JP2012085141A - Information processor, information processing system, and information processing method - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide an information processor capable of performing data transmission with secrecy without complicated operation.SOLUTION: When specification of a file to be transmitted or a transmission destination is accepted (S1, 2), a PC obtains user information on a user of the transmission destination from user information stored in a management server. In the user information, information is stored for each of multiple items. In the PC, one or more items are selected as items used for encryption of the file to be transmitted, and encryption is performed using the information (S5). The PC transmits the encryption data to the transmission destination and notifies the transmission destination of items in data information used for the encryption.

Description

  The present invention relates to an information processing device, an information processing system, and an information processing method, and more particularly to an information processing device that transmits data to another device, an information processing system including the device, and an information processing method in the device.

  When an image forming apparatus such as an MFP (Multi Function Peripheral) scans a document to create image data and transmits the data, the data may be transmitted after being encrypted with a different encryption password depending on the transmission destination. is there.

  As such a data transmission method, for example, in Japanese Patent Application Laid-Open No. 2010-21746 (hereinafter referred to as Patent Document 1), when sending an email with an electronic file attached, the mail server automatically determines the attached file. A technique is known in which an encryption key is automatically generated and then encrypted and sent to a transmission destination.

  Further, for example, Japanese Patent Laid-Open No. 2007-318217 (hereinafter referred to as Patent Document 2) automatically determines whether or not to encrypt according to a destination by registering a public key in a destination list in advance. A technology is disclosed that automatically determines whether or not there is a public key and automatically encrypts and transmits if there is a public key, and transmits as it is if there is no public key.

  Also, for example, Japanese Patent Application Laid-Open Publication No. 2004-86731 (hereinafter referred to as Patent Document 3) encrypts data read and generated by a scanner when storing it in a folder of a shared server, and notifies a password only to a designated partner by e-mail. The technology is disclosed.

JP 2010-21746 A JP 2007-318217 A JP 2007-86731 A

  However, the operation of setting the encryption password for each transmission destination is complicated, and there is a problem that the operation of data transmission is complicated.

  For example, the technique disclosed in Patent Document 1 has a problem that the operation becomes complicated because an operation of sending the encryption key by a method that keeps the confidentiality apart from the mail that sent the file is required. .

  In addition, the technique disclosed in Patent Document 2 requires a work of acquiring and registering a public key of a destination in advance, and there is a problem that the work becomes complicated. Furthermore, there is a problem that it is impossible to send the encrypted key to the other party who has not registered the public key.

  In addition, the technique disclosed in Patent Document 3 has a problem that the third party can access the mail by viewing the mail by a third party because the password is described in the body of the mail. . In addition, since it cannot be distributed to users who do not have access rights to the server, there is a problem that such users need to be sent separately.

  The present invention has been made in view of such a problem, and an information processing apparatus, an information processing system, and an information processing method capable of transmitting data while maintaining confidentiality without requiring a complicated operation The purpose is to provide.

  In order to achieve the above object, according to one aspect of the present invention, an information processing apparatus executes communication means for communicating with another apparatus, input means for receiving an operation input, and data transmission processing And processing means. When the processing means receives the data transmission instruction, the processing means acquires user information including information for each of two or more items related to the user designated as the data transmission destination, and the user designated as the transmission destination. Selecting at least one item from the user information, encrypting the transmission data to be transmitted using the selected item information, and sending the encrypted transmission data to the destination A process of transmitting and a process of notifying the transmission destination of information specifying the selected item are executed.

  Preferably, when the processing unit accepts designations of a plurality of users as transmission destinations, the processing unit obtains user information for each of the plurality of users, and information used for the process of independently encrypting each of the user information In order to transmit the transmission data to each transmission destination, each item is encrypted using the information of the selected item.

  Preferably, when the number of items in the user information for the user designated as the transmission destination is less than a predetermined number, the processing means has a frequency at which the information used for the encryption process is the same as the information used previously. Further processing is performed to notify that the value of becomes high.

  Preferably, the processing means uses information of items different from the items used in the encryption processing related to the previous transmission destination in the user information regarding the user designated as the transmission destination in the encryption processing. .

  Preferably, the processing means uses a combination of information of two or more items of the information for each item included in the user information in the encryption processing.

  Preferably, the processing means further executes a process of notifying that the security of encryption is lowered when the information used in the process of encrypting is information with a small number of characters.

  Preferably, when the processing means transmits the encrypted transmission data attached to the mail, in the process of notifying the information specifying the item to the transmission destination, the information specifying the item in the body of the mail Is added.

  Preferably, when the processing means transmits the encrypted transmission data to a storage area previously associated with the user designated as the transmission destination, the processing means notifies the transmission destination of information specifying the item. Send an email with the information specifying the item as the email body.

  If the other situation of this invention is followed, an information processing system will be provided with the memory | storage device which memorize | stores the user information containing the information for every two or more items for every user, and the information processing apparatus which can transmit data. When the processing unit of the information processing apparatus accepts the data transmission instruction, the processing unit acquires the user information related to the user designated as the data transmission destination from the storage device, and the user information about the user designated as the transmission destination. A process of selecting at least one item from the list, encrypting transmission data to be transmitted using the information of the selected item, and transmitting encrypted transmission data to a destination Then, a process of notifying the transmission destination of information specifying an item for information used in the process of encrypting is executed.

  According to still another aspect of the present invention, an information processing method is a processing method for transmitting data from an information processing device to another device, and is related to a user designated as a transmission destination of data transmission. Acquiring at least one item from the step of acquiring user information including information for each item and the user information for the user specified as the transmission destination, and using the information of the selected item to transmit data Encrypting target transmission data; transmitting the encrypted transmission data to the destination; and notifying the destination of information identifying the selected item. .

  According to the present invention, it is possible to transmit a file while maintaining confidentiality without requiring a complicated operation.

It is a figure which shows the specific example of a structure of the data processing system concerning this Embodiment. It is a figure which shows the specific example of user information. It is a block diagram which shows the specific example of a structure of the apparatus of a transmission side. It is a flowchart showing operation | movement with the apparatus of a transmission side. It is a flowchart showing operation | movement with the apparatus of a transmission side. It is a flowchart showing operation | movement with the apparatus of a transmission side.

  Embodiments of the present invention will be described below with reference to the drawings. In the following description, the same parts and components are denoted by the same reference numerals. Their names and functions are also the same.

<System configuration>
FIG. 1 is a diagram showing a specific example of the configuration of a data processing system (hereinafter abbreviated as a system) according to the present embodiment.

  Referring to FIG. 1, a system according to the present embodiment includes an MFP (Multi Function Peripheral) 1 as an image forming apparatus, personal computers (hereinafter abbreviated as PCs) 2 and 3 as data processing apparatuses, and mail. A server 4 and a user management server 5 are included.

  The user management server 5 manages user accounts and passwords for the user and holds data related to the user.

  Both the MFP 1 and the PC 2 are electrically connected to the user management server 5 and can communicate with each other. The user management server 5 is configured by a general device such as a PC, for example, and uses the user information shown in FIG. 2 for each user as information (list) such as a transmission destination address used for mail transmission to be described later. Remember. FIG. 2 is a diagram showing a specific example of user information. Referring to FIG. 2, user information is information on a plurality of items including a user name, an e-mail address associated with the user, an address, and a telephone number as items of information on the user as a transmission destination. The items included in the user information are not limited to the items shown in FIG. 2, and may include other items such as birthdays.

  Also, the MFP 1, PC 2, and PC 3 are all electrically connected to the mail server 4 and can communicate with each other.

  In the following examples, the MFP 1 and the PC 2 are devices used by users who transmit data, and the PC 3 is a device used by users who receive data. Therefore, in the following description, MFP 1 and PC 2 used for data transmission are collectively referred to as a transmission-side device, and PC 3 used for data reception is also referred to as a reception-side device. In this case, as shown in FIG. 1, the transmission-side apparatus transmits a mail to the mail server 4, and the mail is transmitted from the mail server 4 to the reception-side apparatus.

  Note that the communication method between these devices is not limited to a specific method. For example, all of these devices may be connected to the Internet and perform communication via the Internet, or may be communication via a specific network such as a LAN (Local Area Network).

<Overview of operation>
In the system according to the present embodiment, information related to an item of user information related to a user as a transmission destination stored in the user management server 5 when the data transmission destination is designated is used as an encryption password. To encrypt the file.

  When the data transmission method is email transmission, the encrypted file is attached to the email, and information specifying the item of the user information used for encryption is described in the email body. send mail.

  If the data transmission method is other than e-mail transmission, send the encrypted file with the specified transmission method and send an e-mail with information specifying the item of user information used for encryption. Create and send.

<Functional configuration>
FIG. 3 is a block diagram illustrating a specific example of the configuration of the transmission-side apparatus. FIG. 3 shows an example in which the transmission-side apparatus is MFP1.

  Referring to FIG. 3, MFP 1 as a transmission-side device includes a processing unit 11 for controlling the whole including a CPU (Central Processing Unit) (not shown), and displays information and accepts an operation input. An operation panel 12, a memory 13 for storing a program executed by the CPU, image data, and the like, an image processing unit 14 for performing image forming processing such as copying and printing of a document and generation of image data, and the like A communication unit 15 for communicating with the apparatus. The image processing unit 14 includes an image reading unit for optically reading an installed document and acquiring image data.

  Further, with reference to FIG. 3, the processing unit 11 includes functions such as an input unit 101, an acquisition unit 102, and a function mainly configured in the CPU by a CPU (not shown) reading and executing a program stored in the memory 13. A determination unit 103, a notification unit 104, an encryption unit 105, a mail creation unit 106, a transmission unit 107, and a storage unit 108 are included.

  The input unit 101 is a function for receiving an input of an operation signal from the operation panel 12 according to a user operation.

  The acquisition unit 102 is a function for acquiring user information related to a transmission destination user from the user management server 5 when the operation signal received by the input unit 101 is an instruction to transmit data or a file. In this example, when a user is designated as a transmission destination, user information related to the user as shown in FIG. 2 is acquired from the user management server 5. Only items used for encryption in 105 may be acquired from the user management server 5.

  The determination unit 103 is a function for determining whether or not the number of items in which information is stored in the acquired user information is a predetermined number or more. The predetermined number here is used to determine the frequency of use of the information stored in the item in the encryption process. For example, the determination unit 103 stores a predetermined threshold value, compares the number of items for which information is stored with the threshold value, and determines whether the result is equal to or greater than the threshold value. It is determined whether or not the number is a predetermined number or more.

  The notification unit 104 is a function for notifying the information corresponding to the determination when the determination unit 103 determines that the number of items stored in the user information is less than a predetermined number. For example, the notification unit 104 may display the information on the operation panel 12 or may transmit the information to a transmission destination stored in advance.

  The encryption unit 105 acquires data or a file to be transmitted, selects information of one or more items of user information, and performs a process of encrypting the data or the file using the information. It is a function for.

  When the apparatus is the MFP 1 and image data obtained by scanning a document is specified as data to be transmitted, the encryption unit 105 reads a document set for scanning included in the image processing unit 14. After obtaining the image data, the image data is encrypted. Alternatively, when the apparatus is a PC 2 and image data obtained by scanning a document is specified as transmission target data, the encryption unit 105 reads a document set in the MFP 1 connected to the PC 2. After obtaining the image data by reading, the image data is encrypted. When data stored in the storage device of itself or another device is specified as the data to be transmitted, the encryption unit 105 obtains the specified data by accessing the storage device, and then the image data The encryption process is applied to the.

  The storage unit 108 is a function for storing, for example, a user information item used for the encryption process in the encryption unit 105 in a predetermined area of the memory 13. The storage unit 108 is a function of reading the user information item used in the previous encryption process for the transmission destination and passing it to the encryption unit 105 when the encryption unit 105 executes the encryption process. is there.

  When performing the encryption process, the encryption unit 105 selects, from the user information, an item different from the item used in the previous encryption process passed from the storage unit 108, and uses the information of the item .

  The transmission unit 107 determines whether or not the specified transmission destination user is account-managed by the user management server 5 and determines the transmission method of the specified file according to the result. That is, when the user of the transmission destination is a user whose account is managed by the user management server 5, the transmission method of the designated file is not attached to the mail but transmitted, and is associated with the user. It is determined to transmit to a storage area (box) in the MFP 1 or a storage area such as a shared file server stored in advance in the user management server 5. The transmission method may be specified by the sender using the operation panel 12 or the like, for example. In that case, the transmission unit 107 determines to transmit using the transmission method specified by the sender.

  Further, the transmission unit 107 also has a function for transmitting a file and / or an email described later by the method determined as described above.

  The mail creation unit 106 is a function for creating mail data in which the information specifying the item of user information used for the encryption processing is the mail text. When sending a file as a file transmission method, the mail creation unit 106 attaches an encrypted file to the mail data.

  The apparatus configuration of the PC 2 that is the transmission side apparatus is substantially the same as that of FIG. 3 except for the image processing unit 14.

<Operation flow>
4 to 6 are flowcharts showing the operation of MFP 1 or PC 2 as the transmission side apparatus. The operations shown in the flowcharts of FIGS. 4 to 6 are executed when a CPU (not shown) included in the processing unit 11 reads out a program included in the memory 13 and exhibits each function shown in FIG. .

  Referring to FIG. 4, in step S <b> 1, the CPU accepts an input of a signal designating data or a file to be transmitted together with a data transmission instruction from operation panel 12. Here, electronic data that can be directly accessed from the transmission-side apparatus, such as data stored in a disk on the transmission-side apparatus or a shared file server, data stored in a general storage unit medium, or the like A file is selected. Alternatively, when the data or file to be transmitted is image data read from or read from the MFP 1, information described in the original (paper medium) to be read may be selected.

  In step S <b> 2, the CPU accepts selection of a data transmission destination from the operation panel 12. The transmission destination is selected from the transmission destination list. This transmission destination list may be based on user information stored in the user management server 5, or may be stored in the transmission apparatus itself. Further, the selection here may designate a plurality of transmission destinations simultaneously.

  In step S3, the CPU acquires user information about the transmission destination specified in step S2 from the user management server 5, and determines whether the number of items in which the information is stored is larger or smaller than a predetermined number. Here, when a plurality of transmission destinations are designated in step S2, the above determination is made using the user information for each designated transmission destination.

  As a result of this determination, if the number of items stored in the information is less than the predetermined number (NO in step S3), it is notified in step S31 that the same password as the previous encryption is used more frequently. . The notification here may be, for example, displaying a screen indicating that on the operation panel 12.

  On the other hand, when there are more items than the predetermined number, that is, when a lot of information is registered in the user information (YES in step S3), the same password as the previous encryption is used. The notification frequency is not necessary because different encryption passwords can be used even if they are transmitted many times. Therefore, step S31 is skipped here.

  In step S4, the CPU selects an item to be used for encryption from the user information, and determines whether it is the same as the item used last time. If they are the same (YES in step S4), in step S41, the CPU selects an item different from the previously used item from the user information in order to prevent the frequency of information to be used from being biased. The information of the item is used for encryption. The selection method here is not limited to a specific method as long as it is a method that eliminates the bias when selecting automatically. As an example, there are a method of always selecting completely random, a method of determining the use frequency by associating and storing the number of uses for each item, and preferentially using information of items with a low use frequency.

  In addition, when the encryption security is lowered due to low complexity, such as a character string of less than 4 characters or a character string of only numbers, the CPU uses the encryption security. You may notify that it falls. The notification here may be, for example, displaying a screen indicating that on the operation panel 12. Alternatively, the CPU may improve encryption security by combining or linking information of a plurality of items. In this case, in step S7, which will be described later, a method of combining information used as an encrypted password in the mail is also added.

  When a plurality of transmission destinations are specified in step S2, the CPU selects an item independently from user information corresponding to each transmission destination. That is, the CPU may select the same item (for example, a telephone number) for each transmission destination, or may select different items.

  In step S5, the CPU encrypts the data or file selected in step S1 using information on the item selected from the user information. When a plurality of transmission destinations are designated in step S2, the CPU encrypts the data or file to be transmitted to each transmission destination with the information of the selected item.

  The encryption method may be specified and set by the user on the operation panel 12 or display. Further, it may be registered in advance as user information as transmission destination registration information. In this way, the CPU executes the encryption process using the registered encryption method.

  In step S <b> 6, the CPU determines whether or not the transmission destination is a user whose account is managed by the user management server 5. As a result, if the destination is a user whose account is managed (YES in step S6), the CPU stores the data or file in advance in association with the user, rather than attaching the data or file as an email. The information such as the storage area (box) in the MFP 1 and the shared file server is acquired from the user management server 5 and the electronic data or file transmission method is set according to the setting.

  In this case, it is further possible to set whether or not to send the file or file attached to the mail according to the setting of the sender, or to send to the storage area associated with the user of the destination. Is possible. Therefore, referring to FIG. 4 and FIG. 5, the CPU designates that a transmission destination user is a user whose account is managed by the user management server 5 and transmitted by the sender as an attachment to an email. If yes (YES in step S6 and YES in step S61), the data or file encrypted in step S62 is attached to the mail and transmitted. If it is specified by the sender to be transmitted to the storage area associated with the destination user (YES in step S6 and NO in step S61), referring to FIG. 4 and FIG. In S63, the CPU acquires the setting information of the destination user from the user management server 5, and based on the information, the CPU encrypts the setting information in the folder associated with the destination user and the storage area (BOX) of the MFP1. Send data or files. In this case, if the transmission-side device cannot access a folder or the like associated with the transmission destination user, the data or file may be automatically attached and transmitted.

  If the destination user is not a user whose account is managed by the user management server 5 (NO in step S6), the CPU attaches the encrypted data or file to the mail in step S62. Send.

  In any transmission, in step S7, the CPU creates and transmits a mail in which information specifying which item of the user information the information used for encryption is added to the mail text. When attaching the data or file encrypted in step S62 to the mail, appending it to the body of the mail, and transmitting the data or file encrypted in step S63 to the storage area associated with the destination user Creates a mail in which the above information is described in the mail body, and transmits it to the user of the transmission destination.

  For example, when the telephone number in the user information shown in FIG. 2 is used in step S5, the CPU automatically adds “encrypted with telephone number” to the mail body in step S7. To send. Also, for example, when the birthday is used for encryption, “Encrypted using your birthday as a password” is automatically added to the mail body and transmitted.

<Effect of Embodiment>
By executing the above operation in the transmission-side apparatus, the transmission-side apparatus automatically selects an item from the user information about the designated transmission destination and uses the information of the item for encryption processing. Therefore, the complicated operation of registering the encrypted password in advance is not necessary.

  In addition, the transmission side device automatically transmits information for specifying the item used for encryption to the destination user by e-mail, so that an operation for notifying the password is not required separately from the encrypted file. .

  Furthermore, since the information used for the encryption is information related to the destination user, it is only necessary to transmit information specifying the item even if the password itself is not transmitted by e-mail. Therefore, security can be improved compared to the case where the password itself is transmitted. Also, it is not necessary to manage a different password for each transmission destination.

  Furthermore, it is possible to provide a program for causing the transmitting apparatus to execute the operation in the transmitting apparatus. Such a program is stored in a computer-readable recording medium such as a flexible disk attached to the computer, a CD-ROM (Compact Disk-Read Only Memory), a ROM (Read Only Memory), a RAM (Random Access Memory), and a memory card. And can be provided as a program product. Alternatively, the program can be provided by being recorded on a recording medium such as a hard disk built in the computer. A program can also be provided by downloading via a network.

  The program according to the present invention is a program module that is provided as a part of a computer operating system (OS) and calls necessary modules in a predetermined arrangement at a predetermined timing to execute processing. Also good. In that case, the program itself does not include the module, and the process is executed in cooperation with the OS. A program that does not include such a module can also be included in the program according to the present invention.

  The program according to the present invention may be provided by being incorporated in a part of another program. Even in this case, the program itself does not include the module included in the other program, and the process is executed in cooperation with the other program. Such a program incorporated in another program can also be included in the program according to the present invention.

  The provided program product is installed in a program storage unit such as a hard disk and executed. The program product includes the program itself and a recording medium on which the program is recorded.

  The embodiment disclosed this time should be considered as illustrative in all points and not restrictive. The scope of the present invention is defined by the terms of the claims, rather than the description above, and is intended to include any modifications within the scope and meaning equivalent to the terms of the claims.

  1 MFP, 2, 3 PC, 4 mail server, 5 user management server, 11 processing unit, 12 operation panel, 13 memory, 14 image processing unit, 15 communication unit, 101 input unit, 102 acquisition unit, 103 determination unit, 104 Notification unit, 105 encryption unit, 106 mail creation unit, 107 transmission unit, 108 storage unit.

Claims (10)

Communication means for communicating with other devices;
Input means for accepting operation inputs;
Processing means for executing data transmission processing,
When the processing means receives the data transmission instruction,
A process of acquiring user information including information for each of two or more items related to a user designated as a transmission destination of the data transmission;
A process of selecting at least one item from the user information about the user specified as the transmission destination, and encrypting transmission data to be the target of the data transmission using the information of the selected item;
Processing for transmitting the encrypted transmission data to the destination;
An information processing apparatus that executes a process of notifying the transmission destination of information specifying the selected item.   When the processing means accepts designation of a plurality of users as the transmission destination, the processing means obtains user information for each of the plurality of users, and performs the encryption process independently from each of the user information. The information processing apparatus according to claim 1, wherein an item of information to be used is selected, and the transmission data is encrypted using the information of the selected item in order to transmit the transmission data to the respective transmission destinations.   When the number of items in the user information for the user designated as the transmission destination is less than a predetermined number, the processing means uses the same information used for encryption processing as that used previously. The information processing apparatus according to claim 1, further executing a process of notifying that the frequency is increased.   In the encrypting process, the processing means includes information on items different from the items used in the encrypting process related to the previous transmission destination among the user information about the user designated as the transmission destination. The information processing apparatus according to claim 1, wherein the information processing apparatus is used.   5. The information processing apparatus according to claim 1, wherein the processing means uses in combination information of two or more items of information for each item included in the user information in the encryption processing. .   The said processing means further performs the process which notifies that the security of encryption falls, when the information used in the said process to encrypt is information with few characters, The process in any one of Claims 1-5 Information processing device.   The processing means specifies the item in the body of the mail in the process of notifying the transmission destination of information specifying the item when transmitting the encrypted transmission data attached to the mail. The information processing apparatus according to claim 1, wherein information is additionally recorded.   When the processing means transmits the encrypted transmission data to a storage area previously associated with the user designated as the transmission destination, the processing means notifies the transmission destination of information specifying the item. The information processing apparatus according to claim 1, wherein an e-mail having information specifying the item as an e-mail text is transmitted to the transmission destination. A storage device for storing user information including information for each of two or more items for each user;
An information processing device capable of transmitting data,
When the processing means of the information processing apparatus accepts an instruction for data transmission,
Processing for obtaining user information relating to a user designated as a transmission destination of the data transmission from the storage device;
A process of selecting at least one item from the user information about the user specified as the transmission destination, and encrypting transmission data to be the target of the data transmission using the information of the selected item;
Processing for transmitting the encrypted transmission data to the destination;
The information processing system which performs the process which notifies the information which specifies the said item about the information used for the said process to encrypt with respect to the said transmission destination. A processing method for transmitting data from an information processing device to another device,
Obtaining user information including information for each of two or more items related to a user designated as a destination of the data transmission;
Selecting at least one item from the user information for the user specified as the transmission destination, and encrypting transmission data to be subjected to the data transmission using information of the selected item;
Transmitting the encrypted transmission data to the destination;
An information processing method comprising: notifying the transmission destination of information specifying the selected item.

Images