JP2012123627A - Information processing system, management server, control method of the same, and program - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide a mechanism for preventing an impersonating operation by a third person when a plurality of devices are simultaneously logged in by one user and preventing a processing result object such as printed matter from being left alone.SOLUTION: When a user of a client 300 logs in a compound machine 100, the compound machine transmits log-in information including a user ID to a server 200. When the log-in information is received, the server 200 specifies the client 300 from the user ID included in the log-in information, and transmits lock instruction information including lock release information to the client 300. When receiving the request, the client 300 locks an operation until information matched with the lock release information is input. When print processing is completed in the compound machine, the information for releasing the operation lock state of the client 300 is reported to the user. The user can operate the client 300 again by inputting the information in the client 300.

Description

  The present invention relates to a security technique using a network, and more particularly to a technique for logging in to a device on a network.

  In recent years, various methods have been used to manage access to multifunction peripherals and prevent leftovers in output. In particular, in the access management of a multifunction device, it is performed to manage when and who has logged in to the multifunction device by performing user authentication using an IC card or the like. Further, such access management is not limited to a multi-function peripheral, and an information processing apparatus such as a client terminal performs user authentication and logs in to use.

  When it becomes possible to log in to a plurality of devices in this way, the possibility of information leakage due to forgetting to log out increases. For example, suppose that a user X logs in to the device A and then logs in to another device B without logging out. At this time, if the devices A and B are physically separated from each other, the third party Y impersonates the user X and can operate the device A with the authority of the user X. If the user X is a network administrator, there may be an unlimited number of data files on the network.

  To deal with this problem, for example, Patent Literature 1 searches for another device logged in with the same user ID as the device currently logged in, and there is another device logged in with the same user ID. Discloses a technique for comparing the last operation time from the user and locking the screen when the device operated more recently is another device.

Japanese Patent No. 2002-342284

  When access management and login control are performed in this way, especially when the authority to use the MFP is assigned to each user, the user's IC card or the like having the authority to perform printing with special print settings is given to others. It may be lent and used. For example, it is easy to understand if the user has only monochrome printing authority and the user's supervisor has color printing use authority. In this case, there is a problem in that the user borrows a supervisor's IC card or the like to perform color printing and prints.

  If the lending / borrowing of information for user authentication is permitted, the meaning of the original use authority is lost, and there is a risk of information leakage as described above. In addition, if an IC card or the like is lent or borrowed, the output results such as the number of printed sheets cannot be collected, and the output results cannot be collected, which makes no sense.

  In addition, there is a problem that output is left unattended by lending and borrowing IC cards and the like. In general, as a measure for preventing the output matter from being left, the above-described user authentication is used to store who prints what print job when and what information is used to prevent the print matter from being left unattended. In other words, when the lending / borrowing of an IC card or the like occurs, it becomes impossible to specify who output the card.

  The present invention has been made to solve the above-described problem, and prevents spoofing operations by a third party at the time of simultaneous login by one user to a plurality of apparatuses, and leaving a processing result product such as a printed matter unattended. It is intended to provide a deterrent mechanism.

In order to achieve the above object, for example, an information processing system of the present invention comprises the following arrangement. That is,
An information processing system including a server device, a client device, and a processing device connected via a network,
The processor is
Login information transmitting means for transmitting login information including user information for identifying a user who has performed the login operation to the server device when a login operation is detected via the user interface of the processing device;
After the login information transmitting means transmits, the server apparatus receives the unlock information for releasing the operation lock state of the client apparatus operated before the login operation by the user. Unlocking information receiving means;
A notification means for notifying the user of the unlock information received by the unlock information receiving means when one process is instructed by the user who performed the login operation;
The server device
Storage means for storing and managing client information for identifying the client device and the user information;
When the login information is received from the processing device, the client information corresponding to the user information included in the login information is acquired with reference to the storage unit, and the client device specified by the acquired client information A lock instruction unit that transmits a request for an instruction to shift to the operation lock state, generates unlock information for releasing the operation lock state, and transmits the generated unlock information to the processing device that transmitted the login information. And
The client device is
When receiving a request for a transition instruction to the operation lock state from the server device, an operation lock means for transitioning to the operation lock state to disable operation unless the unlock information is input;
An operation lock releasing means for releasing the operation lock state when information corresponding to the lock release information transmitted from the server device is input via the user interface of the client device in the operation lock state; Prepare.

  According to the present invention, it is intended to provide a mechanism for preventing spoofing operations by a third party when a user logs in to a client device or a processing device at the same time and for preventing a processing result such as a printed matter from being left unattended. is there. According to another invention, log-off to the other processing device can be automated by performing unlocking for performing an operation on the client device. According to another invention, by performing an operation for instructing the end of the operation to the other processing device, it is possible to log off the other processing device and return the original client device to an operable state.

It is a figure which shows an example of a structure of the system in embodiment. It is a figure which shows an example of the hardware constitutions of a server and a client. 2 is a diagram illustrating an example of a hardware configuration of a multifunction peripheral. FIG. It is a figure which shows an example of a module structure. 6 is a flowchart illustrating an example of a print instruction to a screen lock process in the first embodiment. 6 is a flowchart illustrating an example of print data selection to abandonment prevention ID display processing in the first embodiment. It is a flowchart which shows an example of neglect prevention ID input-management table update process in 1st Embodiment. It is a flowchart which shows an example of the logoff instruction | indication-logoff process in 1st Embodiment. It is a figure which shows an example of a management table. It is a figure which shows an example of the neglect prevention ID display screen in 1st Embodiment. It is a figure which shows an example of the neglect prevention ID input screen in 1st Embodiment. It is a flowchart which shows an example of the printing data selection-output thing acquisition button display process in 2nd Embodiment. It is a flowchart which shows an example of the output thing acquisition button press-screen lock release process in 2nd Embodiment. It is a figure which shows an example of the output thing acquisition button display screen in 2nd Embodiment.

  Hereinafter, embodiments of the present invention will be described in detail with reference to the drawings.

  FIG. 1 is a diagram illustrating an example of a configuration of a network system according to an embodiment of the present invention. The network system includes a multifunction device 100, a server device (hereinafter simply referred to as a server) 200, and a client device (hereinafter simply referred to as a client) 300. The multifunction device 100, the server 200, and the client 300 are connected via a network 400. Are connected to communicate. The network 400 may be a LAN (Local Area Network) or a WAN (Wide Area Network). The network 400 may be wired / wireless, or may be a mixture of them.

  The configuration of various terminals or servers connected to the network in FIG. 1 is an example, and it goes without saying that there are various configuration examples depending on the application and purpose. In particular, the present embodiment will be described based on the multifunction peripheral 100, but any apparatus may be used as long as it can communicate with the server 200 and can notify the user of information.

  The multi-function device 100 can store the print job transmitted from the client 300, print the print job on a recording sheet, and output the print job according to an instruction from the user.

  The server 200 manages the login status of the user. The MFP 100 and the client 300 to which the user is logged in are received and stored.

  In addition to transmitting a print job to the multifunction device 100, the client 300 has a function of locking the screen when the same user who uses the client 300 uses the multifunction device 100. It should be noted that the server 200 and the client 300 may be the same device or other forms.

  Next, an example of the hardware configuration of the server 200 and the client 300 will be described with reference to FIG.

  The CPU 201 comprehensively controls each device and controller connected to the system bus 204. Further, the ROM 202 or the external memory 211 is necessary for realizing a BIOS (Basic Input / Output System) or an operating system program (hereinafter referred to as an OS), which is a control program of the CPU 201, or a function executed by the server or each device. Various programs to be described later are stored.

  The RAM 203 functions as a main memory, work area, and the like for the CPU 201. The CPU 201 implements various operations by loading a program necessary for execution of processing into the RAM 203 and executing the program.

  An input controller (input C) 205 controls input from a pointing device such as a keyboard 209 or a mouse (not shown). Note that an apparatus including a touch panel includes an input C205 on a CRT display (CRT) 210, which will be described later, and various operations can be performed by touching the CRT 210. A video controller (VC) 206 controls display on a display device such as a CRT display (CRT) 210. The display device may be a liquid crystal display as well as a CRT.

  A memory controller (MC) 207 is a hard disk (HD), floppy disk (registered trademark FD) or PCMCIA card slot for storing boot programs, browser software, various applications, font data, user files, editing files, various data, and the like. Controls access to an external memory 211 such as a CompactFlash (registered trademark) memory connected via an adapter.

  A communication I / F controller (communication I / FC) 208 is connected to and communicates with an external device via a network, and executes communication control processing in the network. For example, Internet communication using TCP / IP is possible. Note that the CPU 201 enables display on the CRT 210 by executing outline font rasterization processing on a display information area in the RAM 203, for example. In addition, the CPU 201 enables a user instruction with a mouse cursor (not shown) on the CRT 210.

  Various programs executed in the server 200 and the client 300 for realizing the present invention are recorded in the external memory 211, and are executed by the CPU 201 by being loaded into the RAM 203 as necessary. Furthermore, definition files and various information tables on the server 200 and the client 300 used by the program according to the present invention are stored in the external memory 211. A detailed description thereof will be described later.

  Next, an example of the hardware configuration of the multifunction machine 100 will be described with reference to FIG.

  The controller unit 316 is connected to the scanner unit 314 that functions as an image input device and the printer unit 312 that functions as an image output device, and inputs and outputs image data and device information by connecting to a LAN or WAN.

  The CPU 301 is a processor that controls the entire system. A RAM 302 is a system work memory for the operation of the CPU 301, and is a program memory for recording a program and an image memory for temporarily recording image data.

  The ROM 303 stores a system boot program and various control programs. A hard disk drive (HDD) 304 stores various programs for controlling the system, image data, and the like.

  An operation unit interface (operation unit I / F) 307 is an interface unit with the operation unit 308, and outputs image data to be displayed on the operation unit 308 to the operation unit 308. The operation unit I / F 307 serves to transmit information (for example, user information) input by the system user from the operation unit 308 to the CPU 301. Note that the operation unit 308 includes a display unit having a touch panel, and various instructions can be given by a user pressing (touching with a finger or the like) a button displayed on the display unit.

  A network interface (Network I / F) 305 is connected to a network (LAN) and inputs / outputs data. A modem (MODEM) 306 is connected to a public line and inputs / outputs data such as FAX transmission / reception.

  An external interface (external I / F) 318 is an USB (Universal Serial Bus), IEEE 1394 (Institut of Electrical and Electronic Engineers 1394), a printer port, an RS-232C (Recommended Standard 232) A card reader 319 for reading an IC card, which is an F section and is necessary for authentication in this embodiment, is connected to the external I / F 318.

  Further, the CPU 301 can control reading of information from the IC card by the card reader 319 via the external I / F 318, and can acquire information read from the IC card. The above devices are arranged on the system bus 309.

  An image bus interface (IMAGE BUS I / F) 320 is a bus bridge that connects the system bus 309 and an image bus 315 that transfers image data at high speed and converts a data structure.

  The image bus 315 is configured by a PCI bus (Peripheral Components Interconnect bus) or IEEE1394. The following devices are arranged on the image bus 315.

  A raster image processor (RIP) 310 develops vector data into a bitmap image. A printer interface (printer I / F) 311 connects the printer unit 312 and the controller unit 316, and performs synchronous / asynchronous conversion of image data. A scanner interface (scanner I / F) 313 connects the scanner unit 314 and the controller unit 316, and performs synchronous / asynchronous conversion of image data. The image processing unit 317 performs correction, processing and editing on input image data, printer correction, resolution conversion, and the like on print output image data. In addition to this, the image processing unit 317 also rotates the image data, JPEG (Joint Photographic Experts Group) for multi-valued image data, and JBIG (Joint Bi-level Image Experts Group) for binary image data. And so on. The scanner unit 314 illuminates an image on paper as a document and scans it with a CCD line sensor, thereby converting it into an electrical signal as raster image data. The original paper is set on the tray of the original feeder, and when the apparatus user gives a reading start instruction from the operation unit 308, the CPU 301 gives an instruction to the scanner unit 314, and the feeder feeds the original paper one by one to read the original image. Perform the action.

  The printer unit 312 is a portion that forms raster image data as a visible image on a recording paper. The method is an electrophotographic method using a photosensitive drum or a photosensitive belt, and ink is ejected from a micro nozzle array onto a paper. There is an inkjet method for directly printing an image, but any method may be used. The activation of the printing operation is started by an instruction from the CPU 301. The printer unit 312 has a plurality of paper feed stages so that different paper sizes or different paper orientations can be selected, and includes paper cassettes corresponding to the paper feed stages.

  The operation unit 308 has an LCD (Liquid Crystal Display) display unit, and a touch panel sheet is pasted on the LCD, displays a system operation screen, and displays position information when a displayed key is pressed. This is transmitted to the CPU 301 via the operation unit I / F 307. The operation unit 308 includes, for example, a start key, a stop key, an ID key, a reset key, and the like as various operation keys.

  Here, the start key of the operation unit 308 is used when starting a document image reading operation. At the center of the start key, there are two color LEDs, green and red, which indicate whether or not the start key can be used. Further, the stop key of the operation unit 308 functions to stop the operation in operation. The ID key of the operation unit 308 is used when inputting the user ID of the user. The reset key is used when initializing settings from the operation unit.

  With the above-described configuration, the multifunction peripheral 100 transmits not only the normal copying function but also the image data read from the scanner unit 314 to the LAN (terminal, etc.) via the network I / F 305 and receives from the LAN. The printed data can be printed out from the printer unit 312 via the network I / F 305.

  Further, the image data read from the scanner unit 314 can be faxed to the public line by the modem 306, and the image data received by fax from the public line can be output by the printer unit 312.

  Next, a functional configuration diagram illustrating module configurations of the multifunction peripheral 100, the server 200, and the client 300 will be described with reference to FIG. Note that the module configurations of the various terminals or servers in FIG. 4 are merely examples, and it goes without saying that there are various configuration examples depending on applications and purposes.

  The multi-function device 100 includes a print data storage unit 401, a print data output unit 402, a transmission / reception unit 403, a screen display unit 404, and a login / logout management unit 405. The print data storage unit 401 is a module that receives the print data transmitted from the client 300, stores it for each user, and manages it. The print data output unit 402 is a module that outputs when an instruction to output the print data stored in the print data storage unit 401 is given. The transmission / reception unit 403 is a module that communicates various information with the server 200 and the client 300 to transmit / receive. The screen display unit 404 is a module that displays various screens at a predetermined timing and receives selections from the user. The login / logout management unit 405 is a module that manages login and logout in accordance with an instruction from the user. If necessary, login and logout information is appropriately transmitted to the server 200.

  Next, the server 200 includes a management table storage unit 406, an abandonment prevention ID generation unit 407, a transmission / reception unit 408, a management table management unit 409, and a screen lock instruction unit 410. The management table storage unit 406 (storage means) is a module that stores the management table (details will be described later) shown in FIG. The abandonment prevention ID generation unit 407 is a module that generates an abandonment prevention ID that can unlock the screen when the screen of the client 300 is locked. The transmission / reception unit 408 is a module that communicates various information with the MFP 100 and the client 300 to transmit / receive. The management table management unit 409 is a module that updates the management table stored in the management table storage unit 406. The screen lock instruction unit 410 is a module that instructs the client 300 to lock the screen so that the user cannot perform an operation.

  Here, a management table stored and managed by the server 200 will be described with reference to FIG. This management table is used for each user to manage which device the user is actually using, and to determine the current state of processing by the user. Therefore, the first field is a user ID, and the second and third fields are the password of the user and the ID (client ID) of the client device normally used by the user. These first to third fields are not changed unless there is a special reason. The contents after the fourth field are dynamically updated, and the fourth field stores the ID of the MFP on the network (the MFP ID) used by the user. The neglect prevention ID and the sixth field are for storing the status (status) when the multifunction machine is used. When the user is not using the multifunction machine, in other words, when the user is operating the client device, the fourth to fifth fields are left blank.

  Next, the client 300 includes a transmission / reception unit 411, a screen lock / unlock unit 412, and a screen display unit 413. The transmission / reception unit 411 is a module that communicates various information with the multifunction peripheral 100 and the server 200 to transmit / receive. The screen lock / unlock unit 412 is a module that locks the screen in accordance with an instruction from the server 200 and releases the screen lock when receiving an instruction from the server 200 or an input of an abandonment prevention ID. The screen display unit 413 is a module that displays various screens at a predetermined timing and receives selections from the user.

[First Embodiment]
Next, a first embodiment of the present invention will be described.

  In the first embodiment of the present invention, when the MFP 100 detects a user login by operating the operation unit 308, the MFP 100 notifies the server 200 of the login. Upon receiving this notification, the server 200 considers that the user is away from the client 300, and transmits the abandon prevention ID generated by the server 200 to the client 300. When the client 300 receives the abandonment prevention ID, the client 300 locks the screen until the abandonment prevention ID is input from the keyboard or the like of the client 300, and maintains an inoperable state. A user who has logged in to the multifunction device 100 operates the operation unit 308 to select a print job (a job printed by the client 300) that can be accessed by the user in the multifunction device 100, and instructs the start of print processing. . Upon receiving this instruction, the multi-function device 100 performs print output processing for the instructed print job, and notifies the user of the abandon prevention ID when the output is completed. As a notification method, for example, an abandonment prevention ID may be displayed on the display screen of the operation unit 308. The lock of the client 300 is released when the user inputs the prevention ID by using a keyboard or the like that the client 300 has.

  Details of the above processing will be described below with reference to the flowcharts of FIGS. It should be noted that in the figure, the processes of the multifunction peripheral, the server, and the client (actually each CPU) are shown separated by broken lines in order to clarify the subject that performs each process. In the following description, it is assumed that the user has already logged in to the client 300 and that the login state is managed by the server 200 in the management table.

  Assume that the user of the client 300 issues a print instruction via an application program being executed. The client 300 detects the print instruction, activates the printer driver of the client 300, and generates data (print data or print job) that can be interpreted by the MFP 100 (step S101). In step S102, the client 300 transmits the generated print data to the multi-function peripheral 100.

  In step S103, the multi-function device 100 receives print data from the client 300. In step S104, the multifunction device 100 stores (registers) the received print data in a storage unit such as the HDD 304 of the multifunction device 100. At this time, it is stored and managed together with information (user ID) for specifying the owner of the print data or the generation source.

  Then, the user logs in by holding the IC card owned by the user over the card reader 319 of the multi-function device 100 (step S105). In step S106, the multi function device 100 reads the IC card held over the card reader 319 and acquires the user ID, thereby permitting login (step S106). Here, the user ID is information for specifying a person in a company or organization, such as an employee code. Here, login by the card reader 319 is shown, but a user ID and a password may be input from the operation unit 308. A user ID is acquired from the card reader 319, and a password is acquired from the operation unit 308. You may allow login by acquiring. In any case, when logging in including a password, it is possible to notify the server of a set of user ID and password and permit the login after receiving an authentication OK response. However, in the present embodiment, the description will be continued on the assumption that the card reader 319 can log in only with an IC card distributed to each user.

  When the user login is completed as described above, the process proceeds to step S107, and the multifunction device 100 acquires its own multifunction device ID. The MFP ID is information for specifying the MFP 100 on the network, and is an IP address, a host name, a MAC address, or the like. In step S108, the multifunction peripheral 100 transmits a login notification to the server 200 (login information transmitting unit). At that time, the user ID acquired in step S106 and the MFP ID acquired in step S107 are also transmitted. As a result, the server 200 can be notified that the user of the client 300 has moved from the client 300 to the multifunction peripheral 100, in other words, that the user is away from the client 100.

  When the server 200 receives the login notification from the multifunction device 100 in step S109, the server 200 acquires the multifunction device ID and the user ID included in the received login notification in the next step S110. Then, in step S111, the server 200 refers to a management table as shown in FIG. 9, for example, and acquires a client ID associated with the user ID acquired in step S110 in step S112. The client ID is information for specifying the client 300 used by the user on the network, and is an IP address, a host name, a MAC address, or the like.

  In step S113, the server 200 generates an abandonment prevention ID. The neglect prevention ID is an ID used for releasing the screen lock of the client 300 acquired in step S112. In this embodiment, the neglect prevention ID is four digits, but the character type and the number of digits can be arbitrarily combined, and the generation method is not limited. A fixed character string registered in advance may be used, but a character string generated at random is desirable. The reason is that, as will be understood from the explanation to be described later, the operation of the client device can be continued only after the user acquires (knows) the neglect prevention ID. This is because the lock can be immediately released without removing the printed matter, and the important printed matter may remain in the multifunction peripheral.

  In step S114, the server 200 sets the MFP ID acquired in step S110, the neglect prevention ID generated in step S113, and the status during printing, and updates the management table of the user ID acquired in step S109. . That is, before, the user ID and the client ID of the client 300 are associated with each other, but the user ID and the multifunction device ID of the multifunction device 100 are associated with each other by receiving the login notification. In step S115, the server 200 transmits a screen lock instruction to the client 300 corresponding to the client ID acquired in step S112 (lock instruction unit). At that time, the abandonment prevention ID acquired in step S113 is also transmitted.

  When the client 300 receives the screen lock instruction from the server 200 in step S116, the client 300 acquires the abandonment prevention ID included in the screen lock instruction in the next step S117. In step S118, the screen of the client 300 is locked (operation lock means). The screen lock method is not limited as long as the lock can be released by using the ID for preventing leaving in step S117, the screen lock function provided in the client 300 may be used, and the screen lock may be performed by another application. May be performed. In addition, the screen may be locked using the abandonment prevention ID. In any case, while the screen is locked, no operations other than unlocking are accepted. FIG. 11 shows an example of a screen displayed during screen lock.

  FIG. 6 is a flowchart illustrating an example of print data selection or leave prevention ID display processing according to the first embodiment.

  After completing the login notification process in step S <b> 108, the multifunction peripheral 100 displays a list of print data that can be printed by the logged-in user and accepts a selection from the user via the operation unit 308. In step S202, output of the print data selected in step S201 is started. In this way, when the MFP 100 starts the printing process, it transmits an output start notification to the server 200 in step S203. At that time, the user ID acquired in step S106 and the MFP ID acquired in step S107 are also transmitted. In step S <b> 204, the multifunction peripheral 100 actually outputs the print data to the printer unit 312.

  When the server 200 receives the output start notification from the multifunction device 100 in step S205, the server 200 acquires the multifunction device ID and the user ID included in the output start notification in step S206. In step S207, the server 200 refers to the management table. In step S208, the server 200 acquires the MFP ID acquired in step S206 and the neglect prevention ID associated with the user ID from the management table. At this time, the corresponding status is changed to “printing” and the management table is updated. In step S209, the server 200 transmits the acquired abandonment prevention ID to the multifunction device 100. Note that the timing for transmitting the abandonment prevention ID to the multifunction device 100 is not limited to S209. In short, what is necessary is that after S113, for example, the timing of S115 may be used.

  In step S210, the multi-function device 100 receives the abandonment prevention ID from the server 200 (unlock information receiving means). In step S211, the multifunction apparatus 300 waits until the print data output in step S204 is completed. When the output of the print data is completed, the multifunction peripheral 100 transmits an output end notification to the server 200 in step S212. At that time, the user ID acquired in step S106 and the MFP ID acquired in step S107 are also transmitted.

  When the server 200 receives the output end notification from the multi-function device 100 in step S213, the server 200 acquires the multi-function device ID and the user ID included in the output end notification in step S214. In step S215, the server 200 changes the status associated with the MFP ID and the user ID acquired in step S214 to “printed” and updates the management table.

  On the other hand, when the MFP 100 finishes the print data output process, it displays an abandonment prevention ID such as that shown in FIG. 10 (notification means) in step S216. Note that the display method of the abandonment prevention ID in the multifunction device 100 is not limited to this, and it is sufficient that the multifunction device 100 can notify the user. That is, if notification can be made even to the user, it may be notified by voice without displaying. In this embodiment, the neglect prevention ID is displayed after the completion of output, but it may be displayed during output. The display timing is not limited to this. However, as will be understood from the description to be described later, if the condition that the user operates the client 300 to continue the operation again is that the user possesses the printed matter, the timing for informing the neglect prevention ID Is preferably when the printing process is finished.

  FIG. 7 is a flowchart showing an example of an abandonment prevention ID input or management table update process in the first embodiment.

  For example, the client 300 accepts the input of the abandonment prevention ID in step S301 while displaying the screen unlock screen as shown in FIG. When the client 300 detects that the user provided on the screen unlocking screen has pressed the OK button, in step S302, the client 300 collates the neglect prevention ID input in step S301 with the neglect prevention ID acquired in step S117. . If they do not match, the process returns to step S301, and if they match, the process proceeds to step S303.

  When the processing proceeds to step S303, the client 300 releases the screen lock of the client 300 and returns to the operation screen immediately before the screen lock (operation lock release means). In step S304, the client 300 acquires a client ID, and transmits a screen unlock notification to the server 200 in step S305. At that time, the client ID acquired in step S304 is also transmitted.

  Upon receiving the screen unlock notification from the client 300 in step S306, the server 200 acquires the client ID included in the received screen unlock notification in the next step S307. In step S308, the server 200 deletes the multifunction machine ID, the abandonment prevention ID, and the status associated with the client ID acquired in step S307 from the management table (updates the management table).

  In this way, when the user logs in to the multifunction device 100, the abandonment prevention ID is generated by the server, and the client 300 performs screen lock that can be released by using the generated retention prevention ID, and printing in the multifunction device 100 After completion, the user is notified of the abandonment prevention ID, and the client 300 can unlock the screen when the notified abandonment prevention ID is input by the user. Accordingly, it is possible to prevent the user from logging in to a plurality of apparatuses at the same time, and the MFP 100 notifies the neglect prevention ID for releasing the lock of the client 300, so that the user can return to the client 300 while performing printing. It can be expected to prevent printing and to prevent neglected printing.

  FIG. 8 is a flowchart showing an example of a logoff instruction or a logoff process in the first embodiment.

  When the server 200 receives the screen lock release notification from the client 300 and updates the management table (S306 to S308), a logoff instruction is transmitted from the server 200 to the multi-function device 100 in step S401. At that time, the user ID associated with the client ID acquired in step S308 is also transmitted.

  In step S402, when the MFP 100 receives a logoff instruction from the server 200, the MFP 100 acquires a user ID from the logoff instruction in step S403. In step S <b> 404, the multifunction device 100 also acquires the user ID of the user who has logged into the multifunction device 100. Next, the MFP 100 collates the user ID acquired in step S403 with the user ID acquired in step S404. If they match, the process proceeds to step S406. If they do not match, the process ends. In step S406, the MFP 100 is logged off.

  As a result, even when the user forgets to log out from the multifunction device 100, the user can be automatically logged out from the multifunction device 100 when the user login is detected in the client 300.

  In the above-described embodiment, the abandonment prevention ID is displayed on the display unit (touch panel) of the operation unit 308 included in the multifunction peripheral 100. However, the present invention is not limited to this. For example, it is assumed that the card reader 319 has a memory area that is not read-only, can be written, and can be written to an IC card. It is assumed that the client 300 is also equipped with a similar card reader. In this case, when printing is completed in the multifunction device 100, the multifunction device 100 displays a message that prompts the user to hold the IC card over the card reader 319. Then, after confirming that the user ID stored in the IC card is the owner of the print data that has been printed, the multifunction peripheral 100 writes the abandonment prevention ID into the IC card. The user holds the IC card over the card reader facilitated by the client 300. The client 300 releases the screen lock when the abandonment prevention ID read from the card reader matches the abandonment prevention ID notified from the server 200. In this way, after all, the user does not need to memorize the neglect prevention ID. The user can log in and operate only on one device logged in with an IC card. Also, in the above embodiment, the MFP 100 displays the abandonment prevention ID when the printing process is completed. However, when the user cancels the printing operation for any reason and explicitly logs out, it is left as it is. The prevention ID is displayed.

[Second Embodiment]
Next, a second embodiment of the present invention will be described. In the second embodiment of the present invention, an output acquisition button is displayed when the output of print data is completed, and the screen of the client 300 is unlocked when the output acquisition button is pressed. In this form, an instruction is issued from the server 200.

  The management table (FIG. 9), print instruction to screen lock process (steps S101 to S118), and logoff instruction to logoff process (steps S401 to S406) described in the first embodiment are the same. Description is omitted.

  FIG. 12 is a flowchart illustrating an example of print data selection or output acquisition button display processing according to the second embodiment. FIG. 12 is easy to understand if it is said that it replaces FIG.

  Following step S108, the multifunction peripheral 100 displays a list of print data that can be printed in step S501, accepts selection of print data to be output, and starts output in step S502. In step S503, the multi-function device 100 transmits an output start notification to the server 200. At that time, the user ID acquired in step S106 and the MFP ID acquired in step S107 are also transmitted. In step S504, the multifunction peripheral 100 actually outputs the print data to the printer unit 312.

  When the server 200 receives the output start notification from the multifunction device 100 in step S505, the server 200 acquires the multifunction device ID and the user ID included in the received output start notification in the next step S506. In step S507, the server 200 changes the status associated with the MFP ID and the user ID acquired in step S506 to “printing” and updates the management table.

  In step S508, the multi-function device 100 waits until the print data output in step S504 is completed. When the output of the print data is completed, the multifunction peripheral 100 transmits an output end notification to the server 200 in step S509. At that time, the user ID acquired in step S106 and the MFP ID acquired in step S107 are also transmitted.

  When the server 200 receives the output end notification from the multi-function device 100 in step S510, the server 200 acquires the multi-function device ID and the user ID included in the output end notification in the next step S511. In step S512, the server 200 updates the management table by changing the status associated with the MFP ID and user ID acquired in step S511 to “printed”.

  When the MFP 100 finishes the print data output process and finishes printing all the pages of the designated print data, in step S513, for example, an output product acquisition button as shown in FIG. 14 is displayed. In this embodiment, the output material acquisition button is pressed to notify the server 200 that the output material has been acquired. For example, a finisher provided in the multifunction peripheral 100 detects the acquisition of the output material, and responds accordingly. The server 200 may be notified.

  FIG. 13 is a flowchart illustrating an example of output product acquisition button pressing to screen lock release processing according to the second embodiment. This figure is a process subsequent to FIG.

  When the multifunction peripheral 100 detects that the user output acquisition button has been pressed in step S601, the multifunction peripheral 100 transmits a screen lock release request in step S602 to the server 200. At that time, the user ID acquired in step S106 and the MFP ID acquired in step S107 are also transmitted together.

  In step S603, when the server 200 receives the screen lock release request from the multifunction device 100, the server 200 acquires the multifunction device ID and the user ID included in the received screen lock release request in step S604. In step S605, the server 200 acquires a status associated with the MFP ID and user ID acquired in step S604. In step S606, if the status acquired in step S605 is “printed”, the process proceeds to step S607. If the status is other than “printed”, the process ends. When the process proceeds to step S607, the server 200 transmits a screen unlock request to the corresponding client 300 from the client ID associated with the user ID acquired in step S604 (unlocking unit). At that time, the data including the neglect prevention ID generated in step S113 is transmitted.

  When the client 300 receives the screen lock release request from the server 200 in step S608, the client 300 releases the screen lock of the client 300 in step S609 using the abandon prevention ID.

  As described above, when it is detected that the output product is acquired in the multi-function device 100, the user can log in to a plurality of devices at the same time by adopting a mode in which the server 200 unlocks the screen for the client 300. It is possible to prevent this, and to prevent leaving the output.

  As described above, according to the first and second embodiments, when logging in to the multifunction device with a certain user ID, the client screen corresponding to the user ID is locked to prevent impersonation of the multifunction device. In addition, there is an effect that it is possible to suppress the leaving of the output matter by using the leaving prevention ID displayed by the multi-function peripheral after outputting the print job.

  In the embodiment, the multifunction peripheral is taken as an example of a processing apparatus operated by an unspecified number of humans, but is not limited to this. For example, in addition to the client 300 that the user normally uses, for example, an image editing terminal that performs specific processing (for example, image editing) and that can be used by an unspecified number of people can be understood. In this case, the image editing terminal serves as the multifunction device 100 in the above embodiment. Here, the timing for notifying the user of the neglect prevention ID (S216) and the timing for transmitting the screen unlock request (S602) may be the time when the user logs out from the image editing terminal.

  Although the embodiment has been described in detail above, the present invention can take an embodiment as a method, a program, a recording medium, or the like.

  The program according to the present invention is a program that allows a computer to execute (read) each processing method, and the recording medium according to the present invention stores a program that allows the computer to execute each processing method.

  The program in the present invention may be a program for each processing method of each device.

  As described above, a recording medium that records a program that implements the functions of the above-described embodiments is supplied to a system or apparatus, and a computer (or CPU or MPU) of the system or apparatus stores the program stored in the recording medium. It goes without saying that the object of the present invention can also be achieved by performing reading.

  In this case, the program itself read from the recording medium realizes the novel function of the present invention, and the recording medium storing the program constitutes the present invention.

  As a recording medium for supplying the program, for example, a flexible disk, hard disk, optical disk, magneto-optical disk, CD-ROM, CD-R, DVD-ROM, magnetic tape, nonvolatile memory card, ROM, EEPROM, silicon A disk or the like can be used.

  Further, by executing the program read by the computer, not only the functions of the above-described embodiments are realized, but also an OS (operating system) operating on the computer based on an instruction of the program is actually It goes without saying that a case where the function of the above-described embodiment is realized by performing part or all of the processing and the processing is included.

  Furthermore, after the program read from the recording medium is written in a memory provided in a function expansion board inserted into the computer or a function expansion unit connected to the computer, the function expansion board or It goes without saying that the CPU or the like provided in the function expansion unit performs part or all of the actual processing and the functions of the above-described embodiments are realized by the processing.

  Further, the present invention may be applied to a system composed of a plurality of devices or an apparatus composed of a single device.

  Needless to say, the present invention can be applied to a case where the present invention is achieved by supplying a program to a system or apparatus. In this case, by reading a recording medium storing a program for achieving the present invention into the system or apparatus, the system or apparatus can enjoy the effects of the present invention.

  Furthermore, by downloading and reading a program for achieving the present invention from a server, database, etc. on a network by a communication program, the system or apparatus can enjoy the effects of the present invention.

  In addition, all the structures which combined each embodiment mentioned above and its modification are also included in this invention.

The present invention has been made to solve the above-described problem , and aims to provide a mechanism for preventing simultaneous login by one user to a plurality of devices and suppressing impersonation and information leakage .

In order to achieve the above object, for example, an information processing system of the present invention comprises the following arrangement. That is, an information processing system in which a processing device, a server device, and a client device are communicably connected, and the processing device stores user information for identifying a user in order to log in to the processing device. User information transmitting means for receiving input and transmitting the user information to the server device, and receiving lock release information for receiving unlock information for unlocking the client device used by the user from the server device and a notifying means for notifying means, the unlocking information received by the previous SL unlock information receiving means to a user, the server device uses the client information for identifying the client device, the client device user said storage means stores an association with user information of the transmission the user information When receiving the user information sent by stage, the memory and the unlock information generation means for generating an unlocking information for releasing the locked state of the client device, the client information corresponding to the received user information obtained from means for the client device identified by the acquired the client information, lock indication means for transmitting a migration instruction to releasable lock state by the lock release information generated by the unlocking information generating means And the unlock information transmitting means for transmitting the unlock information generated by the unlock information generating means to the processing device, wherein the client device is brought into the locked state transmitted by the lock instruction means . migration instruction is received, the unlocking information of Thus the locking means to shift the releasable locking state, in the locked state, when the locked state has accepted the input of the releasable lock release information, to be provided with a lock release means for releasing the locked state Features.

According to the present invention, it is possible to provide a mechanism that prevents simultaneous login to a client device or a processing device by one user and prevents spoofing or information leakage. According to another invention, log-off to the other processing device can be automated by performing unlocking for performing an operation on the client device .

Claims (12)

An information processing system including a server device, a client device, and a processing device connected via a network,
The processor is
Login information transmitting means for transmitting login information including user information for identifying a user who has performed the login operation to the server device when a login operation is detected via the user interface of the processing device;
After the login information transmitting means transmits, the server apparatus receives the unlock information for releasing the operation lock state of the client apparatus operated before the login operation by the user. Unlocking information receiving means;
A notification means for notifying the user of the unlock information received by the unlock information receiving means when one process is instructed by the user who performed the login operation;
The server device
Storage means for storing and managing client information for identifying the client device and the user information;
When the login information is received from the processing device, the client information corresponding to the user information included in the login information is acquired with reference to the storage unit, and the client device specified by the acquired client information A lock instruction unit that transmits a request for an instruction to shift to the operation lock state, generates unlock information for releasing the operation lock state, and transmits the generated unlock information to the processing device that transmitted the login information. And
The client device is
When receiving a request for a transition instruction to the operation lock state from the server device, an operation lock means for transitioning to the operation lock state to disable operation unless the unlock information is input;
An operation lock releasing means for releasing the operation lock state when information corresponding to the lock release information transmitted from the server device is input via the user interface of the client device in the operation lock state; An information processing system characterized by comprising. The processing device further includes means for transmitting the user information and information indicating that the operation lock state is released to the server device when the operation lock state is released by the operation lock release means,
When the server device receives the information indicating that the operation lock state is to be released, the server device identifies the processing device in the login state based on the user information included in the received information, and Means for transmitting to the processing device a request to shift from a login state using the user information to a logoff state;
The information processing system according to claim 1, wherein the processing device includes a unit that executes a logoff process of the user when a request to shift to a logoff state is received. The processing device is a device having a network printing function for printing according to print data from a client on the network,
The notifying unit notifies the user of unlock information received by the unlock information receiving unit when printing processing based on the print data is completed in accordance with an instruction of a logged-in user. 1. The information processing system according to 1.   The information processing system according to any one of claims 1 to 3, wherein the unlock information is a numeric character string generated by random number generation means. An information processing system including a server device, a client device, and a processing device connected via a network,
The processor is
Login information transmitting means for transmitting login information including user information for identifying a user who has performed the login operation to the server device when a login operation is detected via the user interface of the processing device;
When one process according to the instruction of the user who performed the login operation is finished and an operation end instruction is detected via the user interface of the processing device, the server displays the end instruction information including the user information when logging in Processing end notification means for transmitting to the device,
The server device
Storage means for storing and managing client information for identifying the client device and the user information;
When the login information is received from the processing device, the client information corresponding to the user information included in the login information is acquired with reference to the storage unit, and the client device specified by the acquired client information is Lock instruction means for transmitting a request for an instruction to shift to the operation lock state for the client device;
When receiving the end instruction information from the processing device, the client information corresponding to the user information included in the end instruction information, the lock release means for transmitting a request to release the operation lock state,
The client device is
An operation lock means for transitioning to an operation lock state in order to disable operation when a request for an instruction to shift to the operation lock state is received from the server device;
An information processing system comprising: an operation lock releasing unit that releases the operation lock state when the lock release request transmitted from the server device is received in the operation lock state. When the server device transmits a request to release the operation lock state to the client device, the server device identifies the processing device in the login state by the user information, and logs in the processing device using the user information. Means for sending a request to transition from a state to a logoff state,
The information processing system according to claim 5, wherein the processing device includes means for executing a logoff process of the user when receiving a request to shift to a logoff state. The processing device is a device having a network printing function for printing according to print data from a client on the network,
The processing end notifying means performs an operation related to the pressing of the button when the printing processing based on the printing data is completed and the pressing of a predetermined button provided in the processing device for acquiring the printed matter is detected. 6. The information processing system according to claim 5, wherein the information processing system is detected as an instruction to end the operation. A method for controlling an information processing system including a server device, a client device, and a processing device connected via a network,
When the processing device detects a login operation via a user interface of the processing device, login information transmission that transmits login information including user information for specifying a user who has performed the login operation to the server device Process,
A lock for releasing the operation lock state of the client device that the server device has been operating before the login operation is transmitted, after the processing device has transmitted the login information transmission step. Unlocking information receiving step for receiving the releasing information;
A notification step of notifying the user of the unlock information received in the unlock information receiving step when the processing device finishes one process according to an instruction of the user who performed the login operation;
User information included in the login information when the server device having storage means for storing and managing the client information for identifying the client device and the user information is received from the processing device. Is acquired with reference to the storage means, and a request for a transition instruction to the operation lock state is transmitted to the client device specified by the acquired client information, and the operation lock state is released. A lock instruction step for generating the unlock information for transmitting the generated unlock information to the processing device that transmitted the login information;
When the client device receives a request for an instruction to shift to the operation lock state from the server device, an operation lock step for transitioning to an operation lock state to disable operation unless the unlock information is input;
An operation for releasing the operation lock state when the client device receives information corresponding to the unlock information transmitted from the server device via the user interface in the operation lock state. An information processing system control method comprising: a lock release step. A method for controlling an information processing system including a server device, a client device, and a processing device connected via a network,
When the processing device detects a login operation via a user interface of the processing device, login information transmission that transmits login information including user information for specifying a user who has performed the login operation to the server device Process,
When the processing device finishes one process according to an instruction of the user who performed the login operation and detects an operation end instruction via the user interface of the processing device, the processing includes the user information when logged in A server device having storage means for storing and managing the process information, the client information specifying the client device, and the user information is transmitted from the processing device to the login information. Is received with reference to the storage means, and the client device specified by the acquired client information is set to the operation lock state for the client device. A lock instruction process for transmitting a request for a transition instruction of
When the server device receives the end instruction information from the processing device, lock release means for transmitting a request for releasing the operation lock state to the client information corresponding to the user information included in the end instruction information;
When the client device receives a request for an instruction to transition to the operation lock state from the server device, an operation lock step of transitioning to the operation lock state to disable operation;
An operation lock releasing step of releasing the operation lock state when the client device receives the lock release request transmitted from the server device in the operation lock state; Method. A management server that manages a client device connected via a network and a processing device that performs one process in accordance with a user operation instruction;
Storage means for storing and managing client information for specifying the client device and user information for specifying the user in association with each other;
If the information received from the processing device via the network is login information indicating that the user has logged in via the user interface of the processing device that is the transmission source of the information, the received login An acquisition means for extracting user information for identifying a logged-in user included in the information, and acquiring client information corresponding to the extracted user information with reference to the storage means;
A request for an instruction to shift to the operation lock state and a lock release to be input from the user interface of the client device to release the lock state to the client device specified by the client information acquired by the acquisition unit In order to transmit information via the network, and to notify the login user of the unlock information when the one process is completed, the unlock information is sent to the processing device that is the transmission source of the login information. A management server comprising: a lock instruction means for transmitting. A management server that manages a client device connected via a network and a processing device that performs one process in accordance with a user operation instruction;
Storage means for storing and managing client information for specifying the client device and user information for specifying the user in association with each other;
If the information received from the processing device via the network is login information indicating that the user has logged in via the user interface of the processing device that is the transmission source of the information, the received login An acquisition means for extracting user information for identifying a logged-in user included in the information, and acquiring client information corresponding to the extracted user information with reference to the storage means;
Lock instruction means for transmitting a request for instruction to shift to the operation lock state to the client device specified by the client information acquired by the acquisition means;
When the information indicating that the one process is completed is received from the processing device, a release request for releasing the operation lock state is transmitted to the client device that has transmitted the request to shift to the lock state by the lock instruction means. And a lock release means.   12. A computer program that causes a computer connected to a network to read and execute the computer, thereby causing the computer to function as means included in the management server according to claim 10 or 11.

Images