now) due to execution of the copy operation is calculated. For example, when the authentication application unit 22 calculates the consumption amount per page due to the execution of the copy operation based on the log data 31 shown in FIG. 5 and the user data 41 shown in FIG. .

  The image processing apparatus 200 is requested by the authenticated user U to make a one-sided color copy of a 6-page document. The authentication application unit 22 is based on “color” of the “color model” item, “single side” of the “double side / single side” item, and “copy” of the “use function” item of the consumption resource information 31R included in the log data 31. Then, referring to the “consumption calculation coefficient” item of the usage restriction information 41L included in the user data 41, the coefficients K [3.0] and [1.0] for calculating the consumption per page are acquired. . The authentication application unit 22 uses the acquired coefficient K [3.0], [1.0] and consumes [3.0] (= 3.0 × 1. 0 × 1 (page)) is calculated.

  When one copy of a two-sided color copy of a 6-page document is requested from the authenticated user U, [Color] in the “Color model” item, [Double-sided] in the “Double-sided / single-sided” item, and “Used function” items Based on [Copy], the coefficients K [3.0] and [2.0] for calculating the consumption per page are acquired, and the consumption per page due to the execution of the copy operation [ 6.0] (= 3.0 × 2.0 × 1 (page)) is calculated.

  In this way, the authentication application unit 22 calculates the consumption per page due to the requested operation.

  Subsequently, the authentication application unit 22 adds the calculated consumption [3.0] to the value [15] of the “total usage (cumulative consumption)” item of the usage restriction information 41L included in the user data 41. Thus, the latest cumulative consumption value [18] (= 15 + 3) is calculated, and the value is updated.

  In this way, the authentication application unit 22 updates the value of the cumulative consumption that quantitatively indicates the cumulative consumption due to the past request action with the consumption in page units due to the current request action.

  The authentication application unit 22 uses the usage limit determination unit 221 to update the set value of the “upper limit value (use limit value)” item of the use limit information 41L included in the user data 41 with the updated value (latest cumulative consumption). It is determined whether or not it exceeds (step S507: determination means).

  In this way, the authentication application unit 22 uses the usage restriction determination unit 221 to compare the updated value (latest cumulative consumption) with the upper limit value (usage restriction value) related to the set consumption. Determine whether restriction is necessary.

  For example, when the authentication application unit 22 determines whether or not use restriction is required for the copy function based on the user data 41 shown in FIG.

  The use restriction determination unit 221 refers to the set value [25] of the “upper limit value (use restriction value)” item of the use restriction information 41L included in the user data 41, and compares it with the updated value [18]. As a result, the use restriction determination unit 221 determines that there is no need to restrict the use of the copy function because the updated value does not exceed the upper limit value (25> 18).

  As described above, when the updated value does not exceed the upper limit value (step S508: NO), the authentication application unit 22 determines that the use restriction determination unit 221 does not need to restrict the use of the copy function. Then, processing of the next page is continued.

  On the other hand, when the updated value exceeds the upper limit value (step S508: YES), the authentication application unit 22 determines that the use restriction determination unit 221 needs to restrict the use of the copy function.

  For example, in the image processing apparatus 200, the copy operation proceeds as the process continues, and when the copy operation for the fourth page is finished, the “total use amount (accumulated consumption)” of the use restriction information 41L included in the user data 41 is obtained by the process in step S506. The value of the “Amount)” item is updated to the latest cumulative consumption value [27]. As a result, the use restriction determination unit 221 determines that the use restriction needs to be performed on the copy function because the updated value exceeds the upper limit value (25 <27).

  If it is determined that usage restriction is necessary, the authentication application unit 22 instructs the main body control unit 28 to issue a command to stop the copy function based on the determination result (step S509). In response to the instruction, the main body control unit 28 instructs the main body function unit 26 to stop the operation (step S510: operation stop means). In addition, when it is determined that usage restriction is necessary in this way, the authentication application unit 22 determines that the updated value exceeds the upper limit for the user information service unit 12 of the authentication management apparatus 100 based on the determination result. A usage restriction notification including this is notified (step S521). In other words, the image processing apparatus 200 determines that it is necessary to restrict the use of the function to one user who is providing the function (copy function), and uses the function to restrict the use of the function for the one user. Send limit notification. Here, “providing a function” means, for example, a period during which a function performed using the image processing apparatus 200 is provided from login to logout.

  When the user information service unit 12 of the authentication management device 100 receives a notification from the authentication application unit 22 that the updated value exceeds the upper limit value, the user information service unit 12 issues a function stop command other than the image processing device 200 that transmitted the notification. The image processing apparatus 200 to be notified is determined (step S522). Here, the user information service unit 12 determines that it is necessary to restrict the use of the function to one user while providing the function to one user (in other words, a certain user). , It functions as a notification receiving means for receiving a use restriction notification for restricting the use of the function for the one user. The user information service unit 12 refers to the user login state table 51, and functions as a process execution command for the image processing apparatus 200 other than the image processing apparatus 200 that has transmitted the notification among the logged-in image processing apparatuses 200. The image processing apparatus 200 to be notified of the stop command is determined. Then, the user information service unit 12 transmits (notifies) a function stop command for operation to the image processing apparatus 200 to which the function stop command is to be notified (step S523). Here, the user information service unit 12 transmits a process execution command for requesting execution of a process for restricting the use of the function of one user to the image processing apparatus 200 whose one user has been authenticated by the authentication unit. It functions as a command transmission means.

  As described above, in the image processing apparatus 200, the use function is restricted on a page-by-page basis based on the operation log for each page in the installed function executed in response to the function use request from the authenticated user U.

  After the operation of the copy function is stopped, the main body function unit 26 displays a screen (logout screen) notifying that the user has been logged out on the operation panel 220 (step S601), and also logs out to the log application unit 21. It is notified (step S701).

  Upon receiving the notification, the log application unit 21 transmits the log data 31 for each page stored in the log holding unit 21s to the authentication management apparatus 100 until usage is restricted (step S702).

  The authentication management apparatus 100 uses the log service unit 11 to store the received log data 31 in the log holding unit 11s (step S703).

  Subsequently, the log service unit 11 gives the user information service unit 12 the value of the “total usage amount (consumed cumulative value)” item of the usage restriction information 41L included in the user data 41 held by the user information holding unit 12s. Is requested to be updated (step S704). At this time, the log service unit 11 requests the user data 41 to be updated by passing the log data 31 for each page to the user information service unit 12.

  In response to the request, the user information service unit 12 calculates the latest cumulative consumption value including the executed copy operation based on the received page unit log data 31, and displays “total usage amount (cumulative consumption amount)”. The value of the item is updated (step S705).

  Thus, in the information processing system 1, user information held by the authentication management apparatus 100 and the image processing apparatus 200 is unified and managed. The use restriction is not limited to the function stop or forced logout after the function stop. For example, if a color print request is issued, the output may be changed to monochrome printing, or one-sided printing may be printed on both sides. .

  Next, update processing of the user login state table 51 will be described with reference to FIG. FIG. 10 is a sequence diagram illustrating an example of an update process procedure of the user login state table 51. As illustrated in FIG. 10, the authentication application unit 22 of the image processing apparatus 200 monitors whether a predetermined time has elapsed since the login or the previous transmission of the login information update request (step S801). Then, the authentication application unit 22 sends a login information update request, which is an update request, to the user information service unit 12 of the authentication management apparatus 100 after login or when a predetermined time has elapsed since the previous transmission of the login information update request. (Step S802). That is, the image processing apparatus 200 transmits an update request at regular time intervals. This specified time is, for example, a timer value set in advance in the image processing apparatus 200.

  When receiving the login information update request from the authentication application unit 22, the user information service unit 12 of the authentication management apparatus 100 updates the user login state table 51 (step S803). Specifically, the timer time is reset.

  Next, update processing in another procedure of the user login state table 51 will be described with reference to FIG. FIG. 11 is a flowchart illustrating an example of an update process procedure of the user login state table 51. As shown in FIG. 11, the user information service unit 12 of the authentication management apparatus 100 monitors the user login state table 51 (step S811). Specifically, the user information service unit 12 monitors whether there is an image processing device 200 to be deleted from the user login state table 51. The deletion from the user login state table 51 is performed when the authentication application unit 22 of the image processing apparatus 200 notifies logout or when a certain time has elapsed since the authentication application unit 22 last transmitted a login information update request. is there. In these cases, that is, if it is determined that there is a deletion target (step S812: Yes), the user information service unit 12 deletes the corresponding image processing apparatus 200 from the user login state table 51 (step S813). Then, the user information service unit 12 continues to monitor the user login state table 51. On the other hand, when there is no deletion target (No in step S812), the user information service unit 12 continues to monitor the user login state table 51 without updating the user login state table 51.

<Summary>
As described above, the authentication management apparatus 100 according to the present embodiment is directed to the image processing apparatus 200 in which one user is authenticated when it is determined that it is necessary to restrict the function use for one user. Then, a function stop command for requesting the user to stop executing the function is transmitted. Therefore, since all the image processing apparatuses 200 stop the function for the one user at a time, it is possible to restrict the use of the device with high accuracy.

(Second Embodiment)
Next, a second embodiment of the present invention will be described with reference to FIGS. FIG. 12 is a diagram illustrating a configuration example of the use restriction function according to the present embodiment, and FIG. 13 is a sequence diagram illustrating a processing procedure example for performing use restriction.

  In the present embodiment, the image processing apparatus 200 calculates a scheduled usage amount (a usage amount that should be processed if an unexpected situation such as an error does not occur) in response to a usage request from the user, and the management device estimates the usage amount. To be notified. Specifically, in the present embodiment, the scheduled usage amount is, for example, the number of prints included in a print job from the host device. The scheduled usage amount is not limited to the number of prints included in the print command. For example, the acquisition unit acquires “use request information” in response to a “function use request” by a user operation, and sends it to the authentication application unit 22. The authentication application unit 22 may perform “scheduled amount calculation”. In this way, it is possible to calculate the expected usage amount not only for print jobs but also for functions that are managed in upper limit management, such as copying, scanning, and facsimile.

  In the present embodiment, as shown in FIG. 12, the image processing apparatus 200 includes a log application unit 21, an authentication application unit 22, an external device control unit 23, an external device information acquisition unit 24, an authentication communication unit 25, and a main body function unit. 26, the log notification unit 27, and the main body control unit 28, the job information acquisition unit 29 is realized as a functional unit.

  The job information acquisition unit 29 acquires job information in response to a job execution request, and transmits the job information to the authentication application unit 22.

  Next, the use restriction process in the use restriction function of the present embodiment will be described with reference to a sequence diagram showing a processing procedure. Note that the user authentication process is the same as that in the first embodiment, and a description thereof will be omitted.

  As shown in FIG. 13, when the image processing apparatus 200 receives a copy request from the authenticated user U (step S401), the main body function unit 26 starts a request operation (copy operation) (step S501). At this time, the main body control unit 28 of the image processing apparatus 200 transmits job information to the job information acquisition unit 29 (step S901). Then, the job information acquisition unit 29 acquired by receiving the job information thereby transmits the acquired job information to the authentication application unit 22 (step S902).

  Upon receiving the job information, the authentication application unit 22 calculates (extracts) the scheduled usage amount from the job information (step S903). Then, the authentication application unit 22 transmits the calculated (extracted) scheduled usage amount to the user information service unit 12 of the authentication management apparatus 100 (step S904).

  In step S905, when the user information service unit 12 receives the scheduled usage amount of the user's function from the image processing apparatus 200, the user information service unit 12 determines that the usage upper limit value has been exceeded and uses this determination result to determine the log transfer method. (Step S905). Here, the user information service unit 12 functions as a scheduled usage amount receiving unit. Specifically, the user information service unit 12 calculates the total scheduled usage amount by adding the received scheduled usage amount and the total usage amount. Then, the user information service unit 12 determines whether or not the calculated total scheduled usage amount exceeds the usage upper limit value. When the user information service unit 12 determines that the calculated total scheduled usage exceeds the usage upper limit, the log transfer method is determined as the sequential transfer scheme, and the calculated total planned usage exceeds the usage upper limit. If it is determined that it is not, the batch transfer method is determined as the log transfer method (transmission method). Here, the batch transfer method is a first transfer method (transmission method) in which usage information (log data) is transmitted in units of one job, and the sequential transfer method is a usage amount in units of pages in one job. This is a second transfer method (transmission method) for transmitting information (log data). Then, the user information service unit 12 notifies the determined transfer method to the authentication application unit 22 of the image processing apparatus 200 (step S906). In this way, the user information service unit 12 determines whether or not the total scheduled usage amount exceeds the prescribed upper limit value, and using this determination result, the usage amount information transmission method is determined for each job. This is selectively determined from a first transmission method for transmitting usage information and a second transmission method for transmitting usage information in units of pages in one job. Here, the user information service unit 12 functions as an instruction unit that determines the transmission method of the usage amount information using the total scheduled usage amount based on the planned usage amount, and instructs the image processing apparatus 200 about the determined transmission method.

  Here, when the scheduled usage amount of the same user is transmitted from the plurality of image processing apparatuses 200, the total value of all the transmitted scheduled usage amounts is included in the total scheduled usage amount. At this time, when the scheduled usage amount is transmitted from the first image processing apparatus 200, the user information service unit 12 calculates the total scheduled usage amount by adding the transmitted scheduled usage amount and the total usage amount. Thereafter, when the planned usage amount is transmitted from the second image processing apparatus 200 while the function of the first image processing apparatus 200 is being used, the planned total usage amount has already been calculated. Add the usage amount to find the latest total planned usage amount. This makes it possible to efficiently obtain the total scheduled usage amount. Note that the method for calculating the total scheduled usage amount is not limited to this. For example, when the scheduled usage amount is transmitted from the second image processing device 200, the scheduled transmission amount is transmitted by the second image processing device 200. A method may be used in which the usage amount, the scheduled usage amount previously transmitted by the first image processing apparatus 200, and the total usage amount are added together. In addition to the calculation by the image processing apparatus 200, the authentication management apparatus 100 may calculate the scheduled usage amount based on the usage schedule information.

  When receiving the notification of the transfer method from the user information service unit 12, the authentication application unit 22 of the image processing apparatus 200 notifies the log application unit 21 of the transferred transfer method (step S907). Upon receiving the notification of the transfer method, the log application unit 21 transmits the log data to the log service unit 11 of the authentication management apparatus 100 using the notified transfer method (step S908). Here, FIG. 13 shows an example in which the transfer method is a sequential transfer method.

  If the log service unit 11 of the authentication management apparatus 100 receives a log from the log application unit 21 of the image processing apparatus 200, the log service unit 11 calculates a usage amount based on the received log (step S909). Then, the log service unit 11 transmits the calculated usage amount to the user information service unit 12 (step S910).

  When receiving the usage amount from the log service unit 11, the user information service unit 12 updates the total usage amount information stored in the storage unit based on the usage amount (step S911). Here, the user information service unit 12 functions as a usage amount management unit that receives the usage amount of a function for each user from each image processing apparatus 200 and manages the total usage amount of the function for each user. Then, the user information service unit 12 determines whether or not it is necessary to restrict the use of the function for the user by determining whether or not the total usage amount exceeds the upper limit value (step S912). ). Here, the user information service unit 12 functions as a determination unit that determines whether or not it is necessary to restrict the use of the function to the user using the total usage amount. The user information service unit 12 determines whether or not it is necessary to restrict the use of the function for the user by using the function use upper limit value and the total use amount set for each user. Specifically, the user information service unit 12 determines whether or not the total usage amount based on the received total usage amount information exceeds the upper limit value based on the upper limit value information. When the user information service unit 12 determines that the total usage exceeds the upper limit (step S913: Yes), the image processing that has notified the planned usage in step S904 is a function stop command as a processing execution command. Notifying the apparatus 200 (step S914), a function stop command is also notified to other image processing apparatuses 200 (step S915). Here, the user information service unit 12 transmits a process execution command for requesting execution of a process for restricting the use of the function of one user to the image processing apparatus 200 whose one user has been authenticated by the authentication unit. It functions as a command transmission means. If the transfer method is batch transfer, the process of step S913 may not be performed.

  As described above, when the information processing apparatus 100 according to the present embodiment determines that it is necessary to restrict function use for one user, the information processing apparatus 100 proceeds to the image processing apparatus 200 in which one user is authenticated. A function stop command for requesting the user to stop function execution is transmitted. Therefore, since all the image processing apparatuses 200 stop the function for the one user at a time, it is possible to restrict the use of the device with high accuracy.

(Third embodiment)
Next, a third embodiment of the present invention will be described with reference to FIG. FIG. 14 is a sequence diagram illustrating an example of a processing procedure for performing usage restriction according to the present embodiment.

  The present embodiment is basically the same as the second embodiment, but the processing after step S907 in the processing of the use restriction function is different from the second embodiment. Therefore, description of the processing up to step S907 is omitted.

  In the present embodiment, when a job (processing in response to a usage request) is completed in the image processing apparatus 200, the image processing apparatus 200 notifies the authentication management apparatus 100 that the job has been completed. The authentication management apparatus 100 that has received the notification of the end of the job (that is, the end of the provision of the function) performs the use restriction process. In this example, an example when there is a request to cancel or stop printing will be described.

  In the present embodiment, the log service unit 11 of the authentication management apparatus 100 functions as an end notification receiving unit, and the fact that the provision of the function to a certain user from the image processing apparatus 200 has ended and the actual use of the function of the user is performed. Accept end notification including quantity. In the present embodiment, the actual usage amount of the user function is included in the end notification. Then, the user information service unit 12 serving as a usage amount management unit reflects the difference between the actual usage amount and the planned usage amount of the function in the total scheduled usage amount in response to the end notification.

  Details of the processing of the present embodiment will be described with reference to FIG. As shown in FIG. 14, when the main body control unit 28 of the image processing apparatus 200 receives a request to stop or stop printing, it notifies the main body function unit 26 of an end request for requesting the end of the job (step S921). . Then, the main body control unit 28 notifies the job information acquisition unit 29 that the job has been completed (step S922). Having received the notification, the job information acquisition unit 29 that has acquired the job end information notifies the log service unit 11 of the authentication management apparatus 100 that the job has ended (step S923). At this time, if a log is accumulated, the job information acquisition unit 29 notifies the log service unit 11 of this log as well.

  When the log service unit 11 of the authentication management apparatus 100 receives a job completion message from the job information acquisition unit 29, the log service unit 11 calculates a job total usage amount for the job (step S924). Then, the log service unit 11 transmits the calculated job total usage amount to the user information service unit 12 (step S925).

  The user information service unit 12 calculates a difference between the received job total usage amount and the planned usage amount, reflects the difference in the total planned usage amount, and updates the total planned usage amount stored in the storage unit. (Step S926). Then, the user information service unit 12 determines whether the upper limit has been exceeded (step S927). Specifically, the user information service unit 12 determines whether or not the updated total usage amount exceeds the upper limit value according to the upper limit value information. If the user information service unit 12 determines that the total usage exceeds the upper limit (step S928: Yes), the user information service unit 12 notifies the other image processing apparatus 200 of a function stop command (step S929). At this time, the user information service unit 12 notifies the function stop command to the other image processing apparatus 200 that has been logged in. In step S926, transfer method determination processing may be performed again.

  Also in the present embodiment described above, as in the second embodiment, when the information processing apparatus 100 determines that it is necessary to restrict the function use for one user, one user is authenticated. A function stop command for requesting the user to stop executing the function is transmitted to the image processing apparatus 200. Therefore, since all the image processing apparatuses 200 stop the function for the one user at a time, it is possible to restrict the use of the device with high accuracy.

(Fourth embodiment)
Next, a fourth embodiment of the present invention will be described with reference to FIG. FIG. 15 is a sequence diagram illustrating an example of a processing procedure for performing usage restriction according to the present embodiment.

  This embodiment is basically the same as the second embodiment, but a part of the processing of the use restriction function is different from the second embodiment. Therefore, detailed description of the same processing as that of the second embodiment is omitted.

  In the present embodiment, the user information service unit 12 as an instruction unit instructs the determined transmission method to all image processing apparatuses for which one user is authenticated.

  Hereinafter, the processing of the present embodiment will be described with reference to FIG. In the present embodiment, in the image processing apparatus 200, similarly to the second embodiment, steps S501 and S901 to S904 are performed, and the planned usage amount is changed from the image processing apparatus 200 to the user of the authentication management apparatus 100. The information service unit 12 is notified.

  When the user information service unit 12 of the authentication management apparatus 100 receives the scheduled usage amount from the image processing apparatus 200, the user information service unit 12 calculates a total scheduled usage amount and determines a log transfer method based on the calculated total scheduled usage amount ( Step S931). Then, the user information service unit 12 transmits a log transfer request indicating a log transfer request according to the determined log transfer method to the image processing apparatus 200 that has notified the planned usage amount in step S904 (step S906). The log transfer request is also transmitted to the other image processing apparatus 200 (step S932).

  The image processing apparatus 200 transfers the log in response to a request from the authentication management apparatus (steps S907, S908, and S933).

  When the log service unit 11 of the authentication management apparatus 100 receives the log, the log service unit 11 calculates a usage amount based on the received log (step S909), and performs the processing of steps S910 to S917 as in the second embodiment. Execute.

  Also in the present embodiment described above, as in the second embodiment, when the information processing apparatus 100 determines that it is necessary to restrict the function use for one user, one user is authenticated. A function stop command for requesting the user to stop executing the function is transmitted to the image processing apparatus 200. Therefore, since all the image processing apparatuses 200 stop the function for the one user at a time, it is possible to restrict the use of the device with high accuracy.

(Fifth embodiment)
Next, a fifth embodiment of the present invention will be described with reference to FIG. FIG. 16 is a flowchart showing log transfer method determination processing according to the fifth embodiment of the present invention, and FIG. 17 is an explanatory diagram for explaining a determination method of final determination of the log transfer method.

  This embodiment is basically the same as the second embodiment, but a part of the processing of the use restriction function is different from the second embodiment. Therefore, detailed description of the same processing as that of the second embodiment is omitted.

  In the present embodiment, the user information service unit 12 as an instruction unit determines a transfer method as a usage amount transmission method using the scheduled usage amount, the usage upper limit value, and the total usage amount.

  Specifically, the user information service unit 12 determines whether or not the scheduled usage amount exceeds the upper limit value (step S931). If the scheduled usage amount does not exceed the upper limit (No in step S931), the user information service unit 12 determines the transfer method to be the batch transfer method that is the first transfer method (step S932).

  On the other hand, when the scheduled usage amount exceeds the upper limit value (Yes in step S931), the user information service unit 12 proceeds to step S933 and performs the final determination process of the transfer method. In this process, the user information service unit 12 uses the conditional expression shown in FIG. The user information service unit 12 calculates a remaining upper limit value X (the number of sheets that can actually be used) each time a log is transferred from the image processing apparatus 200. When the remaining upper limit value X is 50 or more and less than 100, the user information service unit 12 determines the transmission method as a transmission method in units of 10 accumulated logs. Further, when the remaining upper limit value X is 20 or more and less than 50, the user information service unit 12 determines the transmission method to be a transmission method in units of five accumulation logs. Further, when the remaining upper limit value X is less than 20, the user information service unit 12 determines the transmission method as a transmission method in units of one accumulation log. Then, the user information service unit 12 transmits the determined transmission method to the image processing apparatus 200. As a result, the image processing apparatus 200 transmits the log according to the determined transmission method. At this time, the image processing apparatus 200 transmits a log when the accumulated log number exceeds or becomes equal to the accumulated log number of the determined transmission method. The conditional expression can be set for each item in FIG. 17 and is not limited to the example of the present embodiment.

  Also in the present embodiment described above, as in the second embodiment, when the information processing apparatus 100 determines that it is necessary to restrict the function use for one user, one user is authenticated. A function stop command for requesting the user to stop executing the function is transmitted to the image processing apparatus 200. Therefore, since all the image processing apparatuses 200 stop the function for the one user at a time, it is possible to restrict the use of the device with high accuracy.

  Each embodiment has been described so far, but the program executed by the authentication management apparatus of the above embodiment is a module configuration including the above-described units (user information service unit 12, log service unit 11 and the like). As actual hardware, a CPU (processor) 106 reads out and executes a program from a storage unit such as a ROM 105, and the above-described units are loaded on the main storage device. The user information service unit 12, log service The unit 11 is generated on the main storage device.

  The program executed by the image processing apparatus 200 according to the above embodiment includes the above-described units (main body function unit 26, main body control unit 28, job information acquisition unit 29, authentication application unit 22, log notification unit 27, log application). Unit 21 and the like), and as actual hardware, the CPU (processor) 211 reads a program from a storage unit such as a ROM and executes the program, so that each unit is loaded on the main storage device. A main body function unit 26, a main body control unit 28, a job information acquisition unit 29, an authentication application unit 22, a log notification unit 27, and a log application unit 21 are generated on the main storage device.

  The program can be stored in the computer-readable recording media 103a and 214a. Examples of the recording medium 103a include a floppy (registered trademark) disk, a CD (Compact Disk), and a DVD (Digital Versatile Disk). The recording medium 214a includes, for example, an SD memory card (SD Memory Card) and a USB (Universal Serial Bus) memory.

  Therefore, the program is stored in the recording media 103a and 214a, so that the authentication management apparatus 100 and the image processing apparatus 200 can read the recording media 103a and 214a via the drive device 103 and the external storage I / F 214. Can be installed. Further, since the authentication management apparatus 100 and the image processing apparatus 200 include the interface apparatus 107 and the network I / F 213, the program can be downloaded and installed using an electric communication line such as the Internet.

  In the second to fifth embodiments, the example in which the function use suspension determination is performed by the authentication management apparatus as the information processing apparatus has been described. However, the present invention is not limited to this, and the second to fifth embodiments are described. In this embodiment, the function use stop determination may be performed by the image processing apparatus. For example, when the log is transferred in accordance with the transfer method, the authentication management device performs updating of the total usage amount information, transfers the total usage amount information to the logged-in image processing device, and is held in the image processing device. The usage amount may be calculated from the log to determine whether to stop using the function.

  Note that the processing performed when the image processing apparatus receives a process execution command that requests execution of a process for restricting the use of a function of one user is not limited to a function stop or the like. It is also possible to notify that the use of the function is urged. This can prompt the user to stop using the function. This notification can be realized by, for example, issuing a printout on paper or displaying on the display unit of the operation panel 200 that the use of the function has reached a limit value and should be stopped. it can.

  In each of the above embodiments, the copy function and the print function have been described as examples of the function of the image processing apparatus. However, the present invention is not limited to this, and the function of the image processing apparatus includes the image processing apparatus, A service request function or the like that transmits a request signal for requesting execution of a predetermined service to a device on an external network to cause the device to perform a predetermined service may be used. As an example of the service on the external network, a service such as an OCR service provided on the cloud or SaaS (Software as a Service) can be considered. In other words, even services provided by the cloud or SaaS may be provided to users on a pay-per-use basis. For this reason, the service provided on the external network may be controlled as a usage restriction target.

DESCRIPTION OF SYMBOLS 1 Information processing system 11 Log service part 12 User information service part 21 Log application part 22 Authentication application part 26 Main body function part 27 Log notification part 28 Main body control part 29 Job information acquisition part 51 User login state table (table)
100 Authentication management device (information processing device)
200 Image processing device U User

JP 2004-102356 A

Claims (30)

A plurality of image processing apparatuses that execute a function for a user authenticated by an authentication unit, and an information processing apparatus that is communicably connected;
Authentication monitoring means for monitoring authentication by the authentication means;
A use restriction notification indicating that the use of the function is restricted to the one user is issued from the image processing apparatus that is determined to be necessary to restrict use of the function to the one user while providing the function to one user. A notification receiving means for receiving;
Command transmitting means for transmitting a processing execution command for requesting execution of processing for restricting use of the function of the one user to the image processing apparatus for which the one user has been authenticated by the authenticating means;
An information processing apparatus comprising: A plurality of image processing apparatuses that execute a function for a user authenticated by an authentication unit, and an information processing apparatus that is communicably connected;
Authentication monitoring means for monitoring authentication by the authentication means;
Usage amount management means for receiving usage amount information related to the usage amount of the function in units of users from each of the image processing devices, and managing the total usage amount of the function for each user;
A determination unit that determines whether or not it is necessary to restrict the use of the function to the user using the total usage amount;
When the determination unit determines that the use restriction is necessary for one user, the function of the one user is used to the image processing apparatus for which the one user is authenticated by the authentication unit. Command transmission means for transmitting a process execution command for requesting execution of a process for limiting;
An information processing apparatus comprising: Scheduled usage amount receiving means for receiving scheduled usage amount information related to the scheduled usage amount of the function of the user from the image processing device;
An instruction means for determining a transmission method of the usage amount information using a total scheduled usage amount based on the scheduled usage amount, and instructing the image processing apparatus on the determined transmission method;
The information processing apparatus according to claim 2, further comprising:   The instructing means determines whether or not the total scheduled usage amount exceeds a predetermined upper limit value, and uses the determination result to transmit the usage amount information for each job as the transmission method. The information processing apparatus according to claim 3, wherein the information processing apparatus is selectively determined from one transmission method and a second transmission method for transmitting the usage amount information in units of pages in one job. An end notification receiving means for receiving an end notification including the end of the provision of the function to a certain user from the image processing apparatus;
The said usage-amount management means reflects the difference of the actual usage-amount of the said function and the said scheduled usage-amount in the said total scheduled usage-amount according to the said completion notification. Information processing device.   6. The information processing apparatus according to claim 3, wherein the instruction unit instructs the determined transmission method to all the image processing apparatuses for which the one user is authenticated. The determination means determines whether or not it is necessary to restrict the use of the function for the user, using the upper limit value of the function set for each user and the total usage amount.
The information processing apparatus according to claim 2, wherein the instruction unit determines a transmission method of the usage amount using the scheduled usage amount, the usage upper limit value, and the total usage amount.   The authentication monitoring means has identified the identification information of the image processing device used by the authenticated user, that the image processing device is in use and has been authenticated corresponding to the image processing device. The information processing apparatus according to claim 1, wherein the information is stored in a table in association with user identification information.   9. The information according to claim 8, wherein the authentication monitoring unit updates the table in at least one of a case where the authentication is performed and a case where an update request is received from the image processing apparatus. Processing equipment.   The information processing apparatus according to claim 9, wherein the image processing apparatus transmits the update request at regular time intervals.   The authentication monitoring means indicates that the authentication of the user using the image processing device is canceled and that the image processing device for the image processing device whose identification information is stored in the table is in use. 11. The data according to claim 8, wherein the data related to the image processing apparatus is deleted from the table in at least one of cases where the data has not been updated for a specified time. Information processing device.   The information processing apparatus according to claim 10 or 11, wherein the specified time is determined using a timer value preset in the image processing apparatus. A plurality of image processing apparatuses that execute a function for a user authenticated by an authentication unit;
An information processing apparatus communicably connected to the plurality of image processing apparatuses;
Authentication monitoring means for monitoring authentication by the authentication means;
Use restriction of the function for the one user from the image processing apparatus, which is included in the information processing apparatus and has determined that it is necessary to restrict use of the function to the one user while providing the function to one user A notification receiving means for receiving a usage restriction notification indicating that
Command transmitting means for transmitting a processing execution command for requesting execution of processing for restricting use of the function of the one user to the image processing apparatus for which the one user has been authenticated by the authenticating means;
An information processing system comprising: A plurality of image processing apparatuses that execute a function for a user authenticated by an authentication unit;
An information processing apparatus communicably connected to the image processing apparatus;
Authentication monitoring means for monitoring authentication by the authentication means;
Usage amount management means included in the information processing apparatus, receives usage amount information relating to the usage amount in units of users from each of the image processing devices, and manages the total usage amount of the function for each user;
A determination unit that is included in the information processing apparatus and determines whether it is necessary to restrict the use of the function to a user using the total usage amount;
When included in the information processing apparatus and the determination means determines that it is necessary to restrict the use of one user, the image processing apparatus in which the one user is authenticated by the authentication means, Command transmission means for transmitting a process execution command for requesting execution of a process for limiting the use of the function of one user;
An information processing system comprising: Scheduled usage amount receiving means for receiving scheduled usage amount information related to the scheduled usage amount of the function of the user from the image processing device;
An instruction means for determining a transmission method of the usage amount information using a total scheduled usage amount based on the scheduled usage amount, and instructing the image processing apparatus on the determined transmission method;
The information processing system according to claim 14, further comprising: A plurality of image processing apparatuses that execute functions for a user authenticated by an authentication unit, and a usage restriction method that is executed by an information processing apparatus that is communicably connected,
An authentication monitoring means for monitoring authentication by the authentication means;
The notification receiving means restricts the use of the function to the one user from the image processing apparatus that has determined that the use of the function to the one user needs to be restricted while providing the function to one user. Receiving a usage restriction notification for,
A step of transmitting a process execution command for requesting execution of a process for restricting the use of the function of the one user to the image processing apparatus for which the one user has been authenticated by the authentication unit; When,
The usage restriction method characterized by including. A plurality of image processing apparatuses that execute a function for a user who has a function related to printing and is authenticated by an authentication unit, and a usage restriction method that is executed by an information processing apparatus connected to be communicable;
An authentication monitoring means for monitoring authentication by the authentication means;
A usage amount management unit that receives usage amount information related to the usage amount of the function in units of users from each of the image processing devices, and manages the total usage amount of the function for each user;
A step of determining whether or not it is necessary to limit the use of the function to the user using the total usage amount;
When the command transmission unit determines that the determination unit needs to restrict the use for one user, the command transmission unit sends the one user's authentication to the image processing apparatus authenticated by the one user. Transmitting a process execution command for requesting execution of a process for limiting use of the function;
The usage restriction method characterized by including. A step of accepting scheduled usage information from the image processing device, the usage amount receiving unit receiving scheduled usage information related to the scheduled usage of the function of the user;
An instruction means determining a transmission method of the usage amount information using a total scheduled usage amount based on the planned usage amount, and instructing the determined transmission method to the image processing apparatus;
The usage restriction method according to claim 17, further comprising:   The instructing means determines whether or not the total scheduled usage amount exceeds a predetermined upper limit value, and uses the determination result to transmit the usage amount information for each job as the transmission method. 19. The usage restriction method according to claim 18, wherein the usage restriction method is selectively determined from one transmission method and a second transmission method for transmitting the usage information in units of pages in one job. An end notification receiving means including a step of receiving from the image processing apparatus an end notification including the end of provision of the function to a certain user;
The said usage-amount management means reflects the difference of the actual usage-amount of the said function and the said scheduled usage-amount in the said total scheduled usage-amount according to the said completion notification. Usage restriction method.   21. The instruction unit according to claim 18, wherein the instruction unit instructs the determined transmission method to all the image processing apparatuses for which the one user is authenticated. Usage restriction method. The determination means determines whether or not it is necessary to restrict the use of the function for the user, using the upper limit value of the function set for each user and the total usage amount.
The usage restriction method according to claim 17, wherein the instruction unit determines a transmission method of the usage amount using the scheduled usage amount, the usage upper limit value, and the total usage amount.   The authentication monitoring means has identified the identification information of the image processing device used by the authenticated user, that the image processing device is in use and has been authenticated corresponding to the image processing device. The usage restriction method according to any one of claims 16 to 22, wherein the table is associated with user identification information and stored in a table.   24. The use according to claim 23, wherein the authentication monitoring unit updates the table in at least one of a case where the authentication is performed and a case where an update request is received from the image processing apparatus. Restriction method.   The usage restriction method according to claim 24, wherein the image processing apparatus transmits the update request at regular time intervals.   The authentication monitoring means indicates that the authentication of the user using the image processing device is canceled and that the image processing device for the image processing device whose identification information is stored in the table is in use. 26. The data according to any one of claims 23 to 25, wherein data relating to the image processing device is deleted from the table in at least one of cases where the data has not been updated for a specified time. Usage restriction method.   27. The usage restriction method according to claim 25 or 26, wherein the specified time is determined using a timer value preset in the image processing apparatus. A plurality of image processing apparatuses that execute a function for a user authenticated by an authentication unit, and a computer of an information processing apparatus that is communicably connected,
Authentication monitoring means for monitoring authentication by the authentication means;
A use restriction notification indicating that the use of the function is restricted to the one user is issued from the image processing apparatus that is determined to be necessary to restrict use of the function to the one user while providing the function to one user. A notification receiving means for receiving;
Command transmitting means for transmitting a processing execution command for requesting execution of processing for restricting use of the function of the one user to the image processing apparatus for which the one user has been authenticated by the authenticating means;
Program to function as. A plurality of image processing apparatuses that execute a function for a user authenticated by an authentication unit, and a computer of an information processing apparatus that is communicably connected,
Authentication monitoring means for monitoring authentication by the authentication means;
Usage amount management means for receiving usage amount information related to the usage amount of the function in units of users from each of the image processing devices, and managing the total usage amount of the function for each user;
A determination unit that determines whether or not it is necessary to restrict the use of the function to the user using the total usage amount;
When the determination unit determines that the use restriction is necessary for one user, the function of the one user is used to the image processing apparatus for which the one user is authenticated by the authentication unit. Command transmission means for transmitting a process execution command for requesting execution of a process for limiting;
Program to function as.   A computer-readable recording medium storing the program according to claim 28 or 29.

Images